drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in VTE
Name: |
Denial of Service in VTE |
|
ID: |
USN-6833-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10, Ubuntu 24.04 LTS |
|
Datum: |
Do, 13. Juni 2024, 22:25 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37535 |
|
Applikationen: |
VTE |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============6853358904724234361== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------GoLRijANA0tUQSSp0MDzYCSJ"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------GoLRijANA0tUQSSp0MDzYCSJ Content-Type: multipart/mixed; boundary="------------57pIqHBPSOGNlXsqYSBq5aYD"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <6f32ab16-d950-432d-9bcd-2f078841f693@canonical.com> Subject: [USN-6833-1] VTE vulnerability
--------------57pIqHBPSOGNlXsqYSBq5aYD Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-6833-1 June 13, 2024
vte2.91 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS
Summary:
VTE could be made to consume resources and crash if it displayed specially crafted data.
Software Description: - vte2.91: Terminal emulator widget for GTK
Details:
Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this issue to consume resources, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04 LTS libvte-2.91-0 0.76.0-1ubuntu0.1 libvte-2.91-gtk4-0 0.76.0-1ubuntu0.1
Ubuntu 23.10 libvte-2.91-0 0.74.0-2ubuntu0.1 libvte-2.91-gtk4-0 0.74.0-2ubuntu0.1
Ubuntu 22.04 LTS libvte-2.91-0 0.68.0-1ubuntu0.1
Ubuntu 20.04 LTS libvte-2.91-0 0.60.3-0ubuntu1~20.5
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6833-1 CVE-2024-37535
Package Information: https://launchpad.net/ubuntu/+source/vte2.91/0.76.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/vte2.91/0.74.0-2ubuntu0.1 https://launchpad.net/ubuntu/+source/vte2.91/0.68.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/vte2.91/0.60.3-0ubuntu1~20.5
--------------57pIqHBPSOGNlXsqYSBq5aYD--
--------------GoLRijANA0tUQSSp0MDzYCSJ Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmZq/3YACgkQZWnYVadE vpPTvQ//dszzb+rg42+9WrdLGKVLogPhdASD0NfCmhbJCxj9ifynRsxmA0xyAvZ0 JQYIJ6Tb4wClVvdP+BUwbl3FjcCjzHSKNJ5UYb8s2znjS0ekIDjJ/OLc6f4YOcPa YkVuaC5Vp7DH0rNNzB8AWgPKjuvJ8i+UtUNfHqC8DuzkZJ1+vxjvms5a1IEkNsiu 3uAHlmNwEtlXs7pT0ScZZW0s7tKPIKjhgODl2tVqsJSnYfeTiGt3AUQl3UQYRWFl 6x7/chqr2PJIeuBCN0Nj2jM7OueYK4yfp8eri3vMKu8uBfptQ9K0MTFCR1rpEnBT 8vzUfSJHVfIUzbRTuqsoyEZ2WueYjuQNzYL4pzEVtC3Kd6ycLNU3T2O2pyWgXOji pnG7kRoqm9azde8+KoaWEMKQLUWVWPzVCuGOX3Oqwx7JuQikEdrTeOeuu80Iopmd iEjAcCD1eDO4ZLzNGhVzXmzme3NFLuOIjxxP3NkmvEZ1V/0YKYy5QkL4XKw8dTW+ UmHgVeecU6KmJfGHAllvPvv9YweV3U+ok+rxA5x4OWDDNYwcZqFbVuz2hzGNvK8i 3EhctdEShA+dD3UcT0Z1JKQVlLxfOR7Hl+SReoaDrTm/yZa+lP++j79JFUHLs+Is uAqFNwENv5yOfaYWPKRy7PrYV1cVvBiwhC4XbQMkX1MaheMbffA= =EFEz -----END PGP SIGNATURE-----
--------------GoLRijANA0tUQSSp0MDzYCSJ--
--===============6853358904724234361== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============6853358904724234361==--
|
|
|
|