Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-572-1: apt-listchanges vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-572-1: apt-listchanges vulnerability
# 1  
Old 01-18-2008
USN-572-1: apt-listchanges vulnerability
Referenced CVEs:
CVE-2008-0302


Description:
=========================================================== Ubuntu Security Notice USN-572-1 January 18, 2008 apt-listchanges vulnerability CVE-2008-0302 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: apt-listchanges 2.72ubuntu6.1 Ubuntu 7.10: apt-listchanges 2.74ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Felipe Sateler discovered that apt-listchanges did not use safe paths when importing additional Python libraries. A local attacker could exploit this and execute arbitrary commands as the user running apt-listchanges.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

sbuild-apt

SBUILD-APT(1)							   Debian sbuild						     SBUILD-APT(1)

NAME

       sbuild-apt - run apt-get or apt-cache in an sbuild chroot

SYNOPSIS

       sbuild-apt [-h|--help | -V|--version] CHROOT (apt-get|apt-cache) [ARG1 [ARG2 [ARGn...]]]

DESCRIPTION

       sbuild-apt runs apt-get(1) or apt-cache(1) inside the specified chroot, along with any additional arguments.

OPTIONS

   Actions
       -h, --help
	      Display this manual.

       -V, --version
	      Print version information.

   Chroot selection
       CHROOT The  chroot  to  run  the  command in.  Note that 'o', 's', 't', 'u' and 'e' may be used as abbreviations for 'oldstable', 'stable',
	      'testing', 'unstable' and 'experimental', respectively.

   APT options
       apt-get
	      Run apt-get.

       apt-cache
	      Run apt-cache.

       ARG    Additional arguments to pass to apt-get or apt-cache.

EXAMPLES

       To update the APT package lists in the unstable chroot:

       % sbuild-apt unstable apt-get update

       Note that sbuild-update(1) is a more convenient method for doing the above.

AUTHORS

       Roger Leigh.

COPYRIGHT

       Copyright (C) 2006-2008 Roger Leigh <rleigh@debian.org>.

SEE ALSO

       apt-cache(1), apt-get(1), sbuild(1), sbuild-update(1), sbuild-upgrade(1).

Version 0.63.2							    18 Aug 2012 						     SBUILD-APT(1)