loader gif

Chrome fixes many flaws: Patch Tuesday - Week 4, January 2019

Chrome fixes many flaws: Patch Tuesday - Week 4, January 2019

This week we saw the release of major web browser updates coming Google Chrome and Mozilla FIrefox. On the other hand, Linux distributions like Ubuntu and Debian also patched their software to fix multiple security vulnerabilities.

AVEVA

Aveva is a British IT firm that specializes in engineering and industrial software. The firm has released an update to its product Wonderware that contained a security flaw which allowed attackers to use an external API to gain unauthorized access.

The latest release - Wonderware System Platform 2017 Update 3 fixes the issue.

Debian

The popular Linux OS released Debian 9.7. This is the seventh update for Debian 9 -- the latest stable distribution available for Debian OS

Codenamed “Stretch”, Debian 9.7 patches an RCE vulnerability present in the APT, that could have allowed attackers to perform remote attacks. The update can be found here.

Mozilla

Mozilla has fixed many security vulnerabilities in its products: Thunderbird, Firefox ESR, and Firefox.

  • Thunderbird 60.5: Fixes 4 flaws associated with scripting that arise only when dealing with browsers.
  • Firefox ESR 60.5: Fixes 3 critical flaws i.e., use-after-free, inter-process communication and memory safety bug.
  • Firefox 65: Fixes 7 critical flaws including out-of-bounds read and external localhost access.

All these updates are delivered through the auto-update feature built in the products.

Google Chrome

The Chrome team has announced the release of Chrome 72.0.3626.81 which patches some major issues that existed in the browser.

The update provides 58 security fixes out of which 1 was marked ‘critical’, 17 were marked ‘high’, 12 and were marked ‘medium’. Most of them were use-after-free vulnerabilities. Details can be found here.

Ubuntu

Canonical fixes 11 security vulnerabilities found in Linux kernel with a major update. The vulnerabilities were existing in Ubuntu 18.04 LTS and its derivative systems. Flaws included use-after-free, out-of-bounds and buffer overflows.

Following are the package versions for Ubuntu 18.04 LTS:

  • Linux-image-4.15.0-44-generic- 4.15.0-44.47
  • linux-image-4.15.0-44-generic-lpae - 4.15.0-44.47
  • linux-image-4.15.0-44-lowlatency - 4.15.0-44.47
  • linux-image-4.15.0-44-snapdragon - 4.15.0-44.47
  • linux-image-generic - 4.15.0.44.46
  • linux-image-generic-lpae - 4.15.0.44.46
  • linux-image-lowlatency - 4.15.0.44.46
  • linux-image-snapdragon - 4.15.0.44.46
loader gif