-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmb+qOwACgkQZWnYVadE
vpNldRAArGJv9T3e0A2bVfHG3MTmGXcGj2+x5dKgQ7STHpRTFpNOAPJqNm/1istf
hFd8IKsJaLDerNFz70m6YiJR/UzNfBkoExOsVE17luFJ7NE+uCr4/3IiIGS6Ssdv
cz6jUb1J5eE3ZLG06W4gir/nqNTkzlQsL5jQ397L36qT/jdp9uHY1vv44nCAAZ6D
5xTlNGWxUbr5S1qmNSG+7HjjEGc9mVwHjuS/j4JaNSTfco83hB/MFrPM1iloBpi4
eX6cE84PuFprXfuyNVTmfRRU5YIW8PK3yNHPFtSrWY0Ea/4rjovbHQYHj7ApWuE1
tysPkchDiSb+/yC6sN8DFFmkHgH4VlPwdeyci8eCHADCguPQywqHStWWLCksLYtX
CYj2Fu6r6JPqqC/ITFbBWxxzKW9E9XEeovqcuzS1L87IJitfhbxKwb3Ty0jQt6HT
eNqhMY0dayytpae1hKgV0IlTpj9r1DNObiW9AKKu8rY3JBiwpbBKMxJNat3m5F4i
lqZo+Wi19NuaP4qtUE4U9AZeCtttj3ZkP93qvXYpTYd8ip2OUC2ci3lIvIFNT47T
c5AkJ2Cmw8RL/hMd/m4aRtEk0TMHGQJ2Fy6VLDnQIMrFZ+YOO7jFCw2no/kejAXa
75qa2n9DgSY1Er/s8DaEEy9zO3Buy475hl0BB+Nv46aRWZGbg9I=
=8MEQ
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7054-1
October 03, 2024
unzip vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
unzip could be made to crash or run programs as your login if it opened a
specially crafted file.
Software Description:
- unzip: De-archiver for .zip files
Details:
It was discovered that unzip did not properly handle unicode strings under
certain circumstances. If a user were tricked into opening a specially
crafted zip file, an attacker could possibly use this issue to cause unzip
to crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
unzip 6.0-28ubuntu4.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7054-1
CVE-2021-4217
Package Information:
https://launchpad.net/ubuntu/+source/unzip/6.0-28ubuntu4.1
No comments:
Post a Comment