-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmXvENgACgkQZWnYVadE
vpOp7Q//VZ9xdnUAz3LTG8nim1ZJZ1moKnFwKbG5ps3c4z0KqVjHtCARjDkzekUq
B+v5qpIUOoXdWnjC07GGoJcK1qF9GaryYjJu42tN7iY2phjJHJXHXSHkAvzu6UIF
VlogBB8hZH/YzQ++1vKAN8Euxhdt/Zs7AgbKtjlz0fkVIFVHoJqtoXbAG73sc/xd
E9ox0lWkAFPtwWhbYbyZt4g9tWSQzg5nrTUR2FhL2K4JLWB4jgQovS2YLxJCu0Ew
sWscd1Crv+Jqa9STHqhoxJXE8tudCI9kbq/bBA6EBG5Agf97fEX9811eULQxYM1H
VtwCv4hH//NnMJx1d7m9f+bn8KN4hKneoUtpw60+Ap9bDtWaA9tyndXl5HzcR7S2
emlbVa2rBg/vvUnGwmwcUuUkTtKny7jJvHdUMkMVaXe2FWPQAcLYrYpdG4WKi3GR
TPH8RIW2ZpOrjG0RCpwP/0f1bRg0rF1hYwTnGtOK1kTgNmRRFI9HBbiN+n7+smB5
3E3ZREDR/5TgTmCFKAchY/fP39Bw9sFpQPdeHjRdjlkTPEtfA1LZ1g28bo9xo/g+
RQSq7V5ccAC7vnPqzO2Ru9kMbGEGR1mGo3ZKoADE8b6Oh+escae+HNvRFLv8cvPm
Bg+jZazQC2mPrqwmhFKkA047bb1jUpusbsuC+8pfskLmmacJT9Y=
=aKDa
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-6687-1
March 11, 2024
accountsservice vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
AccountsService could be made to expose sensitive information.
Software Description:
- accountsservice: query and manipulate user account information
Details:
It was discovered that AccountsService called a helper incorrectly when
performaing password change operations. A local attacker could possibly use
this issue to obtain encrypted passwords.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
accountsservice 22.07.5-2ubuntu1.5
libaccountsservice0 22.07.5-2ubuntu1.5
Ubuntu 20.04 LTS:
accountsservice 0.6.55-0ubuntu12~20.04.7
libaccountsservice0 0.6.55-0ubuntu12~20.04.7
After a standard system update you need to reboot your computer to make all
the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6687-1
CVE-2012-6655
Package Information:
https://launchpad.net/ubuntu/+source/accountsservice/22.07.5-2ubuntu1.5
https://launchpad.net/ubuntu/+source/accountsservice/0.6.55-0ubuntu12~20.04.7
No comments:
Post a Comment