drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in libvirt (Aktualisierung)
Name: |
Ausführen beliebiger Kommandos in libvirt (Aktualisierung) |
|
ID: |
USN-4047-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 ESM |
|
Datum: |
Mo, 13. Januar 2020, 17:05 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161 |
|
Applikationen: |
libvirt |
|
Update von: |
Mehrere Probleme in libvirt |
|
Originalnachricht |
--===============7548177242380683424== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="jRHKVT23PllUwdXP" Content-Disposition: inline
--jRHKVT23PllUwdXP Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inlin Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-4047-2 January 13, 2020
libvirt vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in libvirt.
Software Description: - libvirt: Libvirt virtualization toolkit
Details:
USN-4047-1 fixed a vulnerability in libvirt. This update provides the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitrary files, or execute arbitrary binaries. In the default installation, attackers would be isolated by the libvirt AppArmor profile.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: libvirt-bin 1.2.2-0ubuntu13.1.28+esm1 libvirt0 1.2.2-0ubuntu13.1.28+esm1
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://usn.ubuntu.com/4047-2 https://usn.ubuntu.com/4047-1 CVE-2019-10161
--jRHKVT23PllUwdXP Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl4ck+YACgkQRbznW4QL H2lTyg/+MFCBvwzvUV8gp98JKg2dgREWvrLuFUZRwrLkI47h52n6vnhUmfhYJNkX VAmLDPDebnCN8H5AOzC4UEg0GUpwvdbTI9wHSD65E3jRfb/cRKJeBa1mQO72A1yB C54BLT1DHJwFMtfS5GY+wskzYaBc3F6lSS1J42XjbRYeUF72jKc25ehbHbE1WnNK aCyK5BRSbsCIWgP4zFqoam+sTFlwOoMdnXsBBCd3bU+CxIexVDMqcvEJjj4DIxp0 yuVkB/FzXK3VAIFNe7VE9PkqgyjL6BRlgpE//stz3gWqABEyQmPK7Dlv/pfy9FWK bS6WRM52m5Rdbyu8zg/3GeT+dSQodVZl1PP/AvftfKLroOmoTz+FtsaPKjJkywh5 brOPtDVzIofzzl1qEMmYECWH1eszHy/Y1t1oN9vZqo5Q8T3ioDz+o27CFt8Fzub7 7uFkkewylMIqBVaxcaZJPcMDjMuZG5YkFo/dXtdV433azi+WJYFBOTd3REJ6pFSe iDePtkN5Ki/8OVV2LOrW7VX98VVae0JIHzuiFbmoMIP4daakpPi8CeHnxB4MhNMk 2MRcCmgTqmZxbXuizo5jt6sAv68EJH8ZTBHH0s+bOECP0S2XwoPOQLc+Wj8FiXHy uaRB0biZCVTn1ThZvr/hUrRw+6Sah9JxrjzlMh63gj1naR4zqLg= =WHS1 -----END PGP SIGNATURE-----
--jRHKVT23PllUwdXP--
--===============7548177242380683424== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============7548177242380683424==--
|
|
|
|