Security Team Weekly Summary: October 26, 2017



on 26 October 2017

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities.

If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at:

During the last week, the Ubuntu Security team:

  • Triaged 382 public security vulnerability reports, retaining the 130 that applied to Ubuntu.
  • Published 2 Ubuntu Security Notices which fixed 23 security issues (CVEs) across 4 supported packages.

Ubuntu Security Notices

Previous Week’s Ubuntu Security Notices

Since there was no weekly report last week, the previous week’s Ubuntu Security Notices are posted here for reference. Published 20 Ubuntu Security Notices which fixed 53 security issues (CVEs) across 27 supported packages.

Bug Triage

Mainline Inclusion Requests

Updates to Community Supported Packages

  • Simon Quigley (tsimonq2) provided debdiffs for trusty-artful for git (LP: #1719740)


What the Security Team is Reading This Week

Weekly Meeting

More Info

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Sign up for email updates

Choose the topics you're interested in


Related posts

Meltdown, Spectre and Ubuntu: What you need to know

As details of the Meltdown and Spectre vulnerabilities1 have become clearer a number of statements have been published by the multiple vendors affected; Canonical has issued advisories and updates on fixes and mitigations, the latest of…

Spectre mitigation updates available for testing in Ubuntu Proposed

Canonical holds Ubuntu to the highest standards of security and quality. This week we published candidate Ubuntu kernels providing mitigation for CVE-2017-5715 and CVE-2017-5753 (ie, Spectre / Variants 1 & 2) to their respective…

Ubuntu Updates for the Meltdown / Spectre Vulnerabilities

  For up-to-date patch, package, and USN links, please refer to:   Unfortunately, you’ve probably already read about one of the most widespread security issues…