drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in Sudo (Aktualisierung)
Name: |
Pufferüberlauf in Sudo (Aktualisierung) |
|
ID: |
USN-4263-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 ESM, Ubuntu 14.04 ESM |
|
Datum: |
Mi, 5. Februar 2020, 14:51 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634 |
|
Applikationen: |
sudo |
|
Update von: |
Pufferüberlauf in Sudo |
|
Originalnachricht |
--===============3891075481252571884== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="CE+1k2dSO48ffgeK" Content-Disposition: inline
--CE+1k2dSO48ffgeK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4263-2 February 05, 2020
sudo vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM - Ubuntu 12.04 ESM
Summary:
Sudo could allow unintended access to the administrator account.
Software Description: - sudo: Provide limited super user privileges to specific users
Details:
USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: sudo 1.8.9p5-1ubuntu1.5+esm3 sudo-ldap 1.8.9p5-1ubuntu1.5+esm3
Ubuntu 12.04 ESM: sudo 1.8.3p1-1ubuntu3.9 sudo-ldap 1.8.3p1-1ubuntu3.9
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4263-2 https://usn.ubuntu.com/4263-1 CVE-2019-18634
--CE+1k2dSO48ffgeK Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl46xdsACgkQRbznW4QL H2kBYw/9HsPobX1bnkkrGJGWRddzRH9Da68solVd8+6Ct4u4v0Dca9wZsX1QKX5a /3ek7YJtLg7wZq1pZbO/GoPFxtWYse7Q8D6+3UyAUQUb1ayTTou84G6HIJT3OaVW EIreq8FGjJhJw9JEb3Ag1+tM/Xys7d/k3cufUE+TRD8dIDcV1sfQModFCZLbVZ0Q VMJwmPSBlrkc9nczYP5IYn2b04loWbue4feiGJmynS/7o3/Ryl+TeC9uJppkXYqE +NNqe8oTKQ3LGSzcFz9vnohHIrYNgyX8k44jfDPj4pP2zF/w9z+zDYy/X4GyyAhd z1HnLs0imd3U7RwKktjwEVUV1lHbKRPSKCx6xljeu6Wjm91XhuwNVVMhF+4fTt0I ceZcm6N2OEYvObiRoEnWoVK2Ezf6Xnlaxq4Y4S9A3sBieQuw0KncFhVUZxpDAdNK XzKa98qIOGu7CARSUHfU1udeAW74SI5JxhWLjXPD1P4bzwaUCrdDFwQzQOhAe1NT vfsOi3moDardy14jd/pdZyeVsua6kF6z4USHpuiNq/A2SF3P6v1tP7379/tHEOlV U8ODHgLZMtP4NKz57ffqW6ZqF1fr6U002i9zRSH2T+4W1v1v12PqTu9MoterYceu uqwC3DHJ7g5HLGYs/QIfBUvX0KRiJqJTcti2WX0TwkXOAnKgVpU= =AVds -----END PGP SIGNATURE-----
--CE+1k2dSO48ffgeK--
--===============3891075481252571884== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|