drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in NSS
| Name: |
Ausführen beliebiger Kommandos in NSS |
|
| ID: |
USN-4231-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 12.04 ESM, Ubuntu 18.04 LTS, Ubuntu 19.04, Ubuntu 14.04 ESM, Ubuntu 19.10 |
|
| Datum: |
Mi, 8. Januar 2020, 22:59 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006 |
|
| Applikationen: |
NSS |
|
Originalnachricht |
--===============4721896320160866683==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="GvXjxJ+pjyke8COw"
Content-Disposition: inline
--GvXjxJ+pjyke8COw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-4231-1
January 08, 2020
nss vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.10
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
NSS could be made to execute arbitrary code if it received a specially
crafted input.
Software Description:
- nss: Network Security Service library
Details:
It was discovered that NSS incorrectly handled certain inputs. An
attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.10:
libnss3 2:3.45-1ubuntu2.2
Ubuntu 19.04:
libnss3 2:3.42-1ubuntu2.5
Ubuntu 18.04 LTS:
libnss3 2:3.35-2ubuntu2.7
Ubuntu 16.04 LTS:
libnss3 2:3.28.4-0ubuntu0.16.04.10
Ubuntu 14.04 ESM:
libnss3 2:3.28.4-0ubuntu0.14.04.5+esm4
Ubuntu 12.04 ESM:
libnss3 2:3.28.4-0ubuntu0.12.04.7
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://usn.ubuntu.com/4231-1
CVE-2019-17006
Package Information:
https://launchpad.net/ubuntu/+source/nss/2:3.45-1ubuntu2.2
https://launchpad.net/ubuntu/+source/nss/2:3.42-1ubuntu2.5
https://launchpad.net/ubuntu/+source/nss/2:3.35-2ubuntu2.7
https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.10
--GvXjxJ+pjyke8COw
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl4WKqgACgkQRbznW4QL
H2kFKQ/+JUrDezJr9OrmBL1dVSqXJRnz/sFC17yY1jV6JUvCdPvboo88eEqH5crw
JKAxMm4OIZxuPEqIZdxsHC0FFxT3jSOiDEnVqdLLWI3v0Uyi12fp7itzo9mEMOmR
EE8Rz+xPWq/UNQhmpHxrHQJ2jh/lyyeAKE/2gGubWNlw5kwE4B+Hvnt1olA/1S9J
C8oWJT4Ol95ihxHMOm/ktjlnqnJ7GsO7EFkgfl0viz5j7QYTqgp+PDlTZT+4XDq7
Juw2H4hIW94qMIE3ybwqKQPUBfWFP3vfXS9as7vjdWw/NhU4AB/uGUokmbX2RVGS
T7t8D8p4lvhB7F4v9QncKDOOvlW8o4RmR3yuxGNHGtIMneUcxK7PQf8nX78tjWkM
t3kVTeo8qbWf53JNMqnzJ7S88bHczqPzpDxu9gg4KMYnhiegcLlPN2O8fibdV7v2
zHYUKdsUaJuqbt4K8luU4SfDNMWRmIot/+jqYG9IZ+gp2PPVjsxS9tGj6JDRZG11
WLgv4/3Au2DZv36+RRFb411UuEuxHcd8s4WYTzj8veg5lLi44udDkPYtyobzL5WB
8X4SCR2mbt9/bnGqUS6g5zkLG48bXw0vnk+MWQXXbnp2z5ndZKx4eaxrCDEwI3A7
8IHFCVqsq1LonCmNXC9f6AiZDOrz6IWk3Z25Y3pujT9TIB9x8LQ=
=cRdj
-----END PGP SIGNATURE-----
--GvXjxJ+pjyke8COw--
--===============4721896320160866683==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|
