drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in expat
| Name: |
Pufferüberlauf in expat |
|
| ID: |
USN-2983-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.10, Ubuntu 16.04 LTS |
|
| Datum: |
Mi, 18. Mai 2016, 14:33 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718 |
|
| Applikationen: |
expat |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6259636886144107043==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-2983-1
May 18, 2016
expat vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Expat could be made to crash or run programs as your login if it opened a
specially crafted file.
Software Description:
- expat: XML parsing C library
Details:
Gustavo Grieco discovered that Expat incorrectly handled malformed XML
data. If a user or application linked against Expat were tricked into
opening a crafted XML file, an attacker could cause a denial of service, or
possibly execute arbitrary code. (CVE-2016-0718)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
lib64expat1 2.1.0-7ubuntu0.16.04.1
libexpat1 2.1.0-7ubuntu0.16.04.1
Ubuntu 15.10:
lib64expat1 2.1.0-7ubuntu0.15.10.1
libexpat1 2.1.0-7ubuntu0.15.10.1
Ubuntu 14.04 LTS:
lib64expat1 2.1.0-4ubuntu1.2
libexpat1 2.1.0-4ubuntu1.2
Ubuntu 12.04 LTS:
lib64expat1 2.0.1-7.2ubuntu1.3
libexpat1 2.0.1-7.2ubuntu1.3
After a standard system upgrade you need to restart any applications linked
against Expat to effect the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2983-1
CVE-2016-0718
Package Information:
https://launchpad.net/ubuntu/+source/expat/2.1.0-7ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/expat/2.1.0-7ubuntu0.15.10.1
https://launchpad.net/ubuntu/+source/expat/2.1.0-4ubuntu1.2
https://launchpad.net/ubuntu/+source/expat/2.0.1-7.2ubuntu1.3
--wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJXPFdHAAoJEGVp2FWnRL6TfOgP/3lFOSY1kcZX38A+JIn6Qfbd
K+upZGBpjIvmdTxtEfBvc1e18exlnfGR69XH1LZEttz9rIgAy4v9DpY1HzI16VK7
qiFct86IKoaJFND8BJvaQSyFUo7FKTD4th/LWNrTX0gKD7x3dNu1Rv69L8nvc1sp
U8n6sR4iWEhIk441EbkpHegVkG5Di51lnqVxW6Hh7MmWIwbJE1yoc8iDE0cu8H8m
/c6xdJjkUF/GrNG2CldrTXnx8PXgHHcje/1FSpnPwhFiXhD689/Iip67npy4LHyx
WBisdsUp7PJaEbb2JQZgSjTt7FjqvU9hnQxxcxf+4wiJWKDIIjRVjzKGvxvNqb5g
20KE18mWk68krxjkwDCEjA5SDvlM2eDeSp4qGPibqJQhpSgchxRluor6HGlrjOfE
e7rK2vxL/UxjhGx0WhWgzMwwB5NA1e6RUTDOfhT4FSShpBTlzAnUem7v0Is86r3J
o2ysd2/07j+Y18gIlFuOWZNi7FCMrQnvBX/9cS153y1oG28ydMDLD11MJNVUICRx
1LYzvkHU0BnSJws/eJcy2FCcx+Qs+0DIpcn8Xh7eLKUtNlhbMiqTiJ6VTVvmSmSb
WN480Vc1blaKc0qGB6ILokxY2LKm9B2AyNWcnem61AgY9LWsg2wHY5Qa2dAb2AwG
2HNOh5RJGcfD6zs/Zel5
=gLNq
-----END PGP SIGNATURE-----
--wKKhdkvL8cuPV2fPifpUpsEc69Kw15MQ1--
--===============6259636886144107043==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6259636886144107043==--
|
|
|
|
