You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa apparmor

Sigurnosni nedostatak programskog paketa apparmor

==========================================================================
Ubuntu Security Notice USN-2413-1
November 20, 2014

apparmor vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

apparmor_parser could allow applications that are confined by AppArmor to gain
unintended access to resources.

Software Description:
– apparmor: Linux security system

Details:

An AppArmor policy miscompilation flaw was discovered in apparmor_parser. Under
certain circumstances, a malicious application could use this flaw to perform
operations that are not allowed by AppArmor policy. The flaw may also prevent
applications from accessing resources that are allowed by AppArmor policy.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
apparmor 2.8.95~2430-0ubuntu5.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2413-1
CVE-2014-1424

Package Information:
https://launchpad.net/ubuntu/+source/apparmor/2.8.95~2430-0ubuntu5.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJUblh5AAoJENaSAD2qAscKTD0QALQCG0qgXqnE2uatqKX+fDfN
m45D4Ro5yxz2pZY0DTsqkP/C6XeSBz3exYQRUMShg5kWh6IT3Mzbi8CBV78HCtHQ
JuDiiGZa3Hjve51J4q9fU0J8E01V60mK1vyci85xTEkn+bLhpQl+nz2ryOvcwvfE
JA1zPGBz/10FPpR2SsV/uXMqpRIsG0dKSEyzJLLqRj2jtnnCsbV/4hr9gfMGJqvj
i5L8Pq7/uxA5zNI2MDFP/qhxqnAT/6/4CqqqCBqdnF7L/wRhc2D40lHlJXbJMDQE
jvd79sOzxU6Qhzq4hWO9Hhe3ehkoFn4mbU/VIPbt+pjtkjpk1LO4OUx2BqbG4825
a0UG7wuUNiP2yrxbibx9jt+fyIhYnJ4ZAXZPt3N3jolLBz3gQDLyoCuaIl/aX/ly
DHjrKZ00JmEHat46bFn3ptvb1RVPpR2lYHdIOPnueq9j7J01t3IhpeFLCZsMM+Z2
tdtfUZmd0kvHTn7hOVgl0HOlV2/C41AYX739CaoaH//sXWuCf1mTMXLMsawzpdbn
d9L3jhe6j6TYRAfyA/mEEURqM5wWKZt/WDVLMYM3JfBklM1bL1VSFRuDzJz4b0pe
s7eQ/gehWaOQIlY0bHKSCWKEJ6SFtsqpzb++Ybyg4euUo70YQqvtx+dIfBBwIAzS
PCk3TED0mGKe3aLbgfbM
=FA24
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni propust programskog paketa clamav

Otkriven je sigurnosni propust programskog paketa clamav za Mandriva Business Server 1.0. Određene javascript datoteke uzrokuju pokušaje pristupanja određenoj memorijskoj...

Close