- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-4015-1
June 11, 2019
dbus vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 19.04
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
Summary:
DBus could allow unintended access to services.
Software Description:
– dbus: simple interprocess messaging system
Details:
Joe Vennix discovered that DBus incorrectly handled DBUS_COOKIE_SHA1
authentication. A local attacker could possibly use this issue to bypass
authentication and connect to DBus servers with elevated privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
dbus 1.12.12-1ubuntu1.1
libdbus-1-3 1.12.12-1ubuntu1.1
Ubuntu 18.10:
dbus 1.12.10-1ubuntu2.1
libdbus-1-3 1.12.10-1ubuntu2.1
Ubuntu 18.04 LTS:
dbus 1.12.2-1ubuntu1.1
libdbus-1-3 1.12.2-1ubuntu1.1
Ubuntu 16.04 LTS:
dbus 1.10.6-1ubuntu3.4
libdbus-1-3 1.10.6-1ubuntu3.4
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://usn.ubuntu.com/4015-1
CVE-2019-12749
Package Information:
https://launchpad.net/ubuntu/+source/dbus/1.12.12-1ubuntu1.1
https://launchpad.net/ubuntu/+source/dbus/1.12.10-1ubuntu2.1
https://launchpad.net/ubuntu/+source/dbus/1.12.2-1ubuntu1.1
https://launchpad.net/ubuntu/+source/dbus/1.10.6-1ubuntu3.4
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlz/5BQACgkQZWnYVadE
vpNa+g//eMHp8sPmWde2YMfXcsrNdMU5FjtK7c8gDAaSbZ1gaSF/8T3YLrdvA/xT
2SkOswVhskr+qQf4xxBaglz5yvCETYhHHwibFTh5DksJxTCUC1mdcA4vzCOVAkgg
16Ki9PeKVJN7fwh598q729AYs27QRMNKAOSjjCuc7kBMTvSLMnu4Bf1g1RDsErkd
pS8t9qkVJamyzxtvvSAJrpLWJT+bZPheVAsRnsmggBeqqqKmDZ9TceaHXm2Qd6ob
ZMWc9VJBQNmtIEDXMIDqKmftCCPZZTSFr1AxT+aNmAR/txg9LYaT/zEzaxG5PSOQ
q7MYc3SHdXAko+0YMUmeF0lOX/x/OU6PfMUz0hYQgAL7KubTk2cHDVtWdHtIk1t8
5x6lOyhs2vMVTf5mBM+/r/1QBS98CcAS7NO0pm6gUoCQWisdNKkMBjx4qxzHMDnP
43esN4tTWZc36xZRGV4CLL2bW/ATtjBh08XcEJNhHqMpwQG2O0Ekc9xHnpORGS8K
cdwVmoGJYfAe/nMQQI/MaUVm64Ohi3pdsbtWY4f1hjZ0yzPpD8RATgMbabR00w8I
zJB1uAJP3/MeoSfmK0c2IQERx7W0UvyXqN3r4iznuW7IWXjyZlThHLDmMxDhnRFu
YJMUWyvm59AUzDZHDUerBnOYFjsPgx0Xm6XDZNOQIcv19QO0Qtg=
=Kl1M
—–END PGP SIGNATURE—–
—
| Autor | Toni Vugdelija |
| Cert id | NCERT-REF-2019-06-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
