drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in util-linux
Name: |
Preisgabe von Informationen in util-linux |
|
ID: |
USN-6719-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 |
|
Datum: |
Mi, 27. März 2024, 22:46 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28085 |
|
Applikationen: |
util-linux |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============1817870641400620439== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------jZtNY8jl6ue4cSc40Bc5N07b"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------jZtNY8jl6ue4cSc40Bc5N07b Content-Type: multipart/mixed; boundary="------------FT0MIiGttzJJ0b8Pr6bVoL1n"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <55f7f5aa-02d4-4e8e-85c7-b5622462ae57@canonical.com> Subject: [USN-6719-1] util-linux vulnerability
--------------FT0MIiGttzJJ0b8Pr6bVoL1n Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-6719-1 March 27, 2024
util-linux vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS
Summary:
util-linux could be made to expose sensitive information.
Software Description: - util-linux: miscellaneous system utilities
Details:
Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10: util-linux 2.39.1-4ubuntu2.1
Ubuntu 22.04 LTS: util-linux 2.37.2-4ubuntu3.3
Ubuntu 20.04 LTS: util-linux 2.34-0.1ubuntu9.5
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6719-1 CVE-2024-28085
Package Information: https://launchpad.net/ubuntu/+source/util-linux/2.39.1-4ubuntu2.1 https://launchpad.net/ubuntu/+source/util-linux/2.37.2-4ubuntu3.3 https://launchpad.net/ubuntu/+source/util-linux/2.34-0.1ubuntu9.5
--------------FT0MIiGttzJJ0b8Pr6bVoL1n--
--------------jZtNY8jl6ue4cSc40Bc5N07b Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmYET/4ACgkQZWnYVadE vpOCQg//YS1NgGGmKnUI9UriNKwqObC1SMgWnC1CEdqRbi8rqDgnGN1WsOa/Nnhe dAwfQkOxTUfeez8ZjXGBDGDN4Z468GHbpmA87CyXhUfRm2YOK4B49VP+3OJpaIX3 hWgzN4yjHWhAfCsaFUHyimFWYdQsw8zIvGcXKJMuHLyDVK4otvRncsLwnoWqoj97 Xe73tws+ijwxVWye3gpj1wlfPQoah8++aRRYyQBDSysjATiAluzy33MSJ3WQ8qO9 Zm7XmbCuhnBfLYf6CpLYfxQERuL1BNXe86yLik0bJCxlXdb+EVKcrMZtc47/D82X 2RrgjHs5ukS4hl9ENt2IR64Jehl9BOJ90TE0riqlwWPn0tohYTWKF5qI45qkttiN iAFo9fA1O7Hy4KjWsqTLgFc618a/JyWBPvbKoajKCx9NhMb5ePQwPIa92nDZAH70 KGLeaZngnIinq+t95mZaBIatssjUN7qfXpHZe8OL+w5z4voxt2oTk9Zdjk71PWMP kmTHzjEFJy7EaZhF6XNt92jtHaBaokpbcnch8N3MqrWNBThwVEcwL4NS7FizDkwU Q/E4UlMru5pjGfVRwCHj28gCh/Q7b88btl/gH8qG63y5nrnCr3klChW4o4vOxts3 17F4jHUIy+YpttF0N8RXS08j1VoBCz7+hw78DNu2yKLmga8iU2w= =+hk4 -----END PGP SIGNATURE-----
--------------jZtNY8jl6ue4cSc40Bc5N07b--
--===============1817870641400620439== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============1817870641400620439==--
|
|
|
|