drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in ICU
Name: |
Ausführen beliebiger Kommandos in ICU |
|
ID: |
USN-1348-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04, Ubuntu 11.10 |
|
Datum: |
Do, 26. Januar 2012, 16:04 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599 |
|
Applikationen: |
International Components for Unicode (C/C++) |
|
Originalnachricht |
--===============8095935223405777870== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-Ws82xzG8nz6l32WWH5NQ"
--=-Ws82xzG8nz6l32WWH5NQ Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1348-1 January 26, 2012
icu vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS
Summary:
ICU could be made to crash or run programs as your login if it opened specially crafted data.
Software Description: - icu: International Components for Unicode library
Details:
It was discovered that ICU did not properly handle invalid locale data during Unicode conversion. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: libicu44 4.4.2-2ubuntu0.11.10.1
Ubuntu 11.04: libicu44 4.4.2-2ubuntu0.11.04.1
Ubuntu 10.10: libicu42 4.2.1-3ubuntu0.10.10.1
Ubuntu 10.04 LTS: libicu42 4.2.1-3ubuntu0.10.04.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1348-1 CVE-2011-4599
Package Information: https://launchpad.net/ubuntu/+source/icu/4.4.2-2ubuntu0.11.10.1 https://launchpad.net/ubuntu/+source/icu/4.4.2-2ubuntu0.11.04.1 https://launchpad.net/ubuntu/+source/icu/4.2.1-3ubuntu0.10.10.1 https://launchpad.net/ubuntu/+source/icu/4.2.1-3ubuntu0.10.04.1
--Ðs82xzG8nz6l32WWH5NQ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJPIWgrAAoJEGVp2FWnRL6TYpcP/0jeDBG2BwjP/xcPA23E84A0 CKhAd20CKn6j/+ehYOzK648JlDXXdhUwfeIbeJrwRm0wr2RYqKXd80LyxWKOz0Kw qpJTn6IJ7UDhPkAamyyoXfrg5e9JNFDk/bR7LplJDZmeu/TQqeaPSzb7KE2shSjf gdan7s1M14NXLS1bAop9ijKfXlXEfb3lval9yypSzlQ/X5YDd7ox5ELK5t4OeUIe QMFA0NCtUHC3arGy9y9peYf1EekFyB2j8T2FWN+ONg2vUIBHy7jMbHmflIDrbfxG Y8xVqk0I1mPRA1U2+52We1vVJwI50jW5dfctylF6KaamWrx49imwX6s4/1An2bNF fzlDoXnQELEFOZfs/4s15rHYIw8zo7u4sRntFRfV2WcyFl4UMKdVQ5im0eR31cQO PSazQGrnbl4tixWhHgeyIdc+nYfL1QXCxofIerOHaO9tB8Hhs+oVsy6wv/jFv4gO aEYFx6us/pAuuzQmOQKOqpGHlMscWXEu+1rcPQHLLprRgfq/mLZg/r4O0k3wI1gt 06JCfp+wjhn1Mhc3GldXjpLY238yHJ8IQpBFcQaTh7xnvNPB0guU2DqJ5UmTrrk9 /+bKYNALB+k5zjargsaJso46srCONLKqBoT5ABgJIpkXg9FZLFRQjBBHZ1k4OK6/ 6ybXw2Wp5KZcLgmabTfx =lV2J -----END PGP SIGNATURE-----
--=-Ws82xzG8nz6l32WWH5NQ--
--===============8095935223405777870== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============8095935223405777870==--
|
|
|
|