drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in ICU
Name: |
Zwei Probleme in ICU |
|
ID: |
USN-1989-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 |
|
Datum: |
Di, 15. Oktober 2013, 22:44 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2924 |
|
Applikationen: |
International Components for Unicode (C/C++) |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8143575247045305836== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="FcjdI9BuK8NRTX2GB6QTca08nkbJrHLg6"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --FcjdI9BuK8NRTX2GB6QTca08nkbJrHLg6 Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1989-1 October 15, 2013
icu vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04 - Ubuntu 12.10 - Ubuntu 12.04 LTS
Summary:
ICU could be made to crash or run programs as your login if it processed specially crafted data.
Software Description: - icu: International Components for Unicode library
Details:
It was discovered that ICU contained a race condition affecting multi- threaded applications. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2013-0900)
It was discovered that ICU incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2013-2924)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 13.04: libicu48 4.8.1.1-12ubuntu0.1
Ubuntu 12.10: libicu48 4.8.1.1-8ubuntu0.1
Ubuntu 12.04 LTS: libicu48 4.8.1.1-3ubuntu0.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1989-1 CVE-2013-0900, CVE-2013-2924
Package Information: https://launchpad.net/ubuntu/+source/icu/4.8.1.1-12ubuntu0.1 https://launchpad.net/ubuntu/+source/icu/4.8.1.1-8ubuntu0.1 https://launchpad.net/ubuntu/+source/icu/4.8.1.1-3ubuntu0.1
--FcjdI9BuK8NRTX2GB6QTca08nkbJrHLg6 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCgAGBQJSXXdfAAoJEGVp2FWnRL6T36AP/0eg+maiu9CUpteH0PmByzO3 rPoQZhYkszVTrh9p2NV+0lE31TKcOJT2rTuIcTNrrFTrUakThdBj33Zj0lmJ2vws BTtCTv4Ca8EalVjfcBO7EVlFsg38AODQTYB1oKl+OI2zDbHJpJTXn2djCNgd5sys 21IpAVUZSM8YYNimsWV4jaglukUQZvfPOfTddQx0jSU8K6DK4Nvga73y+BHMTG1M zi0Ldkklc6EVGi0oG0ns/50iERwOYKGqzcUMTBA2heV1CZYMM6IP3sg+0MEzhMU8 7WcHaLSFq9p0A0EolhKlHvssKA2DF79bTzVkIhz4DYyoaQMnZzIPmLRPi0XsPJ2j 4WhJBVDohbl9zEesrd8hWfRsuIYlCECwccV7hBUT4o9wF1uqetV8UFLAWd+kyWCG hTjwM2WQEfwQwUlcvLkvwXyj1OldAnuXoSSedS4+GPJhOnGzVM+JWRC+jZqCFqUo x6KiAwho0UQA8N2b4jSWeJwUFh9kDHgBox3CrWakA4gMpNEowRHhtHNLN9BjZJlE 1XaZaCVwKs4uCOkwstKgu/9OGEI8j6qCg9Ce3yPqG7HMCkFCPnXUqDV1PGSoieIB 1gbYBIvJTWsWXA0GQhdjuc6yxKRDMCQgOzfsTMwK2y6eoCU7+5ly3pQKu2KXn9by 2N9+yJRdL/DJ8x/X1jMJ =dqWp -----END PGP SIGNATURE-----
--FcjdI9BuK8NRTX2GB6QTca08nkbJrHLg6--
--===============8143575247045305836== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============8143575247045305836==--
|
|
|
|