You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa python-psutil

Sigurnosni nedostatak programskog paketa python-psutil

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4204-1
November 28, 2019

python-psutil vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.10
– Ubuntu 19.04
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

psutil could be made to crash or run programs.

Software Description:
– python-psutil: module providing convenience functions for managing processes

Details:

Riccardo Schirone discovered that psutil incorrectly handled certain
reference counting operations. An attacker could use this issue to cause
psutil to crash, resulting in a denial of service, or possibly execute
arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
python-psutil 5.5.1-1ubuntu0.19.10.1
python3-psutil 5.5.1-1ubuntu0.19.10.1

Ubuntu 19.04:
python-psutil 5.5.1-1ubuntu0.19.04.1
python3-psutil 5.5.1-1ubuntu0.19.04.1

Ubuntu 18.04 LTS:
python-psutil 5.4.2-1ubuntu0.1
python3-psutil 5.4.2-1ubuntu0.1

Ubuntu 16.04 LTS:
python-psutil 3.4.2-1ubuntu0.1
python3-psutil 3.4.2-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4204-1
CVE-2019-18874

Package Information:
https://launchpad.net/ubuntu/+source/python-psutil/5.5.1-1ubuntu0.19.10.1
https://launchpad.net/ubuntu/+source/python-psutil/5.5.1-1ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/python-psutil/5.4.2-1ubuntu0.1
https://launchpad.net/ubuntu/+source/python-psutil/3.4.2-1ubuntu0.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl3f12gACgkQZWnYVadE
vpOVLg//YRzafaNKuVQACIN+jR8oR0vCbPtWON1Ok/re0D1f94LZFLF4+kfvilLI
Kak7dnTlVHI7XPs0pyPBeBFsXgKza1MyHYLP8hncSCfBbo5HUkeIJPGyYSSVSYH2
FTRLCsyie85XhEHLh+VvhyafDlN3i9tjMxsLiMVzMqhqAB7D+MSy96uraxtjE9vt
oJ3z0+UpI8mzpF1nojBobbSRHRgLXOpjjkTHIipoUtsS4z5G/MmpibCW01+BosFu
k/UI9VAn67xnmseGzSuTXlrVkFucDwcffTvu9uH4HJiuabI98tMYHQdUUaduqJ6T
HTxGnR49z6lhEiyFhBO4lVSgaU9HFdmcQPoFuz8hXFppNDHvupTLDUi3FE26rPKY
1ujqpmxqmsfCF508DEj86y7jDksJf4i49oXmmpMKfAiqaj1hduLan5cuLfy/tg+x
SP+SafRt8AVbdcDhBDTwr8oUTbK0UeH86jJUM08aRY8HZy/53cS48eDqoGlDgroD
ygwRTawej2fpArVZVVB8oudcJngjwRb9Yk/8zm9gkOgp8doVHI2ydL0lEcbWrDGY
p92fxwS4TwbRSUde58u8qCrB9PzcvNl36k74l1fCfS2okULyrktub2fSOB+WTjIy
uxVlkpdoSM868qYT42Gz5PjVy8DzvaIg2WRI76Vrb09EJAUh67A=
=gQbu
—–END PGP SIGNATURE—–

AutorToni Vugdelija
Cert idNCERT-REF-2019-11-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programske biblioteke libvpx

Otkriveni su sigurnosni nedostaci programske biblioteke libvpx za operacijski sustav Debian. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izazivanje DoS stanja...

Close