- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-2856-1
January 05, 2016
ldb vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 15.10
– Ubuntu 15.04
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in ldb.
Software Description:
– ldb: LDAP-like embedded database
Details:
Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero
values. A remote attacker could use this issue to cause applications using
ldb, such as Samba, to stop responding, resulting in a denial of service.
(CVE-2015-3223)
Douglas Bagnall discovered that ldb incorrectly handled certain string
lengths. A remote attacker could use this issue to possibly access
sensitive information from memory of applications using ldb, such as Samba.
(CVE-2015-5330)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.10:
libldb1 2:1.1.20-2ubuntu0.1
Ubuntu 15.04:
libldb1 1:1.1.18-1ubuntu0.1
Ubuntu 14.04 LTS:
libldb1 1:1.1.16-1ubuntu0.1
Ubuntu 12.04 LTS:
libldb1 1:1.1.4-1ubuntu0.1
After a standard system update you need to restart applications using ldb,
such as Samba, to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2856-1
CVE-2015-3223, CVE-2015-5330
Package Information:
https://launchpad.net/ubuntu/+source/ldb/2:1.1.20-2ubuntu0.1
https://launchpad.net/ubuntu/+source/ldb/1:1.1.18-1ubuntu0.1
https://launchpad.net/ubuntu/+source/ldb/1:1.1.16-1ubuntu0.1
https://launchpad.net/ubuntu/+source/ldb/1:1.1.4-1ubuntu0.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJWjBkpAAoJEGVp2FWnRL6TMlgQAJWA4MgRRdJv0Hp5XLdFdNjL
krhs44gpV0HvB3qyPLDjV+QkNgqZUZ4GRoLSmeHzqR64U+35rP8Dtbl+L3XGvdjS
MbuY1slhiGhsR4C6BdRprlOpjm7BN9kgmUAoU0bptAJ4NxZQqicgvK0exjLVRbVi
X3qEa+A/IRmmZ7v2I68dGq+BrN7OrItLR9P6GNMqFQi+r3Q+LZiZ9nNOyNO2W1Pj
NXM0Egmpr0wSvoGBPzbY0hPeRByceseV6DnUoKYOrkLMX/g4qxkVsSj7SNgkKGi/
ZzyFqiUL38ZyEZBlg/0wsYMB4vc6HC0hZiqLK9gNWwcOtH5K2XMQL1aBfuBSzd8+
SdyQyOTsK5+YDEDRLfjb7KcnBeiD5kBK9X1dbB7e7q7yoL4OgIDhpRAGEI4uB6m7
FzPgWiOd2oDm0hmPntH3XUmuYzZ0iL9TBn1plKEfCfuXs1kgxlM9u8v6QYyjqcyf
yuVzeEvLdwhigkj5CtoPF+DOm/Gom3XLNturScKtI4+MoZuNIhnl6plgKLWuKOpe
T9QIYJioPa6rj+CVYTt9MSDeJK5W63VnHDM+MQ2INOux45Th8wvWZ9A6/SwTfvsa
9so7ruUdssZB0rQS3jcRXPxhOfVTVyW86B7iNgZOM+BMXHckUwEnyoQ2Avsq50V+
vi/CSgrkhkYz3nwRQsx+
=Ypi5
—–END PGP SIGNATURE—–
—
| Autor | Marijo Plepelic |
| Cert id | NCERT-REF-2016-01-0011-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
