Login
Newsletter
Werbung

Sicherheit: Verbesserte AppArmor-Richtlinie in Evince
Aktuelle Meldungen Distributionen
Name: Verbesserte AppArmor-Richtlinie in Evince
ID: USN-4024-1
Distribution: Ubuntu
Plattformen: Ubuntu 16.04 LTS, Ubuntu 18.04 LTS
Datum: Do, 20. Juni 2019, 00:12
Referenzen: Keine Angabe
Applikationen: evince

Originalnachricht


--===============2617994523298116222==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="tEFtbjk+mNEviIIX"
Content-Disposition: inline


--tEFtbjk+mNEviIIX
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4024-1
June 19, 2019

evince update
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Use more restrictive AppArmor policy for Evince binaries.

Software Description:
- evince: Document viewer

Details:

As a security improvement, this update adjusts the AppArmor profile for the
Evince thumbnailer to reduce access to the system and adjusts the AppArmor
profile for Evince and Evince previewer to limit access to the DBus system
bus. Additionally adjust the evince abstraction to disallow writes on
parent directories of sensitive files.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
evince-common 3.28.4-0ubuntu1.2

Ubuntu 16.04 LTS:
evince-common 3.18.2-1ubuntu4.5

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4024-1
https://launchpad.net/bugs/1788929, https://launchpad.net/bugs/1794848

Package Information:
https://launchpad.net/ubuntu/+source/evince/3.28.4-0ubuntu1.2
https://launchpad.net/ubuntu/+source/evince/3.18.2-1ubuntu4.5

--tEFtbjk+mNEviIIX
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEETCDAa12L3miIVNKKUdvcWMxVlXMFAl0Ko+sACgkQUdvcWMxV
lXMgqw//a/OBvBIqmZjSnKz3hbKrqkQsCxH3DcJ6TE8HeA5syuVMkaGk4gQ5IRcX
zTmFNy/5soy/q5jT2MH5dxTBnLSNiKPDEYJO3/KXG4RtNyDLyVn9MEHEFcu1nd5K
5uh8OkbaQg+J/qY6TqPkzLpH5knjw9f0EXHGevqQ28k5r/0EQN95TumJK5v/nB2Z
K7mhFQjL9fjnjWFwkanT5dNS5H4+Hi9/14rjhYm41cxadF90yAxD9ZgJxWJzr+c0
RPlYSrcPv53B3RwGqI3Gs1tIntSyjUpuK/DMEzHgLZ6I2glqRLpGSKJiD2QnI7MP
t73gWibkFrN87M8JZbyGi+YpofZW7gpagumJwZvOpXyXT9sSO6G+jB4eU3vF7Ic9
B8eYcnBWhHtpAlH2zTj/7HDyCLW0HhzcFRJzK/sarI5vAw0IQ8vLPEXv8dXLMHi3
kBdtLSZYu7edZRznNqe/acxURBPSb60tnccNHsseyNQCV5n4b43DTdj7EtdNNNDz
KQsWMwa98ggIg68UlqLLseVdEP2D50q5EIFxRPJE7wjY2LBp03VvUuB431Mpd59L
KcvmbDwX/OAiCtQgL4xG7sGw5sCZiTOlW5E+JPwulZJdhn32hui821NMeTYpVfy5
oYV1Ku+Ytt8r6+K4FI4R8nkA4WQUHiab3Sn2d7XZGB+Pt6/o1/Y=
=+GNU
-----END PGP SIGNATURE-----

--tEFtbjk+mNEviIIX--


--===============2617994523298116222==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung