drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in Aptdaemon
Name: |
Preisgabe von Informationen in Aptdaemon |
|
ID: |
USN-1068-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.10 |
|
Datum: |
Di, 22. Februar 2011, 17:35 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0725 |
|
Applikationen: |
Aptdaemon |
|
Originalnachricht |
--===============7241437400167114972== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-Cm4Q4965Dg+RePwfOJpR"
--=-Cm4Q4965Dg+RePwfOJpR Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
=========================================================== Ubuntu Security Notice USN-1068-1 February 22, 2011 aptdaemon vulnerability CVE-2011-0725 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 10.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 10.10: python-aptdaemon 0.31+bzr506-0ubuntu6.1
In general, a standard system update will make all the necessary changes.
Details follow:
Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain arguments when using its D-Bus interface. A local attacker could use this flaw to bypass security restrictions and view sensitive information by reading arbitrary files.
Updated packages for Ubuntu 10.10:
Source archives:
aptdaemon_0.31+bzr506-0ubuntu6.1.debian.tar.gz Size/MD5: 528226 b4bab52268bb2d5265519c41b507f465 aptdaemon_0.31+bzr506-0ubuntu6.1.dsc Size/MD5: 2121 dfe8afa421c97dae75ef5401240bfcbd aptdaemon_0.31+bzr506.orig.tar.gz Size/MD5: 441337 272889c346728f050dd439b48f1041a7
Architecture independent packages:
aptdaemon_0.31+bzr506-0ubuntu6.1_all.deb Size/MD5: 35990 318e9d8d17fc010ba43840b06bb31e8b python-aptdaemon-gtk_0.31+bzr506-0ubuntu6.1_all.deb Size/MD5: 197602 a052006f8f9addc05244a2a9f7ba8143 python-aptdaemon_0.31+bzr506-0ubuntu6.1_all.deb Size/MD5: 64802 b8a33f9e2e8c53679a2b6bfe9768bab2
--Üm4Q4965Dg+RePwfOJpR Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJNY9hxAAoJEGVp2FWnRL6T6uoP/jjNaezwXWQiQSnwSGxKLdz2 GDgndKUlHEpewf1vm5KQ+yvQq9s5bkMGGaLc1oLLnrDCZan7TZ+Qfj+D5SIB2Sqf YIiLIzlte2o+YKQ5Rm9lT9dk8FPL6kIwi3zy+Q4tjNrG/fV6zvjvXgb0hmB3hBd3 F6YVP9xtaqQnPg0kBdeDhrkse7lFVjmUc/k+TDjnG8iipqafUtsPTA3izGQfRqQH VQAVs814H0D9ZEFWWiu4B/h0pkeU70iuoYJk+j1UpW+6D2ONHMx5/yvAwEISBERX qC9XXxhKy4yxUl5rqcZ3Le43g1TNlihX/lV25s3NsQtfvZhYgcryZ3b4pU2EPKh6 1sw/DXv4NCO5EG/OvZi9GyBl8QyKHTntGAk8mPlQtgJr8E3DaDMVWlyUxvyLHSrC GUHwJROauRJcYSFpwnjjsOKOLmiuzjEtuPllJURIwDruj8l0gUv1ABbezReSza/d EH2w2H9ZIN4ZNvDGj3te0PSnIcKv/YL+5xH7uEGkEwbBBVRZqemPVEUmg1+DGsIW 31WIlXR1mG2FDm3/bjZSfSJWrifeHu7X0sJHl5PSlKPjC/DfzLHxZBqpBvuVDna4 UO1pjbAn8UjpRxsKQt+VX5WWvgYeXDGwi5jjpB8eDevm+HDjLh9TGUJ6l0akw2md U71o4PgitedxIRxniFph =qtCv -----END PGP SIGNATURE-----
--=-Cm4Q4965Dg+RePwfOJpR--
--===============7241437400167114972== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7241437400167114972==--
|
|
|
|