[월:] 2017년 06월

USN-3322-1: Exim vulnerability Ubuntu Security Notice USN-3322-1 19th June, 2017 exim4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Exim could be made to run programs as an administrator. Software description exim4 – Exim is a mail transport agent Details It was discovered that Exim did not properly deallocate memory whenprocessing certain command line arguments. A local attacker could use thisin conjunction with another vulnerability to possibly execute arbitrarycode and gain administrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: exim4-daemon-heavy 4.88-5ubuntu1.1 exim4-daemon-light 4.88-5ubuntu1.1 Ubuntu 16.10: exim4-daemon-heavy 4.87-3ubuntu1.2 exim4-daemon-light 4.87-3ubuntu1.2 Ubuntu 16.04 LTS: exim4-daemon-heavy 4.86.2-2ubuntu2.2 exim4-daemon-light 4.86.2-2ubuntu2.2 Ubuntu 14.04 LTS: exim4-daemon-heavy 4.82-3ubuntu2.3 exim4-daemon-light 4.82-3ubuntu2.3 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In [ more… ]

USN-3323-1: GNU C Library vulnerability Ubuntu Security Notice USN-3323-1 19th June, 2017 eglibc, glibc vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Gnu C library could be made to run programs as an administrator. Software description eglibc – GNU C Library glibc – GNU C Library Details It was discovered that the GNU C library did not properly handle memorywhen processing environment variables for setuid programs. A local attackercould use this in combination with another vulnerability to gainadministrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: libc6 2.24-9ubuntu2.2 Ubuntu 16.10: libc6 2.24-3ubuntu2.2 Ubuntu 16.04 LTS: libc6 2.23-0ubuntu9 Ubuntu 14.04 LTS: libc6 2.19-0ubuntu6.13 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard [ more… ]