Vulnerability CVE-2016-4071 - CERT Civis.Net

Vulnerability Name:

CVE-2016-4071 (CCN-113583)

Assigned:

2016-05-20

Published:

2016-05-20

Updated:

2018-01-05

Summary:

Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-4071

Source: APPLE
Type: UNKNOWN
APPLE-SA-2016-05-16-4

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:1274

Source: SUSE
Type: UNKNOWN
SUSE-SU-2016:1277

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2016:1373

Source: CCN
Type: RHSA-2016-2750
Moderate: rh-php56 security, bug fix, and enhancement update

Source: REDHAT
Type: UNKNOWN
RHSA-2016:2750

Source: DEBIAN
Type: UNKNOWN
DSA-3560

Source: CCN
Type: oss-sec Mailing List, Sat, 23 Apr 2016 23:55:25 -0400 (EDT)
PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases

Source: MLIST
Type: UNKNOWN
[oss-security] 20160423 Re: CVE request: PHP issues fixed in 7.0.5, 5.6.20 and 5.5.34 releases

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/ChangeLog-5.php

Source: CONFIRM
Type: UNKNOWN
http://www.php.net/ChangeLog-7.php

Source: BID
Type: UNKNOWN
85800

Source: CCN
Type: BID-85800
PHP 'snmp.c' Remote Format String Vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-2952-1

Source: UBUNTU
Type: UNKNOWN
USN-2952-2

Source: CONFIRM
Type: Exploit
https://bugs.php.net/bug.php?id=71704

Source: XF
Type: UNKNOWN
php-cve20164071-format-string(113583)

Source: CONFIRM
Type: UNKNOWN
https://git.php.net/?p=php-src.git;a=commit;h=6e25966544fb1d2f3d7596e060ce9c9269bbdcf8

Source: CONFIRM
Type: UNKNOWN
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731

Source: CONFIRM
Type: UNKNOWN
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05320149

Source: CONFIRM
Type: UNKNOWN
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Source: CCN
Type: PHP Web site
PHP

Source: GENTOO
Type: UNKNOWN
GLSA-201611-22

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/HT206567

Source: EXPLOIT-DB
Type: UNKNOWN
39645

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-4071

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:5.6.0:alpha1:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha2:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha3:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha4:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:alpha5:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:beta1:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:beta2:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:beta3:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.0:beta4:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.1:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.2:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.3:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.4:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.5:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.6:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.8:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.9:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.10:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.11:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.12:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.13:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.14:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.15:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.16:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.17:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.18:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.19:-:*:*:*:*:*:*

Configuration 2:

cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version <= 10.11.4)

Configuration 3:

