drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in FlightGear
Name: |
Überschreiben von Dateien in FlightGear |
|
ID: |
DSA-3742-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian sid, Debian jessie |
|
Datum: |
Di, 20. Dezember 2016, 22:46 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9956 |
|
Applikationen: |
FlightGear |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3742-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 20, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : flightgear CVE ID : CVE-2016-9956
It was discovered that the Flight Gear flight simulator performs insufficient sanitising of Nasal scripts which allows a malicious script to overwrite arbitrary files with the privileges of the user running Flight Gear.
For the stable distribution (jessie), this problem has been fixed in version 3.0.0-5+deb8u1.
For the unstable distribution (sid), this problem has been fixed in version 1:2016.4.3+dfsg-1.
We recommend that you upgrade your flightgear packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlhZbBMACgkQEMKTtsN8 TjaPeQ/9G/bLhroGZOmJize/NyU5u+H4p/IJh1zU3xfyoANJ9QLSE4Sk6D1G2Xca 90cniaB3KFMFWCk2qKfa1iOSr1EuGVZggOlGXkLTPt9dihDViyFZzGqRsskJMOm4 KL11TH/nBq5xTYbkQh2TOsrH6vNxqRNk4mVBiMv23nedbl5PQJEj7+FqbDqmcYfn NhNA0SvNfMY7Q/TuKBCq/1SMTu01aXmma74A++IPrgJW/1I+s8fWeqgK+vMxnh+I /UD1H0ylvJmqm3U2QK/5ttBP2k1SofpyupCYu7bKQ5JFX/wIYQ7zkIqF01kUeOR0 h/ZyIXmqhXpb0MroE64xPRFRBbxCMWIq1TR7CctBBEY2maAAMAESdJfvy35f8Ix8 B5u85vj0sbt67EubeT0U8Jnyb1W9E+SYJvy1It5wyVRVLlCym/bhQ1HAcPnrpls2 es/uPoKKGuhdkxLqtzNYeR4jT1to6RbVaVlUpx4ffEhSWIMSxCdJgfe4GXhiKN4N 90W2OGxaBKnv7QuUsCTVwTVV+bGZrD9s7JDow3j4irhwE4n5A3qBjLkUEN7eUXGR Zsxji6g8X9E6GvYWb9zBfjuuGOEqowLp5j6n6nSKLKVS0pXf4DNJaZkkakKxwIl8 0lNjkgbyZnpparI867yfMCJ2uLla1NeU2cq5yXsWfHPgI2/C3QY= =w5Q8 -----END PGP SIGNATURE-----
|
|
|
|