drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in AppArmor
| Name: |
Mangelnde Rechteprüfung in AppArmor |
|
| ID: |
USN-2413-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 14.04 LTS |
|
| Datum: |
Fr, 21. November 2014, 01:19 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1424 |
|
| Applikationen: |
AppArmor |
|
Originalnachricht |
--===============9109168037048424396==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="pWyiEgJYm5f9v55/"
Content-Disposition: inline
--pWyiEgJYm5f9v55/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-2413-1
November 20, 2014
apparmor vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
apparmor_parser could allow applications that are confined by AppArmor to gain
unintended access to resources.
Software Description:
- apparmor: Linux security system
Details:
An AppArmor policy miscompilation flaw was discovered in apparmor_parser. Under
certain circumstances, a malicious application could use this flaw to perform
operations that are not allowed by AppArmor policy. The flaw may also prevent
applications from accessing resources that are allowed by AppArmor policy.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
apparmor 2.8.95~2430-0ubuntu5.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2413-1
CVE-2014-1424
Package Information:
https://launchpad.net/ubuntu/+source/apparmor/2.8.95~2430-0ubuntu5.1
--pWyiEgJYm5f9v55/
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUblh5AAoJENaSAD2qAscKTD0QALQCG0qgXqnE2uatqKX+fDfN
m45D4Ro5yxz2pZY0DTsqkP/C6XeSBz3exYQRUMShg5kWh6IT3Mzbi8CBV78HCtHQ
JuDiiGZa3Hjve51J4q9fU0J8E01V60mK1vyci85xTEkn+bLhpQl+nz2ryOvcwvfE
JA1zPGBz/10FPpR2SsV/uXMqpRIsG0dKSEyzJLLqRj2jtnnCsbV/4hr9gfMGJqvj
i5L8Pq7/uxA5zNI2MDFP/qhxqnAT/6/4CqqqCBqdnF7L/wRhc2D40lHlJXbJMDQE
jvd79sOzxU6Qhzq4hWO9Hhe3ehkoFn4mbU/VIPbt+pjtkjpk1LO4OUx2BqbG4825
a0UG7wuUNiP2yrxbibx9jt+fyIhYnJ4ZAXZPt3N3jolLBz3gQDLyoCuaIl/aX/ly
DHjrKZ00JmEHat46bFn3ptvb1RVPpR2lYHdIOPnueq9j7J01t3IhpeFLCZsMM+Z2
tdtfUZmd0kvHTn7hOVgl0HOlV2/C41AYX739CaoaH//sXWuCf1mTMXLMsawzpdbn
d9L3jhe6j6TYRAfyA/mEEURqM5wWKZt/WDVLMYM3JfBklM1bL1VSFRuDzJz4b0pe
s7eQ/gehWaOQIlY0bHKSCWKEJ6SFtsqpzb++Ybyg4euUo70YQqvtx+dIfBBwIAzS
PCk3TED0mGKe3aLbgfbM
=FA24
-----END PGP SIGNATURE-----
--pWyiEgJYm5f9v55/--
--===============9109168037048424396==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============9109168037048424396==--
|
|
|
|
