Product:

Ubuntu_linux

(Canonical)
Repositories https://github.com/torvalds/linux
https://github.com/ImageMagick/ImageMagick
https://github.com/LibRaw/LibRaw
https://github.com/neomutt/neomutt
https://github.com/xkbcommon/libxkbcommon
https://github.com/file/file
https://github.com/FreeRDP/FreeRDP
https://github.com/kyz/libmspack
https://github.com/gpac/gpac
https://github.com/curl/curl
https://github.com/krb5/krb5
https://github.com/apache/httpd
https://github.com/madler/zlib
https://github.com/dbry/WavPack
https://github.com/audreyt/module-signature
https://github.com/tats/w3m
https://github.com/libarchive/libarchive
https://github.com/Perl/perl5
https://github.com/libgd/libgd
https://github.com/ntp-project/ntp
https://github.com/LibVNC/libvncserver
https://github.com/openvswitch/ovs
https://github.com/newsoft/libvncserver
https://github.com/rubygems/rubygems
https://github.com/mm2/Little-CMS
https://github.com/memcached/memcached
https://github.com/erikd/libsndfile
https://github.com/dosfstools/dosfstools
https://github.com/php/php-src
https://github.com/WebKit/webkit
https://github.com/lxc/lxcfs
https://github.com/bagder/curl
https://github.com/vrtadmin/clamav-devel
https://github.com/opencontainers/runc
• git://git.openssl.org/openssl.git
https://github.com/pyca/cryptography
https://git.kernel.org/pub/scm/git/git.git
https://github.com/openbsd/src
https://github.com/openssh/openssh-portable
https://github.com/openstack/glance
https://github.com/mongodb/mongo-python-driver
https://github.com/jpirko/libndp
https://github.com/FFmpeg/FFmpeg
https://github.com/requests/requests
https://github.com/glennrp/libpng
https://github.com/vim/vim
https://github.com/rdoc/rdoc
https://github.com/ansible/ansible
https://github.com/hexchat/hexchat
https://github.com/GNOME/pango
https://github.com/stoth68000/media-tree
https://github.com/ImageMagick/ImageMagick6
https://github.com/kennethreitz/requests
https://github.com/lxml/lxml
https://github.com/beanshell/beanshell
https://github.com/git/git
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/mysql/mysql-server
https://github.com/dovecot/core
https://github.com/openstack/nova-lxd
https://github.com/apple/cups
https://github.com/derickr/timelib
https://git.savannah.gnu.org/git/patch.git
https://github.com/puppetlabs/puppet
https://github.com/lxc/lxc
https://github.com/flori/json
https://github.com/qpdf/qpdf
https://github.com/TeX-Live/texlive-source
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/Cisco-Talos/clamav-devel
https://github.com/moinwiki/moin-1.9
https://github.com/libimobiledevice/libimobiledevice
https://github.com/wikimedia/mediawiki
https://github.com/kohler/t1utils
https://github.com/khaledhosny/ots
https://github.com/jmacd/xdelta-devel
https://github.com/quassel/quassel
https://github.com/openstack/nova
#Vulnerabilities 4068
Date Id Summary Products Score Patch Annotated
2017-10-17 CVE-2017-13087 Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients. Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant 5.3
2017-10-17 CVE-2017-13086 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant 6.8
2017-10-17 CVE-2017-13084 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant 6.8
2017-10-17 CVE-2017-13082 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant 8.1
2017-10-17 CVE-2017-13081 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients. Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant 5.3
2017-10-17 CVE-2017-13079 Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients. Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant 5.3
2017-10-17 CVE-2017-13078 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant 5.3
2017-10-17 CVE-2017-13077 Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. Ubuntu_linux, Debian_linux, Freebsd, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Linux_enterprise_desktop, Linux_enterprise_point_of_sale, Linux_enterprise_server, Openstack_cloud, Hostapd, Wpa_supplicant 6.8
2017-08-24 CVE-2017-12836 CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar." Ubuntu_linux, Debian_linux, Cvs 7.5
2018-02-09 CVE-2017-10689 In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability. Ubuntu_linux, Puppet, Puppet_enterprise, Satellite 5.5