Login
Newsletter
Werbung

Sicherheit: Mangelnde Rechteprüfung in X.Org
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in X.Org
ID: USN-1349-1
Distribution: Ubuntu
Plattformen: Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04, Ubuntu 11.10
Datum: Do, 26. Januar 2012, 22:35
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4613
Applikationen: X11

Originalnachricht


--===============5741918688863420434==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-nIhaskgV674S/o7iKgYf"


--=-nIhaskgV674S/o7iKgYf
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1349-1
January 26, 2012

xorg vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS

Summary:

X could be made to start by a user who lacked appropriate permissions.

Software Description:
- xorg: X.Org X Window System

Details:

It was discovered that the X wrapper incorrectly checked certain console
permissions when launched by unprivileged users. An attacker connected
remotely could use this flaw to start X, bypassing the console permissions
check.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
xserver-xorg 1:7.6+7ubuntu7.1

Ubuntu 11.04:
xserver-xorg 1:7.6+4ubuntu3.2

Ubuntu 10.10:
xserver-xorg 1:7.5+6ubuntu3.1

Ubuntu 10.04 LTS:
xserver-xorg 1:7.5+5ubuntu1.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1349-1
CVE-2011-4613

Package Information:
https://launchpad.net/ubuntu/+source/xorg/1:7.6+7ubuntu7.1
https://launchpad.net/ubuntu/+source/xorg/1:7.6+4ubuntu3.2
https://launchpad.net/ubuntu/+source/xorg/1:7.5+6ubuntu3.1
https://launchpad.net/ubuntu/+source/xorg/1:7.5+5ubuntu1.1



--×IhaskgV674S/o7iKgYf
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJPIZ4WAAoJEGVp2FWnRL6TEqwQAIveOI36ShwzqPoe3dmGnTlI
dCBx9Sp1I25E72tm9SKNfmLjxLT10t9EcAt9mAuqsxx5PAfx22IXkAHXE35MkFNF
Ypnd3ktWxLUxg5K8FsNTKBs77uBIoY9U6hXxsafze3cr1EVzCMR+pQo6/xMzIoqa
2Brr4a2+vL0gAJqL5XtCtJIhDpF/8DznXDLszMfQGOXH1QlRUnvgc4OSx+4aXvXU
LEAup4kgJWmK5JSLwoRngZcRo5CYIALFuAfQUdnFKdw8ItbjvpfCGz4uUiMZ+cFj
g7ymy0v8A7hyqh5W2vTZP3EpStsn27efqjlj6xm4ECu2qpCJVIu1GaIv0e4yct5S
JKz88nc9bpK0KRmz5PsB+mkBumOCv5++wLSbqNUecx24JjKg3O0Punc27kxxyKJ8
VDkxxfuoFNmRVD25IHn9oLuSfmESQRKK7IOaerFEvjigQEdM+ITVrHlp/9HATTgX
UanJHC9XeDVdLHtRQZp/L5X/8129e7Fln4bPcpQwoSodmGo0vcd3qxaY0RI+/8+S
w3QUb/09Wzmdt9qEBchSdAy1cabErinPkxtrO6ITOXtd6+NFMiebYakWPX8LExCo
VJ3pdQ3p/2sxrjQpcvZQZwcYj7ulEHNz80b7+zvxmqpG3Cp9y2lQUXyCcjm2TM5E
ZluHU8yPXD2G5BdCf64K
=kHGa
-----END PGP SIGNATURE-----

--=-nIhaskgV674S/o7iKgYf--



--===============5741918688863420434==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============5741918688863420434==--
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung