drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in Libtasn1 (Aktualisierung)
| Name: |
Pufferüberlauf in Libtasn1 (Aktualisierung) |
|
| ID: |
USN-3309-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 ESM |
|
| Datum: |
Mi, 19. Juli 2017, 06:56 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6891 |
|
| Applikationen: |
GNU Libtasn1 |
|
| Update von: |
Denial of Service in Libtasn1 |
|
Originalnachricht |
--===============3421358943197894351==
Content-Type: multipart/signed; micalg="pgp-sha256";
protocol="application/pgp-signature";
boundary="=-vj30qeMZH8vtJ1K4uRCV"
--=-vj30qeMZH8vtJ1K4uRCV
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-3309-2
July 18, 2017
libtasn1-3 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Libtasn1 could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- libtasn1-3: Library to manage ASN.1 structures
Details:
Jakub Jirasek discovered that GnuTLS incorrectly handled certain
assignments files. If a user were tricked into processing a specially
crafted assignments file, a remote attacker could possibly execute
arbirary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
 libtasn1-3                      2.10-1ubuntu1.6
In general, a standard system update will make all the necessary
changes.
References:
 https://www.ubuntu.com/usn/usn-3309-2
 https://www.ubuntu.com/usn/usn-3309-1
 CVE-2017-6891
--ßj30qeMZH8vtJ1K4uRCV
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJZbnXpAAoJEEW851uECx9p9hIQAKoiuBwEm6/43sBKDfcRthWO
8oGj/o4xtgIlXqMBsNzlaeonoS+5L7DEzZXLLz0949/OMJDL606I9uLadLS89iHH
GgnU19RplVyOm3lphJWcbEEG/VVq7oEnl36A9v7NoX9zq/wc8EWODorKHGemvYZ0
8TGe6eQEUWftmaEPUXJtqrrEWcoi316E7/WFJwwmYcCbMpsSp7MsYWZ0M3il3PXn
oGbhNKMmcYKnzqhMmWnnlOwMUFsv+W5ZAiJI0G2Kjes6X9xJjhmACEErB0ufuBTS
Ep5qFfFPyefAA4LOKs5733gYdQYFjslXP2C2oFnbEJ/Rmjnerh9shhba88vIM440
IFZr8kkI4IRT621YVje8KmKy7Sab3Gh0MdnmhLA8KxgznG9iV3ywRKkK6B9AWvmi
Whv6GX9osM340yDil2dfG2eqtgUjK1cGInsvxf5fUCur4MPFI2OhTsxMECCqJd+O
joH040a3YEwK0baXbFLaZDmF36qelw36hQe6UOBfhQl/C7x4uE1dftqJhAH5kwFu
CKUXqhVyClUuaEBrVjMtTWNBBLa5TVWaWc5+az49vBSyP667+XO6Wj7+S2mde5eo
ft1CXXLSONxmuO5SFgPVClHa1b2HCCYZtydFN3OKHCcJnAP7/vEsWvJm+MG/enmB
qApk09VUxJLgU+5n5QVP
=0xz4
-----END PGP SIGNATURE-----
--=-vj30qeMZH8vtJ1K4uRCV--
--===============3421358943197894351==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3421358943197894351==--
|
|
|
|
