Ubuntu Update For Dpkg USN-2242-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

It was discovered that dpkg incorrectly handled certain patches when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.

Affected

dpkg on Ubuntu 14.04 LTS , Ubuntu 13.10 , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2014-3864, CVE-2014-3865

CVSS	Base Score: 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Ubuntu Update for colord USN-1289-1
Ubuntu Update for dnsmasq vulnerability USN-627-1
Ubuntu Update for clamav USN-1482-1
Ubuntu Update for ceilometer USN-2311-2
Ubuntu Update for backuppc USN-1249-1

Ubuntu Update for dpkg USN-2242-1

Take action and discover your vulnerabilities