[월:] 2017년 12월

USN-3498-2: curl vulnerability Ubuntu Security Notice USN-3498-2 4th December, 2017 curl vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary curl could be made to crash if it received specially crafted input. Software description curl – HTTP, HTTPS, and FTP client and client libraries Details USN-3498-1 fixed a vulnerability in curl. This update providesthe corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2017-8817) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: libcurl3-nss 7.22.0-3ubuntu4.19 curl 7.22.0-3ubuntu4.19 libcurl3-gnutls 7.22.0-3ubuntu4.19 libcurl3 7.22.0-3ubuntu4.19 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. [ more… ]

USN-3503-1: Evince vulnerability Ubuntu Security Notice USN-3503-1 4th December, 2017 evince vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Evince could be made to run programs if it printed a specially crafted file. Software description evince – Document viewer Details It was discovered that Evince incorrectly handled printing certain DVIfiles. If a user were tricked into opening and printing a specially-namedDVI file, an attacker could use this issue to execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: evince 3.24.0-0ubuntu1.3 evince-common 3.24.0-0ubuntu1.3 Ubuntu 16.04 LTS: evince 3.18.2-1ubuntu4.3 evince-common 3.18.2-1ubuntu4.3 Ubuntu 14.04 LTS: evince 3.10.3-0ubuntu10.4 evince-common 3.10.3-0ubuntu10.4 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the [ more… ]