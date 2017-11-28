|
drucken bookmarks versenden konfigurieren admin pdf
Sicherheit: Ausführen beliebiger Kommandos in Python (Aktualisierung)
|Name:
|Ausführen beliebiger Kommandos in Python (Aktualisierung)
|ID:
|USN-3496-3
|Distribution:
|Ubuntu
|Plattformen:
|Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.04
|Datum:
|Di, 28. November 2017, 22:58
|Referenzen:
|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158
|Update von:
|Ausführen beliebiger Kommandos in Python
|
Originalnachricht
|
--===============8583617350653147332==
Content-Type: multipart/signed; micalg="pgp-sha256";
protocol="application/pgp-signature";
boundary="=-J7huS3uUkZoypSc5iESf"
--=-J7huS3uUkZoypSc5iESf
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-3496-3
November 28, 2017
python3.4, python3.5 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Python could be made to run arbitrary code.
Software Description:
- python3.5: An interactive high-level object-oriented language
- python3.4: An interactive high-level object-oriented language
Details:
USN-3496-1 fixed a vulnerability in Python2.7. This update provides
the corresponding update for versions 3.4 and 3.5.
Original advisory details:
It was discovered that Python incorrectly handled decoding certain
strings. An attacker could possibly use this issue to execute
arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
python3.5 3.5.3-1ubuntu0~17.04.2
python3.5-minimal 3.5.3-1ubuntu0~17.04.2
Ubuntu 16.04 LTS:
python3.5 3.5.2-2ubuntu0~16.04.4
python3.5-minimal 3.5.2-2ubuntu0~16.04.4
Ubuntu 14.04 LTS:
python3.4 3.4.3-1ubuntu1~14.04.6
python3.4-minimal 3.4.3-1ubuntu1~14.04.6
In general, a standard system update will make all the necessary
changes.
References:
https://www.ubuntu.com/usn/usn-3496-3
https://www.ubuntu.com/usn/usn-3496-1
CVE-2017-1000158
Package Information:
https://launchpad.net/ubuntu/+source/python3.5/3.5.3-1ubuntu0~17.04.2
https://launchpad.net/ubuntu/+source/python3.5/3.5.2-2ubuntu0~16.04.4
https://launchpad.net/ubuntu/+source/python3.4/3.4.3-1ubuntu1~14.04.6
--=-J7huS3uUkZoypSc5iESf
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJaHcd6AAoJEEW851uECx9pFBMQAKei6JvYT3SE2C7jTsDzv74z
EXyNlxLwdTm3NG3fG1HVLl0R9cnIDnXU5FM5sDCn996W3cmmZRvKzjWyzG0Otkq4
QfKgxQJxc/4g4s1MV2a+STFs1GGGru5xyPDta7Oe08IT/Eq9SwAzzyOVtwM+4RAt
yiQJ7bNY2cOuKCTjUycf46zQ1AAH7Crjojwbmq84EmniPPsiKmNeYEahiQ9hUQzk
mDxyGcQEQNs7UUxfs8YsdD26IWIQiGKDkyxZDCai4l8lVYCt0MAgkGo7O4ifbCEb
uWcTpnILXq5HuiTGMCqHYQ+PxZdlHcaNOPkXdxdZX3wnV/dXVZDMH4i6VNtAFscn
IUKN74wAbPKNsQfSakY80n+8WuHDpUmeN3pxaMH2B5ZdPdsKzBBytFeHmmXfz+tZ
EbDIXcJ13KgF7OjF4P8zqoRV/tK353rPqdh7MgPUBvugghfKXJOkl64GoqWzI0Ku
KQKNsuGR4AtRafJBO+E7nxB2zBMoj09sqTjS5uxDscEJFPFL9X7RlnscNL7aX5vz
isD82iEC00xL+iZ3qxqXmf2Pd2KQviwamgXgFIRUhpjUM1xuVcXUn0kDjbTCwIF7
MVZvRhvGxFcKAivMD3srHjCyMJJDf/iNVRxR6kO3SxIK/AiTQUvxB8/vfTBZ+9LT
0am7/CFrPEqcGgqCd0lg
=tD2P
-----END PGP SIGNATURE-----
--=-J7huS3uUkZoypSc5iESf--
--===============8583617350653147332==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK
--===============8583617350653147332==--
|
|