UbuntuUpdates.org

Package "procps"

Name: procps

Description:

/proc file system utilities

Latest version: 1:3.3.9-1ubuntu2.3
Release: trusty (14.04)
Level: security
Repository: main
Homepage: http://gitorious.org/procps

Links


Download "procps"


Other versions of "procps" in Trusty

Repository Area Version
base main 1:3.3.9-1ubuntu2
updates main 1:3.3.9-1ubuntu2.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:3.3.9-1ubuntu2.3 2018-05-23 18:06:48 UTC

  procps (1:3.3.9-1ubuntu2.3) trusty-security; urgency=medium

  * SECURITY UPDATE: top configuration file read from current directory
    - debian/patches/CVE-2018-1122.patch: do not default to the cwd in
      top/top.c.
    - CVE-2018-1122
  * SECURITY UPDATE: ps output buffer overflow
    - debian/patches/CVE-2018-1123.patch: check sizes in ps/output.c.
    - CVE-2018-1123
  * SECURITY UPDATE: integer overflow in file2strvec()
    - debian/patches/CVE-2018-1124.patch: prevent overflow in
      proc/readproc.c.
    - CVE-2018-1124
  * SECURITY UPDATE: stack overflow in pgrep
    - debian/patches/CVE-2018-1125.patch: check length in pgrep.c.
    - CVE-2018-1125
  * SECURITY UPDATE: truncated sizes and possible integer overflow
    - debian/patches/CVE-2018-1126.patch: use size_t, not unsigned int in
      proc/alloc.*.
    - CVE-2018-1126
  * debian/patches/pmap_new_kernel.patch: fix compatibility with newer
    kernels.

 -- Marc Deslauriers <email address hidden> Mon, 14 May 2018 08:07:11 -0400

CVE-2018-1122 Local Privilege Escalation in top
CVE-2018-1123 Denial of Service in ps
CVE-2018-1124 Local Privilege Escalation in libprocps
CVE-2018-1125 0008-pgrep-Prevent-a-potential-stack-based-buffer-overflo.patch
CVE-2018-1126 0035-proc-alloc.-Use-size_t-not-unsigned-int.patch



About   -   Send Feedback to @ubuntu_updates