漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
It was discovered that juju did not set permissions on a Unix domain socket.
漏洞危害
A local attacker could use this flaw to gain administrative privileges.
解决方案
Refer to Ubuntu advisory USN-3300-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3300-1: 14.04 (Kylin) on src (juju-local-kvm)
USN-3300-1: 16.10 (Yakkety) on src (juju)
USN-3300-1: 16.04 (Xenial) on src (juju)
USN-3300-1: 16.04 (Xenial) on src (juju-2.0)
USN-3300-1: 17.04 (zesty) on src (juju-2.0)
USN-3300-1: 17.04 (zesty) on src (juju)
USN-3300-1: 14.04 (Kylin) on src (juju)
USN-3300-1: 14.04 (Kylin) on src (juju-local)
0daybank
文章评论