drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in KDE-Libs
Name: |
Überschreiben von Dateien in KDE-Libs |
|
ID: |
USN-3042-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.10 |
|
Datum: |
Di, 26. Juli 2016, 22:56 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6232 |
|
Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============7011357491661343817== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="p47gA4wHhmaN2mKhPtKKiTAvudeRPeNJD"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --p47gA4wHhmaN2mKhPtKKiTAvudeRPeNJD Content-Type: multipart/mixed; boundary="SVHEnmhlg7ND98XvljMAlwCETsur3m4uF" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <d5083d4f-1ad1-6377-eac9-fa1eabce686c@canonical.com> Subject: [USN-3042-1] KDE-Libs vulnerability
--SVHEnmhlg7ND98XvljMAlwCETsur3m4uF Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3042-1 July 26, 2016
kde4libs vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
KDE-Libs could be made to overwrite files.
Software Description: - kde4libs: KDE 4 core applications and libraries
Details:
Andreas Cord-Landwehr discovered that KDE-Libs incorrectly handled extracting certain archives. If a user were tricked into extracting a specially-crafted archive, a remote attacker could use this issue to overwrite arbitrary files out of the extraction directory.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.10: libkdecore5 4:4.14.13-0ubuntu1.1
Ubuntu 14.04 LTS: libkdecore5 4:4.13.3-0ubuntu0.3
Ubuntu 12.04 LTS: libkdecore5 4:4.8.5-0ubuntu0.5
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3042-1 CVE-2016-6232
Package Information: https://launchpad.net/ubuntu/+source/kde4libs/4:4.14.13-0ubuntu1.1 https://launchpad.net/ubuntu/+source/kde4libs/4:4.13.3-0ubuntu0.3 https://launchpad.net/ubuntu/+source/kde4libs/4:4.8.5-0ubuntu0.5
--SVHEnmhlg7ND98XvljMAlwCETsur3m4uF--
--p47gA4wHhmaN2mKhPtKKiTAvudeRPeNJD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJXl7PZAAoJEGVp2FWnRL6TeZgP/10zpb7SyTm8tOVjCItAbMuA mgW3YvDa6vI8K+NTBe5eoCp+dN79r03vQxdSvNRlh3zeIRM6kzeCpdFeJxo3xWME dSEq+fVxqPo63AFqtYBTPl/HLwVtV/D/iAbOX0Cw9ukRHLNBax/YmZEyiCDKbj+J +vM5/vJNt3s3MHfxFnqHPMl1JQkeT5l0FwJHCxNs2bfcJkoVETYAvl06vxIfi0eb bLyFJKHPttMHNFbfkznRqrkEhXkjkGbFqryCH1ThW6GoazbF9furHiLjd9odFeuE 1Q7tAVgKi5xKWoBH7t5llpDiRHTLKYEW5w4m2tQf9RNA/XsPZxAFUD67nEv6uqzT UqnLEXSVg+svg6v9C4FxFOfwNN/dhnkLF7NMbDBdXUUFw7MQrts1M5cJ5+ziBi8f ICZ8pVUS4i3Fb1RH0kIr9sXKMpZlMaKfo+seNaSsXymP0TF+CMQemLz7RDLFgHq2 +mmuKPcAkL3bC9J/NVZRluXwSGj1LgwStZ/uFfu3py2V4dGRk6BU2NUSU091GEQH P1nFYWv1TKWdq1s6eCFrkou4lptiD/vxIDyB5ysK1LkXfTpKLW4CZHnVIaSa/qLw XVyW3C5laZyno76wExLW7/pd7IWcodjFIvTMgsktK98Aoc3Lxa7CwH4legYKkC0A 81Tgob0QNPNXoClJEtLu =uu2Y -----END PGP SIGNATURE-----
--p47gA4wHhmaN2mKhPtKKiTAvudeRPeNJD--
--===============7011357491661343817== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7011357491661343817==--
|
|
|
|