Wednesday, May 23, 2018

Ubuntu 18.04 LTS Performance Tuning or not

After several experiments, I confirmed that previous performance tuning for Ubuntu 16.04 LTS does not fit for Ubuntu 18.04 LTS. The previous performance tuning, such as hard drive read/write, will slow down the performance of Ubuntu 18.04 LTS. If you implemented such tuning in Ubuntu 18.04 LTS and noticed the performance drops, you may consider to turn it off or disable it.

For example,

echo 1024 | sudo tee /sys/block/sda/queue/read_ahead_kb
echo 1024 | sudo tee /sys/block/sda/queue/nr_requests


That's all! See you.


HOWTO : Upgrade Parrot Security OS 3.11 to 4.0.1

Parrot Security OS 4.0.1 is released recently. You can upgrade to the latest version by the following commands.

sudo apt purge tomoyo-tools
sudo apt update
sudo apt full-upgrade
sudo apt autoremove


That's all! See you.


Wednesday, May 16, 2018

HOWTO : Install golang 1.10 on Ubuntu 18.04 LTS

The current version of golang in Ubuntu 18.04 LTS is 1.10.1 at the time of this writing.

Install

sudo apt update
sudo apt install golang


Check

go env
go version


Workspace

mkdir -p {,~/go/bin,~/go/pkg,~/go/src}

That's all! See you.


Sunday, May 13, 2018

HOWTO : Install Gnome Shell Extensions on Ubuntu 18.04 LTS

Ubuntu Desktop 18.04 LTS is now default with Gnome. You can tune the Gnome with this tool.

sudo apt update
sudo apt install gnome-tweaks gnome-tweak-tool


The following are some useful Gnome Shell Extensions that come with Ubuntu 18.04.

If your computer or laptop do not has hard disk led, this extension is good for you.

sudo apt install gnome-shell-extension-hard-disk-led

If you do not have multi-media keyboard, this extension is for you.

sudo apt install gnome-shell-extension-mediaplayer

You can monitor the CPU loading, Memory usage and Internet traffic with this extension.

sudo apt install gnome-shell-extension-system-monitor

You can know current and forecast of your local weather with this extension.

sudo apt install gnome-shell-extension-weather

If you have some old system tray icons, you may need this extension. However, some old system tray icons do not compatible with this extension.

sudo apt install gnome-shell-extension-top-icons-plus

Run Gnome Tweaks to enable the extension(s) that you have installed. After that, logout and re-login.

To see all the Gnome Shell Extensions that come with Ubuntu 18.04.

apt-cache search gnome-shell-extension

That's all! See you.


HOWTO : Upgrade Ubuntu Gnome 16.04 LTS to Ubuntu Desktop 18.04 LTS

There is no version 18.04 for Ubuntu Gnome at the moment. If you want to upgrade from Ubuntu Gnome 16.04 to Ubuntu 18.04, you can follow the procedure below.

Step 0 :

update-manager -cd

After that, reboot the box.

Step 1 :

sudo apt remove gnome-session ubuntu-gnome-desktop gnome-session-flashback plymouth-theme-ubuntu-gnome-text plymouth-theme-ubuntu-gnome-logo gnome-session-flashback

select "gdm3" when asked.

Step 2 :

sudo update-alternatives --config default.plymouth

select "auto mode" of "/usr/share/plymouth/themes/ubuntu-logo/ubuntu-logo.plymouth"

Step 3 :

sudo update-initramfs -u

Then reboot.

That's all! See you.


HOWTO : Radiotray-NG on Ubuntu 18.04 LTS

Radiotray-NG is internet radio program to streaming music and online radio.

wget https://github.com/ebruck/radiotray-ng/releases/download/v0.2.2/radiotray-ng_0.2.2_ubuntu_18.04_amd64.deb
sudo dpkg -i radiotray-ng_0.2.2_ubuntu_18.04_amd64.deb
sudo apt --fix-broken install


RTHK Radio Channels (Optional)

Radio 1 - http://stm.rthk.hk/radio1
Radio 2 - http://stm.rthk.hk/radio2
Radio 3 - http://stm.rthk.hk/radio3
Radio 4 - http://stm.rthk.hk/radio4
Radio 5 - http://stm.rthk.hk/radio5

After adding or editing the channels, make sure to reload the bookmarks.

That's all! See you.


