Objavljena je revizija sigurnosne preporuke oznake USN-1463-1. U izvornoj su preporuci opisani propusti preglednika Firefox koji udaljenim napadačima omogućuju izvođenje DoS napada, pokretanje proizvoljnog programskog koda, izmjenu podataka te otkrivanje osjetljivih informacija.
Paket:
Operacijski sustavi:
Ubuntu Linux 11.04, Ubuntu Linux 11.10, Ubuntu Linux 12.04
Problem:
pogreška u programskoj komponenti, preljev međuspremnika
Propusti su posljedica grešaka u WebGL implementaciji, ASN.1 dekoderu, prepisivanja spremnika, itd. Revizija je objavljena jer prethodno izdana nadogradnja uzrokuje nepravilnosti u paketu Unity 2D. Nova nadogradnja ispravlja spomenuti problem.
Posljedica:
Napadač ih može iskoristiti za izvođenje DoS napada, pokretanje proizvoljnog programskog koda, izmjenu podataka te otkrivanje osjetljivih informacija.
==========================================================================
Ubuntu Security Notice USN-1463-2
June 15, 2012
unity-2d update
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
Summary:
Popup menus were not working in Firefox under Unity 2D.
Software Description:
- unity-2d: Unity interface for non-accelerated graphics cards
Details:
USN-1463-1 fixed vulnerabilities in Firefox. The Firefox update exposed a
bug in Unity 2D which resulted in Firefox being unable to obtain pointer
grabs in order to open popup menus. This update fixes the problem.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
unity-2d-panel 5.12.0-0ubuntu1.1
Ubuntu 11.10:
unity-2d-panel 4.12.0-0ubuntu1.2
Ubuntu 11.04:
unity-2d-panel 3.8.4.1-0ubuntu1.1
After a standard system update you need to restart your Unity 2D session to
make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1463-2
http://www.ubuntu.com/usn/usn-1463-1
https://launchpad.net/bugs/1010466
Package Information:
https://launchpad.net/ubuntu/+source/unity-2d/5.12.0-0ubuntu1.1
https://launchpad.net/ubuntu/+source/unity-2d/4.12.0-0ubuntu1.2
https://launchpad.net/ubuntu/+source/unity-2d/3.8.4.1-0ubuntu1.1
Posljednje sigurnosne preporuke