- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-4517-1
September 17, 2020
libemail-address-list-perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
Summary:
Email-Address-List could be made to remotely exhaust resources if it
received specially crafted email data.
Software Description:
– libemail-address-list-perl: RFC close address list parsing
Details:
It was discovered that Email-Address-List does not properly parse email
addresses during email-ingestion. A remote attacker could use this issue
to cause an algorithmic complexity attack, resulting in a denial of
service. (CVE-2018-18898)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libemail-address-list-perl 0.05-1+deb9u1build0.18.04.1
Ubuntu 16.04 LTS:
libemail-address-list-perl 0.05-1+deb9u1build0.16.04.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4517-1
CVE-2018-18898
Package Information:
https://launchpad.net/ubuntu/+source/libemail-address-list-perl/0.05-1+deb9u1build0.18.04.1
https://launchpad.net/ubuntu/+source/libemail-address-list-perl/0.05-1+deb9u1build0.16.04.1
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEE7MowLJorxPNkyBZZW+PTAFZKyRgFAl9knLAACgkQW+PTAFZK
yRibCA//cFfRj8rKkEbeoJUAUbgX7S4iAqF19YFSXGwJRFku87TuJoExAc4TPQ9J
1aZqL8dd+lw81V7fS1QCI6n4Z8N9hvCP9gsNmKZ2GFqNVPLFz4LiE8zm3xCHUgb5
mDyoBW/6HweLYfOBv1J/d202yj65Kc5AU7B3KymmvQh88rTlX3lLbZu04aid8QBL
TkGD4zT62C9iqgmmxeEiw7WSqBbbMDULgXg3mI1GM2ZloYQHybXFAUELhyRjyBLx
3L6OgYF4CfMESGgmwMZYGCbZxDNs3NRrTQo4tnLM3t+HAoF9oJp3eC9+TIZDqeQR
EOKV2lfxaQAmz6/36EJ46KehVvJ50sIU6/k0Uy4ykwyNxZk6GCqhGZkd+NBJN7I2
BtQxVgNlV1lDJZ1UiCoGo5UmyM2BsgA3dbYhHKjEocAEQwlZws84451ZJO9LK4rb
G1M5FZUmyVLbxTpr1pDF/RNuLX+QRkws02UhMqKWNS/vWkxMYo9WRYvwew7arL3B
BNiYWR3M6FOeF25WPomE5gzGoZshMb1ZwzQx6bcBuKib0nDTh1ruWOF7oRdh9WtC
0cZZVD7M6KUl7zKyXBR/VVJIyZQ0vniPXz9VSmDTy9I4kyCAqR8vlMl/FqSzlBO4
TOTOD5MEdc5Ecn3jhPA3SnscGFShN27dBHL/P+i+5iUCw1acBvQ=
=bskM
—–END PGP SIGNATURE—–
—
| Autor | Bruno Varga |
| Cert id | NCERT-REF-2020-09-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
