You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa BWA

Sigurnosni nedostatak programskog paketa BWA

==========================================================================
Ubuntu Security Notice USN-4087-1
August 06, 2019

BWA vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 19.04
– Ubuntu 18.04 LTS

Summary:

BWA could be made to crash or run programs as your login if it
opened a specially crafted file.

Software Description:
– bwa: Software package for mapping DNA sequences against a large reference genome

Details:

It was discovered that Burrows-Wheeler Aligner (BWA) mishandled certain
crafted .alt files. An attacker could use this vulnerability to cause a
denial of service (crash) or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
bwa 0.7.17-3~ubuntu0.19.04.1

Ubuntu 18.04 LTS:
bwa 0.7.17-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4087-1
CVE-2019-10269

Package Information:
https://launchpad.net/ubuntu/+source/bwa/0.7.17-3~ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/bwa/0.7.17-1ubuntu0.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAl1JyCsACgkQdyg1Qz0o
XX16nhAArGf8cbB07dvbyGHw67X7YRvuH5AyxdgAPgC/RnvajkFV3JaKHXOtO0h6
RQ8+YTg0zEG5NrSSr+rbKa2s8K571RmfpzlGPNd0ilubQ+n1ArPH2R+tRkBwCI6O
4RW2QHCfdmVQbbo7pRsCaZM8iTTaPCNAzkth7vzgfXmCH3RuGfqEIFA3DNUzVvwu
aQIcjhzhTestFdyZ1U7dRc95eXfTfRwUuz+6s9RwbmSD4vAKWkROQKINqfJrVlSC
UpuzKOJNW6x6MqI2N1yabbo2PzBEfwUYuT0E2z6L6LkNQluC2RFwdyBY8rmww2sh
+i4mY1xS2nzDiR4I9zWf1DRboFYj8eceoSBLo7FCtFzOByaoiDpXkPjh4cXUQWNJ
aAxITruoc/4rXZTyy30MXzRwlQ1R+BVCu0DCI7DamR7ywr8aHDcj5xYVAGCFAiHJ
yaAdTJi3OdAZ1RFwz0XtelZW3AcNCM1B7Kgssq77rMhSHxVv8pkNjDkzm/IQaSwG
aoySAm9Jpj/Rc6I8bm9fylpDVGKEfyPVX1XGOA2W3mWi7ZXp6eSKXb0LQT01pYuf
PiOqfrwwpsX8jBDe83YnRgIGX4cJfAgcg2mGg9FgndpA9QLARxPdXkWFOYIyWEp7
QJzJU4mepHZ/WyaTUrIv0WK/2PE8YM+HRgAkb+muOf2wOJv1AWQ=
=kXw0
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa Mercurial

Otkriven je sigurnosni nedostatak u programskom paketu Mercurial za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje zaobilaženje sigurnosnih ograničenja....

Close