[월:] 2018년 12월

USN-3843-1: pixman vulnerability pixman vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary pixman could be made to crash or run programs if it processed specially crafted instructions. Software Description pixman – pixel-manipulation library for X and cairo Details It was discovered that pixman incorrectly handled the general_composite_rect function. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS libpixman-1-0 – 0.30.2-2ubuntu1.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart your session to make all the necessary changes. References CVE-2015-5297 Source: USN-3843-1: pixman vulnerability

USN-3837-2: poppler regression poppler regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary USN-3837-1 introduced a regression in poppler. Software Description poppler – PDF rendering library Details USN-3837-1 fixed vulnerabilities in poppler. A regression was reported regarding the previous update. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-16646) It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-19149) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu [ more… ]