drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in glibc und eglibc
| Name: |
Ausführen beliebiger Kommandos in glibc und eglibc |
|
| ID: |
USN-2900-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.10 |
|
| Datum: |
Mi, 17. Februar 2016, 06:47 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547 |
|
| Applikationen: |
GNU C library, GNU C library |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6878375839482337756==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-2900-1
February 16, 2016
eglibc, glibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
GNU C Library could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
- glibc: GNU C Library
- eglibc: GNU C Library
Details:
It was discovered that the GNU C Library incorrectly handled receiving
responses while performing DNS resolution. A remote attacker could use this
issue to cause the GNU C Library to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.10:
libc6 2.21-0ubuntu4.1
Ubuntu 14.04 LTS:
libc6 2.19-0ubuntu6.7
Ubuntu 12.04 LTS:
libc6 2.15-0ubuntu10.13
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2900-1
CVE-2015-7547
Package Information:
https://launchpad.net/ubuntu/+source/glibc/2.21-0ubuntu4.1
https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.7
https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.13
--ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJWw6BBAAoJEGVp2FWnRL6T7gAP/j7ExC0S06Uylke++ux/dvl7
MTiAwiLhDg2lUn8u+HVVuShdGmleseGaJpcd6gIPRjttjImlA+qsO7G6/+BeOfqP
vch/NaPqytn0Lgdc08JPHrVU1Lb05f8GoZ393YmnKhVaoWbEJ8Yz1BW7dL0f5Kbj
MpfJ20j7TbOX+mERhdHEZuanAZ8aSQQtCn8XWr5LWmzx/CFW3z7j60ICclsqgsVa
DzmPhQ9mfhsIyulgvOqyP+/r0m3Dk2JiYXBMyXY23KfUmxdETz44GmF9UKkJOol3
lR/0tFlHXnYzr+9ecikpQNEfSVGxVOgk28AqGVc7S1xMktnq2zV6TZwYQm4vLVtv
Fe2oEjfr7msRwiKO0LKKPnTjB9hoNQ3WWMmifSn4VZOKxS02+5PamnOneZyJZV0O
7yi9rrjkZP0pTf+Dti3o88Z4oy0oKzJ/XoNiZTcGpzAwjq5PttLKXdJAPL4Gy+SI
9h6mr5+//sL+AAD7UYvTy2IFMh7Kefv0iHVEcXdEAjSbq+pf6XLN5QRqJrRcuTOi
t27dpjeU0P4sU1mqkKsqDUBn8sKQh/ufYfyS6ZsJcqXW2otoP1x8+8mybCcydoGo
xC6cyTOrUVuSSm1BU9sBq3D5tda2I0LrRhqt4DpyPU2tH/0S/FQkNWPnFo9GPzkf
SXz5mLPQeQT7uZ23dOHB
=qe3v
-----END PGP SIGNATURE-----
--ciefWHepQaEXcSsbbU6GbkG0RK9vDmvab--
--===============6878375839482337756==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6878375839482337756==--
|
|
|
|