Thursday, May 10, 2018

HOWTO : Install Deepin Desktop Environment on Ubuntu Desktop 18.04 LTS

Deepin Desktop Environment (DDE) is an open source project by Deepin Technology Ltd. Co., Wuhan, China. Besides install Deepin Linux 15.5 or higher, you can install it on Ubuntu Desktop 18.04 LTS.

Install Deepin Desktop Environment (DDE)

sudo add-apt-repository ppa:leaeasy/dde
sudo apt-get update
sudo apt install dde


The following is for experiment only (not recommended by the PPA creator).

sudo apt install dde deepin-gtk-theme dde-control-center-plugin-notify dde-control-center-plugin-weather redshift libfprint0 dnsmasq cgroup-tools imwheel libpam-fprintd fprintd network-manager-l2tp network-manager-openconnect network-manager-openvpn network-manager-vpnc minicom deepin-calculator dde-file-manager

Install RecordMyDesktop (Optional)

sudo apt install gtk-recordmydesktop

* when "Window Effect" is disabled, "Deepin Screen Recorder" and "Multitasking View" will be disabled too.

Set Font of the system (Optional)

Set Font to "Ubuntu" and "Ubuntu Mono" and set font size larger when necessary.

Disable Window Effect Mode (Optional)

When you find booting to desktop taking a longer time and playing video files lagging, you need to consider to disable the Window effect as your display card is not strong enough.


The following optional settings are for Chinese only. Ubuntu default ibus is not compatible with Deepin DDE and you need to use fcitx instead.:

If you are using English version Ubuntu, you are required to install the Traditional Chinese fonts or Simplified Chinese fonts.

Traditional Chinese

sudo apt install language-pack-gnome-zh-hant-base language-pack-gnome-zh-hant

or

Simplified Chinese

sudo apt install language-pack-gnome-zh-hans-base language-pack-gnome-zh-hans

Install Cangjie Quick Input Method (Optional)

sudo apt install fcitx fcitx-table-quick-classic fcitx-config-gtk

Install Cantonese Input Method (Optional)

sudo apt install fcitx fcitx-table-cantonese fcitx-config-gtk

Install Cangjie 3rd Generation Input Method (Optional)

sudo apt install fcitx fcitx-table-cangjie3 fcitx-config-gtk

Install Cangjie 5th Generation Input Method (Optional)

sudo apt install fcitx fcitx-table-cangjie5 fcitx-config-gtk

After installing desired Chinese Input Method, go to "Language Support" to set from "ibus" to "fcitx" and make sure to install missing packages when asked in launching "Language Support". To toggle the Input Method by pressing "Ctrl+Space" and set your Input Method as default when necessary.





You can even switch between Gnome and Deepin desktop environment when you are going to login. If you want to delete the Deepin DDE forever, you can run the following commands :

sudo apt remove dde

or

sudo apt remove dde dde* deepin* deepin-gtk-theme dde-control-center-plugin-notify dde-control-center-plugin-weather redshift libfprint0 dnsmasq cgroup-tools imwheel libpam-fprintd fprintd network-manager-l2tp network-manager-openconnect network-manager-openvpn network-manager-vpnc minicom deepin-calculator dde-file-manager
sudo apt autoremove
sudo apt update


That's all! See you.


Tuesday, May 01, 2018

HOWTO : upgrade Ubuntu 16.04 LTS to 18.04 LTS on Croissants

First of all make sure your Croissants box has sufficient free hard drive spaces, otherwise, the upgrade will fail.

sudo apt install update-manager-core
sudo do-release-upgrade -d


Answer "Y" to all questiones asked.

After the upgrade, you need to run the following commands :

Remove the first "# " from /etc/apt/sources.list.d/evebox.list
Remove the first "# " from /etc/apt/sources.list.d/elastic-5.x.list

sudo update-java-alternatives -s java-1.8.0-openjdk-amd64
sudo systemctl enable logstash
sudo systemctl enable elasticsearch
sudo systemctl enable kibana


Then you can reboot your Croissants.

That's all! See you.


HOWTO : Upgrade Ubuntu Server 16.04 to 18.04

Ubuntu 18.04 LTS is just released. It is a high time to upgrade your Ubuntu Server 16.04 LTS to 18.04 LTS. To upgrade it, make sure you have sufficient free space.

