Preisgabe von Informationen in libuv
ID: | USN-5007-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 20.04 LTS, Ubuntu 20.10, Ubuntu 21.04 |
Datum: | Mi, 7. Juli 2021, 23:11 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918 |
Applikationen: | libuv |
Originalnachricht |
|
--===============0157623859372910613== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="gKMricLos+KVdGMg" Content-Disposition: inline --gKMricLos+KVdGMg Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-5007-1 July 07, 2021 libuv1 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 - Ubuntu 20.10 - Ubuntu 20.04 LTS Summary: libuv could be made to crash or expose sensitive information if it received a specially crafted input. Software Description: - libuv1: asynchronous event notification library - runtime library Details: Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: libuv1 1.40.0-1ubuntu0.1 Ubuntu 20.10: libuv1 1.38.0-2ubuntu2.1 Ubuntu 20.04 LTS: libuv1 1.34.2-1ubuntu1.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5007-1 CVE-2021-22918 Package Information: https://launchpad.net/ubuntu/+source/libuv1/1.40.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/libuv1/1.38.0-2ubuntu2.1 https://launchpad.net/ubuntu/+source/libuv1/1.34.2-1ubuntu1.3 --gKMricLos+KVdGMg Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmDlq70ACgkQRbznW4QL H2mOAhAAhDYH7uUwjrT4nTdom0rYyA+nfUMvFM3RiaN9U+cw+5PXzEtr/KmZBq0B RfNfx4h+9gGy2DlxlZkno/FWR0Qof3ecUrV9SUc0aNJHJTF1d0nxfz5bXf920Lbk rGW0W7mC8KMY26Myi629yLKmesxl5Iy/Cmr5JDGsCb0hVEPDEGLPS1SaFxT2Wr/T nwe8vHFB87Z52N738vro4Y9jKg6aMtJLT7jO6R8HSC//iPCiRMgPRsXwG7rs8RH8 5PBptwg072KIxoTxvyWHjZrbE+v4yNgNhhLBE1Jk/97OF75t3uGG03M9EvofvYx1 dZlC3T4ZYw8Aslo7gAg93L3Isy/glwT1DRuVJrVfISz65sg/SNylJIeMhme4JMGd anMot8z2vWLlljGr/Y23mP0icwpd3AwgxIKQTK60IEgu6hOon2Bk9fA0XlKRZnl0 C0UGoYT2AJhPw9AXxma9j54YcitpPkzSPy74MkQD125rcJAO91jzLqgTkfGazl0f XZK94Lp364Ku38uQ+q35NhyPYIJ7yr+olVGczenOVelLXggqQOgUKpV8BOyCJI9Q H2pn7dgGDPvxoQPYQcHDaqFmxRpEyDM209h6KcsaISueVLc97Zu+sUlV883povDN yunCakwTG4NOvQVKePqF6D6LTb1S3q5VpujO7WmlF5kTHM4nl6I= =rv/y -----END PGP SIGNATURE----- --gKMricLos+KVdGMg-- --===============0157623859372910613== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |