You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa python apt

Sigurnosni nedostatak programskog paketa python apt

by Vlatka Mišić - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4668-4
January 11, 2021

python-apt vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM

Summary:

python-apt could be made to crash if it opened a specially crafted file.

Software Description:
– python-apt: Python interface to libapt-pkg

Details:

USN-4668-1 fixed a vulnerability in python-apt. This update provides
the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

Kevin Backhouse discovered that python-apt incorrectly handled resources. A
local attacker could possibly use this issue to cause python-apt to consume
resources, leading to a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
python-apt 0.9.3.5ubuntu3+esm4
python3-apt 0.9.3.5ubuntu3+esm4

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4668-4
https://usn.ubuntu.com/4668-1
CVE-2020-27351
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl/8m1IACgkQRbznW4QL
H2lIeA//TdOcpn8So6gTUcyiDwvJNLrjfsdwvnVwUQaRs53EYdc9fb8BEWa+JPtL
5fL7fOwZ6mvqBYcwrPty24+E/Bphcp+3eRRQfFZK3PAcPtSRIRsL3H669x3Pmlps
IhuYv7lso/NG/lpLn+Q6ZJs8a5+ELYMZhR/Zo5m7lpGqTy0WxfQk1PoQC5SF/73J
8BqbbijdSNmjWhkbJn1JPdDFvlSjGfBZNqu+k6Gluudwdhi1QDBLG+rVOVVaaHMX
Ngt0HFuEbCU/fS8wRLByWXGGoit/FfdyH030U70Pl29hF8S3VNZvzeNel54XmS9d
uuP2/Z6cNgcE0UfjTJVS75u8h07QzsKBASWyBuyXZWshvTSdeJ2uJERrUh+mxA90
+LpfX0Dt5vIy4q67tpl5Mdxe5ReNnSz9sNSKUWaHZat7sa5t5rNTkw9gXp4c4fCZ
d5XONZ1gM5n1s6S3fL0MWAz1R9vFVT8L3jxKCEZQwq3DSbqWaIJDa7XeNs2GMJNH
cAFoOI0wKY32lfKbrAQdv4kyHkJtFr+guLnCRPAC16R4IUZcVK+ww2r8xUhiRZTv
8/jgbl70UHWjc0dwdo00Hx6V12NM/JWRIFg08nqWkwEoLsDNK+mzIN6lQIWlEgpQ
GDFDRfZ0kzHGg91qURQ13Sg+LUJJcOPHOcFwNSWU0l4uo7Py/xM=
=z7fc
—–END PGP SIGNATURE—–

Autor161.53.13.146
Cert idNCERT-REF-2021-01-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Vlatka Mišić
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa apt

Otkriven je sigurnosni nedostatak u programskom paketu apt za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....

Close