drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in file (Aktualisierung)
Name: |
Denial of Service in file (Aktualisierung) |
|
ID: |
USN-3911-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS |
|
Datum: |
Mi, 13. Mai 2020, 17:14 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
file |
|
Update von: |
Mehrere Probleme in file |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============1079303582167583663== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="Z5sRgcDYVsmaWnGqg80xwo0j3ceTDBE2V"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Z5sRgcDYVsmaWnGqg80xwo0j3ceTDBE2V Content-Type: multipart/mixed; boundary="qNg4sXVVTiAyjaL0dqTN5znOGB7py6qxO"
--qNg4sXVVTiAyjaL0dqTN5znOGB7py6qxO Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3911-2 May 13, 2020
file regression ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS - Ubuntu 16.04 LTS
Summary:
USN-3911-1 introduced a regression in file.
Software Description: - file: Tool to determine file types
Details:
USN-3911-1 fixed vulnerabilities in file. One of the backported security fixes introduced a regression that caused the interpreter string to be truncated. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: file 1:5.32-2ubuntu0.4 libmagic1 1:5.32-2ubuntu0.4
Ubuntu 16.04 LTS: file 1:5.25-2ubuntu1.4 libmagic1 1:5.25-2ubuntu1.4
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/3911-2 https://usn.ubuntu.com/3911-1 https://launchpad.net/bugs/1835596
Package Information: https://launchpad.net/ubuntu/+source/file/1:5.32-2ubuntu0.4 https://launchpad.net/ubuntu/+source/file/1:5.25-2ubuntu1.4
--qNg4sXVVTiAyjaL0dqTN5znOGB7py6qxO--
--Z5sRgcDYVsmaWnGqg80xwo0j3ceTDBE2V Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl67+rUACgkQZWnYVadE vpNr2g/+PKctZn5eBiza5ujqqRH7i388pcHdb9Zm5GiJDlzAPZQVb+YMxtnO2Bn8 aKcSSkNUQQS/lxEJHMRMpVkm+yXbfRb0q3zatSr0NjD45hrpfcKRRfYFj5YP440V LaJs64dmkiNIBxaltYYb9j3RQZIvSAQCvfPCmUR/2OEdc3Kfvcjji2E2+EYsjkc8 qy26R/XLmTypckFguKMhsFOiyX/sI3wP6OCXuxXX1GliXwidGD3I2zc+PRtOD4RA w7oZaf99x0gXWVhIhkEGtgoNYd9gwLshKEDT+zhUJSpDFCkty8HZSMwH7BkfaaAr F/DTc/a8CBUnwdabexNx0QNcqIrlDPAxWU5x7k9MxFNkvlV9dMgsuohHwbxJUKKu VN8mgX44rdzvt6aYhZ6Vh+l3QcLYcxeRe2bTi+DeJze9dTwn8dAkIZpKZhr/H/fg wFKobSW8LD3JYER8mhCDuDNgJaO4y4VDpWGXVgfxZlMuTr9ZNh2hSx+/Y59pYk36 m3cQ+HmWw8JQHYz57vmwz8wqa8Xq9YvLJ5TyX4oJRBVQRxshqeK/pivVEgLQSFsy rdplsC3Ooq4hJsllM2zBJrlTrYlIAVykopaNlQ6eIbkF2fS4LM7Mv3B63jw2Oqdx hHIpQrwyJRjy9IylXYpERxW541WSPrK2hYBIluoF42tEOH+LPBQ= =g9WX -----END PGP SIGNATURE-----
--Z5sRgcDYVsmaWnGqg80xwo0j3ceTDBE2V--
--===============1079303582167583663== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============1079303582167583663==--
|
|
|
|