USN-3584-1: sensible-utils vulnerability
USN-3584-1: sensible-utils vulnerability Ubuntu Security Notice USN-3584-1 26th February, 2018 sensible-utils vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary sensible-utils could be made to run programs as your login if it opened a malicious URL. Software description sensible-utils – Utilities for sensible alternative selection Details Gabriel Corona discovered that sensible-utils incorrectly validated stringswhen launcher a browser with the sensible-browser tool. A remote attackercould possibly use this issue with a specially crafted URL to conduct anargument injection attack and execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: sensible-utils 0.0.10ubuntu0.1 Ubuntu 16.04 LTS: sensible-utils 0.0.9ubuntu0.16.04.1 Ubuntu 14.04 LTS: sensible-utils 0.0.9ubuntu0.14.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will [ more… ]
