Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 754
Alerts This Week
Warning Icon 1 754

Ubuntu 17.04: USN-3400-1 Moderate: Augeas Denial Of Service

ubuntu
Calendar Grey August 21, 2017
Dist Ubuntu Esm H88
Uncover the details of Ubuntu Security Notice USN-3401-1 which addresses the security flaw in Augeas leading to a potential crash, along with essential patches.
Augeas could be made to crash if it received specially crafted input.

Summary

Augeas could be made to crash if it received specially crafted

input.

Software Description:

- augeas: Configuration editing tool

Details:

It was discovered that Augeas incorrectly handled certain strings.

An attacker could use this issue to cause Augeas to crash, leading

to a denial of service, or possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
  augeas-tools                    1.6.0-0ubuntu3.1
  libaugeas0                      1.6.0-0ubuntu3.1

Ubuntu 16.04 LTS:
  augeas-tools                    1.4.0-0ubuntu1.1
  libaugeas0                      1.4.0-0ubuntu1.1

Ubuntu 14.04 LTS:
  augeas-tools                    1.2.0-0ubuntu1.3
  libaugeas0                      1.2.0-0ubuntu1.3

In general, a standard system update will make all the necessary
changes.

References

  https://ubuntu.com/security/notices/USN-3400-1

  CVE-2017-7555

August 21, 2017

Package Information

  https://launchpad.net/ubuntu/+source/augeas/1.6.0-0ubuntu3.1
  https://launchpad.net/ubuntu/+source/augeas/1.4.0-0ubuntu1.1
  https://launchpad.net/ubuntu/+source/augeas/1.2.0-0ubuntu1.3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.