Login
Newsletter
Werbung

Sicherheit: Fehlerhafte Zugriffsrechte in mountall
Aktuelle Meldungen Distributionen
Name: Fehlerhafte Zugriffsrechte in mountall
ID: USN-2411-1
Distribution: Ubuntu
Plattformen: Ubuntu 14.10
Datum: Mi, 19. November 2014, 07:34
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1421
Applikationen: mountall

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============4477334820762650397==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="0w4TGK0SIxkAKwqX4IMpAv7otb0bmq3QC"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--0w4TGK0SIxkAKwqX4IMpAv7otb0bmq3QC
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2411-1
November 18, 2014

mountall vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.10

Summary:

mountall could mount certain filesystems with the wrong permissions.

Software Description:
- mountall: filesystem mounting tool

Details:

Saurav Sengupta discovered that mountall incorrectly handled umask when
calling the mount utility, resulting in certain filesystems possibly being
mounted with incorrect permissions.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.10:
mountall 2.54ubuntu0.14.10.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2411-1
CVE-2014-1421

Package Information:
https://launchpad.net/ubuntu/+source/mountall/2.54ubuntu0.14.10.1



--0w4TGK0SIxkAKwqX4IMpAv7otb0bmq3QC
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUa0GEAAoJEGVp2FWnRL6TQlgP/2anRGJAHOoV2p2NkwRs4CfY
Fl8ZXEY/JSpCX5CXT4XEH7EfUK8ygPvDFH2HL0Eqh2PQvddXGw5gzIBfGBzjUyXo
ObVePdG6U1ppu6jG1OlhgvxCu2NDA24egYJ5TH03OjkOMj0+42oO+8ZhNtTEKZK+
LqmeB9cEGVeNPuiYffd42WVaL/kJ4dh8KV9OrK+Zy1DZ+iEpQ56hUDsnCzX4j/cD
7Satqr0yF/1c2nWNVd7yCuaBrfQioIfXcrB0i0v/H3gKiERgAQxBh8Gwn7DM7Ees
v7/MpwYtwwmhMvugFgftyR7KZ0WGqOaWrVoY2G2iuCSoyoSzkqXD/DuZh+rMUaTX
NQFFQYlrxrOYDO62NSzvDBmaohzWVJRHUPmhs+M1ivXGcrLcx1ANjNzfGve2TssD
9WnszMVOPM22YDvJzoBD+RDf1SLnnT8nz2gPNIn2uGofRPyDigZAbpgr3nkFLhlH
rpedccFWctLFbyKwWT6VmY6tHwxAOGuimdZdFnprf4dFc6VN8ECU/H7qa3uYWZE7
BT/ACsi6CP8VFSUwRyjRR7gLubKn7tDR4aN5yBt9X4OrP8Tk62hnIV1jYqtEVwUY
91w/kEOpVvzVnkRYgJXFgSjPWfkWbUg5ofJ3v9c97o8yiELX+KLYszB/SjoUzrqU
zs1Ty0iY5+Tbfimu9bUT
=VXb7
-----END PGP SIGNATURE-----

--0w4TGK0SIxkAKwqX4IMpAv7otb0bmq3QC--


--===============4477334820762650397==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============4477334820762650397==--
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung