You are here
Home > Preporuke > Sigurnosni propust programskog paketa mountall

Sigurnosni propust programskog paketa mountall

  • Detalji os-a: LUB
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-2411-1
November 18, 2014

mountall vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.10

Summary:

mountall could mount certain filesystems with the wrong permissions.

Software Description:
– mountall: filesystem mounting tool

Details:

Saurav Sengupta discovered that mountall incorrectly handled umask when
calling the mount utility, resulting in certain filesystems possibly being
mounted with incorrect permissions.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.10:
mountall 2.54ubuntu0.14.10.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2411-1
CVE-2014-1421

Package Information:
https://launchpad.net/ubuntu/+source/mountall/2.54ubuntu0.14.10.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJUa0GEAAoJEGVp2FWnRL6TQlgP/2anRGJAHOoV2p2NkwRs4CfY
Fl8ZXEY/JSpCX5CXT4XEH7EfUK8ygPvDFH2HL0Eqh2PQvddXGw5gzIBfGBzjUyXo
ObVePdG6U1ppu6jG1OlhgvxCu2NDA24egYJ5TH03OjkOMj0+42oO+8ZhNtTEKZK+
LqmeB9cEGVeNPuiYffd42WVaL/kJ4dh8KV9OrK+Zy1DZ+iEpQ56hUDsnCzX4j/cD
7Satqr0yF/1c2nWNVd7yCuaBrfQioIfXcrB0i0v/H3gKiERgAQxBh8Gwn7DM7Ees
v7/MpwYtwwmhMvugFgftyR7KZ0WGqOaWrVoY2G2iuCSoyoSzkqXD/DuZh+rMUaTX
NQFFQYlrxrOYDO62NSzvDBmaohzWVJRHUPmhs+M1ivXGcrLcx1ANjNzfGve2TssD
9WnszMVOPM22YDvJzoBD+RDf1SLnnT8nz2gPNIn2uGofRPyDigZAbpgr3nkFLhlH
rpedccFWctLFbyKwWT6VmY6tHwxAOGuimdZdFnprf4dFc6VN8ECU/H7qa3uYWZE7
BT/ACsi6CP8VFSUwRyjRR7gLubKn7tDR4aN5yBt9X4OrP8Tk62hnIV1jYqtEVwUY
91w/kEOpVvzVnkRYgJXFgSjPWfkWbUg5ofJ3v9c97o8yiELX+KLYszB/SjoUzrqU
zs1Ty0iY5+Tbfimu9bUT
=VXb7
—–END PGP SIGNATURE—–

AutorTomislav Protega
Cert idNCERT-REF-2014-11-0010-ADV
CveCVE-2014-1421
ID izvornikaUSN-2411-1
Proizvodmountall
Izvorhttp://www.ubuntu.com
Top
More in Preporuke
Sigurnosni propust programskog paketa python-requests-kerberos

Otkriven je sigurnosni propust u programskom paketu python-requests-kerberos za Fedoru. Propust se očitovao kod izvođenja kerberos autentikacije, što je uzrokovalo...

Close