drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in cpio
| Name: |
Preisgabe von Informationen in cpio |
|
| ID: |
USN-4176-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 12.04 ESM, Ubuntu 18.04 LTS, Ubuntu 19.04, Ubuntu 14.04 ESM, Ubuntu 19.10 |
|
| Datum: |
Mi, 6. November 2019, 19:36 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14866 |
|
| Applikationen: |
GNU cpio |
|
Originalnachricht |
--===============5277394375425372947==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="M9NhX3UHpAaciwkO"
Content-Disposition: inline
--M9NhX3UHpAaciwkO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-4176-1
November 06, 2019
cpio vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.10
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
GNU cpio could be made to expose sensitive information if it received
a specially crafted input.
Software Description:
- cpio: a tool to manage archives of files
Details:
Thomas Habets discovered that GNU cpio incorrectly handled certain inputs.
An attacker could possibly use this issue to access sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.10:
cpio 2.12+dfsg-9ubuntu0.1
Ubuntu 19.04:
cpio 2.12+dfsg-6ubuntu0.19.04.1
Ubuntu 18.04 LTS:
cpio 2.12+dfsg-6ubuntu0.18.04.1
Ubuntu 16.04 LTS:
cpio 2.11+dfsg-5ubuntu1.1
Ubuntu 14.04 ESM:
cpio 2.11+dfsg-1ubuntu1.2+esm1
Ubuntu 12.04 ESM:
cpio 2.11-7ubuntu3.3
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4176-1
CVE-2019-14866
Package Information:
https://launchpad.net/ubuntu/+source/cpio/2.12+dfsg-9ubuntu0.1
https://launchpad.net/ubuntu/+source/cpio/2.12+dfsg-6ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/cpio/2.12+dfsg-6ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/cpio/2.11+dfsg-5ubuntu1.1
--M9NhX3UHpAaciwkO
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJdwwecAAoJEEW851uECx9pgckQALDH6TSF3MOjFeEgM6dfGI/X
e6rS/WXA8nNmWSR2bWLPUmi5HrIGssUcQVmr1QMLsn7nz751uSpZyBFd6w6rmyPZ
yruCkF9tqCyOBUtI+NoWEk46wIMOxHEBHELP7jfMpGq5FUiwSiklvNe7KtynnjQq
jBDpr7NPJ1yPJcHlj6jy5RwX/GrZsNBMAhfBjPiOiF1lt95d0pEr67bg8Xq/CMiR
j/6Qat45shQ78JXzWH5ORp0NvQACvdm7GCRUYF+J4DRoZxNJQ/2sMGMipfLKTXhb
+eHyninWhgfc6Wtryc7csVQN/U7Y9rxeuXsiR/udXGjS/0UK5NyIaBdd9WPO2kL5
za7kkbRhTuDBuVNKm4A3j3OK8fWHXZOg/zevGmtS/9otXbF73U2a9ZVk6PZQl0z2
QrfatRo/GIZncaARfuNSVGi4JvEkAl4/IcUxTlEA8co563YQlg1yYs+G4ifBZMOv
Wk9XM9sJMMv9uIoVj18JZDfRl/0yaODUqkHWtHsLUcdY1dVRY+0ek+IgYk57pZpa
pLh4oliPazvez0qM7Ii9+najdF2nPUQZANrdUbezEa68BI0XPcfF41S+llOftyi3
01DUoskFIYXIJ+LshNito2RbiWb9BR1N03HJ1ol4OvLQFUfX3oJSCFfADPK0LWim
ObQ7eAD56q3+5qHM77cV
=4PGl
-----END PGP SIGNATURE-----
--M9NhX3UHpAaciwkO--
--===============5277394375425372947==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|
