drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in RealtimeKit
| Name: |
Mangelnde Rechteprüfung in RealtimeKit |
|
| ID: |
USN-1959-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 |
|
| Datum: |
Mi, 18. September 2013, 18:37 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4326 |
|
| Applikationen: |
RealtimeKit |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============1584615060108269061==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="------------enig185A57A388CC4313F370DDDA"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig185A57A388CC4313F370DDDA
Content-Type: text/plain; charset=UTF-
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1959-1
September 18, 2013
rtkit vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
RealtimeKit could be tricked into bypassing polkit authorizations.
Software Description:
- rtkit: Realtime Policy and Watchdog Daemon
Details:
It was discovered that RealtimeKit was using polkit in an unsafe manner. A
local attacker could possibly use this issue to bypass intended polkit
authorizations.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
rtkit 0.10-2ubuntu0.13.04.1
Ubuntu 12.10:
rtkit 0.10-2ubuntu0.12.10.1
Ubuntu 12.04 LTS:
rtkit 0.10-2ubuntu0.12.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1959-1
CVE-2013-4326
Package Information:
https://launchpad.net/ubuntu/+source/rtkit/0.10-2ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/rtkit/0.10-2ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/rtkit/0.10-2ubuntu0.12.04.1
--------------enig185A57A388CC4313F370DDDA
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJSOcG+AAoJEGVp2FWnRL6T2CAP/3H/CynXvUA9ACt8H2EGABBH
1tBwWhmYJzIGgqHCced1nA23N/cudM3Zg1E06qpRretfw5Cr8R+mmLnlEc/ijfqq
SwLwld9bXZmyuj/v/XMZtXI+s0ChjDOdMqlXI/1eC1QkjTMu/oDC+vlKevdaXk4y
bX9cHPACJL+IBF4BVaE/qgpNCjv3qtLKxZ+etMkg5KBTGN0o6o4NMtwISFjYUHLA
ekol0obkifkcDh1u0dkGdIfnywmgFVG9hYvaYHLHqQS0D4lWnTPU1W20gFg7SLfE
m/fM0OBsRCZn6tPzRUqmLAh7vCjePh9UPmO8SrUuTS07fH9X1v7SuYkQARbkir5D
QoHa2VioiRT/cxdKzXktUphBP1aM5i0g6JQ/Zom4TZBv0LSG6qCQmt9cSmyGumDd
AzubPNVZ12WdXZealFFeD1iBQ09rG8j8aJ4Lq9M9oa2IamRIHJHNlRAZJYjdc4Hk
LiEFcy6UmV1KTVdRdvt6pqfmH8BUlMEYZU0pKN7pSVnI2GxN/M48PUBlSB9bEUGU
2TB+RznmnI3348I9kiy6ZwxBsdJK7pmheSxaU/1ZjpsY5nDYnqED6CwkbD6lf84f
F0OWbpRqolfrh+wunBbLtr0EdRnH5fMNPQT5U2zYafcCzq33fOcV5IZAoCGgXUT/
xDNTLSFZo/AP0jKPL4u8
=F4zx
-----END PGP SIGNATURE-----
--------------enig185A57A388CC4313F370DDDA--
--===============1584615060108269061==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1584615060108269061==--
|
|
|
|
