drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Fehlerhafte Zugriffsrechte in ubiquity-slideshow-ubuntu
Name: |
Fehlerhafte Zugriffsrechte in ubiquity-slideshow-ubuntu |
|
ID: |
USN-1561-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS |
|
Datum: |
Mo, 10. September 2012, 16:35 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0956 |
|
Applikationen: |
ubiquity-slideshow-ubuntu |
|
Originalnachricht |
--===============3033413200293822068== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-On3yliIZhbYyLGTuXM6E"
--=-On3yliIZhbYyLGTuXM6E Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1561-1 September 10, 2012
ubiquity-slideshow-ubuntu vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
ubiquity-slideshow-ubuntu would allow unintended access to files over the network during system installation.
Software Description: - ubiquity-slideshow-ubuntu: Ubiquity slideshow for Ubuntu
Details:
Paul Mutton discovered that ubiquity-slideshow-ubuntu incorrectly handled the Twitter feed displayed during system installation. A remote attacker could use this flaw to inject code into the Twitter feed and read arbitrary files off the filesystem during system installation. This flaw has been resolved in the Ubuntu 12.04.1 LTS installation images by disabling the Twitter feed.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: ubiquity-slideshow-ubuntu 58.2
Use of the Ubuntu 12.04.1 LTS installation images is required to resolve this issue.
References: http://www.ubuntu.com/usn/usn-1561-1 CVE-2012-0956
Package Information: https://launchpad.net/ubuntu/+source/ubiquity-slideshow-ubuntu/58.2
--Øn3yliIZhbYyLGTuXM6E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJQTfIyAAoJEGVp2FWnRL6TLqMP/jIm6yVAIyqo3OCqd/fw0zNE 6KqZXIxPgjquQxpIkVpNwayOBb1CCU8YusP6EEZevRu/384jHjjGyTYiToAVxBzr 0dCfEx7qX6kBF7flTZjnj9Xuoj36SJlreecPOsuOdVTHcHNef+qgH+L+3Hw2loL6 Hu63S3lD+xfLdHPGcXZIlplDri/BKvKLHXRKNA31WpEHdReUo3ZJ/V5+2PuETuDE rw2+hqiVoabTSIziFqnwVbU6DYTaNiNJQTLYlaBLgGspPe5XkZ06UodjbzLWi5fI XIOFks8RSmAE1UozBdiOh0ZsBTWUA/zzFqIgj8rLV89iq6NMCgom2Ut+OdPTed9r v2dusCySY7B3+zn7lmc+baTkWyfywK4qmeRMwCl59xQ07hVoUdspo8a6/PWMo1dV gtuulhSGrAYLCTVFf159wDqvF1/sQJ3kx7GgPcjrQ5ocMPmBdA8N2yT7DfYYNfbS h237CPZ/X/Vu89n43iZGFRT5Tak3+JvszbkggFPmNFl8tzG48XLHKjXaUnVBdNlD iTtPV9DD9iU1qd5NBH+P8WL68wQvUC+jJWXgYGoC2RQHk8uvSDfpdOS77UiiePpV xTJKX/pAAmZGsdgTpmgE8/iy8wjmmItM/154wwY4h71g0t9bD7QwDUHq3nVCs6SA snbZNeHZqSKt01mT+Qsi =kIwl -----END PGP SIGNATURE-----
--=-On3yliIZhbYyLGTuXM6E--
--===============3033413200293822068== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3033413200293822068==--
|
|
|
|