drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in cpio
Name: |
Preisgabe von Informationen in cpio |
|
ID: |
USN-4176-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 12.04 ESM, Ubuntu 18.04 LTS, Ubuntu 19.04, Ubuntu 14.04 ESM, Ubuntu 19.10 |
|
Datum: |
Mi, 6. November 2019, 19:36 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14866 |
|
Applikationen: |
GNU cpio |
|
Originalnachricht |
--===============5277394375425372947== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="M9NhX3UHpAaciwkO" Content-Disposition: inline
--M9NhX3UHpAaciwkO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4176-1 November 06, 2019
cpio vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.10 - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM
Summary:
GNU cpio could be made to expose sensitive information if it received a specially crafted input.
Software Description: - cpio: a tool to manage archives of files
Details:
Thomas Habets discovered that GNU cpio incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.10: cpio 2.12+dfsg-9ubuntu0.1
Ubuntu 19.04: cpio 2.12+dfsg-6ubuntu0.19.04.1
Ubuntu 18.04 LTS: cpio 2.12+dfsg-6ubuntu0.18.04.1
Ubuntu 16.04 LTS: cpio 2.11+dfsg-5ubuntu1.1
Ubuntu 14.04 ESM: cpio 2.11+dfsg-1ubuntu1.2+esm1
Ubuntu 12.04 ESM: cpio 2.11-7ubuntu3.3
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/4176-1 CVE-2019-14866
Package Information: https://launchpad.net/ubuntu/+source/cpio/2.12+dfsg-9ubuntu0.1 https://launchpad.net/ubuntu/+source/cpio/2.12+dfsg-6ubuntu0.19.04.1 https://launchpad.net/ubuntu/+source/cpio/2.12+dfsg-6ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/cpio/2.11+dfsg-5ubuntu1.1
--M9NhX3UHpAaciwkO Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJdwwecAAoJEEW851uECx9pgckQALDH6TSF3MOjFeEgM6dfGI/X e6rS/WXA8nNmWSR2bWLPUmi5HrIGssUcQVmr1QMLsn7nz751uSpZyBFd6w6rmyPZ yruCkF9tqCyOBUtI+NoWEk46wIMOxHEBHELP7jfMpGq5FUiwSiklvNe7KtynnjQq jBDpr7NPJ1yPJcHlj6jy5RwX/GrZsNBMAhfBjPiOiF1lt95d0pEr67bg8Xq/CMiR j/6Qat45shQ78JXzWH5ORp0NvQACvdm7GCRUYF+J4DRoZxNJQ/2sMGMipfLKTXhb +eHyninWhgfc6Wtryc7csVQN/U7Y9rxeuXsiR/udXGjS/0UK5NyIaBdd9WPO2kL5 za7kkbRhTuDBuVNKm4A3j3OK8fWHXZOg/zevGmtS/9otXbF73U2a9ZVk6PZQl0z2 QrfatRo/GIZncaARfuNSVGi4JvEkAl4/IcUxTlEA8co563YQlg1yYs+G4ifBZMOv Wk9XM9sJMMv9uIoVj18JZDfRl/0yaODUqkHWtHsLUcdY1dVRY+0ek+IgYk57pZpa pLh4oliPazvez0qM7Ii9+najdF2nPUQZANrdUbezEa68BI0XPcfF41S+llOftyi3 01DUoskFIYXIJ+LshNito2RbiWb9BR1N03HJ1ol4OvLQFUfX3oJSCFfADPK0LWim ObQ7eAD56q3+5qHM77cV =4PGl -----END PGP SIGNATURE-----
--M9NhX3UHpAaciwkO--
--===============5277394375425372947== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|