drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in NSS
Name: |
Ausführen beliebiger Kommandos in NSS |
|
ID: |
USN-4231-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 12.04 ESM, Ubuntu 18.04 LTS, Ubuntu 19.04, Ubuntu 14.04 ESM, Ubuntu 19.10 |
|
Datum: |
Mi, 8. Januar 2020, 22:59 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17006 |
|
Applikationen: |
NSS |
|
Originalnachricht |
--===============4721896320160866683== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="GvXjxJ+pjyke8COw" Content-Disposition: inline
--GvXjxJ+pjyke8COw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4231-1 January 08, 2020
nss vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.10 - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM
Summary:
NSS could be made to execute arbitrary code if it received a specially crafted input.
Software Description: - nss: Network Security Service library
Details:
It was discovered that NSS incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.10: libnss3 2:3.45-1ubuntu2.2
Ubuntu 19.04: libnss3 2:3.42-1ubuntu2.5
Ubuntu 18.04 LTS: libnss3 2:3.35-2ubuntu2.7
Ubuntu 16.04 LTS: libnss3 2:3.28.4-0ubuntu0.16.04.10
Ubuntu 14.04 ESM: libnss3 2:3.28.4-0ubuntu0.14.04.5+esm4
Ubuntu 12.04 ESM: libnss3 2:3.28.4-0ubuntu0.12.04.7
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://usn.ubuntu.com/4231-1 CVE-2019-17006
Package Information: https://launchpad.net/ubuntu/+source/nss/2:3.45-1ubuntu2.2 https://launchpad.net/ubuntu/+source/nss/2:3.42-1ubuntu2.5 https://launchpad.net/ubuntu/+source/nss/2:3.35-2ubuntu2.7 https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.10
--GvXjxJ+pjyke8COw Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl4WKqgACgkQRbznW4QL H2kFKQ/+JUrDezJr9OrmBL1dVSqXJRnz/sFC17yY1jV6JUvCdPvboo88eEqH5crw JKAxMm4OIZxuPEqIZdxsHC0FFxT3jSOiDEnVqdLLWI3v0Uyi12fp7itzo9mEMOmR EE8Rz+xPWq/UNQhmpHxrHQJ2jh/lyyeAKE/2gGubWNlw5kwE4B+Hvnt1olA/1S9J C8oWJT4Ol95ihxHMOm/ktjlnqnJ7GsO7EFkgfl0viz5j7QYTqgp+PDlTZT+4XDq7 Juw2H4hIW94qMIE3ybwqKQPUBfWFP3vfXS9as7vjdWw/NhU4AB/uGUokmbX2RVGS T7t8D8p4lvhB7F4v9QncKDOOvlW8o4RmR3yuxGNHGtIMneUcxK7PQf8nX78tjWkM t3kVTeo8qbWf53JNMqnzJ7S88bHczqPzpDxu9gg4KMYnhiegcLlPN2O8fibdV7v2 zHYUKdsUaJuqbt4K8luU4SfDNMWRmIot/+jqYG9IZ+gp2PPVjsxS9tGj6JDRZG11 WLgv4/3Au2DZv36+RRFb411UuEuxHcd8s4WYTzj8veg5lLi44udDkPYtyobzL5WB 8X4SCR2mbt9/bnGqUS6g5zkLG48bXw0vnk+MWQXXbnp2z5ndZKx4eaxrCDEwI3A7 8IHFCVqsq1LonCmNXC9f6AiZDOrz6IWk3Z25Y3pujT9TIB9x8LQ= =cRdj -----END PGP SIGNATURE-----
--GvXjxJ+pjyke8COw--
--===============4721896320160866683== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|