===========================================================================
Ubuntu Security Notice USN-3489-2
November 21, 2017

db, db4.8 vulnerability
===========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Berkeley DB could be made to expose sensitive information.

Software Description:
- db: Berkeley v5.1 Database Utilities
- db4.8: Berkeley v4.8 Database Utilities

Details:

USN-3489-1 fixed a vulnerability in Berkeley DB. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that Berkeley DB incorrectly handled certain
configuration files. An attacker could possibly use this issue to read
sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
 db4.8-util=C2=A04.8.30-11ubuntu1.1
 db5.1-util=C2=A05.1.25-11ubuntu0.1
 libdb4.8=C2=A04.8.30-11ubuntu1.1
 libdb5.1=C2=A05.1.25-11ubuntu0.1

In general, a standard system update will make all the necessary
changes.

References:
 https://www.ubuntu.com/usn/usn-3489-2
 https://www.ubuntu.com/usn/usn-3489-1
 CVE-2017-10140