Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-572-1: apt-listchanges vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-572-1: apt-listchanges vulnerability
# 1  
Old 01-18-2008
USN-572-1: apt-listchanges vulnerability
Referenced CVEs:
CVE-2008-0302


Description:
=========================================================== Ubuntu Security Notice USN-572-1 January 18, 2008 apt-listchanges vulnerability CVE-2008-0302 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: apt-listchanges 2.72ubuntu6.1 Ubuntu 7.10: apt-listchanges 2.74ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Felipe Sateler discovered that apt-listchanges did not use safe paths when importing additional Python libraries. A local attacker could exploit this and execute arbitrary commands as the user running apt-listchanges.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT XFREE86

dpkg-preconfigure

DPKG-PRECONFIGURE(8)						      Debconf						      DPKG-PRECONFIGURE(8)

NAME

       dpkg-preconfigure - let packages ask questions prior to their installation

SYNOPSIS

	dpkg-preconfigure [options] package.deb

	dpkg-preconfigure --apt

DESCRIPTION

       dpkg-preconfigure lets packages ask questions before they are installed.  It operates on a set of debian packages, and all packages that
       use debconf will have their config script run so they can examine the system and ask questions.

OPTIONS

       -ftype, --frontend=type
	   Select the frontend to use.

       -pvalue, --priority=value
	   Set the lowest priority of questions you are interested in. Any questions with a priority below the selected priority will be ignored
	   and their default answers will be used.

       --terse
	   Enables terse output mode. This affects only some frontends.

       --apt
	   Run in apt mode. It will expect to read a set of package filenames from stdin, rather than getting them as parameters. Typically this
	   is used to make apt run dpkg-preconfigure on all packages before they are installed.  To do this, add something like this to
	   /etc/apt/apt.conf:

	    // Pre-configure all packages before
	    // they are installed.
	    DPkg::Pre-Install-Pkgs {
		   "dpkg-preconfigure --apt --priority=low";
	    };

       -h, --help
	   Display usage help.

SEE ALSO

       debconf(7)

AUTHOR

       Joey Hess <joeyh@debian.org>

								    2018-02-28						      DPKG-PRECONFIGURE(8)