- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-3310-1
June 06, 2017
lintian vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 17.04
– Ubuntu 16.10
– Ubuntu 16.04 LTS
Summary:
lintian could be made to run programs if it processed a specially crafted
package.
Software Description:
– lintian: Debian package checker
Details:
Jakub Wilk discovered that lintian incorrectly handled deserializing
certain YAML files. If a user or automated system were tricked into running
lintian on a specially crafted package, a remote attacker could possibly
use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
lintian 2.5.50.1ubuntu0.1
Ubuntu 16.10:
lintian 2.5.48ubuntu0.1
Ubuntu 16.04 LTS:
lintian 2.5.43ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3310-1
CVE-2017-8829
Package Information:
https://launchpad.net/ubuntu/+source/lintian/2.5.50.1ubuntu0.1
https://launchpad.net/ubuntu/+source/lintian/2.5.48ubuntu0.1
https://launchpad.net/ubuntu/+source/lintian/2.5.43ubuntu0.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJZNs/gAAoJEGVp2FWnRL6TNjsP/29E5Rw2YFWuCcDL4B4ISb9w
4ZJazYnYMJJtUcD4z9G1TLWLDd4nXWxPueKefT9aXdeL/viNcS7r4S/IICQ6vMRh
mYv/QEAbvUdczGHFOqe35m6cNwQxLweL5lmmanlvK43TAE095Nn1hrGAcWRnbzlP
9CEdKhjtKTKivQVEHCaFg+9iyac6j3uSreQOGrjt3ExEWQOirb8hlbXSubVi41F0
OEOpeFBjWylQbpsNpgriBKSClZN3UzeTiX0QSiUZM4qIrJC5WxxQRB7Xg9u7sv5u
YMXBXpsR6N0Ffwbj+JugGonvsUHrr3k82cSh0Y06ggt/mz7/lpHdwEBqUZ7nYlwC
OA5BCgHeFDNF6FV0JmIpgfURyQKM0eIG7rEbYirkGl1TKEKKyzuMnZvRTsFXFOci
QTHu2wEAMnPqS9hnFEmHoUJbbbg7Xmk+lpdXu/eWaAmfRoxpdowElmqSsMES0IK5
RiPiHreSTT83zrm/qKY9kSOqrY1TFZqV6AA9EpSCl9k9sCVfGbJunUYanJuMDaUs
bg5B2OlRsKFfo/olp+ZvrpZcxQitp9ueroFyPNu1MlWuLS6cZxoDB0bExArN9iyw
7TZbhMBec4qvmT2NJA4w6T/h2jnBCgH4sLZ8fuXmFPUz5pTAVaH8vrgzNj0GSrjW
nqJIkAq7wALj2faVHDyO
=8D6N
—–END PGP SIGNATURE—–
—
| Autor | Vlatka Misic |
| Cert id | NCERT-REF-2017-06-0038-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
