drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in elfutils
Name: |
Mehrere Probleme in elfutils |
|
ID: |
USN-3670-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS |
|
Datum: |
Di, 5. Juni 2018, 23:08 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7610
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10254
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7612
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7611
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7607
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7609
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7608
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10255 |
|
Applikationen: |
elfutils |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============6341636526293840534== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="cpxaHfGAotqeRJ5CVxlifu5C7r7MaBaZm"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --cpxaHfGAotqeRJ5CVxlifu5C7r7MaBaZm Content-Type: multipart/mixed; boundary="QJ3suO0ysQcB1NEMd9wC7YWP42VDURL32"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <c9c82631-4c7f-cf23-505f-fd256c61feda@canonical.com> Subject: [USN-3670-1] elfutils vulnerabilities
--QJ3suO0ysQcB1NEMd9wC7YWP42VDURL32 Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3670-1 June 05, 2018
elfutils vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
elfutils could be made to crash or consume resources if it opened a specially crafted file.
Software Description: - elfutils: collection of utilities to handle ELF objects
Details:
Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, elfutils could be made to crash or consume resources, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: elfutils 0.165-3ubuntu1.1 libasm1 0.165-3ubuntu1.1 libdw1 0.165-3ubuntu1.1 libelf1 0.165-3ubuntu1.1
Ubuntu 14.04 LTS: elfutils 0.158-0ubuntu5.3 libasm1 0.158-0ubuntu5.3 libdw1 0.158-0ubuntu5.3 libelf1 0.158-0ubuntu5.3
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3670-1 CVE-2016-10254, CVE-2016-10255, CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613
Package Information: https://launchpad.net/ubuntu/+source/elfutils/0.165-3ubuntu1.1 https://launchpad.net/ubuntu/+source/elfutils/0.158-0ubuntu5.3
--QJ3suO0ysQcB1NEMd9wC7YWP42VDURL32--
--cpxaHfGAotqeRJ5CVxlifu5C7r7MaBaZm Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlsWsYIACgkQZWnYVadE vpMnORAAuzrS+kO5WHVm6+82CSqog/v1ZKPlos8jSJg5Ug+ek9Z/5Z0kVkkzaNSj 5iD4XLdNMIHFsV8xvr+b+VzB9t1fOomq8nZ5sV5D9kRImsSBoP5KUMVYNfzDXvaz eqo0jsw5SFRUtAyur2YN2MPzUPNKeI2ed/CcpNOKRH9X7RaV+P4ulzNPHGxYbgFl 3VRR6veIB7+0FOa+W/eaErDTaMmyH0zWcUtEqELgGdkch1y3L/370m5S0XCGVp9V +C5crrs7/2Tbpp+J4nKcGB0yr/5AFn2Jx8SQFoYMSeAgeFJFKZenWN4N2t2ILukH otB1vviMTPNMjLJn38RqZBtillJEgKNi+cTLRTyxvhu5RHaSsFkZmRAmVisdLN5A 2THA+XuXku9DLV9/k2BINJGvgLGVUY7H2LrxMWM2Q4ntl4jH4s/CiKJyxzWp1YOf cdPz7P7ytLlChqYxQm7hrOjtplxEH6lXPdR57zVHtdX6zGkNRyPhHyLHzWPbsPxl 503uVFT9RN2+dBXIe0sMBjnu5ukexkg/uMQTvtZs7AXJTuJgSrwcW2cUNQJm8WxJ qtVXLCOUti+oo+HRZdCZbhPqmKhET/QLpBPOdamIY1wUJEiTfnP+t6WLYRCM8u0m qaN7k/oF8Y9Ald8bWtkmHZiiNS/paXRB9XG/USM4zo1AAp6r4lA= =G21G -----END PGP SIGNATURE-----
--cpxaHfGAotqeRJ5CVxlifu5C7r7MaBaZm--
--===============6341636526293840534== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============6341636526293840534==--
|
|
|
|