Description:

Ubuntu has released security updates to address multiple vulnerabilities in the following versions:

• clamav
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM
• webkit2gtk
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS
• postgresql-10, 11
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS
• qemu
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
• linux-aws-5.0, linux-azure, linux-gcp, linux-gke-5.0, linux-oracle-5.0
  • Ubuntu 18.04 LTS
• linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
• linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon
  • Ubuntu 16.04 LTS
• linux-lts-xenial, linux-aws
  • Ubuntu 14.04 ESM
• linux-azure
  • Ubuntu 14.04 ESM
• linux, linux-aws, linux-azure, linux-azure-5.3, linux-gcp, linux-gcp-5.3, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-raspi2-5.3
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS
• php7.0 regression
  • Ubuntu 16.04 LTS
• ppp
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
• squid, squid3
  • Ubuntu 19.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS

Threats:

Attacker could exploit these vulnerabilities by doing the following:

• Denial of service attack (DoS).
• Expose sensitive information.
• Execute arbitrary code.

Best practice and Recommendations:

The CERT team encourages users to review Ubuntu security advisory and apply the necessary update:

• https://usn.ubuntu.com/4280-1/
• https://usn.ubuntu.com/4281-1/
• https://usn.ubuntu.com/4282-1/
• https://usn.ubuntu.com/4280-2/
• https://usn.ubuntu.com/4283-1/
• https://usn.ubuntu.com/4285-1/
• https://usn.ubuntu.com/4287-1/
• https://usn.ubuntu.com/4286-1/
• https://usn.ubuntu.com/4286-2/
• https://usn.ubuntu.com/4287-2/
• https://usn.ubuntu.com/4284-1/
• https://usn.ubuntu.com/4279-2/
• https://usn.ubuntu.com/4288-1/
• https://usn.ubuntu.com/4289-1/