drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in GNU C Library
| Name: |
Ausführen beliebiger Kommandos in GNU C Library |
|
| ID: |
USN-4218-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 ESM, Ubuntu 14.04 ESM |
|
| Datum: |
Di, 10. Dezember 2019, 16:35 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485 |
|
| Applikationen: |
GNU C library |
|
Originalnachricht |
--===============8346319591106364042==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="BXVAT5kNtrzKuDFl"
Content-Disposition: inline
--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-4218-1
December 10, 2019
eglibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
GNU C could be made to execute arbitrary code or cause a crash
if it received a specially crafted input.
Software Description:
- eglibc: GNU C Library
Details:
Jakub Wilk discovered that GNU C incorrectly handled certain memory alignments.
An attacker could possibly use this issue to execute arbitrary code or cause
a crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
libc6 2.19-0ubuntu6.15+esm1
Ubuntu 12.04 ESM:
libc6 2.15-0ubuntu10.22
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://usn.ubuntu.com/4218-1
CVE-2018-6485
--BXVAT5kNtrzKuDFl
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJd77LLAAoJEEW851uECx9pOGkQAKA0Vnx2R4k6OWOdvVk8yt0+
Wu+BuIAhvm0cyIIy+/isrwMBG73Gh+HajXkaFFEWMVrMowSeLnJJuZiWz9T9C8zR
864FNBjdwx9XR7nKhuW48ZGOiw9smRpxgxR0w8fxWYOlmVB3uFvEg+CAh0YOqmb9
VVJA5MUqQmCsoi39Z5ZLg3nMrc6C2fT6988/xUQBo72f1VUFL5G7KtTvFZFw/8pf
g7N6JSv5M6eo3RwRYYKSwkCV05xTcS0mdyPTYdVxlXnw9p3a8pQRGVi0PLvKMg31
v9PN3r7X+hHxRnfBMDgPXskV4OyUAOSnBAMduM7j+ghMPqMc1tbkQhZHEitaLiUX
RWSFey4DKn16ePZWZXEweUkxX4phk2/D16Oykh/BUcmMzvpvge+cI5kPRARBNqyn
WIINYHBeE821wlLYKp5BIUtr+dq739v2PIRT7yu/18HkoFU/CU4ita5e0DhSwT+N
hhp+BN0krluU/21Gm/YzSO3oEpsE/MwsjGUJ3B9GhnYjS7xvOMgB0IuBWzxJhu6Y
IxiDfi1gHphI0BvM9uMk/bpPImKi5EAqQ6FKq8unoHcn6abBWn+xo1D2LIJ8lqNF
xLuSmux5koiZgmoy29ASeixkjz16+T4THiveYPfuqtvsj8N0nllj1zkGxj1tzrBs
NsC0c9TkYlqiICu2O2qb
=FpFS
-----END PGP SIGNATURE-----
--BXVAT5kNtrzKuDFl--
--===============8346319591106364042==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|
