Sicherheit: Fehlerhafte Zugriffsrechte in Likewise (Aktualisierung)

Lesezeichen hinzufügen

--===============0625839615122169273==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="81JctsDUVPekGcy+"
Content-Disposition: inline

--81JctsDUVPekGcy+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-964-2 July 29, 2010
likewise-open regression
https://launchpad.net/bugs/610300
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 10.04 LTS:
likewise-open 5.4.0.42111-2ubuntu1.2

In general, a standard system update will make all the necessary changes.

Details follow:

USN-964-1 fixed vulnerabilities in Likewise Open. The upstream fixes
were incomplete, which caused problems running certain services. This
update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Matt Weatherford discovered that Likewise Open did not correctly check
password expiration for the local-provider account. A local attacker could
exploit this to log into a system they would otherwise not have access to.

Updated packages for Ubuntu 10.04:

Source archives:

likewise-open_5.4.0.42111-2ubuntu1.2.diff.gz
Size/MD5: 64730 c06c995d1587c6e6412db742006534fd
likewise-open_5.4.0.42111-2ubuntu1.2.dsc
Size/MD5: 1650 06e9edfb159003f9bd729fa01f1721ba
likewise-open_5.4.0.42111.orig.tar.gz
Size/MD5: 18092080 19620caa003a2b5d72333a89bf1374f2

Architecture independent packages:

likewise-open5-eventlog_5.4.0.42111-2ubuntu1.2_all.deb
Size/MD5: 5494 4fea19be64844bb8f1cbcc3dd1193a10
likewise-open5-gui_5.4.0.42111-2ubuntu1.2_all.deb
Size/MD5: 5494 17747612d1dfa470664416147e52f5bb
likewise-open5-libs_5.4.0.42111-2ubuntu1.2_all.deb
Size/MD5: 5488 2a0895620bdcb3a5ae3de034f3a577f9
likewise-open5-lsass_5.4.0.42111-2ubuntu1.2_all.deb
Size/MD5: 5974 74cdea31f3008c8bf26d8b4323d66aad
likewise-open5-netlogon_5.4.0.42111-2ubuntu1.2_all.deb
Size/MD5: 5494 0da6e70ca8f61f9ea32ae810da9c23b7
likewise-open5-rpc_5.4.0.42111-2ubuntu1.2_all.deb
Size/MD5: 5488 76f4f77dce0e9b2e0c992b0f730aefef
likewise-open5_5.4.0.42111-2ubuntu1.2_all.deb
Size/MD5: 5478 0d0428eccd22b3a9d87234601058e636

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

likewise-open_5.4.0.42111-2ubuntu1.2_amd64.deb
Size/MD5: 3098034 074eb0ffcb5322844b63ad0d720e06d1
likewise-open-gui_5.4.0.42111-2ubuntu1.2_amd64.deb
Size/MD5: 29198 99e45c76b1aac9dc4c121c0eff487c88
likewise-open-server_5.4.0.42111-2ubuntu1.2_amd64.deb
Size/MD5: 561310 b3ceb8663fc378b955c4d1dfef924901

i386 architecture (x86 compatible Intel/AMD):

likewise-open_5.4.0.42111-2ubuntu1.2_i386.deb
Size/MD5: 2677376 c7bf46ea2debdf7ec2f751b765a1607d
likewise-open-gui_5.4.0.42111-2ubuntu1.2_i386.deb
Size/MD5: 28228 98e0e33cedffeb75c019d25f5c42723b
likewise-open-server_5.4.0.42111-2ubuntu1.2_i386.deb
Size/MD5: 480296 7b09a17fa783d8459bbd832a74337af6

--81JctsDUVPekGcy+
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Kees Cook <kees@outflux.net>

iEYEARECAAYFAkxYZU8ACgkQH/9LqRcGPm2kqgCdH2cxKWJtUC9GDZcf7MVyuKPt
WT8An0EbHmJn9bsE/ui8dwlc35mAWtZT
=ihUu
-----END PGP SIGNATURE-----

--81JctsDUVPekGcy+--

--===============0625839615122169273==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============0625839615122169273==--