drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Eingabeprüfung in Software Properties (Aktualisierung)
Name: |
Mangelnde Eingabeprüfung in Software Properties (Aktualisierung) |
|
ID: |
USN-4457-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 ESM |
|
Datum: |
Mo, 17. August 2020, 22:27 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15709 |
|
Applikationen: |
Software Properties |
|
Update von: |
Mangelnde Eingabeprüfung in Software Properties |
|
Originalnachricht |
--===============5480166094537691777== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="FL5UXtIhxfXey3p5" Content-Disposition: inline
--FL5UXtIhxfXey3p5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4457-2 August 17, 2020
software-properties vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Software Properties could be made to manipulate the display.
Software Description: - software-properties: manage the repositories that you install software from
Details:
USN-4457-1 fixed a vulnerability in Software. This update provides the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Jason A. Donenfeld discovered that Software Properties incorrectly filtered certain escape sequences when displaying PPA descriptions. If a user were tricked into adding an arbitrary PPA, a remote attacker could possibly manipulate the screen.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: python-software-properties 0.92.37.8ubuntu0.1~esm1 python3-software-properties 0.92.37.8ubuntu0.1~esm1 software-properties-common 0.92.37.8ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4457-2 https://usn.ubuntu.com/4457-1 CVE-2020-15709
--FL5UXtIhxfXey3p5 Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl86me0ACgkQRbznW4QL H2lttQ//faoxhP9LZEyi58+AtIIrOC6oDBV+HjuQNKeziykqNb1W3xPpWY4VRtRQ s6+mO/1sBYIglWoY/9VhWZ3FZWUiFJKPpe3Eb1n5Wdp9NTN/mzyUrOU1M7O620UR xWSyVLszf1RIUYvSuHQYG60eUgau2fndWGr9qXD+A9/xB+8pqEsOvW5oST0RIjlH LdTDQedD12vCXZElzYJtEGoaxG+v62wwHnr9aLmNvoZ8fxhmvUdO6AXwiM5UV0Eo 3pcjoCmdOWgDyDC0uoXRkDhE04KeT9+RlWhqm6s0KotjHGTrrRepxBhl1AW2CqeB 2sV0lHMmxZudOr/dKhKzrTBKIxnFzg0GCJlbB9GZ5nrBZtigSeeHMDl+/H4nXdtb Jvm9Xf/SshSkpkKDjorp9b1Oyh3pmBlqNpolhnSVzIs2t8anwlsq/wJ8fkjIdc9F Ww2jwVv/QayN8nc00F+1YNgwuluKievT7cspG1dOM0mxB8Fu/9a8hvjbCtF1OkK+ eFQBeg2nmpQmRcAzpZ93TjDqi3Ra1+czwPv6Hx3+NuDbXDCWRE75+2eLIgy+BBtp m/DdiaDBAvbxTbbGhomr/Gt3udDzXbg2gSxAqoytilvcVwtgq038kp44ws6QG1vc Bza0uhMUPDevd78ZipnNLvwoJpoW1uyh3WtLdqIR7ea8ziBUbsk= =XpUd -----END PGP SIGNATURE-----
--FL5UXtIhxfXey3p5--
--===============5480166094537691777== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|