Login
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in libuv
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in libuv
ID: USN-5007-1
Distribution: Ubuntu
Plattformen: Ubuntu 20.04 LTS, Ubuntu 20.10, Ubuntu 21.04
Datum: Mi, 7. Juli 2021, 23:11
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918
Applikationen: libuv

Originalnachricht


--===============0157623859372910613==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="gKMricLos+KVdGMg"
Content-Disposition: inline


--gKMricLos+KVdGMg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-5007-1
July 07, 2021

libuv1 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS

Summary:

libuv could be made to crash or expose sensitive information if it
received a specially crafted input.

Software Description:
- libuv1: asynchronous event notification library - runtime library

Details:

Eric Sesterhenn discovered that libuv incorrectly handled certain strings.
An attacker could possibly use this issue to access sensitive information
or cause a crash.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
libuv1 1.40.0-1ubuntu0.1

Ubuntu 20.10:
libuv1 1.38.0-2ubuntu2.1

Ubuntu 20.04 LTS:
libuv1 1.34.2-1ubuntu1.3

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5007-1
CVE-2021-22918

Package Information:
https://launchpad.net/ubuntu/+source/libuv1/1.40.0-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libuv1/1.38.0-2ubuntu2.1
https://launchpad.net/ubuntu/+source/libuv1/1.34.2-1ubuntu1.3

--gKMricLos+KVdGMg
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmDlq70ACgkQRbznW4QL
H2mOAhAAhDYH7uUwjrT4nTdom0rYyA+nfUMvFM3RiaN9U+cw+5PXzEtr/KmZBq0B
RfNfx4h+9gGy2DlxlZkno/FWR0Qof3ecUrV9SUc0aNJHJTF1d0nxfz5bXf920Lbk
rGW0W7mC8KMY26Myi629yLKmesxl5Iy/Cmr5JDGsCb0hVEPDEGLPS1SaFxT2Wr/T
nwe8vHFB87Z52N738vro4Y9jKg6aMtJLT7jO6R8HSC//iPCiRMgPRsXwG7rs8RH8
5PBptwg072KIxoTxvyWHjZrbE+v4yNgNhhLBE1Jk/97OF75t3uGG03M9EvofvYx1
dZlC3T4ZYw8Aslo7gAg93L3Isy/glwT1DRuVJrVfISz65sg/SNylJIeMhme4JMGd
anMot8z2vWLlljGr/Y23mP0icwpd3AwgxIKQTK60IEgu6hOon2Bk9fA0XlKRZnl0
C0UGoYT2AJhPw9AXxma9j54YcitpPkzSPy74MkQD125rcJAO91jzLqgTkfGazl0f
XZK94Lp364Ku38uQ+q35NhyPYIJ7yr+olVGczenOVelLXggqQOgUKpV8BOyCJI9Q
H2pn7dgGDPvxoQPYQcHDaqFmxRpEyDM209h6KcsaISueVLc97Zu+sUlV883povDN
yunCakwTG4NOvQVKePqF6D6LTb1S3q5VpujO7WmlF5kTHM4nl6I=
=rv/y
-----END PGP SIGNATURE-----

--gKMricLos+KVdGMg--


--===============0157623859372910613==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung