venerdì 13 novembre 2009

I primi aggiornamenti di sicurezza rilasciati per Ubuntu 9.10 Karmic Koala

Maria Susana Diaz | 07:33 |
Come al solito installabili tramite l'aggiornamento globale del sistema:

sudo apt-get update
apt-get upgrade

apt-get non è altro che un gestore di pacchetti che funziona da riga di comando. Quando tu lo lanci, semplicemente il sistema si accorge che un gestore di pacchetti è in esecuzione e compare l'icona sulla barra che te lo segnala.

oppure automaticamente se avete fatto questa scelta.

In quest'ultimo caso attenzione agli aggiornamenti alternativi (consigliato). Leggere atentamente prima di installarli.

Due parole su Apt-Get

Il comando apt-get è un potente strumento a riga di comando usato per operare con l'APT (Advanced Packaging Tool ) di Ubuntu al fine di eseguire operazioni come l'installazione di nuovi pacchetti software, l'aggiornamento dei pacchetti software esistenti, l'aggiornamento dell'indice dell'elenco di pacchetti e persino l'avanzamento di versione dell'intero sistema Ubuntu.

Essendo un semplice strumento da riga di comando, apt-get presenta agli amministratori di sistema numerosi vantaggi rispetto ad altri strumenti di gestione dei pacchetti disponibili in Ubuntu. Alcuni di questi vantaggi sono la facilità d'utilizzo mediante connessioni via terminale (SSH) e la possibilità di essere usato in script di amministrazione del sistema, resi magari automatizzati attraverso l'utilità di pianificazione cron.

Alcuni esempi di utilizzo tipico dell'utilità apt-get:

Installare un pacchetto: l'installazione di pacchetti usando lo strumento apt-get è molto semplice. Per esempio, per installare lo scanner di rete nmap, digitare il seguente comando:

sudo apt-get install nmap
Rimuovere un pacchetto: la rimozione di uno o più pacchetti è altrettanto semplice e immediata. Per rimuovere il pacchetto nmap installato nell'esempio precedente, digitare il seguente comando:

sudo apt-get remove nmap

Pacchetti multipli: è possibile specificare più di un pacchetto da installare o rimuovere, separati da spazi.

Aggiornare l'indice dei pacchetti: l'indice dei pacchetti di APT è essenzialmente un database dei pacchetti disponibili dai repository definiti nel file /etc/apt/sources.list. Per aggiornare l'elenco locale dei pacchetti con i cambiamenti apportati di recente nei repository, digitare il comando:

sudo apt-get update
Aggiornare i pacchetti: nel tempo, versioni aggiornate dei pacchetti installati nel computer possono essere disponibili tramite i repository dei pacchetti (per esempio aggiornamenti di sicurezza). Per aggiornare il proprio sistema, è necessario prima di tutto aggiornare l'indice dei pacchetti come spiegato sopra e poi digitare:

sudo apt-get upgrade
Se un pacchetto necessita l'installazione o la rimozione di nuove dipendenze durante l'aggiornamento, allora tale pacchetto non sarà aggiornato dal comando upgrade. Per questo genere di aggiornamenti, è necessario utilizzare il comando dist-upgrade.


In aggiunta, è possibile aggiornare l'intero sistema Ubuntu da una versione a un'altra con «dist-upgrade». Per esempio, per aggiornare Ubuntu dalla versione 6.06 alla versione 7.04, assicurarsi che nel file /etc/apt/sources.list la versione 7.04 dei repository sostituisca la versione 6.06 esistente, quindi eseguire il comando apt-get update. infine, eseguire l'aggiornamento digitando:

sudo apt-get dist-upgrade
L'aggiornamento del sistema alla versione successiva richiede un certo periodo di tempo. Solitamente sono richiesti alcuni passi di post-aggiornamento come descritto nelle note di aggiornamento per la revisione a cui si sta aggiornando.

Le azioni del comando apt-get, come l'installazione o la rimozione di pacchetti, vengono registrate nel file di registro /var/log/dpkg.log.

Per maggiori informazioni sull'uso di APT, consultare il Manuale utente di Debian APT, oppure digitare:

apt-get help

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Scaricamento dell'elenco dei cambiamenti non riuscito.
Verificare la connessione a Internet.

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides the CUPS scheduler/daemon and related files.
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpr, lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides the BSD commands for interacting with CUPS.
It is provided separately to allow CUPS to coexist with other printing systems (to a small degree).
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides the System V style print client programs.
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides common files for CUPS server and client packages.
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides utilities to generate and manipulate PPD files.
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

This is a dummy package to ease transition to new package name.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820


Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820


The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides a shared library for CGI programs in the CUPS web interface
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides a shared library with useful functions for printer drivers.
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides the image libraries for handling the CUPS raster format.
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides a shared library for file type detection and file conversion filter chain building.
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Cambiamenti per le versioni:
1.4.1-5ubuntu2
1.4.1-5ubuntu2.1

Versione 1.4.1-5ubuntu2.1:

* SECURITY UPDATE: XSS and CRLF injection in headers
- debian/patches/CVE-2009-2820.dpatch: Introduce cgiClearVariables() in
cgi-bin/{var.c,cgi.h,libcupscgi.exp}. Clear out variables in
cgi-bin/{classes,help,ipp-var,jobs,printers}.c. Encode URL string and
clear out variables in cgi-bin/admin.c. Filter more characters in
cgi-bin/template.c.
- debian/libcupscgi1.symbols: add new symbol from security patch
- CVE-2009-2820

The Common UNIX Printing System (or CUPS(tm)) is a printing system and general replacement for lpd and the like.
It supports the Internet Printing Protocol (IPP), and has its own filtering driver model for handling various document types.
This package provides the base shared library for generating and manipulating PPD files.
The terms "Common UNIX Printing System" and "CUPS" are trademarks of Easy Software Products (www.easysw.com), and refer to the original source packages from which these packages are made.

Se ti è piaciuto l'articolo, iscriviti al feed per tenerti sempre aggiornato sui nuovi contenuti del blog:

TiPI (Ti Potrebbe Interessare)


LinuxLinks

Trovato questo articolo interessante? Condividilo sulla tua rete di contatti in Twitter, sulla tua bacheca su Facebook, in Linkedin, Instagram o Pinterest. Diffondere contenuti che trovi rilevanti aiuta questo blog a crescere. Grazie!

LINKEDIN