24 April 2018
packagekit vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
Summary
PackageKit could be made to install or run programs as an administrator.
Software Description
- packagekit - Provides a package management service
Details
Matthias Gerstner discovered that PackageKit incorrectly handled authentication. A local attacker could possibly use this issue to install arbitrary packages and escalate privileges.
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 17.10
- packagekit - 1.1.7-1ubuntu0.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make all the necessary changes.
References
from Ubuntu Security Notices https://ift.tt/2HLIEEQ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.