drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in libx11
Name: |
Pufferüberlauf in libx11 |
|
ID: |
USN-2568-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 14.10 |
|
Datum: |
Mo, 13. April 2015, 20:46 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7439 |
|
Applikationen: |
X11 |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============3756855859997683481== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="e15bH1rAdiIRmo0cqWxDiwp5IGmFMBFSj"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --e15bH1rAdiIRmo0cqWxDiwp5IGmFMBFSj Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2568-1 April 13, 2015
libx11, libxrender vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
libx11 could be made to crash or run programs if it processed specially crafted data.
Software Description: - libxrender: X11 Rendering Extension client library - libx11: X11 client-side library
Details:
Abhishek Arya discovered that libX11 incorrectly handled memory in the MakeBigReq macro. A remote attacker could use this issue to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
In addition, following the macro fix in libx11, a number of other packages have also been rebuilt as security updates including libxrender, libxext, libxi, libxfixes, libxrandr, libsdl1.2, libxv, libxp, and xserver-xorg-video-vmware.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: libxrender1 1:0.9.8-1build0.14.10.1
Ubuntu 14.04 LTS: libxrender1 1:0.9.8-1build0.14.04.1
Ubuntu 12.04 LTS: libx11-dev 2:1.4.99.1-0ubuntu2.3 libxrender1 1:0.9.6-2ubuntu0.2
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2568-1 CVE-2013-7439
Package Information: https://launchpad.net/ubuntu/+source/libxrender/1:0.9.8-1build0.14.10.1 https://launchpad.net/ubuntu/+source/libxrender/1:0.9.8-1build0.14.04.1 https://launchpad.net/ubuntu/+source/libx11/2:1.4.99.1-0ubuntu2.3 https://launchpad.net/ubuntu/+source/libxrender/1:0.9.6-2ubuntu0.2
--e15bH1rAdiIRmo0cqWxDiwp5IGmFMBFSj Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJVK/5gAAoJEGVp2FWnRL6TzF4P/iEOKsR7HE1dG1KLfX75GQ5s hykRYNHHCoQYZbXaQ3q1Apjt1tQkfUUJ4tY810s8CdhB2EakmzjMno4qSD5C4X1n +aZowJoDoeUGty055jzfGR30Cv2fZl8keTQaWAK7VSqTuDQ2MhjvMh3ODlI9QyLr yGTCebN1f/37w4INNzqplDZLA81n/dVNIqqG0oR9zulPlcdqmQ0/+8LSJXlNR991 xBsrRb2BGZdmnjzQRoFTVS4MjisKj2X61LOSOuwdP2F9u4b27mcroeQjDl48m45F VLHrmfKOvEPSsdgVbZM+nrcf7r3EoN6qIkrj5qTABG/XxBUNqu2kkLCYTSUj88cE +szj3J5jyGIL4GVcQPaahrq0zsZJ/7joxRcsfqZf+aTsd9l6oxWH471rg4LecDsl 6n+FshF3lphEFtlhN7G2M2No5DRYiN/ETN0LP39eZzRa6z1+oAGOPgFuVCtF2LoQ HKShC/rk2UnjFeVyCSpq+ZXcihxIf9ZpTsOF1ktzxXblAlw3B3uHUkDa6PP+hoIq Kl1DHooS5MPSVWG1Nm+jEEn84nUIRlcTqsfjEgxChfukRD6bNhm2Sq+bLzKKHo0a Sz2OaIcW6lKzGrB3gFwP0TZoS3/MHLrOYj1GuDvWcdfAV64ZasQ6crT7zDihJmup 43EbYHHcuGqBd5+LpNoo =dHhs -----END PGP SIGNATURE-----
--e15bH1rAdiIRmo0cqWxDiwp5IGmFMBFSj--
--===============3756855859997683481== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3756855859997683481==--
|
|
|
|