drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in etcd
Name: |
Mehrere Probleme in etcd |
|
ID: |
USN-5628-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS |
|
Datum: |
Do, 22. September 2022, 21:53 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15114
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15106
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15112
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15113 |
|
Applikationen: |
etcd |
|
Originalnachricht |
--===============2324917908321767134== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="6p5vjm7olmty6psv" Content-Disposition: inline
--6p5vjm7olmty6psv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-5628-1 September 22, 2022
etcd vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in etcd.
Software Description: - etcd: Transitional package for etcd-client and etcd-server
Details:
It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15106, CVE-2020-15112)
It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that exists already. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-15113)
It was discovered that etcd incorrectly handled endpoint setup. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-15114)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04 LTS: etcd 3.2.26+dfsg-6ubuntu0.1 etcd-client 3.2.26+dfsg-6ubuntu0.1 etcd-server 3.2.26+dfsg-6ubuntu0.1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5628-1 CVE-2020-15106, CVE-2020-15112, CVE-2020-15113, CVE-2020-15114
Package Information: https://launchpad.net/ubuntu/+source/etcd/3.2.26+dfsg-6ubuntu0.1
--6p5vjm7olmty6psv Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEECtyyz6azUy6AZBzSkGeI6zGnN/8FAmMsdrgACgkQkGeI6zGn N/9pKQ//bNviZFMh2EeL2p2l9QmtGynTz9CMAn2jc6Dj5I260WoTahQg8ZCR9CHP hzHCyDqBOuO7s2KFgk7TqOs0FqoZL2zgqeKP/kHSNkKNnEXg0vXn2/lWatHZYgyD IvobqdmBiRTfo6FWfvyUpJ8ZobYOd+ujAODporc0BdDdxN7o+6qG5pYaSFkKOO9Q kEdJruZd3kopP7RxQAEJkOPxWNXQk6mv5M5Xsnkrq1D4+2cUZpCFiOkfPsbto4bq 0zCXnS0rk2ZQuhsMagHkRspF2f4PI0dlFnafTe6jz9GQ/W21FRR0LwBvXJ7GCqhO WqTWnKOpg9XnBzegQ1lBvW1JRnSUgjU+z6h89hgPcLk/wmJyNYHBBrSyE8d0gMEs x4Ter2qV4PGOpDyx28BfsHa7rOZDrsEcuTZeajTQi6fQwiz+AilOm6gleMQO+R41 DZafUiKh0nfjuhVCMa+JV9e5gPs9x6/mraOzIYwbS8xcufR23P80SEcl+W1VMhTX 1KwD+wMMW4KBwBaXF8rr6bjdcWdO4Tr3+eJJPU5c7KSj9+6sjRwEFj3ocMpUTTkP DRyaRaBMM1UBw+7kkHVNxmueZcwsDbq2ln9lqihYLoGrVYi1oRdSYtygcsdNYeAW VB5RdnrnV3zZpCq0z5YMUjrniYkHiYU/rUNXrKVFR196MCX9uI0= =ZsFL -----END PGP SIGNATURE-----
--6p5vjm7olmty6psv--
--===============2324917908321767134== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
--===============2324917908321767134==--
|
|
|
|