drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in KDE-Libs
| Name: |
Mangelnde Rechteprüfung in KDE-Libs |
|
| ID: |
USN-2304-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS |
|
| Datum: |
Do, 31. Juli 2014, 20:54 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5033 |
|
| Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============2558442986313870391==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="kiSE3hI6eqBlgg5gvDo83GUtLdWV2cTkt"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--kiSE3hI6eqBlgg5gvDo83GUtLdWV2cTkt
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-2304-1
July 31, 2014
kde4libs vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
kauth could be tricked into bypassing polkit authorizations.
Software Description:
- kde4libs: KDE 4 core applications and libraries
Details:
It was discovered that kauth was using polkit in an unsafe manner. A local
attacker could possibly use this issue to bypass intended polkit
authorizations.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
kdelibs5-plugins 4:4.13.2a-0ubuntu0.3
Ubuntu 12.04 LTS:
kdelibs5-plugins 4:4.8.5-0ubuntu0.4
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2304-1
CVE-2014-5033
Package Information:
https://launchpad.net/ubuntu/+source/kde4libs/4:4.13.2a-0ubuntu0.3
https://launchpad.net/ubuntu/+source/kde4libs/4:4.8.5-0ubuntu0.4
--kiSE3hI6eqBlgg5gvDo83GUtLdWV2cTkt
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJT2lpZAAoJEGVp2FWnRL6TVtsP/ipKtG9+aoHlOSklfw3ZyIA7
9Xy8eBzmGQ18amLxoRbO8t7xeooAkU3hrDJDs34qsY8D9YajTfc/sg0GX4kNqW6p
GaKhOZVdZkH2zJ6ZAZRpXaRKvLBXcQZvU/lBtdb4o2JLIR4uHu58XGO+fPtsT47/
VO1BQLy5c0RIgDCQj34SUD2Jh1Gpbi5bH0xNgP+pAbIa3jEytFF4d1IJn51d/kIp
AGZJvrXUzX9FQxrMaCWE/bmYizNWZsTzVCJJbJcpJ0qWX8Gz7adHBv7TS3T8cGZD
DHZOlWWXuCIYMPUI5mOrMNIlm3ws509YmkAnBBSzbQ2QcCm+7C0u2rHfQk6yBsFl
KOnUnFM95fwISL+TeAcT1hc0Bnfk1/gVsNmBf+l9+9N27oqdEsg+cdXFd5UVqmoZ
kqVWpvNBnWoLBODz3iMxTFsZ7aOmqMbaG53dqKNeW2I3AyZv9FBJS1M/2GAteTpk
f10iBb29OvrFLbDZRCscMh4dQ41AMHUxl7D0/51hQq8XmiIjxbtKD5P0zPYeRB8d
KaAhgbW6Mcdv66DO76+Iv4QEkIQQBpQdapnIgLDvfvrYKUx2DYHx9shK1f/pVHkf
+EuWEAUXOT9b0q9YTnznucW32Xxb0qtyLLDmrWdaYfmstT6xUpUz7mTFooK217t3
UEV5iYOQRJ7Jyr8JJfbL
=ODyE
-----END PGP SIGNATURE-----
--kiSE3hI6eqBlgg5gvDo83GUtLdWV2cTkt--
--===============2558442986313870391==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============2558442986313870391==--
|
|
|
|