cpe:/a:php:php:5.5.0:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha3:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha4:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha5:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:alpha6:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta3:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:beta4:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:rc1:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.0:rc2:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.1:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.2:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.3:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.4:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.5:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.6:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.8:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.9:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.10:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.11:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.12:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.13:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.14:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.15:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.16:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.17:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.18:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.19:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.20:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.21:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.22:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.23:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.24:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.25:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.26:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.27:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.29:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.30:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.31:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.32:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.5.33:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:php:php:7.0.0:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.1:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.2:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.3:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.4:-:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:php:php:5.6.18:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20164071	V	CVE-2016-4071	2022-09-02
oval:org.opensuse.security:def:9680	P	Security update for libsndfile (Important)	2022-01-11
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:9884	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:9634	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:10371	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:10175	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:9612	P	Security update for MozillaFirefox (Important)	2021-11-10
oval:org.opensuse.security:def:10169	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:9604	P	Security update for dnsmasq (Moderate)	2021-10-27
oval:org.opensuse.security:def:10162	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:10153	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:10147	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:10139	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:13915	P	libjavascriptcoregtk-3_0-0-2.4.11-23.20 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14216	P	libcares2-1.9.1-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14191	P	libXRes1-1.0.7-3.53 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14098	P	bzip2-1.0.6-29.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14079	P	ant-1.9.4-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14061	P	xen-4.7.0_12-23.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14944	P	libHX28-3.18-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14013	P	procmail-3.22-267.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14922	P	hplip-3.16.11-1.33 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13945	P	libpoppler44-0.24.4-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14284	P	libraptor2-0-2.0.10-3.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13923	P	libldb1-1.1.26-10.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14271	P	libpcsclite1-1.8.10-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14260	P	libmysqlclient18-10.0.30-28.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:9761	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:11098	P	Security update for claws-mail (Moderate)	2021-07-16
oval:org.opensuse.security:def:10296	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:38712	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:10111	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:9742	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:9727	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:16625	P	obs-service-source_validator-0.7-9.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17067	P	libjavascriptcoregtk-1_0-0-2.4.8-16.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16591	P	libtiff-devel-4.0.9-44.24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17045	P	cyrus-sasl-digestmd5-32bit-2.1.26-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17033	P	pulseaudio-module-bluetooth-5.0-2.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16348	P	php5-devel-5.5.14-108.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17177	P	lcms-1.19-17.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17145	P	python-devel-2.7.9-24.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17035	P	raptor-2.0.10-3.67 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16999	P	empathy-3.10.3-1.131 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17268	P	libosip2-3.5.0-20.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17246	P	kernel-default-extra-4.12.14-94.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17234	P	gd-32bit-2.1.0-24.9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16634	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124640	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16583	P	libssh-devel-0.6.3-12.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16098	P	php5-devel-5.5.14-73.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10086	P	Security update for dhcp (Important)	2021-06-02
oval:org.opensuse.security:def:10262	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:38257	P	Security update for openldap2 (Important)	2021-04-16
oval:org.opensuse.security:def:9862	P	Security update for openssl-1_1 (Moderate)	2021-03-09
oval:org.opensuse.security:def:9861	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:10215	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:9854	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:10396	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:9836	P	Security update for subversion (Important)	2021-02-10
oval:org.opensuse.security:def:10585	P	Security update for the Linux Kernel (Important)	2020-12-09
oval:org.opensuse.security:def:16834	P	libjpeg62-devel-62.2.0-31.14.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16798	P	libbz2-devel-1.0.6-30.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16767	P	libQt5Bootstrap-devel-static-5.6.2-6.15.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16710	P	dbus-1-glib-devel-0.100.2-3.58 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16784	P	libXtst-devel-1.2.2-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16968	P	sane-backends-devel-1.0.24-3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16911	P	libvpx-devel-1.3.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16826	P	libid3tag-devel-0.15.1b-184.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16792	P	libarchive-devel-3.1.2-26.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16976	P	typelib-1_0-WebKit2WebExtension-4_0-2.24.4-2.47.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16944	P	osc-0.162.1-15.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:9925	P	libtasn1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9912	P	libqt4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9903	P	libpng15-15 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17731	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:17705	P	Security update for libotr (Moderate)	2020-12-01
oval:org.opensuse.security:def:10011	P	vsftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9992	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9977	P	python-pywbem on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10835	P	php5-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9930	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10813	P	libxml2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17932	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:17906	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:37922	P	libmysqlclient18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38624	P	jakarta-commons-fileupload on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38565	P	cpp48 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38405	P	libxslt-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10460	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38315	P	libksba8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10447	P	gnome-settings-daemon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39464	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:38155	P	crash on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39422	P	Security update for python-Jinja2 (Important)	2020-12-01
oval:org.opensuse.security:def:38018	P	pam_krb5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38784	P	python-pyOpenSSL on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37934	P	libospf0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38740	P	libvdpau1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37923	P	libncurses5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38673	P	libgoa-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10563	P	libxcb-composite0 on GA media (Moderate)	2020-12-01
oval:org.cisecurity:def:557	P	DSA-3560-1 -- php5 -- security update	2016-07-01
oval:com.ubuntu.precise:def:20164071000	V	CVE-2016-4071 on Ubuntu 12.04 LTS (precise) - medium.	2016-05-20
oval:com.ubuntu.trusty:def:20164071000	V	CVE-2016-4071 on Ubuntu 14.04 LTS (trusty) - medium.	2016-05-20
oval:com.ubuntu.xenial:def:201640710000000	V	CVE-2016-4071 on Ubuntu 16.04 LTS (xenial) - medium.	2016-05-20
oval:com.ubuntu.xenial:def:20164071000	V	CVE-2016-4071 on Ubuntu 16.04 LTS (xenial) - medium.	2016-05-20