drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in Sudo (Aktualisierung)
| Name: |
Pufferüberlauf in Sudo (Aktualisierung) |
|
| ID: |
USN-4263-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 ESM, Ubuntu 14.04 ESM |
|
| Datum: |
Mi, 5. Februar 2020, 14:51 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634 |
|
| Applikationen: |
sudo |
|
| Update von: |
Pufferüberlauf in Sudo |
|
Originalnachricht |
--===============3891075481252571884==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="CE+1k2dSO48ffgeK"
Content-Disposition: inline
--CE+1k2dSO48ffgeK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-4263-2
February 05, 2020
sudo vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Sudo could allow unintended access to the administrator account.
Software Description:
- sudo: Provide limited super user privileges to specific users
Details:
USN-4263-1 fixed a vulnerability in Sudo. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Joe Vennix discovered that Sudo incorrectly handled memory operations when
the pwfeedback option is enabled. A local attacker could possibly use this
issue to obtain unintended access to the administrator account.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
sudo 1.8.9p5-1ubuntu1.5+esm3
sudo-ldap 1.8.9p5-1ubuntu1.5+esm3
Ubuntu 12.04 ESM:
sudo 1.8.3p1-1ubuntu3.9
sudo-ldap 1.8.3p1-1ubuntu3.9
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4263-2
https://usn.ubuntu.com/4263-1
CVE-2019-18634
--CE+1k2dSO48ffgeK
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl46xdsACgkQRbznW4QL
H2kBYw/9HsPobX1bnkkrGJGWRddzRH9Da68solVd8+6Ct4u4v0Dca9wZsX1QKX5a
/3ek7YJtLg7wZq1pZbO/GoPFxtWYse7Q8D6+3UyAUQUb1ayTTou84G6HIJT3OaVW
EIreq8FGjJhJw9JEb3Ag1+tM/Xys7d/k3cufUE+TRD8dIDcV1sfQModFCZLbVZ0Q
VMJwmPSBlrkc9nczYP5IYn2b04loWbue4feiGJmynS/7o3/Ryl+TeC9uJppkXYqE
+NNqe8oTKQ3LGSzcFz9vnohHIrYNgyX8k44jfDPj4pP2zF/w9z+zDYy/X4GyyAhd
z1HnLs0imd3U7RwKktjwEVUV1lHbKRPSKCx6xljeu6Wjm91XhuwNVVMhF+4fTt0I
ceZcm6N2OEYvObiRoEnWoVK2Ezf6Xnlaxq4Y4S9A3sBieQuw0KncFhVUZxpDAdNK
XzKa98qIOGu7CARSUHfU1udeAW74SI5JxhWLjXPD1P4bzwaUCrdDFwQzQOhAe1NT
vfsOi3moDardy14jd/pdZyeVsua6kF6z4USHpuiNq/A2SF3P6v1tP7379/tHEOlV
U8ODHgLZMtP4NKz57ffqW6ZqF1fr6U002i9zRSH2T+4W1v1v12PqTu9MoterYceu
uqwC3DHJ7g5HLGYs/QIfBUvX0KRiJqJTcti2WX0TwkXOAnKgVpU=
=AVds
-----END PGP SIGNATURE-----
--CE+1k2dSO48ffgeK--
--===============3891075481252571884==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|
