You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa elfutils

Sigurnosni nedostaci programskog paketa elfutils

==========================================================================
Ubuntu Security Notice USN-4012-1
June 10, 2019

elfutils vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in elfutils.

Software Description:
– elfutils: collection of utilities to handle ELF objects

Details:

It was discovered that elfutils incorrectly handled certain malformed
files. If a user or automated system were tricked into processing a
specially crafted file, elfutils could be made to crash or consume
resources, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
elfutils 0.170-0.5.0ubuntu1.1
libasm1 0.170-0.5.0ubuntu1.1
libdw1 0.170-0.5.0ubuntu1.1
libelf1 0.170-0.5.0ubuntu1.1

Ubuntu 18.04 LTS:
elfutils 0.170-0.4ubuntu0.1
libasm1 0.170-0.4ubuntu0.1
libdw1 0.170-0.4ubuntu0.1
libelf1 0.170-0.4ubuntu0.1

Ubuntu 16.04 LTS:
elfutils 0.165-3ubuntu1.2
libasm1 0.165-3ubuntu1.2
libdw1 0.165-3ubuntu1.2
libelf1 0.165-3ubuntu1.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4012-1
CVE-2018-16062, CVE-2018-16402, CVE-2018-16403, CVE-2018-18310,
CVE-2018-18520, CVE-2018-18521, CVE-2019-7149, CVE-2019-7150,
CVE-2019-7665

Package Information:
https://launchpad.net/ubuntu/+source/elfutils/0.170-0.5.0ubuntu1.1
https://launchpad.net/ubuntu/+source/elfutils/0.170-0.4ubuntu0.1
https://launchpad.net/ubuntu/+source/elfutils/0.165-3ubuntu1.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlz+cyYACgkQZWnYVadE
vpPTGRAAjxOt96TAfwXgY2p/woFt3paSDPoy4R50Wfqu3JB2XovFQecP7Zk9x32s
2m15bB8UdIfp1Z8V5M+ydYFgzTX1NYJwYfHdqd9mEHed0qRZ/s0qLpgiP1osmZBC
WSv7UU3QKVt0GKtU0DSta1VVDQbZb2uZiXNZb6XhkzHVBzBc9aBZiJB+5rLbp9YJ
3Z3+Asj3XSR/bs704x5qU4jQorhzMLpuoTbm3Q21vqqRgm+StreJRvK94+qtWNym
QEkJvXW44kMWeY4YXULD4+jbqwEjOJoASBsNLH+Zj48s2+1WmDnjqrLztIRBUVDm
thkOwu77t9YcJ1r4bDuc0lXRYPcGShTyOn3eKTI8QkQPmBwK40yZ/MbIscIlKUTr
8eNeOYh2Fo8iiYUznxV5n0466JpK+TwqvEADgW2YTH6/ZYjX9YL6hJMjITt9197H
Otm+6zjh7y2IfZ1fPhxuLXUFNMGG1WoeLQc8Hu0YdwTJaycXiQl4MJdZHOYjPxC8
3Ij/VrHVX1Y4TUUYVEwawBIJvDsBWhVQvlOv3FDDDsEi05sxBNmFt2AXN68DV9ta
ial3taFu3sEU3E3HPKg8B1+ZFMismDKeK7APaqGKfPptlmF6TOW+bhDfPuOIibfN
V1uC+EkHek2cfO691y++1B9UzNNtOJ9QWcTX0cim/pbJ1fwHKOA=
=1KFG
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programske biblioteke libsndfile

Otkriveni su sigurnosni nedostaci programske biblioteke libsndfile za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja, izvršavanje...

Close