Step 1 :

sudo apt install update-manager-core
sudo do-release-upgrade -d


You need to answer "Y" to all questions asked.

Step 2 :

Make sure to enable all the required repositories at /etc/apt/source.list.d/ and then run the following command.

sudo apt update

Step 3 :

If you have application that works only on Java 8, make sure to do the following.

update-java-alternatives -l
sudo update-java-alternatives -s java-1.8.0-openjdk-amd64


or

sudo update-alternatives --config java

Then, select Java 8

Step 4 :

If your system is running PHP, you need to reinstall all the required packages. For example,

sudo apt-get install php7.2-cgi php7.2 php7.2-cli php7.2-mysql php7.2-curl php7.2-gd php7.2-intl php7.2-imap php7.2-pspell php7.2-recode php7.2-sqlite3 php7.2-tidy php7.2-xmlrpc php7.2-xsl apache2-utils php7.2-fpm php-memcache php-imagick mysql-server mysql-client php7.2-mbstring php7.2-zip

Make sure to do the following when you are using php7.2-fpm on Apache2 :

sudo a2enmod php7.2
sudo a2enconf php7.2-fpm
sudo systemctl enable php7.2-fpm
sudo systemctl enable apache2
sudo systemctl restart php7.2-fpm
sudo systemctl restart apache2


That's all! See you.

Thursday, April 26, 2018

HOWTO : Install Parrot Security OS 3.11 32-bit

Since the 32-bit of Parrot Security OS 3.11 will crash in the middle of the installation even the hash checksum is same as the official, we can install "Home" version and then install the necessary tools by the following command.

sudo apt update
sudo apt install parrot-tools-full


That's all! See you.


Tuesday, April 24, 2018

Deepin Linux 15.5

中國武漢深度科技公司的深度作業系統 15.5 (Deepin Desktop) 是基建於 Debian Linux 的桌面系統。深度系統實現了 Linux 的高度客制化的技術,它媲美蘋果電腦 macOS 作業系統。

深度系統 15.5 安裝容易和直接,沒有太多的輸入和選項。當安裝在 Virtualbox 虚擬機器時,它會提供特效模式 (Effect mode) 或普通模式 (Common mode) 選擇。普通模式運作行得比較快,但沒有了特別效果。

在使用深度系統 15.5 時極有使用蘋果電腦 macOS 的感覺。使用介面非常直觀和華麗,你並不會迷失於大量的選項當中。

它的軟件庫 (Deepin Store) 收集了很多實用的軟件,並且安裝和移除都非常容易。它的軟件庫極有蘋果電腦 macOS 的 Apps Store 味道。可以看得出武漢深度科技公司曾經投入大量資源來開發這系統。

這個作業系統極之適合 Linux 初學者或一些要求簡潔和直接的用家。這也是 Ubuntu Linux 以外的另一個不錯的選擇。但是美中不足之處是它沒有全碟加密和密碼只接受最多十六位字元,而且有些軟件的版本比較老舊。




Wuhan Deepin Technology Co. Ltd. (China) develops a Debian based Linux system namely Deepin Desktop. The current version as at this writing is 15.5. The outlooks of Deepin is much like Apple macOS.

Installation of Deepin 15.5 is very easy and simple. A few information is required to fill in or select in the installation. When installed in Virtualbox, you have a chance to select "Effect mode" or "Common mode". Common mode is the fastest mode comparing with Effect mode. Deepin Desktop 15.5 is very easy to use. The design is very straight forward and simple. If you have experience in Apple macOS, you will feel that it is very similar.

There are some useful software in Deepin Store and it much like Apps Store in macOS. The installation and uninstallation of any software is very easy. It is believed that Wuhan Deepin Technology has invested a lot of resources of building this Linux distribution.

Deepin Desktop is suitable for newbies of Linux and someone who loves simple operation. If you do not like Ubuntu Linux, you may try Deepin Desktop instead. The only downsides of Deepin are no full disk encryption, the maximum length of user password limited to 16 characters and some software are a little bit out-dated.

That's all! See you.


Reference

Linux Deepin is NOT spyware


Full disk encryption on Deepin 15.5




Sunday, April 22, 2018

Linux 的我見

每一個人選擇使用 Linux 的原因和理由各有不同,但大部份人都是原先是使用視窗 (Windows) 的。他們大多都有一個共同點,就是經常抱怨找不到和視窗一樣的應用軟體的代替品。但這個問題鮮有在蘋果 (Apple macOS) 的使用者中發生。問題是出在那裡呢?

