Mehrere Probleme in Linux
ID: | USN-1337-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 10.04 LTS |
Datum: | Di, 24. Januar 2012, 08:15 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4110 |
Applikationen: | Linux |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============9174792114168598970== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig40729D4929A9F519788BCFC7" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig40729D4929A9F519788BCFC7 Content-Type: multipart/mixed; boundary="------------080003030705050409020507" This is a multi-part message in MIME format. --------------080003030705050409020507 Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-1337-1 January 23, 2012 linux-lts-backport-natty vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: Several security issues were fixed in the kernel. Software Description: - linux-lts-backport-natty: Linux kernel backport from Natty Details: Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. (CVE-2011-1162) Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. (CVE-2011-4110) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: linux-image-2.6.38-13-generic 2.6.38-13.54~lucid1 linux-image-2.6.38-13-generic-pae 2.6.38-13.54~lucid1 linux-image-2.6.38-13-server 2.6.38-13.54~lucid1 linux-image-2.6.38-13-virtual 2.6.38-13.54~lucid1 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1337-1 CVE-2011-1162, CVE-2011-2203, CVE-2011-4110 Package Information: https://launchpad.net/ubuntu/+source/linux-lts-backport-natty/2.6.38-13.54~lucid1 --------------080003030705050409020507 Content-Type: text/plain; name="Attached Message Part" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Attached Message Part" --------------080003030705050409020507-- --------------enig40729D4929A9F519788BCFC7 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJPHaHqAAoJEAUvNnAY1cPY2V0P/3sR/WaaD5evqMb0ns2eVJGv eSspJlSYIID2LOy9NWE+rtxUQujVCSJE6xsSINcnOxs2tB2dkW1SWB3J4RG1zNsW LymBp2H1dz2LEhgaJtoXp1tVyBV/P7qZeJ6r7iZBvEYSZcb+xbiCSkRztOHvQg7v RLskMU+fFUEoa+gSles8VuhspGh4yGczAdRrdPMG8byfsJGhHOi3rnzKr0CTf2ta /te+J7yxECCbI0NT0eIoeVo7FSs9YWbhJyPu7QVtwKPiBWYmlXmRUHiRXAcV+v8q 74cuf9FYKZKcbBJwTEP1L7j4zaw9NyGfpAyxx2ZimYXgdLEmZ0QT7mxv5Nw579aF W9zegXtOcRjCzM8ArZYrY+PIH3hY7VmWBlcaV8aViO2ibnLzNjW4yY0kFWNSl59w Ph16i7pQxtVQ7WYq8E2DNSh2hUDLvUCnNsCjR0RAJr3hRwga/4wzdHuAu9nQIiTU 9tUYQU6lw/oQw0yJmxcbEiBoWtJmDrzwIbGsT8cDK6nqmmkyKB5d7s4KPBIa3srM 5/yA0Xo74L2bVbtbOC6xAJBwzykRDvV2YUtb1mRfCtDE3Rn4Q7E39vaiSmeXRwIA cQXCM4NrFQmHKUKM+gVkOpU+I3rclaAiDq/hkkg/jW3SmaCEjUIep/CWyqwveof5 wOfrxu73ghIZNYEbFEUM =1t5M -----END PGP SIGNATURE----- --------------enig40729D4929A9F519788BCFC7-- --===============9174792114168598970== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============9174792114168598970==-- |