drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Eingabeprüfung in Software Properties (Aktualisierung)
| Name: |
Mangelnde Eingabeprüfung in Software Properties (Aktualisierung) |
|
| ID: |
USN-4457-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 14.04 ESM |
|
| Datum: |
Mo, 17. August 2020, 22:27 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15709 |
|
| Applikationen: |
Software Properties |
|
| Update von: |
Mangelnde Eingabeprüfung in Software Properties |
|
Originalnachricht |
--===============5480166094537691777==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="FL5UXtIhxfXey3p5"
Content-Disposition: inline
--FL5UXtIhxfXey3p5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-4457-2
August 17, 2020
software-properties vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Software Properties could be made to manipulate the display.
Software Description:
- software-properties: manage the repositories that you install software from
Details:
USN-4457-1 fixed a vulnerability in Software. This update provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Jason A. Donenfeld discovered that Software Properties incorrectly filtered
certain escape sequences when displaying PPA descriptions. If a user were
tricked into adding an arbitrary PPA, a remote attacker could possibly
manipulate the screen.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
python-software-properties 0.92.37.8ubuntu0.1~esm1
python3-software-properties 0.92.37.8ubuntu0.1~esm1
software-properties-common 0.92.37.8ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4457-2
https://usn.ubuntu.com/4457-1
CVE-2020-15709
--FL5UXtIhxfXey3p5
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl86me0ACgkQRbznW4QL
H2lttQ//faoxhP9LZEyi58+AtIIrOC6oDBV+HjuQNKeziykqNb1W3xPpWY4VRtRQ
s6+mO/1sBYIglWoY/9VhWZ3FZWUiFJKPpe3Eb1n5Wdp9NTN/mzyUrOU1M7O620UR
xWSyVLszf1RIUYvSuHQYG60eUgau2fndWGr9qXD+A9/xB+8pqEsOvW5oST0RIjlH
LdTDQedD12vCXZElzYJtEGoaxG+v62wwHnr9aLmNvoZ8fxhmvUdO6AXwiM5UV0Eo
3pcjoCmdOWgDyDC0uoXRkDhE04KeT9+RlWhqm6s0KotjHGTrrRepxBhl1AW2CqeB
2sV0lHMmxZudOr/dKhKzrTBKIxnFzg0GCJlbB9GZ5nrBZtigSeeHMDl+/H4nXdtb
Jvm9Xf/SshSkpkKDjorp9b1Oyh3pmBlqNpolhnSVzIs2t8anwlsq/wJ8fkjIdc9F
Ww2jwVv/QayN8nc00F+1YNgwuluKievT7cspG1dOM0mxB8Fu/9a8hvjbCtF1OkK+
eFQBeg2nmpQmRcAzpZ93TjDqi3Ra1+czwPv6Hx3+NuDbXDCWRE75+2eLIgy+BBtp
m/DdiaDBAvbxTbbGhomr/Gt3udDzXbg2gSxAqoytilvcVwtgq038kp44ws6QG1vc
Bza0uhMUPDevd78ZipnNLvwoJpoW1uyh3WtLdqIR7ea8ziBUbsk=
=XpUd
-----END PGP SIGNATURE-----
--FL5UXtIhxfXey3p5--
--===============5480166094537691777==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|
