You are here
Home > Preporuke > Sigurnosni propust programskog paketa file

Sigurnosni propust programskog paketa file

by ncert - 0
  • Detalji os-a: LUB
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-2162-1
April 07, 2014

file vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 13.10
– Ubuntu 12.10
– Ubuntu 12.04 LTS
– Ubuntu 10.04 LTS

Summary:

File could be made to crash if it processed a specially crafted file.

Software Description:
– file: Tool to determine file types

Details:

It was discovered that file incorrectly handled PE executable files. An
attacker could use this issue to cause file to crash, resulting in a denial
of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
file 5.11-2ubuntu4.2
libmagic1 5.11-2ubuntu4.2

Ubuntu 12.10:
file 5.11-2ubuntu0.2
libmagic1 5.11-2ubuntu0.2

Ubuntu 12.04 LTS:
file 5.09-2ubuntu0.3
libmagic1 5.09-2ubuntu0.3

Ubuntu 10.04 LTS:
file 5.03-5ubuntu1.2
libmagic1 5.03-5ubuntu1.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2162-1
CVE-2014-2270

Package Information:
https://launchpad.net/ubuntu/+source/file/5.11-2ubuntu4.2
https://launchpad.net/ubuntu/+source/file/5.11-2ubuntu0.2
https://launchpad.net/ubuntu/+source/file/5.09-2ubuntu0.3
https://launchpad.net/ubuntu/+source/file/5.03-5ubuntu1.2

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/

iQIcBAEBCgAGBQJTQqN2AAoJEGVp2FWnRL6TmM0QAIoWFJRaTKMAZ8yT/ZOB84UA
3CZ522zNwR6/UpAND3zZMne3yzf2qsg9BkvrxN2DoSFexgDKvhkrsFQUkEdv723y
3N806Lq0xOrOLCqsrJW+6gFw+LSNoVDE6xcEFZ99Te/wzYuzbP3/A6shUAnRzWPS
nnjxwnw2JyaBxaIpfyaUznZdKxdeW9TV3XOaaD9KTWmAFaxk62zRDyP7TMvMX1NH
EgCALDJ6IsB+19aWQhCXWBhiNqp6BhruUXvj1VObRyZA/GEuKVkicnpD98hNkhCz
InoA9wzUZPM4EyUyl1yepSRSGnkK4kz8Do5lPY+HzOY8dh36CRCMjiCnwE4nZZwp
0KjO3VcvNK6jHTXfulnt3nLGSkynDCNy9E8+89qNZlcMRyzmfMulQfV1HR5fcHyi
zjspSrA1jB6dEyVqGJ0gNe/ciO8Tfxh6TcEEfHi6FKVszU6MmKpcKgtCPapjJvZq
as5zGVSkdElVSspovcZufhbXit4Ow5RgBNSWLsoyAxP1PR7HsvbmDn/COD4pjSnW
A4Rh6jqS8/f9nGaEaH8MBX2R+H0+qxG35e35+KFQWq9kMoRXyzCb1Bv3qBTjC28a
CuwoVoX8JYwtYACIQTXT1KwgCITPj6vWsyZqzekQ1Ish25GLfypZ0oF7MCsaWipQ
K9trBh1dDny2fgeO6XPX
=VsyV
—–END PGP SIGNATURE—–

AutorTomislav Protega
Cert idNCERT-REF-2014-04-0022-ADV
CveCVE-2014-2270
ID izvornikaUSN-2162-1
Proizvodfile
Izvorhttp://www.ubuntu.com
ncert
Top
More in Preporuke
Sigurnosni propust programskog paketa CUPS

Otkriven je sigurnosni propust u programskom paketu CUPS za operacijski sustav Gentoo. Otkriveni propust potencijalnim napadačima omogućuje pristupanje proizvoljnim datotekama....

Close