drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in Icedtea-Web
Name: |
Pufferüberlauf in Icedtea-Web |
|
ID: |
USN-1625-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 11.10, Ubuntu 12.04 LTS, Ubuntu 12.10 |
|
Datum: |
Do, 8. November 2012, 08:55 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4540 |
|
Applikationen: |
IcedTea-Web |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0629858735659982160== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig11D5B89BC2CF7273D56E1A1C"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig11D5B89BC2CF7273D56E1A1C Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable
========================================================================= Ubuntu Security Notice USN-1625-1 November 07, 2012
icedtea-web vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS
Summary:
The Icedtea-Web plugin could be made to crash or run programs as your login if it opened a specially crafted web page.
Software Description: - icedtea-web: A web browser plugin to execute Java applets
Details:
Arthur Gerkis discovered a buffer overflow in the Icedtea-Web plugin. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the user invoking the program.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10: icedtea-6-plugin 1.3-1ubuntu1.1 icedtea-7-plugin 1.3-1ubuntu1.1
Ubuntu 12.04 LTS: icedtea-6-plugin 1.2-2ubuntu1.3 icedtea-7-plugin 1.2-2ubuntu1.3
Ubuntu 11.10: icedtea-6-plugin 1.2-2ubuntu0.11.10.4
Ubuntu 10.04 LTS: icedtea-6-plugin 1.2-2ubuntu0.10.04.3
After a standard system update you need to restart your browser to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1625-1 CVE-2012-4540
Package Information: https://launchpad.net/ubuntu/+source/icedtea-web/1.3-1ubuntu1.1 https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu1.3 https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.11.10.4 https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.10.04.3
--------------enig11D5B89BC2CF7273D56E1A1C Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQIcBAEBCgAGBQJQmssWAAoJEFHb3FjMVZVzhnAP/0TvIyOzaLsC30vs0sx7hv0r 1a4OTsOXoIQKk/YZZPiifF5V5PBPumMe9iMJVz0a4saoCcK1VIR8okmJ56x0tVs7 vhCyWEHhgM6DINuWjj3b/hoAbg4SO9BC/PWFXiN87TgQiCGHlzkD/t1Ia1JDWyGr CCJaAYjQcuwhmyFW2JycUPbggLnVOhjVtgdcrmjyk14+hVC4tLNYi/y93vGbYfCC tgsx53ZuDYauYpPaGMVQvo0tXzAkfA6LxeBO4jx05T9m0XFVR2QQMaLwCF5kxY8D qwzzmWJa4zOIBaFEDQu69ymQNf+KhG4CtaiUlCjjc9bfNpmqgbSvLge/Ws6I+nIU FRJwpycek7QCF8w6qpTYGOAClPn/dMqWS9pdke1MaEYJtTCTeh++LrZ1MZS3TpEn XHeejcxf74l/OpWeLpTwlORoSHnjo6sdLjdnGcs7AXtdQGuO0D7cr0MDLbB9FZ53 bL7QuxSmbACgwlhfnXYiDrcaGluNTtUcf9CS59Q2QvXkjXXcIpnAQhckThCHGglv Kwp1RKdf630vVbJst07JzXqBPpol7j+vNP4vG6o2yqn6RZ9VU/LFhxFYC0Uv59IR k0/FvKFSocMOO8Xl+8jYkn+f6GQuZn5vMwJ6SUR8rMEwzz0CL5C5aAGFXtqXFgDq Fv9T7rRxo/+ppDO1k7JI =JXuZ -----END PGP SIGNATURE-----
--------------enig11D5B89BC2CF7273D56E1A1C--
--===============0629858735659982160== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0629858735659982160==--
|
|
|
|