UbuntuUpdates.org

Package "libprocps6"

Name: libprocps6

Description:

library for accessing process information from /proc

Latest version: 2:3.3.12-3ubuntu1.1
Release: bionic (18.04)
Level: security
Repository: main
Head package: procps
Homepage: https://gitlab.com/procps-ng/procps

Links


Download "libprocps6"


Other versions of "libprocps6" in Bionic

Repository Area Version
base main 2:3.3.12-3ubuntu1
updates main 2:3.3.12-3ubuntu1.2

Changelog

Version: 2:3.3.12-3ubuntu1.1 2018-05-23 18:06:53 UTC

  procps (2:3.3.12-3ubuntu1.1) bionic-security; urgency=medium

  * SECURITY UPDATE: top configuration file read from current directory
    - debian/patches/CVE-2018-1122.patch: do not default to the cwd in
      top/top.c.
    - CVE-2018-1122
  * SECURITY UPDATE: ps output buffer overflow
    - debian/patches/CVE-2018-1123.patch: check sizes in ps/output.c.
    - CVE-2018-1123
  * SECURITY UPDATE: integer overflow in file2strvec()
    - debian/patches/CVE-2018-1124.patch: prevent overflow in
      proc/readproc.c.
    - CVE-2018-1124
  * SECURITY UPDATE: stack overflow in pgrep
    - debian/patches/CVE-2018-1125.patch: check length in pgrep.c.
    - CVE-2018-1125
  * SECURITY UPDATE: truncated sizes and possible integer overflow
    - debian/patches/CVE-2018-1126.patch: use size_t, not unsigned int in
      proc/alloc.*.
    - CVE-2018-1126

 -- Marc Deslauriers <email address hidden> Mon, 14 May 2018 08:01:40 -0400

CVE-2018-1122 Local Privilege Escalation in top
CVE-2018-1123 Denial of Service in ps
CVE-2018-1124 Local Privilege Escalation in libprocps
CVE-2018-1125 0008-pgrep-Prevent-a-potential-stack-based-buffer-overflo.patch
CVE-2018-1126 0035-proc-alloc.-Use-size_t-not-unsigned-int.patch



About   -   Send Feedback to @ubuntu_updates