Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Pufferüberlauf in expat
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in expat
ID: USN-2983-1
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.10, Ubuntu 16.04 LTS
Datum: Mi, 18. Mai 2016, 14:33
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6259636886144107043==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2983-1
May 18, 2016

expat vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Expat could be made to crash or run programs as your login if it opened a
specially crafted file.

Software Description:
- expat: XML parsing C library

Details:

Gustavo Grieco discovered that Expat incorrectly handled malformed XML
data. If a user or application linked against Expat were tricked into
opening a crafted XML file, an attacker could cause a denial of service, or
possibly execute arbitrary code. (CVE-2016-0718)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
lib64expat1 2.1.0-7ubuntu0.16.04.1
libexpat1 2.1.0-7ubuntu0.16.04.1

Ubuntu 15.10:
lib64expat1 2.1.0-7ubuntu0.15.10.1
libexpat1 2.1.0-7ubuntu0.15.10.1

Ubuntu 14.04 LTS:
lib64expat1 2.1.0-4ubuntu1.2
libexpat1 2.1.0-4ubuntu1.2

Ubuntu 12.04 LTS:
lib64expat1 2.0.1-7.2ubuntu1.3
libexpat1 2.0.1-7.2ubuntu1.3

After a standard system upgrade you need to restart any applications linked
against Expat to effect the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2983-1
CVE-2016-0718

Package Information:
https://launchpad.net/ubuntu/+source/expat/2.1.0-7ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/expat/2.1.0-7ubuntu0.15.10.1
https://launchpad.net/ubuntu/+source/expat/2.1.0-4ubuntu1.2
https://launchpad.net/ubuntu/+source/expat/2.0.1-7.2ubuntu1.3



--wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJXPFdHAAoJEGVp2FWnRL6TfOgP/3lFOSY1kcZX38A+JIn6Qfbd
K+upZGBpjIvmdTxtEfBvc1e18exlnfGR69XH1LZEttz9rIgAy4v9DpY1HzI16VK7
qiFct86IKoaJFND8BJvaQSyFUo7FKTD4th/LWNrTX0gKD7x3dNu1Rv69L8nvc1sp
U8n6sR4iWEhIk441EbkpHegVkG5Di51lnqVxW6Hh7MmWIwbJE1yoc8iDE0cu8H8m
/c6xdJjkUF/GrNG2CldrTXnx8PXgHHcje/1FSpnPwhFiXhD689/Iip67npy4LHyx
WBisdsUp7PJaEbb2JQZgSjTt7FjqvU9hnQxxcxf+4wiJWKDIIjRVjzKGvxvNqb5g
20KE18mWk68krxjkwDCEjA5SDvlM2eDeSp4qGPibqJQhpSgchxRluor6HGlrjOfE
e7rK2vxL/UxjhGx0WhWgzMwwB5NA1e6RUTDOfhT4FSShpBTlzAnUem7v0Is86r3J
o2ysd2/07j+Y18gIlFuOWZNi7FCMrQnvBX/9cS153y1oG28ydMDLD11MJNVUICRx
1LYzvkHU0BnSJws/eJcy2FCcx+Qs+0DIpcn8Xh7eLKUtNlhbMiqTiJ6VTVvmSmSb
WN480Vc1blaKc0qGB6ILokxY2LKm9B2AyNWcnem61AgY9LWsg2wHY5Qa2dAb2AwG
2HNOh5RJGcfD6zs/Zel5
=gLNq
-----END PGP SIGNATURE-----

--wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1--


--===============6259636886144107043==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============6259636886144107043==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung