drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in expat
Name: |
Pufferüberlauf in expat |
|
ID: |
USN-2983-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.10, Ubuntu 16.04 LTS |
|
Datum: |
Mi, 18. Mai 2016, 14:33 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718 |
|
Applikationen: |
expat |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============6259636886144107043== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1 Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2983-1 May 18, 2016
expat vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS - Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
Expat could be made to crash or run programs as your login if it opened a specially crafted file.
Software Description: - expat: XML parsing C library
Details:
Gustavo Grieco discovered that Expat incorrectly handled malformed XML data. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2016-0718)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: lib64expat1 2.1.0-7ubuntu0.16.04.1 libexpat1 2.1.0-7ubuntu0.16.04.1
Ubuntu 15.10: lib64expat1 2.1.0-7ubuntu0.15.10.1 libexpat1 2.1.0-7ubuntu0.15.10.1
Ubuntu 14.04 LTS: lib64expat1 2.1.0-4ubuntu1.2 libexpat1 2.1.0-4ubuntu1.2
Ubuntu 12.04 LTS: lib64expat1 2.0.1-7.2ubuntu1.3 libexpat1 2.0.1-7.2ubuntu1.3
After a standard system upgrade you need to restart any applications linked against Expat to effect the necessary changes.
References: http://www.ubuntu.com/usn/usn-2983-1 CVE-2016-0718
Package Information: https://launchpad.net/ubuntu/+source/expat/2.1.0-7ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/expat/2.1.0-7ubuntu0.15.10.1 https://launchpad.net/ubuntu/+source/expat/2.1.0-4ubuntu1.2 https://launchpad.net/ubuntu/+source/expat/2.0.1-7.2ubuntu1.3
--wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJXPFdHAAoJEGVp2FWnRL6TfOgP/3lFOSY1kcZX38A+JIn6Qfbd K+upZGBpjIvmdTxtEfBvc1e18exlnfGR69XH1LZEttz9rIgAy4v9DpY1HzI16VK7 qiFct86IKoaJFND8BJvaQSyFUo7FKTD4th/LWNrTX0gKD7x3dNu1Rv69L8nvc1sp U8n6sR4iWEhIk441EbkpHegVkG5Di51lnqVxW6Hh7MmWIwbJE1yoc8iDE0cu8H8m /c6xdJjkUF/GrNG2CldrTXnx8PXgHHcje/1FSpnPwhFiXhD689/Iip67npy4LHyx WBisdsUp7PJaEbb2JQZgSjTt7FjqvU9hnQxxcxf+4wiJWKDIIjRVjzKGvxvNqb5g 20KE18mWk68krxjkwDCEjA5SDvlM2eDeSp4qGPibqJQhpSgchxRluor6HGlrjOfE e7rK2vxL/UxjhGx0WhWgzMwwB5NA1e6RUTDOfhT4FSShpBTlzAnUem7v0Is86r3J o2ysd2/07j+Y18gIlFuOWZNi7FCMrQnvBX/9cS153y1oG28ydMDLD11MJNVUICRx 1LYzvkHU0BnSJws/eJcy2FCcx+Qs+0DIpcn8Xh7eLKUtNlhbMiqTiJ6VTVvmSmSb WN480Vc1blaKc0qGB6ILokxY2LKm9B2AyNWcnem61AgY9LWsg2wHY5Qa2dAb2AwG 2HNOh5RJGcfD6zs/Zel5 =gLNq -----END PGP SIGNATURE-----
--wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1--
--===============6259636886144107043== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6259636886144107043==--
|
|
|
|