drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux
Name: |
Mehrere Probleme in Linux |
|
ID: |
USN-1490-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS |
|
Datum: |
Sa, 30. Juni 2012, 09:34 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2313
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2319
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2375 |
|
Applikationen: |
Linux |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0088822169334494970== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enigB72F8B729FF8EC694DCD7A9B"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigB72F8B729FF8EC694DCD7A9B Content-Type: multipart/mixed; boundary="------------010105080105050409070706"
This is a multi-part message in MIME format. --------------010105080105050409070706 Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1490-1 June 29, 2012
linux-lts-backport-natty vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux-lts-backport-natty: Linux kernel backport from Natty
Details:
Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. (CVE-2012-2313)
Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user could exploit these flaws to gain root system priviliges. (CVE-2012-2319)
A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS). (CVE-2012-2375)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.04 LTS: linux-image-2.6.38-15-generic 2.6.38-15.61~lucid1 linux-image-2.6.38-15-generic-pae 2.6.38-15.61~lucid1 linux-image-2.6.38-15-server 2.6.38-15.61~lucid1 linux-image-2.6.38-15-virtual 2.6.38-15.61~lucid1
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1490-1 CVE-2012-2313, CVE-2012-2319, CVE-2012-2375
Package Information: https://launchpad.net/ubuntu/+source/linux-lts-backport-natty/2.6.38-15.61~lucid1
--------------010105080105050409070706 Content-Type: text/plain; charset=UTF-8; name="Attached Message Part" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Attached Message Part"
--------------010105080105050409070706--
--------------enigB72F8B729FF8EC694DCD7A9B Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCgAGBQJP7fu4AAoJEAUvNnAY1cPYloUP+QGnE/Q9lhKI98wJvxNq6tIl pdXLdx99JIcnHa3S5BpUrbjXBtW6deJwVKlszIg2xipjLgrFYhiNvxBjir9jLPsl vOLMf92L10j+hnPzBa2ejM0fCd21sGBECYhVgf24Wya2ahjSIyJvrn5wlDDfTACr fVqc4EBKhNrwwBqyoiLhN/esZRAVVItdXy8gOPh7bc7VDxV3h6dyro4elHKSAo0I DmXTCCaHowdJhI1WU5STbrHaIJAAw2rq+ZgV5QAlF8vMoTm+DWXBSrzTRLjAKLol 753nhEdxjT6xDetSw4Mj7aAaxP9NXrVBfAQ9YE9+ECRngN4k1NuTOpqX087UrFTJ D9rDduvSWVVil8OOZVdktQsddVr2AxCph949RRcLp2MjkM+wTNhsHAu2hqiqX+dy OHbTA2V4tw7lsuhxEXAG4OD8DL8nA4CIlM4zssBsxwUMoo46X5bjuV88B5GROv1s BGaUlsznBJkJNqvpt/4ylPCt5w4HiyBVehOhuh6SSl/w2oiA8D0IFOhOpyfrC93D 94BC1F/Pzd9D4dnXS5Nbo28tENaLy3A9CzfV9739kB5gSjafr7LaAuCMwHAM/Y6Q e87tKiNMywURikIixR/UJ4R2GfdPwBHPEjPVPOhM//V7u6t3wKh2gDn84kWvycFm GUJ1JoyfTgXlHsqKkL+S =sN53 -----END PGP SIGNATURE-----
--------------enigB72F8B729FF8EC694DCD7A9B--
--===============0088822169334494970== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0088822169334494970==--
|
|
|
|