========================================================================== Ubuntu Security Notice USN-4457-1 August 12, 2020
software-properties vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Software Properties could be made to manipulate the display. Software Description: - software-properties: manage the repositories that you install software from Details: Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: python3-software-properties 0.98.9.2 software-properties-common 0.98.9.2 Ubuntu 18.04 LTS: python3-software-properties 0.96.24.32.14 software-properties-common 0.96.24.32.14 Ubuntu 16.04 LTS: python-software-properties 0.96.20.10 python3-software-properties 0.96.20.10 software-properties-common 0.96.20.10 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4457-1 CVE-2020-15709 Package Information: https://launchpad.net/ubuntu/+source/software-properties/0.98.9.2 https://launchpad.net/ubuntu/+source/software-properties/0.96.24.32.14 https://launchpad.net/ubuntu/+source/software-properties/0.96.20.10
signature.asc
Description: OpenPGP digital signature
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
