drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in bzip2 (Aktualisierung)
Name: |
Ausführen beliebiger Kommandos in bzip2 (Aktualisierung) |
|
ID: |
USN-4038-4 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 ESM, Ubuntu 14.04 ESM |
|
Datum: |
Do, 4. Juli 2019, 18:35 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
bzip2 |
|
Update von: |
Zwei Probleme in bzip2 |
|
Originalnachricht |
--===============3697869830419955617== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="da4uJneut+ArUgXk" Content-Disposition: inline
--da4uJneut+ArUgXk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4038-4 July 04, 2019
bzip2 regression ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM - Ubuntu 12.04 ESM
Summary:
USN-4038-1 introduced a regression in bzip2.
Software Description: - bzip2: high-quality block-sorting file compressor - utilities
Details:
USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.
We apologize for the inconvenience.
Original advisory details:
It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: bzip2 1.0.6-5ubuntu0.1~esm2 lib32bz2-1.0 1.0.6-5ubuntu0.1~esm2 lib64bz2-1.0 1.0.6-5ubuntu0.1~esm2 libbz2-1.0 1.0.6-5ubuntu0.1~esm2
Ubuntu 12.04 ESM: bzip2 1.0.6-1ubuntu0.2 lib32bz2-1.0 1.0.6-1ubuntu0.2 lib64bz2-1.0 1.0.6-1ubuntu0.2 libbz2-1.0 1.0.6-1ubuntu0.2
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4038-4 https://usn.ubuntu.com/4038-1 https://launchpad.net/bugs/1834494
--da4uJneut+ArUgXk Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJdHimbAAoJEEW851uECx9p4v4P/jxTXVksFNbvDyQ1K3MwpfRL JBNWje7attD9Hlcyd/mC+TaCz0jL1VzdaU8mgP2n3ofNIjtLAYNKTMPI57NGpOTN K9O4EASX5p1BMzoj84CivRmU9ozjoFNqzCMPXPkUQwJyNKB/sfqYF0ooKtYY2NxZ bZYRhEesmjVQxGgOA2cZFm1SFoKQge4ktbEzGWDDwsOjWFhLXiQ3zsOnQssHtd8I ssdmwb8bREJJStjHm6cvXaGW8+BGWZeUfJWf2wSzVpXFyK9uQZVhKnX/hjfwoZdP aQMyj4F/Gonm1uOajDohwmI2QQNrZxlj26fPsLMPSDFQnvdDEpiA82nV9Ymhhb09 4KHNuqlzvwH2oDGcev55txUlgvZziBw794ZgJomXEAg7nMpZm8dxrq1kEo5LkgGk 58S5NIycRxR1zlYXl8SpAMWHJKUnrlG3eY+JFcoldzeVsEzfsvnVvK/nY5MSNkF0 /g405MLuD3qKfNLmSsQfU8axoMkr2jvvI959kN6fak5q9LMk2IIy0boqlqU2EoUH NYR1tC4WoIcOe+PW0cGCmVpVwcPW2oEU03jSKG9xdHPHvHomWBAG3Do4Vc7bXduI i8wFgP0Q9GIjL/Xj6O+2dUw5zHTLsL19oe1A+8XUNq9uEyP7kV5/udBTQPlDufmb hhnkTpT64vbxmMLuRuSL =n7Wr -----END PGP SIGNATURE-----
--da4uJneut+ArUgXk--
--===============3697869830419955617== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|