[월:] 2016년 06월

USN-2986-1: dosfstools vulnerabilities Ubuntu Security Notice USN-2986-1 31st May, 2016 dosfstools vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary dosfstools could be made to crash or run programs if it processed a specially crafted filesystem. Software description dosfstools – utilities for making and checking MS-DOS FAT filesystems Details Hanno Böck discovered that dosfstools incorrectly handled certain malformedfilesystems. A local attacker could use this issue to cause dosfstools tocrash, resulting in a denial of service, or possibly execute arbitrarycode. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: dosfstools 3.0.28-2ubuntu0.1 Ubuntu 15.10: dosfstools 3.0.28-1ubuntu0.1 Ubuntu 14.04 LTS: dosfstools 3.0.26-1ubuntu0.1 Ubuntu 12.04 LTS: dosfstools 3.0.12-1ubuntu1.3 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, [ more… ]

USN-2987-1: GD library vulnerabilities Ubuntu Security Notice USN-2987-1 31st May, 2016 libgd2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary The GD library could be made to crash or run programs if it processed a specially crafted image file. Software description libgd2 – GD Graphics Library Details It was discovered that the GD library incorrectly handled certain colortables in XPM images. If a user or automated system were tricked intoprocessing a specially crafted XPM image, an attacker could cause a denialof service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.(CVE-2014-2497) It was discovered that the GD library incorrectly handled certain malformedGIF images. If a user or automated system were tricked into processing aspecially crafted GIF image, an attacker could cause a [ more… ]