Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in glibc und eglibc
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in glibc und eglibc
ID: USN-2900-1
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.10
Datum: Mi, 17. Februar 2016, 06:47
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6878375839482337756==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2900-1
February 16, 2016

eglibc, glibc vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

GNU C Library could be made to crash or run programs if it received
specially crafted network traffic.

Software Description:
- glibc: GNU C Library
- eglibc: GNU C Library

Details:

It was discovered that the GNU C Library incorrectly handled receiving
responses while performing DNS resolution. A remote attacker could use this
issue to cause the GNU C Library to crash, resulting in a denial of
service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
libc6 2.21-0ubuntu4.1

Ubuntu 14.04 LTS:
libc6 2.19-0ubuntu6.7

Ubuntu 12.04 LTS:
libc6 2.15-0ubuntu10.13

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2900-1
CVE-2015-7547

Package Information:
https://launchpad.net/ubuntu/+source/glibc/2.21-0ubuntu4.1
https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.7
https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.13



--ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWw6BBAAoJEGVp2FWnRL6T7gAP/j7ExC0S06Uylke++ux/dvl7
MTiAwiLhDg2lUn8u+HVVuShdGmleseGaJpcd6gIPRjttjImlA+qsO7G6/+BeOfqP
vch/NaPqytn0Lgdc08JPHrVU1Lb05f8GoZ393YmnKhVaoWbEJ8Yz1BW7dL0f5Kbj
MpfJ20j7TbOX+mERhdHEZuanAZ8aSQQtCn8XWr5LWmzx/CFW3z7j60ICclsqgsVa
DzmPhQ9mfhsIyulgvOqyP+/r0m3Dk2JiYXBMyXY23KfUmxdETz44GmF9UKkJOol3
lR/0tFlHXnYzr+9ecikpQNEfSVGxVOgk28AqGVc7S1xMktnq2zV6TZwYQm4vLVtv
Fe2oEjfr7msRwiKO0LKKPnTjB9hoNQ3WWMmifSn4VZOKxS02+5PamnOneZyJZV0O
7yi9rrjkZP0pTf+Dti3o88Z4oy0oKzJ/XoNiZTcGpzAwjq5PttLKXdJAPL4Gy+SI
9h6mr5+//sL+AAD7UYvTy2IFMh7Kefv0iHVEcXdEAjSbq+pf6XLN5QRqJrRcuTOi
t27dpjeU0P4sU1mqkKsqDUBn8sKQh/ufYfyS6ZsJcqXW2otoP1x8+8mybCcydoGo
xC6cyTOrUVuSSm1BU9sBq3D5tda2I0LrRhqt4DpyPU2tH/0S/FQkNWPnFo9GPzkf
SXz5mLPQeQT7uZ23dOHB
=qe3v
-----END PGP SIGNATURE-----

--ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab--


--===============6878375839482337756==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============6878375839482337756==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung