You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libarchive

Sigurnosni nedostatak programske biblioteke libarchive

by - 0
  • Detalji os-a: WN7
  • Važnost: INF
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4169-1
October 29, 2019

libarchive vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 ESM

Summary:

libarchive could be made to execute arbitrary code if it received
specially crafted archive file.

Software Description:
– libarchive: Library to read/write archive files

Details:

It was discovered that libarchive incorrectly handled certain archive files.
An attacker could possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
libarchive13 3.3.3-4ubuntu0.1

Ubuntu 18.04 LTS:
libarchive13 3.2.2-3.1ubuntu0.5

Ubuntu 16.04 LTS:
libarchive13 3.1.2-11ubuntu0.16.04.7

Ubuntu 14.04 ESM:
libarchive13 3.1.2-7ubuntu2.8+esm1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4169-1
CVE-2019-18408

Package Information:
https://launchpad.net/ubuntu/+source/libarchive/3.3.3-4ubuntu0.1
https://launchpad.net/ubuntu/+source/libarchive/3.2.2-3.1ubuntu0.5
https://launchpad.net/ubuntu/+source/libarchive/3.1.2-11ubuntu0.16.04.7
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBAgAGBQJduIxtAAoJEEW851uECx9px/AQALCQ4GbhusSKACMllSwralSu
QQ/7u7v7op+nMtQVR9C7sOWSY/PEm6EAY6BXbXWRxsJBRerPbKTrWf6C65SOFU4J
9ybkSecxSXZHkZTczyz9OirS30L8jdwYSHuYIeOqB5UaCqyfduaoI0neLvsN9uMH
WduEUWWzM1N8WrXqgod4f7QdRxigoIDjRn2EVrQ48ZWVBjH+9mgte7TkiwGij6uJ
qoOqtxSmKtxW+s563JN9GdiIPsCbZzyX4W+q2ePz872k5B8YKrPdgZF+vxIIkOlW
LfsONHAcakEoYsLddzgL3bWOJJO86WSqruPobXWgA5v+k8UH28Ds7vsdbA59ffEb
PFM1qcOUElwsqkyCHkWRUaASiIhTAMWtu24Y6WSANPUSNv5X8IAaZBl9Vyobs2ft
8bkiMhc+bOWbJzkn7WQ/5UmjOhVWIpLCTl5c/HZ4Rj8B9wMVFkEGK6aPuFxRG6rv
UoS3ojE9gCRgQAYInw5gOKjrppcPQLPd9bEXnw3Fq0ki4hwP4JQMZBtJCJEZJkVi
NQeABt9hWiHc+eKoxYuVkO72zktxgF1IF+cDfC0P5fRasaNfku1VDpVUfftjx28J
vJmDUFi4XxeCaOQPFprpje+B6H0tdFcWneg9Wp+2WCPOOnDEVl9oFZf2ClHjJ/Ve
0psYBZoVMjNecudec1mN
=c6tn
—–END PGP SIGNATURE—–

AutorToni Vugdelija
Cert idNCERT-REF-2019-10-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programske biblioteke libidn2

Otkriveni su sigurnosni nedostaci programske biblioteke libidn2 za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close