You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libtasn1-6

Sigurnosni nedostatak programske biblioteke libtasn1-6

==========================================================================
Ubuntu Security Notice USN-3309-1
June 05, 2017

libtasn1-6 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 17.04
– Ubuntu 16.10
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Libtasn1 could be made to crash or run programs as your login if it opened
a specially crafted file.

Software Description:
– libtasn1-6: Library to manage ASN.1 structures

Details:

Jakub Jirasek discovered that GnuTLS incorrectly handled certain
assignments files. If a user were tricked into processing a specially
crafted assignments file, a remote attacker could possibly execute arbirary
code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
libtasn1-6 4.10-1ubuntu0.1

Ubuntu 16.10:
libtasn1-6 4.9-4ubuntu0.1

Ubuntu 16.04 LTS:
libtasn1-6 4.7-3ubuntu0.16.04.2

Ubuntu 14.04 LTS:
libtasn1-6 3.4-3ubuntu0.5

In general, a standard system update will make all the necessary changes.

References:
https://www.ubuntu.com/usn/usn-3309-1
CVE-2017-6891

Package Information:
https://launchpad.net/ubuntu/+source/libtasn1-6/4.10-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libtasn1-6/4.9-4ubuntu0.1
https://launchpad.net/ubuntu/+source/libtasn1-6/4.7-3ubuntu0.16.04.2
https://launchpad.net/ubuntu/+source/libtasn1-6/3.4-3ubuntu0.5

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJZNZE9AAoJEGVp2FWnRL6TWDoP/jwbKmS6wiuelTXuchnvikVw
1MbqB8rgogkAJN8u9EhHfXgMrH3fBu+qe8mvehz27Yp6lzmpmAi6K4OqlocJvSUy
4qKBP+qovlkzX4c8jrQfPsUhsEC0e5CmLSdhxcSfnLyu3mNNK2LBj4NMczIMiM/g
34PtuAwfRjbAwBEYl2m/eOJVe1MtENMqe0BqjIkjtAkcSU2iLg9XXdd25AU4EDIj
aTFZS2I2TUT7yeYElSRJnj116+6/ITfvuIR/O+U+idtpEo7rSecX7BmH2N/yA3KT
I3rJT4zwiDLsspySqI064qPn0Rbt4EYJHWou6GqTTvkyD1+ynELoeKwGV1KktVlk
JSwcjF7JKnpgu5RN7VIj8oC3fsMzpFU/6W7uP6Fgdnxd5W+rbQo7b+NeWgLZDy6P
/0G3eyRVOyM+mBT2ugVly4DeRyHrQNtMX+azPUXTypnYMoxeJeJvZhpv8lzSd3V+
eKTlhb6Ek4OJ41ASy86o3/4uCcWa8JQxdqEeSgzqGEpMi9vhYk85J97/fclthteo
/GIEXPPhjOSAXkhbd/EsQ0o+OaE2qinnmqDfc57ECWiXYwV2tc1jIpCk3koX4gdt
gaxiNHASTnkOjXuP9LvTameNCy7qDRd48n+wFqEL0ebwrDP+mfRXAEbVwMdlCHg9
u5lZts1Z5OOD+BcMFBsk
=QHP2
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa puppet

Otkriveni su sigurnosni nedostaci u programskom paketu puppet za operacijski sustav Ubuntu 14.04 LTS. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje...

Close