You are here
Home > Preporuke > Sigurnosni nedostaci programske biblioteke libarchive

Sigurnosni nedostaci programske biblioteke libarchive

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3884-1
February 07, 2019

libarchive vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in libarchive.

Software Description:
– libarchive: Library to read/write archive files

Details:

It was discovered that libarchive incorrectly handled certain 7zip
files. An attacker could possibly use this issue to cause a denial of
service. (CVE-2019-1000019, CVE-2019-1000020)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
  libarchive13                    3.2.2-5ubuntu0.2

Ubuntu 18.04 LTS:
  libarchive13                    3.2.2-3.1ubuntu0.3

Ubuntu 16.04 LTS:
  libarchive13                    3.1.2-11ubuntu0.16.04.6

Ubuntu 14.04 LTS:
  libarchive13                    3.1.2-7ubuntu2.8

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3884-1
  CVE-2019-1000019, CVE-2019-1000020

Package Information:
  https://launchpad.net/ubuntu/+source/libarchive/3.2.2-5ubuntu0.2
  https://launchpad.net/ubuntu/+source/libarchive/3.2.2-3.1ubuntu0.3
  https://launchpad.net/ubuntu/+source/libarchive/3.1.2-11ubuntu0.16.04.6
  https://launchpad.net/ubuntu/+source/libarchive/3.1.2-7ubuntu2.8—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJcXDHnAAoJEEW851uECx9pF+AP/jkyXY7MxXqWcQyna6e1piqT
m9n4xacxHuT3KcshX4iZP48V1cJW4cxHlNt3ThpTi2O+Lqu58WFJzRCc4i2BP/NX
2zOBJ2ioK1IDIyGsOc4v39uRPBEl3VXd4aiSClYHwxoxXlOAMvm3+iXrPrOYHARY
t6NlBDYgnOZ2y5wO9H+D47DRjgM3DGKoewNV+v8R9F/WeEE7salIUg/vJuLVe1o/
YiWkmTexe35Dre512IGmT0TH+P0b9qOBfu66RUWMxkNMThhgZbjCW1ZXqqCcPqMF
yc0ZYiNehLuXh6MokcGVFr8euTztFt8WSaPrn1M3tbz8vrIs+KqYh9CBLnkksrnt
igiIZmkxTlyhxTHeTY6lFqg5z9V5P/buz3je8ulD9DF2Eg6+UzG16EIR2uv1Ho/9
c5Y4g/jMUW+KrYaJnXLr2+bOvfTdbH8YPdXSZPE87D9eukbOly/znxM4TrgbqKWZ
HlNsR0oWI3R3I9QPGJwolmTkMZEITRrZ3Paqf/7cIVKJ44plg1dxOTkmYvYmqXfy
l16qDoO17JmDfP10jBwyhBv3N/2KqKjqD1pjc0/cqY/TSFTn4hstJDGiVWbEoMuB
L0uivcFL1hb0M4aoVDYOxvxsd6VAQ916LxccrvN+vg98/nsekR+uIr1KvP5tGCtb
D370pTYj+V0h1XiH93vh
=Os6Q
—–END PGP SIGNATURE—–

AutorJosip Papratovic
Cert idNCERT-REF-2019-02-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava openSUSE. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izazivanje DoS stanja, otkrivanje osjetljivih informacija...

Close