視窗、蘋果及 Linux 在基本上是不同的產品,它們都有着自己的特性。蘋果是源於 BSD 系統,它是 Unix 系統;Linux 是類 Unix 系統及自行開發;而視窗是一個自行開發的非 Unix 系統。它們都有着的不同發展方向,除了 Linux,視窗和蘋果都很早在桌面 (Desktop) 方面上應用。

視窗專門經營軟體業務,而蘋果則為主要經營硬件業務,而 Linux 基本上是非牟利的。

蘋果也沒有很多與其他商業化產品一樣的代替品,但蘋果用戶並沒有如其他的視窗使用者使用 Linux 時的要求和抱怨。我想是因為蘋果用戶是一個獨特的使用群組,他們沒有抱怨沒有相似的代替品,但他們接受使用與視窗用戶所使用的不一樣和與別不同的產品。

基於 Linux 是開源及基本上是免費的,大多數的開發人員都是利用自己的私人時間來開發軟體,所以其開發出來的軟體大多數沒有在商業化上作出考慮;多數的開發人員都是開發給自己或一小撮人使用。其後他們有的也開發了一些與其他商業化產品的類似物,但並非是其代替品,也有一些應用是其他商業化產品沒有的。Linux 的獨特性可見一班。

其實視窗的使用者在使用 Linux 時不應有與使用視窗的要求。應當接受各個不同類型的作業系統的不同特性和發展。視窗的使用者與蘋果的用戶在性格上和要求上大有不同,在此,我非常欣賞蘋果用戶的可塑性。所以視窗的使用者對 Linux 會不會過於「又要馬兒好,又要馬兒不吃草」呢?

開源的 Linux 造就各式各樣的版本,各個版本都有其獨特的性格。各個版本的基本操作指令和架構是大致相同,最大的分別在於軟件包管理指令和桌面系統 (Window Manager)。不同版本的 Linux 有不同版本的軟件包管理和桌面系統。

Linux 吸引之處在於可塑性非常高,客制性的能力可以出神入化。再加上所有編程語言和編譯器是完全開源和免費的。這做就了多樣化的工具軟件供給多樣化的應用。每個軟件工程師都可建做自己具有個人特色的 Linux 版本或應用系統。

至於為何沒有與其他作業系統的應用軟體一模一樣的產品,我想這與知識產權不無關係的,這就不能怪責 Linux 的不體貼了。俗語有話「若要人似我,除非兩個我」。


Friday, April 20, 2018

Wordpresscan - Wordpress Security Scanner

Wordpresscan is a Wordpress CMS security auditing tool which is rewritten WPScan in Python and implemented some idea of WPSeku by swissky. However, the original copy in Github is still in alpha version and dated Oct 15, 2017.

Wordpresscan is then forked by Samiux on Apr 19, 2018 and some improvements as well as bugs fix on it. The modified version is released in Open Source under GPLv3 by Samiux.

It is well tested on Parrot Security OS 3.11 and it can run right away on Parrot without installation.





You can visit the official site for details.

That's all! See you.


Monday, April 16, 2018

HOWTO : Update Parrot Security OS 3.11

Parrot Security OS 3.11 cannot be updated properly with the default updater after freshly installed. We can update it manually.

sudo apt update
sudo apt -y full-upgrade --allow-downgrades
sudo apt -y autoclean
sudo apt -y autoremove


When asking for update the configure files, select "Y" when necessary.

That's all! See you.


HOWTO : Fallback to OpenJDK 8 on Parrot Security OS 3.11

Since OpenJDK 9 is installed for the recent update on Parrot Security OS 3.11, some Java applications that are using OpenJDK 8 may not work properly. We can fallback to OpenJDK 8 easily.

sudo update-alternatives --config java

Then select OpenJDK 8 or OpenJRE 8 when necessary. You can change back to OpenJDK 9 at any time with the same command.

That's all! See you.


