Löschen beliebiger Dateien in lightdm (Aktualisierung)
ID: | USN-1399-2 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 11.10 |
Datum: | Di, 13. März 2012, 16:36 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0943 |
Applikationen: | LightDM |
Update von: | Löschen beliebiger Dateien in gdm-guest-session |
Originalnachricht |
|
--===============0303480585694669611== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-KxR892SuR4oSAM5/kP+W" --=-KxR892SuR4oSAM5/kP+W Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-1399-2 March 13, 2012 lightdm vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 Summary: Light Display Manager could be made to delete files as the administrator. Software Description: - lightdm: Display Manager Details: Ryan Lortie discovered that a guest session script bundled in the Light Display Manager package improperly cleaned out certain guest session files. A local attacker could use this issue to delete arbitrary files. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: lightdm 1.0.6-0ubuntu1.6 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1399-2 http://www.ubuntu.com/usn/usn-1399-1 CVE-2012-0943 Package Information: https://launchpad.net/ubuntu/+source/lightdm/1.0.6-0ubuntu1.6 --ÔxR892SuR4oSAM5/kP+W Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAABCgAGBQJPX1BsAAoJEGVp2FWnRL6Th20P/jONo1S6cmQdYuoZC516iVl8 KSeIAMeauD3rmUw2cbEJyfttpPCqXjoyAFB/zt+2FkqKEbUWe0Mv23jZ/bxgoQPC I6rhChOqgcWL9aEsNWHETAIXVQsZlNrO6PA5B9u+Kj+FcC3SvWzu5OWDe6HWGQ8E rSMMH2TNe+lODEtr7LrOWm2F1EghB6VUkAznLAYdzn97791CCqbcoHeAzfjH8sez x19MXxh1R9H2KT3oMleSgLjsijX1MgUAKqkw5hYJ1Pog/INC9L41vOe8sDXYSHRl 1jhUPbao00MAqfEDXJZXw5ieJ7hcaGfDxvhikgVChVsUzTXUak4X1tSQy8Ty4SPM JySLOylZIWku/e0X+uxJePqbtfpGNESaXSAe8UuV64JOO/X8sZYUzmSk+Xgf/DQW C0+Vl1lJTYevFHiIZgmK/yCOLj+uxPGvERxkNYV0HpoCugBPKhV1CT7skbzl2Z7I DGId7vbC0cLv3ZMebwD3ADdiRhy9Uvoum09DHsWmv7Us1rF0VMY4e2tbbTRXZnzx L2duW4rNx4Uz5xdb1KIlYEP7mIr3HNQmYxC1YtclXlCO/ww4j+tf+z+r5Ifhl6vh lbfg46f3wgO0heGH2/WVS6LovmLaqFo4NDO4eoYAPbqYFM5GsGuTDqoLMKI2jMM7 9di4+iLWnfjxalOWmEzh =p6X3 -----END PGP SIGNATURE----- --=-KxR892SuR4oSAM5/kP+W-- --===============0303480585694669611== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============0303480585694669611==-- |