mirror of
https://github.com/LCTT/TranslateProject.git
synced 2024-12-29 21:41:00 +08:00
Merge pull request #1173 from alim0x/master
[translate completed]20140612 Dpkg Vulnerabilities Closed in Ubuntu 14.04.md
This commit is contained in:
commit
88bf850a77
@ -1,27 +0,0 @@
|
||||
alim0x translating
|
||||
|
||||
Dpkg Vulnerabilities Closed in Ubuntu 14.04
|
||||
================================================================================
|
||||
![](http://i1-news.softpedia-static.com/images/news2/Dpkg-Vulnerabilities-Closed-in-Ubuntu-14-04-446282-2.jpg)
|
||||
|
||||
**Canonical has announced that a dpkg vulnerability in its Ubuntu 14.04 LTS, Ubuntu 13.10, Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems has been corrected.**
|
||||
|
||||
The company has just released a new update for the dpkg package, fixing a problem with this very important software that is used in all Ubuntu versions.
|
||||
|
||||
“It was discovered that dpkg incorrectly handled certain patches when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system,” reads the security notice.
|
||||
|
||||
For a more detailed description of the problems, you can see Canonical's [security notification][1]. Users have been advised to upgrade their systems as soon as possible.
|
||||
|
||||
The flaws can be fixed if you upgrade your system(s) to the latest libdpkg-perl packages specific to each distribution. To apply the patch, run the Update Manager application.
|
||||
|
||||
In general, a standard system update will make all the necessary changes and users won't have to restart the PC or the laptop in order to apply the patch. This update can also be performed from the terminal, with the apt-get dist-upgrade command.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://news.softpedia.com/news/Dpkg-Vulnerabilities-Closed-in-Ubuntu-14-04-446282.shtml
|
||||
|
||||
译者:[译者ID](https://github.com/译者ID) 校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
|
||||
|
||||
[1]:http://www.ubuntu.com/usn/usn-2242-1/
|
@ -0,0 +1,25 @@
|
||||
Ubuntu 14.04中Dpkg的漏洞已被修复
|
||||
================================================================================
|
||||
![](http://i1-news.softpedia-static.com/images/news2/Dpkg-Vulnerabilities-Closed-in-Ubuntu-14-04-446282-2.jpg)
|
||||
|
||||
**Canonical宣布存在于Ubuntu 14.04 LTS,Ubuntu 13.10,Ubuntu 12.10,Ubuntu 12.04 LTS以及Ubuntu 10.04 LTS操作系统中的dpkg漏洞已经被修复。**
|
||||
|
||||
Canonical公司刚刚放出dpkg包的一个更新,修复了这个用于所有Ubuntu版本的重要软件中的一个问题。
|
||||
|
||||
“这个问题是在dpkg在解压源码包的时候发现的,它会使dpkg不能正确地处理某些补丁。如果一位用户或一个自动化系统被欺骗而解压了特别修改过的源码包,远程攻击者就能修改目标解压路径之外的文件,导致拒绝服务攻击或潜在的获取系统权限的风险。”安全通知中这样写道。
|
||||
|
||||
想了解这个问题的更多细节描述,你可以查看Canonical的[安全通知][1]。Canonical建议用户尽快升级自己的系统。
|
||||
|
||||
如果你将各个发行版系统的libdpkg-perl包升级到最新版本即可修复这个漏洞。要安装这个更新,你只需运行更新管理器/软件更新器即可。
|
||||
|
||||
一般来说,一个普通的系统更新就可以完成所有必需的改动,用户不必重启PC或笔记本来应用这个补丁。这个更新同样可以在终端中实现,只需使用 apt-get dist-upgrade 命令。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://news.softpedia.com/news/Dpkg-Vulnerabilities-Closed-in-Ubuntu-14-04-446282.shtml
|
||||
|
||||
译者:[alim0x](https://github.com/alim0x) 校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
|
||||
|
||||
[1]:http://www.ubuntu.com/usn/usn-2242-1/
|
Loading…
Reference in New Issue
Block a user