drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in Zipios
Name: |
Denial of Service in Zipios |
|
ID: |
USN-4057-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, Ubuntu 19.04 |
|
Datum: |
Mo, 15. Juli 2019, 20:26 |
|
Referenzen: |
https://launchpad.net/ubuntu/+source/zipios++/0.1.5.9+cvs.2007.04.28-10ubuntu0.18.10.1
https://launchpad.net/ubuntu/+source/zipios++/0.1.5.9+cvs.2007.04.28-10ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/zipios++/0.1.5.9+cvs.2007.04.28-10ubuntu0.18.04.1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13453
https://launchpad.net/ubuntu/+source/zipios++/0.1.5.9+cvs.2007.04.28-5.2ubuntu0.16.04.1 |
|
Applikationen: |
Zipios |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============4944990537821385551== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="OtQPE88eqzU3ucskbT0qJ6fT6waFRncie"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --OtQPE88eqzU3ucskbT0qJ6fT6waFRncie Content-Type: multipart/mixed; boundary="h7D6ALp0WN26Q1Ce3ejShemzP2aCTuDgC"; protected-headers="v1" From: Mike Salvatore <mike.salvatore@canonical.com> Reply-To: security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <0861ccb0-7281-2b59-14d5-fb98e6a84aa9@canonical.com> Subject: [USN-4057-1] Zipios vulnerability References: <20190715143804.5AE0726C2996@lillypilly.canonical.com> In-Reply-To: <20190715143804.5AE0726C2996@lillypilly.canonical.com>
--h7D6ALp0WN26Q1Ce3ejShemzP2aCTuDgC Content-Type: text/plain; charset=utf-8 Content-Language: en-U Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-4057-1 July 15, 2019
Zipios vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS
Summary:
Zipios could be made to crash or consume system resources if it received specially crafted input.
Software Description: - zipios++: small C++ library for reading zip files (development)
Details:
Mike Salvatore discovered that Zipios mishandled certain malformed ZIP files. An attacker could use this vulnerability to cause a denial of service or consume system resources. (CVE-2019-13453)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: libzipios++0v5 0.1.5.9+cvs.2007.04.28-10ubuntu0.19.04.1
Ubuntu 18.10: libzipios++0v5 0.1.5.9+cvs.2007.04.28-10ubuntu0.18.10.1
Ubuntu 18.04 LTS: libzipios++0v5 0.1.5.9+cvs.2007.04.28-10ubuntu0.18.04.1
Ubuntu 16.04 LTS: libzipios++0v5 0.1.5.9+cvs.2007.04.28-5.2ubuntu0.16.04.1
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4057-1 CVE-2019-13453
Package Information:
https://launchpad.net/ubuntu/+source/zipios++/0.1.5.9+cvs.2007.04.28-10ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/zipios++/0.1.5.9+cvs.2007.04.28-10ubuntu0.18.10.1
https://launchpad.net/ubuntu/+source/zipios++/0.1.5.9+cvs.2007.04.28-10ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/zipios++/0.1.5.9+cvs.2007.04.28-5.2ubuntu0.16.04.1
--h7D6ALp0WN26Q1Ce3ejShemzP2aCTuDgC--
--OtQPE88eqzU3ucskbT0qJ6fT6waFRncie Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAl0slKQACgkQdyg1Qz0o XX3P2Q//TkGHir08/H+R6O+yvPx2d4qpDDpox5mY4Py8i/lGKgaczn7KHteJciGf F+n+oGF0vkHLNLCNeBE8RVhesMrP8mwRt2wdRVkqATt8sm0/FKs88kxefQ3Surd6 9Et2CtTIqp8EQ9HfGizBvoU7ejEh/a8sCdc4PagAqkexbZL9bAjLwHkRkxwRGmbk P3bfvf0KqFkcJePW5yxp/uy5pdSJ0hpvr3aKiP5WRTM6bFZnOQlp+LpqCTGE3006 6jyz4PyPcyj1Qk/Z4PKC9Scy38/4EjVgs8Y9AE7cvGrWujHvtwllsAUy2IqCZifG WWuNnF458luShNlSE8yJkH+EfrEjpSThFAneizVeL1AuO14OCl2dO+8OfV35lMtL m21hAPbFSRNx35lDX70OkzsHTOqroXQcIvLCAtsWMzsoRdUAIVJ5PFDFj2QJ61y3 7ldXrloKz4jSBZL0+O+bdrWlQLjKwZnEa1qIktcJsTUijO8J7myxgDHdVZudCAVW /V3pKyxd4zvWcvZfVqFBm6tvgesc0OkrJa0vI0CyILqhXpY1SV3QIou0s0NG4ZWY skl0mMKHUuA2oep3u0RSJ95jlvICWW3UpDG5PbrRJP1aSOXNJ75Qy8louwupfFEn DMPFFHQ4yiC9/dtxxS4QbL6YLhkoTJaARqDh96Ww0vbRmwnmnWs= =ePIe -----END PGP SIGNATURE-----
--OtQPE88eqzU3ucskbT0qJ6fT6waFRncie--
--===============4944990537821385551== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============4944990537821385551==--
|
|
|
|