drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in libXfont
Name: |
Mehrere Probleme in libXfont |
|
ID: |
USN-2536-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 14.10 |
|
Datum: |
Mi, 18. März 2015, 18:45 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804 |
|
Applikationen: |
X11 |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============4666658448820433555== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="NCJRtM7t5X5hJroQTSCurGaccAtgeno12"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --NCJRtM7t5X5hJroQTSCurGaccAtgeno12 Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2536-1 March 18, 2015
libxfont vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS
Summary:
libXfont could be made to crash or run programs as an administrator if it opened a specially crafted bdf font file.
Software Description: - libxfont: X11 font rasterisation library
Details:
Ilja van Sprundel, Alan Coopersmith, and William Robinet discovered that libXfont incorrectly handled malformed bdf fonts. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: libxfont1 1:1.4.99.901-1ubuntu0.1
Ubuntu 14.04 LTS: libxfont1 1:1.4.7-1ubuntu0.2
Ubuntu 12.04 LTS: libxfont1 1:1.4.4-1ubuntu0.3
Ubuntu 10.04 LTS: libxfont1 1:1.4.1-1ubuntu0.4
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2536-1 CVE-2015-1802, CVE-2015-1803, CVE-2015-1804
Package Information: https://launchpad.net/ubuntu/+source/libxfont/1:1.4.99.901-1ubuntu0.1 https://launchpad.net/ubuntu/+source/libxfont/1:1.4.7-1ubuntu0.2 https://launchpad.net/ubuntu/+source/libxfont/1:1.4.4-1ubuntu0.3 https://launchpad.net/ubuntu/+source/libxfont/1:1.4.1-1ubuntu0.4
--NCJRtM7t5X5hJroQTSCurGaccAtgeno12 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJVCZQVAAoJEGVp2FWnRL6TlkUP/1fhTElgZBXX0QWqPB0SEgmh FofvhRN1x1XfwDgyDD1llSHmDZI6H7Iudt3pxmLZt9Rs+T+P7KBkJ1lCFsjTRc/9 41VBXDKdQdgGUEtVMuqW+rJXn2a+TCQAK2ZsSit44zzaR0p1vfCAdfMACJu7vDHu 2AGlJVIp6CtRRz6NSEqYQVrxncbfAahDtVBH8xkXr6UuIDqZN06+FEiBcGnDJVBc A/B4hAgDFeO1ld8JB/pPWIxA+eayIxZX4nt1alOOYcQg1EzsQZIjrCBWwA0ceCKn XkVGPFYn77x21Z3DFzm6WzCWk50Hb72IKwajpbqDKvlHFZvM/JSNrmHtlrAabKlg JpiQZxmjfLDHhRmi9Hc2sxgKh2Fa5VPt6xG/FLJcrHDB0fmW3kjSe+1yIGRKnPtj NhvAUIIqCZ7MMXM1ugYBcV5up4Ic6Z+fljv394bLu8OxtoipHzf9//fPuEdbvhx8 0RuyXQ88uWDW9XKhF0tb0F0MFaza/brGN62H3Bcf549DZrz2T8yKC3NijtHm8+b8 Bo4oc9kgnRMMuZvQk4MLgwpf7ghnH56hqPAMhJ3ixCCx9BG/mTbt1ZPFMedGby9o JxtlwukNrR/MbVqRCGJVehfPLSsAiAwCfhCu4Z8EQuddKXght4FA9YnbC4oaJWGe GqOzTA/K4pNd1Dhkuvb0 =e7kt -----END PGP SIGNATURE-----
--NCJRtM7t5X5hJroQTSCurGaccAtgeno12--
--===============4666658448820433555== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============4666658448820433555==--
|
|
|
|