You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa apt

Sigurnosni nedostatak programskog paketa apt

by Dona Šeruga - 0

==========================================================================
Ubuntu Security Notice USN-4667-1
December 09, 2020

apt vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.10
– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

APT could be made to crash or stop responding if it opened a specially
crafted file.

Software Description:
– apt: Advanced front-end for dpkg

Details:

Kevin Backhouse discovered that APT incorrectly handled certain packages.
A local attacker could possibly use this issue to cause APT to crash or
stop responding, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
apt 2.1.10ubuntu0.1

Ubuntu 20.04 LTS:
apt 2.0.2ubuntu0.2

Ubuntu 18.04 LTS:
apt 1.6.12ubuntu0.2

Ubuntu 16.04 LTS:
apt 1.2.32ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4667-1
CVE-2020-27350

Package Information:
https://launchpad.net/ubuntu/+source/apt/2.1.10ubuntu0.1
https://launchpad.net/ubuntu/+source/apt/2.0.2ubuntu0.2
https://launchpad.net/ubuntu/+source/apt/1.6.12ubuntu0.2
https://launchpad.net/ubuntu/+source/apt/1.2.32ubuntu0.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl/RD/YACgkQZWnYVadE
vpMnQw//VWcVrDeG/WD3GkP/3QxCoVJFnjVGxBeGYKQSDp6pjcWqQPAYIkVyNSaY
V5iIEyay1OQkNdbvpQie/g8XB5S8G6VnYWETOYpUhYIfTCPsxZbF+b5+KsXwa+8n
vgqq4y7vLo4S4HZf6orhq/Xf25o34L0gTXF9wGDwnirGRSITFLdIVgwwRfOsP9kg
BI88rVav60ukL1P949aGljf8n34wyKMyzbc9zxAK3Fxt3dHgVpA2AjZWjw+zfuXN
WqD68HX9AE0QV15aBzytj29hVTo+Qqapi7oGo44uNvhUQSEtM52QwHOQs6ROLCpP
fdEC1yb+PfI3P/eaaGoOZeUWh+1qFw3adLHUAoCs1BDCD+XZZ38C1MteSdToiCx3
9xMS2SgrzMCnwMjEj9PrWRMaWgG0wqiB7N8sla0uq77z5AqXiC4h/HiY+zFirgk8
g+GK9lBFVS0dZQdRTC1u4oBJohhTGuBsorzXqkMMeieKTWC0LM2vA9aaIc1+Yazt
ETxFcyVbhQpfxlOf/8UQz08GB6HnK5CvSj2cQ2PCUgjA8NKNmMaxd999ElpDEIf3
UkinZUDFIRZZOKd7zVPxd93PbNrDxV+55t/UeIHUBbzloBMjWsmnB72d+tsJDN8f
duvlQ1ZTtEhbIOXD9QZFbLCFRr4/G28kYmRhZ3c63hVq5Q8FrIY=
=J+B+
—–END PGP SIGNATURE—–

Dona Šeruga
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke python authlib

Otkriven je sigurnosni nedostatak programske biblioteke python authlib za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....

Close