Sicherheit: Ausführen beliebiger Kommandos in xserver-xorg-video-openchrome

Lesezeichen hinzufügen

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============8359828207857040017==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="------------enigE6261BA54AC68CE4C17E46DD"

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigE6261BA54AC68CE4C17E46DD
Content-Type: text/plain; charset=ISO-8859-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1871-1
June 10, 2013

xserver-xorg-video-openchrome, xserver-xorg-video-openchrome-lts-quantal
vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in xserver-xorg-video-openchrome.

Software Description:
- xserver-xorg-video-openchrome: X.Org X server -- VIA display driver
- xserver-xorg-video-openchrome-lts-quantal: X.Org X server -- VIA
display driver

Details:

Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
xserver-xorg-video-openchrome 1:0.3.1-0ubuntu1.13.04.1

Ubuntu 12.10:
xserver-xorg-video-openchrome 1:0.3.1-0ubuntu1.12.10.1

Ubuntu 12.04 LTS:
xserver-xorg-video-openchrome 1:0.2.904+svn1050-1ubuntu0.1
xserver-xorg-video-openchrome-lts-quantal 1:0.3.1-0ubuntu1~precise3

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1871-1
CVE-2013-1994

Package Information:

https://launchpad.net/ubuntu/+source/xserver-xorg-video-openchrome/1:0.3.1-0ubuntu1.13.04.1

https://launchpad.net/ubuntu/+source/xserver-xorg-video-openchrome/1:0.3.1-0ubuntu1.12.10.1

https://launchpad.net/ubuntu/+source/xserver-xorg-video-openchrome/1:0.2.904+svn1050-1ubuntu0.1

https://launchpad.net/ubuntu/+source/xserver-xorg-video-openchrome-lts-quantal/1:0.3.1-0ubuntu1~precise3

--------------enigE6261BA54AC68CE4C17E46DD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRth+VAAoJEGVp2FWnRL6TE7YQAIHGgo2KY3cBbGGDvEp4stkO
6eX32JmRAlxm070/OkReW1ekS2JqMa3OWvloVHoodBU55/yCF+NBW4pcOK1tjzN0
kBLH17umdJBu+BRw24c479ociBtn87ZPDUhFnCBCV4Mp0gQcV8WMH2yEkt4dLXL0
hc1veZa8kLo92qL2Zq49hiyLzdxqurx08/TIUei32HEzUQtn3k5hWLslfJMHERma
4Y0q+tMHVP1W2DgLHwJBNz3znFXDD+pM8TjmQqtX5mFI6AEhkmHa23M4HXQGJVv3
miLEh290tU3UR6gNozPZehGeIA2p8LgE1dZftaDWSH+oy5Ok+3QgyLuLNZS3biD1
Ahqi0n/V7EuGFwa3Bn8VeOQ1841xm4Gbv6KKIxnGl+uDy9uTtxB04qkT+VT7Jl9j
xXgDXiffnBvZ6+xPbE/FxJc0IVXm+cwDly8nPmEAC1KEs7JCluKNFpSh4gb3yvPR
Xp62izo7rOlKT1Nyelv9A64nUW+1Xbu6IZIMt3F4CsqPZGCxhLycTfS7omJRO5bF
6KnKeAWHjHErYduqrI6zLiGUhbho7PWnnssUoZN86EviYdWcMQetv17zBloivlaK
2sn7NLnAK8REIPdNhmWJ1X0Ew3jOGCp+68gud8pFgFs/5IjwWjYlZXa7ZD++k7hc
omAsxJy3JNKmm/jNJFhy
=EWkB
-----END PGP SIGNATURE-----

--------------enigE6261BA54AC68CE4C17E46DD--

--===============8359828207857040017==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============8359828207857040017==--