Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Pufferüberlauf in Libtasn1 (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in Libtasn1 (Aktualisierung)
ID: USN-3309-2
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 ESM
Datum: Mi, 19. Juli 2017, 06:56
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6891
Update von: Denial of Service in Libtasn1

Originalnachricht


--===============3421358943197894351==
Content-Type: multipart/signed; micalg="pgp-sha256";
protocol="application/pgp-signature";
boundary="=-vj30qeMZH8vtJ1K4uRCV"


--=-vj30qeMZH8vtJ1K4uRCV
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-3309-2
July 18, 2017

libtasn1-3 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Libtasn1 could be made to crash or run programs as your login if it
opened a specially crafted file.

Software Description:
- libtasn1-3: Library to manage ASN.1 structures

Details:

Jakub Jirasek discovered that GnuTLS incorrectly handled certain
assignments files. If a user were tricked into processing a specially
crafted assignments file, a remote attacker could possibly execute
arbirary
code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libtasn1-3                      2.10-1ubuntu1.6

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3309-2
  https://www.ubuntu.com/usn/usn-3309-1
  CVE-2017-6891

--ßj30qeMZH8vtJ1K4uRCV
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAABCAAGBQJZbnXpAAoJEEW851uECx9p9hIQAKoiuBwEm6/43sBKDfcRthWO
8oGj/o4xtgIlXqMBsNzlaeonoS+5L7DEzZXLLz0949/OMJDL606I9uLadLS89iHH
GgnU19RplVyOm3lphJWcbEEG/VVq7oEnl36A9v7NoX9zq/wc8EWODorKHGemvYZ0
8TGe6eQEUWftmaEPUXJtqrrEWcoi316E7/WFJwwmYcCbMpsSp7MsYWZ0M3il3PXn
oGbhNKMmcYKnzqhMmWnnlOwMUFsv+W5ZAiJI0G2Kjes6X9xJjhmACEErB0ufuBTS
Ep5qFfFPyefAA4LOKs5733gYdQYFjslXP2C2oFnbEJ/Rmjnerh9shhba88vIM440
IFZr8kkI4IRT621YVje8KmKy7Sab3Gh0MdnmhLA8KxgznG9iV3ywRKkK6B9AWvmi
Whv6GX9osM340yDil2dfG2eqtgUjK1cGInsvxf5fUCur4MPFI2OhTsxMECCqJd+O
joH040a3YEwK0baXbFLaZDmF36qelw36hQe6UOBfhQl/C7x4uE1dftqJhAH5kwFu
CKUXqhVyClUuaEBrVjMtTWNBBLa5TVWaWc5+az49vBSyP667+XO6Wj7+S2mde5eo
ft1CXXLSONxmuO5SFgPVClHa1b2HCCYZtydFN3OKHCcJnAP7/vEsWvJm+MG/enmB
qApk09VUxJLgU+5n5QVP
=0xz4
-----END PGP SIGNATURE-----

--=-vj30qeMZH8vtJ1K4uRCV--



--===============3421358943197894351==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============3421358943197894351==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung