drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in RPM
Name: |
Mehrere Probleme in RPM |
|
ID: |
USN-1695-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 11.10, Ubuntu 12.04 LTS |
|
Datum: |
Fr, 18. Januar 2013, 08:42 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0815 |
|
Applikationen: |
RPM |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============1170778511525378502== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig2D41218B4CDC48C3589FCD6D"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig2D41218B4CDC48C3589FCD6D Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1695-1 January 17, 2013
rpm vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 10.04 LTS
Summary:
RPM could be made to crash or run programs if it opened a specially crafted package file.
Software Description: - rpm: package manager for RPM
Details:
It was discovered that RPM incorrectly handled certain package headers. If a user or automated system were tricked into installing a specially crafted RPM package, an attacker could cause RPM to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: rpm 4.9.1.1-1ubuntu0.1
Ubuntu 11.10: rpm 4.9.0-7ubuntu0.1
Ubuntu 10.04 LTS: rpm 4.7.2-1lubuntu0.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1695-1 CVE-2011-3378, CVE-2012-0060, CVE-2012-0061, CVE-2012-0815
Package Information: https://launchpad.net/ubuntu/+source/rpm/4.9.1.1-1ubuntu0.1 https://launchpad.net/ubuntu/+source/rpm/4.9.0-7ubuntu0.1 https://launchpad.net/ubuntu/+source/rpm/4.7.2-1lubuntu0.1
--------------enig2D41218B4CDC48C3589FCD6D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQ+HLJAAoJEGVp2FWnRL6T0EEP/2K4KYywxSw1do4uv0hXs8w7 eBnE6JrZd3nMlFLa6e8D/OwE6HRhI2EGZWQ4xXX8e4JIT4/+raUk7wHgz3wqrtXv 4x3bztbVuvi3OfqmRPkCjL3ZzEA4QVw6x2uuHqsIKYC9342IVYhYENeirUjkOgjt hWrAy0m+/cFWXFtSdg0okN5Dbm/gq3FGI1CjTTDo1xleYi4vwmxA3u90fUQYmGdI UmAMEUVKSzx7oIzu1kb9mEExzHe3JX/X338EDFgdWDXfzKmmMuRDIL9KuNLi2sRy G5FPwfJqVFFpwFDssQZ2SKrr/NhCxXU8cER3JEp41Av8ykrwNNQrCaR5syX03pZo YnqYzSPRBBesk0eRmZf68MWjAa5fZGsm02Twx3fjXlUsAeDymH0BmayoCQGPlaSv yAchi0LZ1HYLxiMWZbU4uf36zOSvPYkXBN1tK9RBX6FvtNIIwwtUnjazkbQXnwiQ n6dq/7qt0y+6wP7jRKPkNM5pjbe+KmOJd1B5F5OoH3eF3bytCPJdX9eXrKv3Ooxv RPeHos+fXVX7VXCnN4wdcQLHSoLKe1F6oaDLo12TvyUhGXC0+00m3b/jCmsoUBGn c712HbXcNjAsPm0ImvMSZOPHGQr+ijI3y3jj5Oyq8N8UoULwXdi5mdgNGUYGW32t Y8cvwdjxSBRY26dosFfW =5keJ -----END PGP SIGNATURE-----
--------------enig2D41218B4CDC48C3589FCD6D--
--===============1170778511525378502== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1170778511525378502==--
|
|
|
|