[USN-1132-1] apturl vulnerability

看板Bugtraq作者marc.時間14年前 (2011/05/17 05:32)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

--=-6i7tJSfcgDmabUp7PIYQ Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Ubuntu Security Notice USN-1132-1 May 16, 2011 apturl vulnerability =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS Summary: apturl could be made to cause your desktop to crash if it opened a very long URL. Software Description: - apturl: installs packages using the apt protocol Details: It was discovered that apturl incorrectly handled certain long URLs. If a user were tricked into opening a very long URL, an attacker could cause their desktop session to crash, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: apturl-common 0.4.2ubuntu5.1 Ubuntu 10.10: apturl-common 0.4.1ubuntu7.1 Ubuntu 10.04 LTS: apturl-common 0.4.1ubuntu4.1 In general, a standard system update will make all the necessary changes. References: https://launchpad.net/bugs/783594 Package Information: https://launchpad.net/ubuntu/+source/apturl/0.4.2ubuntu5.1 https://launchpad.net/ubuntu/+source/apturl/0.4.1ubuntu7.1 https://launchpad.net/ubuntu/+source/apturl/0.4.1ubuntu4.1 --=-6i7tJSfcgDmabUp7PIYQ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAABCgAGBQJN0Y3lAAoJEGVp2FWnRL6TznYP/jQbKwi0lp2sJm16taTPAt8B iiebecgxbKc+DK7STlkh8QH7ECe25wlnmwbChbhb08AruPBzQOt1Qy5/V5RHEotb otNNJsZ+zf9KIwgMyt0HL32jS7Q1ilsUlHcSmlcscXDKnYw3Ml5IVVENos9ysIpG YIN/DYEa+2EH7f7Y1kYXVreGmvPAkeEBdrd8RqhWsexHAsNN3ZIxrvlKJIBCROo/ V4tIWbpHyTS5jCb2+S7SmRuDNgLvL+86bEZfpSivGsOYEjGbCvRPGfXp9Tt4G5+h 9O0VCDXEN9K2diMrkt848LA8kw2aa1ckcVdNQNWFfQxaPab/I5KV4Ir0bTB3C8Tm oZPH0qk2NKZDMNjT95eDk2yhAJTGI2k25tYVRJG6XbBFAnYnMY8OuWSz1LUy73Y8 l89wT4RCRBZGmb3X19GZgMAUhA5HpkZPvF5F2bylFvyrHtSMpX+GNI0MhcG/yGfC c6OvANtEk+OXZ00v4M/7iDfd6+D3yQ382h8hVhfUu3S4gM9bPKO7QmJg9g+/Q8F1 XWt7Ms/aEdee4OnuO00QUfoHepgfdkBU/sZC5nuwxCF5QJjCkxxOV2FaGNA848SK WQ86r0CJwZrsFYptmOjUtQdVzJK1PNC1H/yEePMNMRAHSlvUHgqj6oEC73xs0Q3i YLThbZL2U2jHUBrUnRdD =ymGR -----END PGP SIGNATURE----- --=-6i7tJSfcgDmabUp7PIYQ--

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 marc. 的文章

文章代碼(AID): #1DqPVIF6 (Bugtraq)