drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in base-files
Name: |
Überschreiben von Dateien in base-files |
|
ID: |
USN-3748-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 18.04 LTS |
|
Datum: |
Di, 21. August 2018, 16:47 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6557 |
|
Applikationen: |
base-files |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8779610269571458580== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg Content-Type: multipart/mixed; boundary="vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <46f340de-d367-17e3-f5da-a7c72ff19957@canonical.com> Subject: [USN-3748-1] base-files vulnerability
--vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3748-1 August 21, 2018
base-files vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
base-files could be made to hang or overwrite files as the administrator.
Software Description: - base-files: Debian base system miscellaneous files
Details:
Sander Bos discovered that the MOTD update script incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: base-files 10.1ubuntu2.2
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3748-1 CVE-2018-6557
Package Information: https://launchpad.net/ubuntu/+source/base-files/10.1ubuntu2.2
--vRYBZeTIXYoEoH0mtb9cCgkpVOhEGHrNH--
--pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlt8FbsACgkQZWnYVadE vpMxyw/9Fn0D/yviss7G7nSLSPPcnzB//d6ANyNdfdg4DmKD/e5BBeyUie25Ij2B 3t5FFhvjfsNGkvIolwVUw0hwB9vDBpVyK7E+r20rEZlHr/ARDv5Gr46rDRU3G8lp 4r4K2QdJU53mOYf9iTHkG7c67ZqZbZSdztIX+TtBRDE7kW24bmELnYLVR8GVU7Vb IU7yWOEWQ4kNSI28D1DkgzRTkLtnxIMPGFYcqFOwjnWT6uD3PXRYdYBP1rv5zxL4 YOW5kOjGPbw1IrShelUh5cul2dI/6Y9YAIajbcndoQmGrbXZNhBw+7kDpSarwDAA 3R+zcP/0/2+WMqYXd8MQfCazwvHtJ64FSplHTk4BQgYn9xwHgbsIqgBgwuUdXyL0 2C/2FSHD+6HoSOErBfdng1DcIzNEr6mK+Sfd6ijkXWHreEkxa1eBJSdURAmoCcgB 1XuNbnhRA6Vq1OR0JGdQAwdyX8zgWTaF+M/hcWpFyINNfv/bbn55JFgpW+2E2y+J Dij3wmiRXkXkBo8ywd3zdb2G52o4wB8g9ncwUd3ZEDYBal6+8FVIBtbjI7undd2q e0FRw/EycsGfURQtCyb4RoZ1AA61swCb1ZQN/BT23ppKTkaulo/kf86i2wHjpZ6b 0GM3xesESiNNud2wAkJnlaQSWMN0hx5lUciD/Vin5/Fwek0rhBA= =Hbc0 -----END PGP SIGNATURE-----
--pAxyHw1zBDB820lYNEbNVyRC4i6o8jyEg--
--===============8779610269571458580== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============8779610269571458580==--
|
|
|
|