drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in etcd
| Name: |
Mehrere Probleme in etcd |
|
| ID: |
USN-5628-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 20.04 LTS |
|
| Datum: |
Do, 22. September 2022, 21:53 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15113 |
|
| Applikationen: |
etcd |
|
Originalnachricht |
--===============2324917908321767134==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="6p5vjm7olmty6psv"
Content-Disposition: inline
--6p5vjm7olmty6psv
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-5628-1
September 22, 2022
etcd vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in etcd.
Software Description:
- etcd: Transitional package for etcd-client and etcd-server
Details:
It was discovered that etcd incorrectly handled certain specially crafted
WAL files. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15106, CVE-2020-15112)
It was discovered that etcd incorrectly handled directory permissions when
trying to create a directory that exists already. An attacker could
possibly use this issue to obtain sensitive information. (CVE-2020-15113)
It was discovered that etcd incorrectly handled endpoint setup. An
attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15114)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
etcd 3.2.26+dfsg-6ubuntu0.1
etcd-client 3.2.26+dfsg-6ubuntu0.1
etcd-server 3.2.26+dfsg-6ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5628-1
CVE-2020-15106, CVE-2020-15112, CVE-2020-15113, CVE-2020-15114
Package Information:
https://launchpad.net/ubuntu/+source/etcd/3.2.26+dfsg-6ubuntu0.1
--6p5vjm7olmty6psv
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEECtyyz6azUy6AZBzSkGeI6zGnN/8FAmMsdrgACgkQkGeI6zGn
N/9pKQ//bNviZFMh2EeL2p2l9QmtGynTz9CMAn2jc6Dj5I260WoTahQg8ZCR9CHP
hzHCyDqBOuO7s2KFgk7TqOs0FqoZL2zgqeKP/kHSNkKNnEXg0vXn2/lWatHZYgyD
IvobqdmBiRTfo6FWfvyUpJ8ZobYOd+ujAODporc0BdDdxN7o+6qG5pYaSFkKOO9Q
kEdJruZd3kopP7RxQAEJkOPxWNXQk6mv5M5Xsnkrq1D4+2cUZpCFiOkfPsbto4bq
0zCXnS0rk2ZQuhsMagHkRspF2f4PI0dlFnafTe6jz9GQ/W21FRR0LwBvXJ7GCqhO
WqTWnKOpg9XnBzegQ1lBvW1JRnSUgjU+z6h89hgPcLk/wmJyNYHBBrSyE8d0gMEs
x4Ter2qV4PGOpDyx28BfsHa7rOZDrsEcuTZeajTQi6fQwiz+AilOm6gleMQO+R41
DZafUiKh0nfjuhVCMa+JV9e5gPs9x6/mraOzIYwbS8xcufR23P80SEcl+W1VMhTX
1KwD+wMMW4KBwBaXF8rr6bjdcWdO4Tr3+eJJPU5c7KSj9+6sjRwEFj3ocMpUTTkP
DRyaRaBMM1UBw+7kkHVNxmueZcwsDbq2ln9lqihYLoGrVYi1oRdSYtygcsdNYeAW
VB5RdnrnV3zZpCq0z5YMUjrniYkHiYU/rUNXrKVFR196MCX9uI0=
=ZsFL
-----END PGP SIGNATURE-----
--6p5vjm7olmty6psv--
--===============2324917908321767134==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--===============2324917908321767134==--
|
|
|
|
