Mangelnde Rechteprüfung in AppArmor
ID: | USN-2413-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 14.04 LTS |
Datum: | Fr, 21. November 2014, 01:19 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1424 |
Applikationen: | AppArmor |
Originalnachricht |
|
--===============9109168037048424396== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="pWyiEgJYm5f9v55/" Content-Disposition: inline --pWyiEgJYm5f9v55/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-2413-1 November 20, 2014 apparmor vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: apparmor_parser could allow applications that are confined by AppArmor to gain unintended access to resources. Software Description: - apparmor: Linux security system Details: An AppArmor policy miscompilation flaw was discovered in apparmor_parser. Under certain circumstances, a malicious application could use this flaw to perform operations that are not allowed by AppArmor policy. The flaw may also prevent applications from accessing resources that are allowed by AppArmor policy. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: apparmor 2.8.95~2430-0ubuntu5.1 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2413-1 CVE-2014-1424 Package Information: https://launchpad.net/ubuntu/+source/apparmor/2.8.95~2430-0ubuntu5.1 --pWyiEgJYm5f9v55/ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUblh5AAoJENaSAD2qAscKTD0QALQCG0qgXqnE2uatqKX+fDfN m45D4Ro5yxz2pZY0DTsqkP/C6XeSBz3exYQRUMShg5kWh6IT3Mzbi8CBV78HCtHQ JuDiiGZa3Hjve51J4q9fU0J8E01V60mK1vyci85xTEkn+bLhpQl+nz2ryOvcwvfE JA1zPGBz/10FPpR2SsV/uXMqpRIsG0dKSEyzJLLqRj2jtnnCsbV/4hr9gfMGJqvj i5L8Pq7/uxA5zNI2MDFP/qhxqnAT/6/4CqqqCBqdnF7L/wRhc2D40lHlJXbJMDQE jvd79sOzxU6Qhzq4hWO9Hhe3ehkoFn4mbU/VIPbt+pjtkjpk1LO4OUx2BqbG4825 a0UG7wuUNiP2yrxbibx9jt+fyIhYnJ4ZAXZPt3N3jolLBz3gQDLyoCuaIl/aX/ly DHjrKZ00JmEHat46bFn3ptvb1RVPpR2lYHdIOPnueq9j7J01t3IhpeFLCZsMM+Z2 tdtfUZmd0kvHTn7hOVgl0HOlV2/C41AYX739CaoaH//sXWuCf1mTMXLMsawzpdbn d9L3jhe6j6TYRAfyA/mEEURqM5wWKZt/WDVLMYM3JfBklM1bL1VSFRuDzJz4b0pe s7eQ/gehWaOQIlY0bHKSCWKEJ6SFtsqpzb++Ybyg4euUo70YQqvtx+dIfBBwIAzS PCk3TED0mGKe3aLbgfbM =FA24 -----END PGP SIGNATURE----- --pWyiEgJYm5f9v55/-- --===============9109168037048424396== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============9109168037048424396==-- |