USN-3323-1: GNU C Library vulnerability
USN-3323-1: GNU C Library vulnerability Ubuntu Security Notice USN-3323-1 19th June, 2017 eglibc, glibc vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Gnu C library could be made to run programs as an administrator. Software description eglibc – GNU C Library glibc – GNU C Library Details It was discovered that the GNU C library did not properly handle memorywhen processing environment variables for setuid programs. A local attackercould use this in combination with another vulnerability to gainadministrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: libc6 2.24-9ubuntu2.2 Ubuntu 16.10: libc6 2.24-3ubuntu2.2 Ubuntu 16.04 LTS: libc6 2.23-0ubuntu9 Ubuntu 14.04 LTS: libc6 2.19-0ubuntu6.13 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard [ more… ]