Sunday, April 15, 2018

HOWTO : Fix Vokoscreen 2.5.0 on Parrot Security OS 3.11

Vokoscreen 2.5.0 on Parrot Security OS 3.11 does not work properly as ffmpeg crashed. You can fix this problem by replacing the ffmpeg with Vokoscreen's copy.

wget http://linuxecke.volkoh.de/vokoscreen/ffmpeg-64bit.tar.gz
tar -xvzf ffmpeg-64bit.tar.gz

sudo mv /usr/local/bin/ffmpeg /usr/local/bin/ffmpeg-original
sudo cp ffmpeg /usr/local/bin/


That's all! See you.


Tuesday, March 20, 2018

Longjing - Deep Learning Driven Web Application Firewall

Longjing is Chinese green tea and full of antioxiants. It is good for health and to fight against cancer. Longjing Web Application Firewall (WAF) is deep learning driven and developed with Python 3 and Scikit-Learn library. To define it as deep learning is that it uses neural network MLP Classifier to build the model. Even it is a simple neural network MLP classifier, the accuracy rate is very high. It supports Linux system only.

Longjing WAF is mainly design to protect the web applications from being attacked by SQL Injection (SQLi) which is at the top of OWASP Top 10 in 2017. If successfully attacked, data leakage and/or system compromised will be caused. It is a critical vulnerability for web applications.

Longjing WAF is well tested on Damn Vulnerable Web Application (DVWA) with Burp Suite, SQLMap, OWASP ZAP, XSSER and Commix. Not only detects SQLi but also XSS (Cross-site Scripting). The accuracy rate is over 99% under the samples testing. It can be further tune for the false positive easily as the running code is an open source project that released under GPLv3 by Samiux. However, the training data and modelling are not open sourced.

It is not very complicate to install and deploy it. The latest version as at this writing is version 0.9.1. It works with Anaconda 3 and MitmProxy 3.0.3. Anaconda will install all required SciKit-Learn Python Libraries for you and it is also very easy to maintain. MitmProxy will act as a proxy to deal with the HTTP/HTTPS requests and responses.

Longjing is the next generation Web Application Firewall! Fetch it and try!

That's all! See you.


Reference

Longjing - Web Application Firewall

Saturday, March 03, 2018

[Full Disclosure] Vulnerable Web Sites In Hong Kong (March 2018)

Since I am not a White Hat, I will disclose all my findings fully to the public. Do not blame me for that! I am a Grey Hat.

Recently, I found out that the personal web site of the anti-government politician in Hong Kong, Claudia Mo, has been hacked since 2016. Some China relevance videos and statement had been posted to the site since 2017. Meanwhile, the volunteers' personal particulars had been leaked in the Pastebin since 2016. The most important thing to know is that the site was protected by Cloudflare, a kind of cloud based DDoS protection and web application firewall (WAF).

I conducted a very simple and quick check on the site some days before yesterday and confirmed that her site was vulnerable to blind sql injection. However, her site has been deleted since yesterday (March 2, 2018, Hong Kong Time).

After a simple search, it was confirmed that the site was developed by OneTeam.hk. Some other sites that are developed by them has been obtained by Google search and from their official site. Another quick and simple tests on those sites has been conducted.

The result shows that about 18 web sites are vulnerable to sql injection vulnerability. It seems that those sites are developed by a vulnerable library.

The url of those sites are listed at the below for reference. It may not be a completed list. I do not responsible to any lost or/and damages caused once those sites have been disclosed. You have been warned that you will be put into the jail when you attack or doing evil on those sites.

Finally, some web developers in Hong Kong cannot build a secure web site properly. They believed that Cloudflare can protect the sites in a very secure manner. Cloudflare WAF can be bypassed very easily. Before investing money to your web sites, please consider the ability of the web developers and the security of the web applications.

Vulnerable sites :

http://www.geosecurities.com.hk/
http://www.charleskwok.hk/
http://shopkeeper.oneteam.hk/silverhealth/index.php
http://www.wiseland.com.hk/
http://www.islandsouth.hk/
http://www.hkdogschool.com/
http://www.newrecordltd.com/
http://www.winner28.cc/
http://www.ur-choize.com/
http://sealairsoft.com/
http://www.instantbuy.hk/
http://www.iiistyle.com/
http://www.toptrendint.com/
http://www.studioone.hk/
http://www.walterly.com.hk/
http://www.kangxi.hk/
http://www.crazymorestore.com/
http://www.trusty.hk/

Non vulnerable sites :

http://oneteam.hk/
http://www.musicianxdesigner.com/
http://shopkeeper.oneteam.hk/bq/
http://www.jpmyhouse.hk/
https://www.swordtacticalsupply.com/
http://taodeliver.mofa.ht/
http://www.mingkoi.com/
http://www.wai-hei.com/
http://innercare.com.hk/
http://www.95gd.hk/
http://siman.com.hk/

That's all! See you.


