You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ubuntu-release-upgrader

Sigurnosni nedostaci programskog paketa ubuntu-release-upgrader

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3623-1
April 09, 2018

ubuntu-release-upgrader vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 17.10
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

ubuntu-release-upgrader incorrectly opened as browser as an administrator.

Software Description:
– ubuntu-release-upgrader: manage release upgrades

Details:

It was discovered that ubuntu-release-upgrader did not correctly drop
permissions before opening a browser to view the release notes. This update
fixes the issue.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
python3-distupgrade 1:17.10.11

Ubuntu 16.04 LTS:
python3-distupgrade 1:16.04.25

Ubuntu 14.04 LTS:
python3-distupgrade 1:0.220.10

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3623-1
https://launchpad.net/bugs/1174007

Package Information:
https://launchpad.net/ubuntu/+source/ubuntu-release-upgrader/1:17.10.11
https://launchpad.net/ubuntu/+source/ubuntu-release-upgrader/1:16.04.25
https://launchpad.net/ubuntu/+source/ubuntu-release-upgrader/1:0.220.10

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJay6oNAAoJEGVp2FWnRL6TbYMQALDGqVYH7E/CPmcSVZiZCn3A
wayDNXRjF3YSj3hMSwAdb5QLFlEPxKloUqB1eNtqjZqPX8NyKi0Wln+yXmgVTZ0O
OjXKWpS1lxlgGgur57paLcB7XYBwTVbubHUOMugx6g9hc9/T9lGlhVptqu47elM7
vMEz5auYqlxa6Ii4X/xik2Ib2VDSnmQmrxl5Lwnx+ZIrdBqoPma8wodad7Cm/tWg
I52cR+T73PvNgM0Fa4BKjYSFtnQOwL2zZOsXd3xLv2f93nNeaF9cLbg9cQWOV/M2
5ojJcg9E5FmEj1XyQZ8OasI8WLp67kdEfCnR0J5xp0CpLCij3jIYnmxP08dEUql3
Z/ubiyvfVnjy8fVuukUhHNGkzgBwGqQEWch6je7MQGnn1Y2taOhJzu9TMvCWY0OH
x/wHOP8cP480uegpRWaUZ3zjjNVViGp30Gt5RIuY7ZaB9iVHa5BEyclNC+xamaQp
INMcLLe1RgQ+5sjt2OFBz07+9fDwKWPpzo1vPPpQV90N0E6PkeG7zwVIXyyj3dgv
3GS8JoJni0OqiJ5pV/7nNBV6E/adpo+xH4S/j9JJMKSJXYYS8H5tP4U4pBu0RS+M
UDQybmf0tUtUfwJeSPTZzqqNX9cCvhiO7PLcBq/u0Nb1OlYOENFHExMOJjjy0l5e
ZxE/PG8OzFKYvf5qzYGh
=E5CO
—–END PGP SIGNATURE—–

AutorPetar Bertok
Cert idNCERT-REF-2018-04-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa wayland

Otkriveni su sigurnosni nedostaci u programskom paketu wayland za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju rušenje aplikacije, izvršavanje...

Close