drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen von Code mit höheren Privilegien in PolicyKit (Aktualisierung)
Name: |
Ausführen von Code mit höheren Privilegien in PolicyKit (Aktualisierung) |
|
ID: |
USN-3934-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 ESM |
|
Datum: |
Mo, 2. September 2019, 17:04 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6133 |
|
Applikationen: |
policykit |
|
Update von: |
Ausführen von Code mit höheren Privilegien in PolicyKit |
|
Originalnachricht |
--===============5519467979628096888== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="vkogqOf2sHV7VnPd" Content-Disposition: inline
--vkogqOf2sHV7VnPd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-3934-2 September 02, 2019
policykit-1 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
PolicyKit could allow unintended access.
Software Description: - policykit-1: framework for managing administrative policies and privileges
Details:
USN-3934-1 fixed a vulnerability in Policykit. This update provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that PolicyKit incorrectly relied on the fork() system call in the Linux kernel being atomic. A local attacker could possibly use this issue to gain access to services that have cached authorizations.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: libpolkit-backend-1-0 0.104-1ubuntu1.5 policykit-1 0.104-1ubuntu1.5
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://usn.ubuntu.com/3934-2 https://usn.ubuntu.com/3934-1 CVE-2019-6133
--vkogqOf2sHV7VnPd Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJdbSQrAAoJEEW851uECx9ppS0P/3ngIPIKI1WQeIxqiC/DSuNv ShelEkwSBRT4fhGdKkglecjBrGxQhqjO6YcML78NEktEqZEbzH96+oez6ouXRABh Kp2qbx7YUOx+zwla00N/E5WMaJzQogXjDNhCro2Vir2vAzrvgxNLpJ/qLrkdTAvN EvJ2jc5qhG+LCKuf/VtI+pH27oQxfSOhRktxI5RJHDjUWiEDcYBAGNFvDGdtoelt /QeUh8Th+QYCEDGg81vyHpGGQBAmTDFg/rHNXxOJeFYc0qxfVCQeELb1A4P+AQ4Q y5tIx5sVemj+IBvSREZ7Br2kO1kRKYZs7Gl54Lvlyb82KNB8OcDVp7yIY9RqQ5yO nzcUPTMsm1xHhMb+CB4DcQ53zXGpzwKDEPtFDST306hRwmmUEUZpVDZxb8HL58s7 9L8rWKiA/U3SMbXKSpmgRMG1Nk62StByzo1yztqCkHgWxff+SK01zscxdVF0z7Ti as11JlKwBHQtMbzIXxGOEuGDTeYe20C1V34CbzEtw4r6Z0Sn5DPxrzdTB0bjeWhG OKZ8MzHotcioa2wG7dZrPqoeoLgrCCxMVqyzuo4KE2UUF10yZZ90tirJ4i4kdIyH USeHxBEDD8bDJmPhD7wzICnf1B9GZ+uk68nZbs8C8L/HgNWXAe15CHN3X1uSnX07 irKBlF01ueixCTmdUfKT =TTC1 -----END PGP SIGNATURE-----
--vkogqOf2sHV7VnPd--
--===============5519467979628096888== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|