drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in KDE-PIM
Name: |
Ausführen beliebiger Kommandos in KDE-PIM |
|
ID: |
USN-3100-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS |
|
Datum: |
Mi, 12. Oktober 2016, 16:38 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7966 |
|
Applikationen: |
KDE-PIM |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8390898491890226862== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="fHB0rs5KVCRFnXvCn0mm8EIUXwo8gjh65"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --fHB0rs5KVCRFnXvCn0mm8EIUXwo8gjh65 Content-Type: multipart/mixed; boundary="3SPA8UbW36SEoh34jTeTIfBdwexD84qWX" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <518dc695-0e8d-502c-40de-413193b11407@canonical.com> Subject: [USN-3100-1] KDE-PIM Libraries vulnerability
--3SPA8UbW36SEoh34jTeTIfBdwexD84qWX Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3100-1 October 12, 2016
kdepimlibs vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
KMail could be made to run HTML if it opened a specially crafted email.
Software Description: - kdepimlibs: the KDE PIM libraries
Details:
Roland Tapken discovered that the KDE-PIM Libraries incorrectly filtered URLs. A remote attacker could use this issue to perform an HTML injection attack in the KMail plain text viewer.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libkpimutils4 4:4.8.5-0ubuntu0.3
After a standard system update you need to restart KMail to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3100-1 CVE-2016-7966
Package Information: https://launchpad.net/ubuntu/+source/kdepimlibs/4:4.8.5-0ubuntu0.3
--3SPA8UbW36SEoh34jTeTIfBdwexD84qWX--
--fHB0rs5KVCRFnXvCn0mm8EIUXwo8gjh65 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJX/ihcAAoJEGVp2FWnRL6TXd0P/jhCVOBA9T7BKQAc22Qeakqy 6Z6B93q5gU4tXX6xcU628JGeD5uV9ikIHMTpXP6Ae97knp8Emr2wKsKD5EO3cYwX XTQ0UX5yOuOWylgGxvLOqmuwD+i0TfqzN4tpJsgFg8ez90SpNGrPXN6kxmUN+DjL muFOfcuqR7/o5SDe249ltYTpYDhIv6IYqd4Zx0nwXaRIh+QL2mrmH01piRNepPyy +WkXFYeKe8/lgiVuXtmSG/R/uImEez97jYc7jqPexXiptNFcxjF3RGKR6EJyeeFM UsmvOp5zBi1RqfbJGnHylo/1EVl8qoNAmM7Mje6xN1p2cROOv42d/kWJottWexs0 DTtpkWTVP1MK21Cal26m5HhpWyyrRQ7MXlWDgRiT9vU5X4/SaS+JY6u5rokz4bC/ u//FQhC3OpMlhQSD1iGPKqtnLj0tgRQnDh/+t/lmu9tY8VmkUIxxTOYBo8tSioKV qsFdol7n6Zwlc1g/MACd7uhy2OpdD/gys/iL9bU+h606j9P+Tsto8Sjr8wlIPp2B 4+MolSFeiL4I4SjctfH+dkFTrX/nLgUnj6UmVpO5i/6SMXy5zfvxH0m6ESkZjF+B BZt6lSrMBncazcbLtX8rr9HzW+8nwDSuEIfKccY/+6pgTHP3dFmZAeEjXHoeaDqo W/Cj9LFcD6zvLZ0kmqhe =UUmX -----END PGP SIGNATURE-----
--fHB0rs5KVCRFnXvCn0mm8EIUXwo8gjh65--
--===============8390898491890226862== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============8390898491890226862==--
|
|
|
|