You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa Berkeley DB

Sigurnosni nedostatak programskog paketa Berkeley DB

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4004-2
June 04, 2019

db5.3 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM

Summary:

Berkeley DB could be made to expose sensitive information.

Software Description:
– db5.3: Berkeley DB Utilities

Details:

USN-4004-1 fixed a vulnerability in Berkeley DB. This update provides
the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

 It was discovered that Berkeley DB incorrectly handled certain inputs.
 An attacker could possibly use this issue to read sensitive
 information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  db5.3-sql-util                  5.3.28-3ubuntu3.1+esm1
  db5.3-util                      5.3.28-3ubuntu3.1+esm1
  libdb5.3                        5.3.28-3ubuntu3.1+esm1
  libdb5.3-sql                    5.3.28-3ubuntu3.1+esm1
  libdb5.3-sql-dev                5.3.28-3ubuntu3.1+esm1

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-4004-2
  https://usn.ubuntu.com/usn/usn-4004-1
  CVE-2019-8457—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJc9shNAAoJEEW851uECx9phbsP/1M62wfZzrFMCOLqi1ABT8CY
M8oCuAHj3cn3W6rZ4NRRJwpTE66bvowNUJ8sWCtOzFAK3NYhUzVw7qh+kQYY6CuC
VUrApkTByaJlvsBrWO6TNtUYEuzAtsN0bPIK/PvyPvqATVGx63LffFEoNIobCt1i
3GzjXwD8ZmDIn4qI/c6fXaUncUZe2kVcnXyWSiF7E1BRnvJ6zP1FLZgJgjECfOQS
yQAy2cf9B9JQL+FWcQdiPHA9/YVXV0TyCpvArrwXxN5X9d01oeGiDA9DBwR75F4f
YVvA4FEL5KmIQwzftApPj0abpaUkArnzCMDW/z/up9iHxDVZU7ovt8JuoSWtbi0Y
Hv+Dgd/SnFCaUwOxyonfKeovnL4ipgSwsEB1T2+OnQZ2CWImwde/n8YfP9qdRGnJ
KBl2wZRhj7JgM50T/odf5nLtmuNQwkL6Zx6bkCeufiVAIwhSrMFGKtW2wdfuMSzQ
6/KuT/vcFX+jZkdCpNv4YXwbT3oojPL41VqGnp9173+wWYEdexCGKF2HmAUl2cQK
2vicz3QNW7qWTN1b2oPq4wGg7Szr0suWMS4ILaC8hyUiQLELa+vqX2DT1ip8L26h
QO8N1J7x9Nj7jEtzkBcAQMZiJ+6y2TKPOeWupmiEEwjRPlPwYiFJMCmftsIUOmMh
GVFs56/F7squDYyaM+sy
=XIH6
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-4004-1
June 04, 2019

db5.3 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Berkeley DB could be made to expose sensitive information.

Software Description:
– db5.3: Berkeley DB Utilities

Details:

It was discovered that Berkeley DB incorrectly handled certain inputs.
An attacker could possibly use this issue to read sensitive
information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
  db5.3-sql-util                  5.3.28+dfsg1-0.5ubuntu0.1
  db5.3-util                      5.3.28+dfsg1-0.5ubuntu0.1
  libdb5.3                        5.3.28+dfsg1-0.5ubuntu0.1
  libdb5.3-sql                    5.3.28+dfsg1-0.5ubuntu0.1
  libdb5.3-sql-dev                5.3.28+dfsg1-0.5ubuntu0.1

Ubuntu 18.10:
  db5.3-sql-util                  5.3.28+dfsg1-0.1ubuntu0.1
  db5.3-util                      5.3.28+dfsg1-0.1ubuntu0.1
  libdb5.3                        5.3.28+dfsg1-0.1ubuntu0.1
  libdb5.3-sql                    5.3.28+dfsg1-0.1ubuntu0.1
  libdb5.3-sql-dev                5.3.28+dfsg1-0.1ubuntu0.1

Ubuntu 18.04 LTS:
  db5.3-sql-util                  5.3.28-13.1ubuntu1.1
  db5.3-util                      5.3.28-13.1ubuntu1.1
  libdb5.3                        5.3.28-13.1ubuntu1.1
  libdb5.3-sql                    5.3.28-13.1ubuntu1.1
  libdb5.3-sql-dev                5.3.28-13.1ubuntu1.1

Ubuntu 16.04 LTS:
  db5.3-sql-util                  5.3.28-11ubuntu0.2
  db5.3-util                      5.3.28-11ubuntu0.2
  libdb5.3                        5.3.28-11ubuntu0.2
  libdb5.3-sql                    5.3.28-11ubuntu0.2
  libdb5.3-sql-dev                5.3.28-11ubuntu0.2

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-4004-1
  CVE-2019-8457

Package Information:
  https://launchpad.net/ubuntu/+source/db5.3/5.3.28+dfsg1-0.5ubuntu0.1
  https://launchpad.net/ubuntu/+source/db5.3/5.3.28+dfsg1-0.1ubuntu0.1
  https://launchpad.net/ubuntu/+source/db5.3/5.3.28-13.1ubuntu1.1
  https://launchpad.net/ubuntu/+source/db5.3/5.3.28-11ubuntu0.2—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJc9roCAAoJEEW851uECx9pI+QP/0CIOwYYlcYFGShNkePhI/jY
dkQHM/G3Y6+CzbvqGnR0Ue3XGQ8GKdiUvhD1n8PUH0CJFLWdxMnXmRvD11ELn8/w
rXmzhX99gfnEiVFRiYl1PxHaPvmpnlqaarV9bfinDoxqtyxX1mqKGMykQUU0BV+M
U3dbdhb91Z0y1EStzjRtpwm16Ul2P6Eea642EPcilcC7WKm36NIpbKw3hbn1RVkC
Qgf8uSCgses6U2I6E27kcEODpb9Q93VFewFxZTf4NqL876ei5AdS32UVu7qRwUOz
JBh64QSOApB5Jgr1BoF8a7TGu9Japl9d1wi3DNqKhG6K0yz+d9cJSPi5IaONoW0Z
P72pmB/n0tiY6K4lOmVq0dC+SU4z7dfE5/D57jMQb0/t+nBTiUh7BULeFqyeMuBn
apctYHKgaZx2UcWaURJY0Gsh+8ypcXvGLL1zWCkIBYLIBJhnl6OJJ47dpQ7LToCw
4482ZHvvixVbcC2e6GB61M/iUeZc0QY2aC6OFi6xtXgyrle9TFyfpZNOIne3loR/
SuDETRDRMF74CBJ5gy9jJKakmI0bUmpK6+kt2fmK0RFBpQShWkMSEtD1VVB5lBvT
GAuJyUHgxBzPgxjRzja/sLRBVzUlyr6ewvBzSiWdRAA/WHhV4UmkIe7ADKAXCs7i
oCfE41mEwrwmDDYjayr0
=VTyc
—–END PGP SIGNATURE—–

AutorToni Vugdelija
Cert idNCERT-REF-2019-06-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava Ubuntu. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izazivanje DoS stanja ili zaobilaženje sigurnosnih...

Close