drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in ICU
| Name: |
Ausführen beliebiger Kommandos in ICU |
|
| ID: |
USN-1348-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04, Ubuntu 11.10 |
|
| Datum: |
Do, 26. Januar 2012, 16:04 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4599 |
|
| Applikationen: |
International Components for Unicode (C/C++) |
|
Originalnachricht |
--===============8095935223405777870==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-Ws82xzG8nz6l32WWH5NQ"
--=-Ws82xzG8nz6l32WWH5NQ
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1348-1
January 26, 2012
icu vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
ICU could be made to crash or run programs as your login if it
opened specially crafted data.
Software Description:
- icu: International Components for Unicode library
Details:
It was discovered that ICU did not properly handle invalid locale data
during Unicode conversion. If an application using ICU processed crafted
data, an attacker could cause it to crash or potentially execute arbitrary
code with the privileges of the user invoking the program.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.10:
libicu44 4.4.2-2ubuntu0.11.10.1
Ubuntu 11.04:
libicu44 4.4.2-2ubuntu0.11.04.1
Ubuntu 10.10:
libicu42 4.2.1-3ubuntu0.10.10.1
Ubuntu 10.04 LTS:
libicu42 4.2.1-3ubuntu0.10.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1348-1
CVE-2011-4599
Package Information:
https://launchpad.net/ubuntu/+source/icu/4.4.2-2ubuntu0.11.10.1
https://launchpad.net/ubuntu/+source/icu/4.4.2-2ubuntu0.11.04.1
https://launchpad.net/ubuntu/+source/icu/4.2.1-3ubuntu0.10.10.1
https://launchpad.net/ubuntu/+source/icu/4.2.1-3ubuntu0.10.04.1
--Ðs82xzG8nz6l32WWH5NQ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJPIWgrAAoJEGVp2FWnRL6TYpcP/0jeDBG2BwjP/xcPA23E84A0
CKhAd20CKn6j/+ehYOzK648JlDXXdhUwfeIbeJrwRm0wr2RYqKXd80LyxWKOz0Kw
qpJTn6IJ7UDhPkAamyyoXfrg5e9JNFDk/bR7LplJDZmeu/TQqeaPSzb7KE2shSjf
gdan7s1M14NXLS1bAop9ijKfXlXEfb3lval9yypSzlQ/X5YDd7ox5ELK5t4OeUIe
QMFA0NCtUHC3arGy9y9peYf1EekFyB2j8T2FWN+ONg2vUIBHy7jMbHmflIDrbfxG
Y8xVqk0I1mPRA1U2+52We1vVJwI50jW5dfctylF6KaamWrx49imwX6s4/1An2bNF
fzlDoXnQELEFOZfs/4s15rHYIw8zo7u4sRntFRfV2WcyFl4UMKdVQ5im0eR31cQO
PSazQGrnbl4tixWhHgeyIdc+nYfL1QXCxofIerOHaO9tB8Hhs+oVsy6wv/jFv4gO
aEYFx6us/pAuuzQmOQKOqpGHlMscWXEu+1rcPQHLLprRgfq/mLZg/r4O0k3wI1gt
06JCfp+wjhn1Mhc3GldXjpLY238yHJ8IQpBFcQaTh7xnvNPB0guU2DqJ5UmTrrk9
/+bKYNALB+k5zjargsaJso46srCONLKqBoT5ABgJIpkXg9FZLFRQjBBHZ1k4OK6/
6ybXw2Wp5KZcLgmabTfx
=lV2J
-----END PGP SIGNATURE-----
--=-Ws82xzG8nz6l32WWH5NQ--
--===============8095935223405777870==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============8095935223405777870==--
|
|
|
|
