Login
Newsletter
Werbung

Sicherheit: Löschen beliebiger Dateien in lightdm (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Löschen beliebiger Dateien in lightdm (Aktualisierung)
ID: USN-1399-2
Distribution: Ubuntu
Plattformen: Ubuntu 11.10
Datum: Di, 13. März 2012, 16:36
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0943
Applikationen: LightDM
Update von: Löschen beliebiger Dateien in gdm-guest-session

Originalnachricht


--===============0303480585694669611==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-KxR892SuR4oSAM5/kP+W"


--=-KxR892SuR4oSAM5/kP+W
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1399-2
March 13, 2012

lightdm vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10

Summary:

Light Display Manager could be made to delete files as the administrator.

Software Description:
- lightdm: Display Manager

Details:

Ryan Lortie discovered that a guest session script bundled in the Light
Display Manager package improperly cleaned out certain guest session files.
A local attacker could use this issue to delete arbitrary files.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
lightdm 1.0.6-0ubuntu1.6

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1399-2
http://www.ubuntu.com/usn/usn-1399-1
CVE-2012-0943

Package Information:
https://launchpad.net/ubuntu/+source/lightdm/1.0.6-0ubuntu1.6



--ÔxR892SuR4oSAM5/kP+W
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJPX1BsAAoJEGVp2FWnRL6Th20P/jONo1S6cmQdYuoZC516iVl8
KSeIAMeauD3rmUw2cbEJyfttpPCqXjoyAFB/zt+2FkqKEbUWe0Mv23jZ/bxgoQPC
I6rhChOqgcWL9aEsNWHETAIXVQsZlNrO6PA5B9u+Kj+FcC3SvWzu5OWDe6HWGQ8E
rSMMH2TNe+lODEtr7LrOWm2F1EghB6VUkAznLAYdzn97791CCqbcoHeAzfjH8sez
x19MXxh1R9H2KT3oMleSgLjsijX1MgUAKqkw5hYJ1Pog/INC9L41vOe8sDXYSHRl
1jhUPbao00MAqfEDXJZXw5ieJ7hcaGfDxvhikgVChVsUzTXUak4X1tSQy8Ty4SPM
JySLOylZIWku/e0X+uxJePqbtfpGNESaXSAe8UuV64JOO/X8sZYUzmSk+Xgf/DQW
C0+Vl1lJTYevFHiIZgmK/yCOLj+uxPGvERxkNYV0HpoCugBPKhV1CT7skbzl2Z7I
DGId7vbC0cLv3ZMebwD3ADdiRhy9Uvoum09DHsWmv7Us1rF0VMY4e2tbbTRXZnzx
L2duW4rNx4Uz5xdb1KIlYEP7mIr3HNQmYxC1YtclXlCO/ww4j+tf+z+r5Ifhl6vh
lbfg46f3wgO0heGH2/WVS6LovmLaqFo4NDO4eoYAPbqYFM5GsGuTDqoLMKI2jMM7
9di4+iLWnfjxalOWmEzh
=p6X3
-----END PGP SIGNATURE-----

--=-KxR892SuR4oSAM5/kP+W--



--===============0303480585694669611==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============0303480585694669611==--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung