document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2024-12-26 21:30:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1173 from alim0x/master

Browse Source 
[translate completed]20140612 Dpkg Vulnerabilities Closed in Ubuntu 14.04.md
This commit is contained in:
Xingyu.Wang 2014-06-13 11:04:49 +08:00
commit 88bf850a77
2 changed files with 25 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
sources/news/20140612 Dpkg Vulnerabilities Closed in Ubuntu 14.04.md
View File

@ -1,27 +0,0 @@
alim0x translating
Dpkg Vulnerabilities Closed in Ubuntu 14.04
================================================================================
![](http://i1-news.softpedia-static.com/images/news2/Dpkg-Vulnerabilities-Closed-in-Ubuntu-14-04-446282-2.jpg)
**Canonical has announced that a dpkg vulnerability in its Ubuntu 14.04 LTS, Ubuntu 13.10, Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems has been corrected.**
The company has just released a new update for the dpkg package, fixing a problem with this very important software that is used in all Ubuntu versions.
“It was discovered that dpkg incorrectly handled certain patches when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system,” reads the security notice.
For a more detailed description of the problems, you can see Canonical's [security notification][1]. Users have been advised to upgrade their systems as soon as possible.
The flaws can be fixed if you upgrade your system(s) to the latest libdpkg-perl packages specific to each distribution. To apply the patch, run the Update Manager application.
In general, a standard system update will make all the necessary changes and users won't have to restart the PC or the laptop in order to apply the patch. This update can also be performed from the terminal, with the apt-get dist-upgrade command.
--------------------------------------------------------------------------------
via: http://news.softpedia.com/news/Dpkg-Vulnerabilities-Closed-in-Ubuntu-14-04-446282.shtml
译者:[译者ID](https://github.com/译者ID) 校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[1]:http://www.ubuntu.com/usn/usn-2242-1/

25
translated/news/20140612 Dpkg Vulnerabilities Closed in Ubuntu 14.04.md Normal file
View File

@ -0,0 +1,25 @@
Ubuntu 14.04中Dpkg的漏洞已被修复
================================================================================
![](http://i1-news.softpedia-static.com/images/news2/Dpkg-Vulnerabilities-Closed-in-Ubuntu-14-04-446282-2.jpg)
**Canonical宣布存在于Ubuntu 14.04 LTSUbuntu 13.10Ubuntu 12.10Ubuntu 12.04 LTS以及Ubuntu 10.04 LTS操作系统中的dpkg漏洞已经被修复。**
Canonical公司刚刚放出dpkg包的一个更新修复了这个用于所有Ubuntu版本的重要软件中的一个问题。
“这个问题是在dpkg在解压源码包的时候发现的它会使dpkg不能正确地处理某些补丁。如果一位用户或一个自动化系统被欺骗而解压了特别修改过的源码包远程攻击者就能修改目标解压路径之外的文件导致拒绝服务攻击或潜在的获取系统权限的风险。”安全通知中这样写道。
想了解这个问题的更多细节描述你可以查看Canonical的[安全通知][1]。Canonical建议用户尽快升级自己的系统。
如果你将各个发行版系统的libdpkg-perl包升级到最新版本即可修复这个漏洞。要安装这个更新你只需运行更新管理器/软件更新器即可。
一般来说一个普通的系统更新就可以完成所有必需的改动用户不必重启PC或笔记本来应用这个补丁。这个更新同样可以在终端中实现只需使用 apt-get dist-upgrade 命令。
--------------------------------------------------------------------------------
via: http://news.softpedia.com/news/Dpkg-Vulnerabilities-Closed-in-Ubuntu-14-04-446282.shtml
译者:[alim0x](https://github.com/alim0x) 校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[1]:http://www.ubuntu.com/usn/usn-2242-1/