drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in glibc und eglibc
Name: |
Ausführen beliebiger Kommandos in glibc und eglibc |
|
ID: |
USN-2900-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.10 |
|
Datum: |
Mi, 17. Februar 2016, 06:47 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547 |
|
Applikationen: |
GNU C library, GNU C library |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============6878375839482337756== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2900-1 February 16, 2016
eglibc, glibc vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
GNU C Library could be made to crash or run programs if it received specially crafted network traffic.
Software Description: - glibc: GNU C Library - eglibc: GNU C Library
Details:
It was discovered that the GNU C Library incorrectly handled receiving responses while performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.10: libc6 2.21-0ubuntu4.1
Ubuntu 14.04 LTS: libc6 2.19-0ubuntu6.7
Ubuntu 12.04 LTS: libc6 2.15-0ubuntu10.13
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2900-1 CVE-2015-7547
Package Information: https://launchpad.net/ubuntu/+source/glibc/2.21-0ubuntu4.1 https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.7 https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.13
--ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJWw6BBAAoJEGVp2FWnRL6T7gAP/j7ExC0S06Uylke++ux/dvl7 MTiAwiLhDg2lUn8u+HVVuShdGmleseGaJpcd6gIPRjttjImlA+qsO7G6/+BeOfqP vch/NaPqytn0Lgdc08JPHrVU1Lb05f8GoZ393YmnKhVaoWbEJ8Yz1BW7dL0f5Kbj MpfJ20j7TbOX+mERhdHEZuanAZ8aSQQtCn8XWr5LWmzx/CFW3z7j60ICclsqgsVa DzmPhQ9mfhsIyulgvOqyP+/r0m3Dk2JiYXBMyXY23KfUmxdETz44GmF9UKkJOol3 lR/0tFlHXnYzr+9ecikpQNEfSVGxVOgk28AqGVc7S1xMktnq2zV6TZwYQm4vLVtv Fe2oEjfr7msRwiKO0LKKPnTjB9hoNQ3WWMmifSn4VZOKxS02+5PamnOneZyJZV0O 7yi9rrjkZP0pTf+Dti3o88Z4oy0oKzJ/XoNiZTcGpzAwjq5PttLKXdJAPL4Gy+SI 9h6mr5+//sL+AAD7UYvTy2IFMh7Kefv0iHVEcXdEAjSbq+pf6XLN5QRqJrRcuTOi t27dpjeU0P4sU1mqkKsqDUBn8sKQh/ufYfyS6ZsJcqXW2otoP1x8+8mybCcydoGo xC6cyTOrUVuSSm1BU9sBq3D5tda2I0LrRhqt4DpyPU2tH/0S/FQkNWPnFo9GPzkf SXz5mLPQeQT7uZ23dOHB =qe3v -----END PGP SIGNATURE-----
--ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab--
--===============6878375839482337756== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6878375839482337756==--
|
|
|
|