Monday, February 26, 2018

Longjing - Machine Learning Driven Web Application Firewall

Longjing is Chinese green tea with a lot of antioxiants. It is good for health. Longjing Web Application Firewall (WAF) is machine learning driven and it is designed to protect the web application from being attacked by SQL injection.

Longjing WAF is written in Python and It is not designed for the high performance in mind. Only Linux is supported.

Longjing WAF can protect your web application from being scanned by Burp Suite, SQLMap, OWASP ZAP, XSSER and Commix even your web application has SQL injection vulnerability. Meanwhile, reflected Cross Site Scripting (XSS) can be detected too.

SQL injection is on the top position of the OWASP Top 10 2017 which can lead to data leakage and/or system compromised. It is a critical vulnerability.

Longjing WAF is a PARTIALLY Open Source Project under GPLv3 License by Samiux. Training and Modelling are NOT open sourced. Demo may be provided when necessary.

The training requires about 3 hours on Intel i7-5500U with 16GB RAM. The accuracy rate is over 99%. The Longjing requires about 3GB RAM to run.

Requirement

- Ubuntu Linux Server 16.04.4 LTS
- Anaconda3
- mitmproxy
- web server
- web application
- SSD is recommended
- at least 8GB RAM

Installation

(A) Install Anaconda

sudo apt install build-essential libssl-dev libffi-dev python3-dev

wget https://repo.continuum.io/archive/Anaconda3-5.1.0-Linux-x86_64.sh

chmod +x Anaconda3-5.1.0-Linux-x86_64.sh

sudo -sH

./Anaconda3-5.1.0-Linux-x86_64.sh

install anaconda3 to /etc/anaconda3 and then answer "yes" to allow change the .bashrc of root.

source /root/.bashrc

(B) Update Anaconda

sudo -sH
conda update --prefix /etc/anaconda3 anaconda
conda update -n base conda


(B) Install mitmproxy

sudo -sH
conda install pip
pip install mitmproxy


The current version of mitmproxy at this writing is 3.0.3.

Exit to normal user by entering exit.

(C) Update mitmproxy

sudo -sH
cd /etc/anaconda3
pip install mitmproxy --upgrade


(D) Install Longjing

wget https://www.infosec-ninjas.com/files/longjing-0.8.0.tar.gz
tar -xvzf longjing-0.8.0.tar.gz

cd longjing

nano config.conf


where :
- NET_INF is the network interface of the mitmproxy to be listening
- PORT is port number of the mitmproxy to be listening, e.g. 8080
- CERT is the location path of the private key TLS/SSL certificate of the domain when available. It should be starting with --certs.

Please read mitmproxy "about certificate" documents for details - Using a custom certificate.

sudo ./install.sh

Finally, make sure to copy index.html to the web application root directory.

(D) Running

sudo systemctl restart longjing.service

(E) Testing with Tools

Longjing is well tested on Damn Vulnerable Web Application (DVWA) with the following tools :

- Burp Suite on DVWA (sqli and xss blocked except DOM)
- sqlmap on DVWA (tamper also blocked)
- OWASP ZAP on DVWA (sqli and xss blocked)
- xsser on DVWA (xss blocked)
- Commix on DVWA (blocked and Commix will hang in the middle)

That's all! See you.


Thursday, January 18, 2018

HOWTO : Install MicroCode in Ubuntu Linux

Linux can update microcode to fix Meltdown and Spectre vulnerabilities instead of BIOS update. Ubuntu can fix the vulnerabilities with just one command.

sudo apt update
sudo apt dist-upgrade


For Intel CPU :

sudo apt install intel-microcode

For AMD CPU :

sudo apt install amd64-microcode

After that, reboot your Ubuntu box.

That's all! See you.


Update on JAN 24, 2018

Since Linux creator Linus Torvalds disagrees to install Intel's patches for Spectre, the Intel microcode is patched back to the previous version. You are not required to uninstall it. You just update and it will patch it back to the previous version. Please see The Hacker News for details.

sudo apt update
sudo apt dist-upgrade