drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in KDE-Libs
Name: |
Preisgabe von Informationen in KDE-Libs |
|
ID: |
USN-3223-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 14.04 LTS |
|
Datum: |
Do, 9. März 2017, 16:41 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6410 |
|
Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============5832324857150364840== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ja0WLTOBGqCgGAEuOM0QaQNCHlk28SHh0"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ja0WLTOBGqCgGAEuOM0QaQNCHlk28SHh0 Content-Type: multipart/mixed; boundary="hBEsp5TAWFtGh6GgQF6p45Ld0N01MnHnt" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <dd656593-ce3d-340f-e6e1-57d03f132b5f@canonical.com> Subject: [USN-3223-1] KDE-Libs vulnerability
--hBEsp5TAWFtGh6GgQF6p45Ld0N01MnHnt Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3223-1 March 09, 2017
kde4libs vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
KDE-Libs could be made to expose sensitive information over the network.
Software Description: - kde4libs: KDE 4 core applications and libraries
Details:
Itzik Kotler, Yonatan Fridburg, and Amit Klein discovered that KDE-Libs incorrectly handled certain PAC files. A remote attacker could possibly use this issue to obtain sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: kdelibs5-plugins 4:4.13.3-0ubuntu0.4
Ubuntu 12.04 LTS: kdelibs5-plugins 4:4.8.5-0ubuntu0.6
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-3223-1 CVE-2017-6410
Package Information: https://launchpad.net/ubuntu/+source/kde4libs/4:4.13.3-0ubuntu0.4 https://launchpad.net/ubuntu/+source/kde4libs/4:4.8.5-0ubuntu0.6
--hBEsp5TAWFtGh6GgQF6p45Ld0N01MnHnt--
--ja0WLTOBGqCgGAEuOM0QaQNCHlk28SHh0 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJYwWMaAAoJEGVp2FWnRL6TvDQP/A3WWVLWZSFiriyQpz5dofMT GbKnYuScFLmlQGuqBVSxYBIyxqKo90XM5Jerx6lZsvN2+qS/9yo55YRqEb2MxC4/ 8vADuBGoDz1pTm1sg57IEkxn5iFCTKPxDunDatLgmz6XIR7fWcGBMDvNSfoujwmn +l07Ie9Yd6iVA/woGyr67WcSJUAohm0+xlrvz+e17lBxzd4TKhdjkHfWILucaGgC SGRsAS7vjVjGB9yFglRFmV/Rc58x29lqh2F67WCWoelwcZt1opwkfJIV105J3Jc2 jOVrLnFxYBvnnttaUaWqHpPLq//8m39YuldP1P8Q+xXRz9yuA3jC2BI/laI7ZWzh Mwifw8vtUiWSZozquQn4Fvncbm4MtF/CQSyv5B19Wgpz5ylIe3JSCn+ddyot9wYY GvaIytsKN+alK7JCLBIBtlNw5XnKs3caI/60iGxd8uaFfKKfnY/6ne1kcUz6ZG5S UmYsakq+EAD66p39nfkwkHvj8FZ2V4N4djfc/7kt9eQvWFNy/cU2Bo0NJWNwbZtM ntVZUcKHmLE7zach1j6fGfm3s2h27hjb27rAWEyKcoTcSJqIdkWSKam+/134YV1g JGqPpaeJSkTOTWZGUICRqGY4okNLKkhGdmN5JolcpemzIBlqhDq6GlUC4xHIjMFs RYJMSzPs5UqKlg27N/V6 =GPVL -----END PGP SIGNATURE-----
--ja0WLTOBGqCgGAEuOM0QaQNCHlk28SHh0--
--===============5832324857150364840== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============5832324857150364840==--
|
|
|
|