Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Please
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Please
ID: USN-4955-1
Distribution: Ubuntu
Plattformen: Ubuntu 21.04
Datum: Mo, 17. Mai 2021, 22:31
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31155
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31154
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31153
Applikationen: Please

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7519418937734924834==
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="QA1lSpgLWbGjSdLYX8tQ0bKkk6ZfAgVQE"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--QA1lSpgLWbGjSdLYX8tQ0bKkk6ZfAgVQE
Content-Type: multipart/mixed;
boundary="59oh9aXqrb2j9nxCKEBkuLaQi5h8287GY";
protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: "ubuntu-security-announce@lists.ubuntu.com"
<ubuntu-security-announce@lists.ubuntu.com>
Message-ID: <bbe6ce56-a876-08e6-1bef-9fe8a2d5b286@canonical.com>
Subject: [USN-4955-1] Please vulnerabilities

--59oh9aXqrb2j9nxCKEBkuLaQi5h8287GY
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-4955-1
May 17, 2021

rust-pleaser vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04

Summary:

Several security issues were fixed in Please.

Software Description:
- rust-pleaser: Please, a polite regex-first sudo alternative

Details:

Matthias Gerstner discovered that Please contained multiple security
issues. A local attacker could use these issues to cause Please to crash,
resulting in a denial of service, or possibly escalate privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
pleaser 0.4.1-1~21.04.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-4955-1
CVE-2021-31153, CVE-2021-31154, CVE-2021-31155

Package Information:
https://launchpad.net/ubuntu/+source/rust-pleaser/0.4.1-1~21.04.2


--59oh9aXqrb2j9nxCKEBkuLaQi5h8287GY--

--QA1lSpgLWbGjSdLYX8tQ0bKkk6ZfAgVQE
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmCiYOYACgkQZWnYVadE
vpMZcQ//esafRa/9mqPcA2OqQVraklBFYq43VCaV89gIk7G6kfLSdOzZiCMwuI6F
OchhEwdH3ZuY02Awv0RjownDZsOFZuRgt8BRewzl49OvS9YyqY3WxFScdPVpaljo
bQd15Knnl7llTjormVfJFY4Wn8z0byHWQw2x8sdsUGxIgl4GZSdGJkin2amna06q
/Y2HYzERHR+G5HjLLeQiw9fNK4kEBoheg1DQ71GO0bwiPM65giRMlpSUM6VRrdRx
rM0L+qSmwLB+ftdKbi2ccKZyHVsJ9SBwoQzKwlBTVBifLVMrxKiWh9Cl7VrwHJXS
iu1sqlMlCyFGJbBi18JkDhfxGc4FAU2y4x8h+sXwZKw0xaB9P1zMwOOlqKXFKLio
Wx0OhhlfhgujLd/YYb+Th4oD4SrN7lxKmEhkKRViiQ3Jgk0JC0qIX6rfH7Gs9yy+
BE6MktlgCfApThc/FaJsWxWuujLhcU3uCDV/NRrjRy+SrKgiQsoqwalS+D2yay60
XmEblz4xYsvXTOw0aUH9l65VGA8uB3wDg8X+Pbj0tnmMkvaLJMUlsf2207DoACzo
MZz3QqPj4BtVrnjdn5If36w+6wd+KUiWPb/Bm7P7KAB4S+7GTnwTn82pB/RUDgbU
gGvefiifguRSf5yeKoa+2dnhx+r5jWKEoUJkQzTnzfWGBQkO1jU=
=lh+q
-----END PGP SIGNATURE-----

--QA1lSpgLWbGjSdLYX8tQ0bKkk6ZfAgVQE--


--===============7519418937734924834==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============7519418937734924834==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung