drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in DBus
Name: |
Mangelnde Rechteprüfung in DBus |
|
ID: |
USN-4015-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, Ubuntu 19.04 |
|
Datum: |
Di, 11. Juni 2019, 22:17 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12749 |
|
Applikationen: |
D-BUS |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============1987538930602846894== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="RcxkMKrU7wEOvQ3JEFXyY9GI9ots2TmiL"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --RcxkMKrU7wEOvQ3JEFXyY9GI9ots2TmiL Content-Type: multipart/mixed; boundary="MLq8PxzVHbPdcxj2i6a88FTbPElwRmVLI"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <acbe1f0c-ebd1-54ae-8ccc-5aea0895f13a@canonical.com> Subject: [USN-4015-1] DBus vulnerability
--MLq8PxzVHbPdcxj2i6a88FTbPElwRmVLI Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-4015-1 June 11, 2019
dbus vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS
Summary:
DBus could allow unintended access to services.
Software Description: - dbus: simple interprocess messaging system
Details:
Joe Vennix discovered that DBus incorrectly handled DBUS_COOKIE_SHA1 authentication. A local attacker could possibly use this issue to bypass authentication and connect to DBus servers with elevated privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: dbus 1.12.12-1ubuntu1.1 libdbus-1-3 1.12.12-1ubuntu1.1
Ubuntu 18.10: dbus 1.12.10-1ubuntu2.1 libdbus-1-3 1.12.10-1ubuntu2.1
Ubuntu 18.04 LTS: dbus 1.12.2-1ubuntu1.1 libdbus-1-3 1.12.2-1ubuntu1.1
Ubuntu 16.04 LTS: dbus 1.10.6-1ubuntu3.4 libdbus-1-3 1.10.6-1ubuntu3.4
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://usn.ubuntu.com/4015-1 CVE-2019-12749
Package Information: https://launchpad.net/ubuntu/+source/dbus/1.12.12-1ubuntu1.1 https://launchpad.net/ubuntu/+source/dbus/1.12.10-1ubuntu2.1 https://launchpad.net/ubuntu/+source/dbus/1.12.2-1ubuntu1.1 https://launchpad.net/ubuntu/+source/dbus/1.10.6-1ubuntu3.4
--MLq8PxzVHbPdcxj2i6a88FTbPElwRmVLI--
--RcxkMKrU7wEOvQ3JEFXyY9GI9ots2TmiL Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlz/5BQACgkQZWnYVadE vpNa+g//eMHp8sPmWde2YMfXcsrNdMU5FjtK7c8gDAaSbZ1gaSF/8T3YLrdvA/xT 2SkOswVhskr+qQf4xxBaglz5yvCETYhHHwibFTh5DksJxTCUC1mdcA4vzCOVAkgg 16Ki9PeKVJN7fwh598q729AYs27QRMNKAOSjjCuc7kBMTvSLMnu4Bf1g1RDsErkd pS8t9qkVJamyzxtvvSAJrpLWJT+bZPheVAsRnsmggBeqqqKmDZ9TceaHXm2Qd6ob ZMWc9VJBQNmtIEDXMIDqKmftCCPZZTSFr1AxT+aNmAR/txg9LYaT/zEzaxG5PSOQ q7MYc3SHdXAko+0YMUmeF0lOX/x/OU6PfMUz0hYQgAL7KubTk2cHDVtWdHtIk1t8 5x6lOyhs2vMVTf5mBM+/r/1QBS98CcAS7NO0pm6gUoCQWisdNKkMBjx4qxzHMDnP 43esN4tTWZc36xZRGV4CLL2bW/ATtjBh08XcEJNhHqMpwQG2O0Ekc9xHnpORGS8K cdwVmoGJYfAe/nMQQI/MaUVm64Ohi3pdsbtWY4f1hjZ0yzPpD8RATgMbabR00w8I zJB1uAJP3/MeoSfmK0c2IQERx7W0UvyXqN3r4iznuW7IWXjyZlThHLDmMxDhnRFu YJMUWyvm59AUzDZHDUerBnOYFjsPgx0Xm6XDZNOQIcv19QO0Qtg= =Kl1M -----END PGP SIGNATURE-----
--RcxkMKrU7wEOvQ3JEFXyY9GI9ots2TmiL--
--===============1987538930602846894== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============1987538930602846894==--
|
|
|
|