drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in libmspack
Name: |
Zwei Probleme in libmspack |
|
ID: |
USN-3394-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 17.04 |
|
Datum: |
Do, 17. August 2017, 23:03 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11423 |
|
Applikationen: |
libmspack |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============7048549779219875983== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ogQlwA80QpLxvGVjctOEuBbVkGqHScwWp"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ogQlwA80QpLxvGVjctOEuBbVkGqHScwWp Content-Type: multipart/mixed; boundary="r8tWeEp8tqAx96oB4dNsPGuffb03aScqj"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <f4aa573e-5487-b713-5c58-a9327a2221bb@canonical.com> Subject: [USN-3394-1] libmspack vulnerabilities
--r8tWeEp8tqAx96oB4dNsPGuffb03aScqj Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3394-1 August 17, 2017
libmspack vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04 - Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in libmspack.
Software Description: - libmspack: library for Microsoft compression formats
Details:
It was discovered that libmspack incorrectly handled certain malformed CHM files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-6419)
It was discovered that libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. (CVE-2017-6419)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: libmspack0 0.5-1ubuntu0.17.04.1
Ubuntu 16.04 LTS: libmspack0 0.5-1ubuntu0.16.04.1
In general, a standard system update will make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3394-1 CVE-2017-11423, CVE-2017-6419
Package Information: https://launchpad.net/ubuntu/+source/libmspack/0.5-1ubuntu0.17.04.1 https://launchpad.net/ubuntu/+source/libmspack/0.5-1ubuntu0.16.04.1
--r8tWeEp8tqAx96oB4dNsPGuffb03aScqj--
--ogQlwA80QpLxvGVjctOEuBbVkGqHScwWp Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJZldRrAAoJEGVp2FWnRL6TXuQP/1onyoCI8cAOaK+amcNqf8pa 4d0wclMraHS7m7xRRwlZwJC5v/2r6etZ6Yzhdwko5x+6DVLN+jP3EfzJayHFdC+p DBtQkYfACBkXGrkRL1sSssOzQLRUQeIfUx/s0JgmTKVASTxE2mLe3GbwBwfni10u 8Ks1GJE89Ab0ctSgCu012zZwQaOGfhlgq2wWwGbX8RezkIpWKV0m1HNtiA89gQZw E6ZLkuXSC7usEWXqN6+2GSxtK5MY8TRxBZJygXst8N3RnzLmgRm+PauBaGfUYCX5 xY34MJ+72UsED/VLjbgzAd4h1j9vWIIMlIcNLmBzim8xyOPsusQN9HFqBEO0zMn/ nPt3lnSDPbZC+eeFIeKY5gNgd4FcIu9YOyKipgyJqW/OQ0bHkdxoyqYXExVQV7mm eanuTWi8YDValju8QAmphZth2MUynYC7LCdQ0i3S9OwgHbo5Qfhu14V9iDgx3nbg vzb8UlDm5eAnObIGWfcEPDJoSudTlnXHrMpA9R/LD5jrdzRMD9dk12r9+t9DbkSk 0e+JZC9gcuxut/ZVbZJuVHBNJ4m1blVqfrbcKPNEHXjTKZo1o9uRXPCVMqCK+2pm X+Q29Xig10zpgGd4DpT60pbkMXJHiKdqT8ehtM5Y+rJuQEK+UQw930p1D/yzGoz7 JxjdfpDBTPco4nQklh4L =Mbsi -----END PGP SIGNATURE-----
--ogQlwA80QpLxvGVjctOEuBbVkGqHScwWp--
--===============7048549779219875983== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7048549779219875983==--
|
|
|
|