[월:] 2019년 06월

USN-4003-1: Qt vulnerabilities qtbase-opensource-src vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in Qt. Software Description qtbase-opensource-src – Qt 5 libraries Details It was discovered that Qt incorrectly handled certain XML documents. A remote attacker could use this issue with a specially crafted XML document to cause Qt to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-15518) It was discovered that Qt incorrectly handled certain GIF images. A remote attacker could use this issue with a specially crafted GIF image to cause Qt to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-19870) It was discovered that Qt incorrectly handled certain BMP images. A remote attacker could use this issue with a specially [ more… ]

USN-4002-1: Doxygen vulnerability doxygen vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Doxygen could be made to run scripts as your login if it received a specially crafted query. Software Description doxygen – Documentation system for C, C++, Java, Python and other languages Details It was discovered that Doxygen incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code and compromise sensitive information. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS doxygen – 1.8.11-1ubuntu0.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2016-10245 Source: USN-4002-1: Doxygen vulnerability