[월:] 2019년 06월

USN-4039-1: CImg vulnerabilities CImg vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Summary Several security issues were fixed in CImg. Software Description cimg – C++ template image processing toolkit Details It was discovered that allocation failures could occur in CImg when loading crafted bmp images. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-7587) It was discovered that a heap-based buffer over-read existed in CImg when loading crafted bmp images. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-7588) It was discovered that a double free existed in CImg when loading crafted bmp images. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-7589) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu [ more… ]

USN-4040-2: Expat vulnerability expat vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Expat could be made to consume a high amount of RAM and CPU resources if it received a specially crafted XML file. Software Description expat – XML parsing C library Details USN-4040-1 fixed a vulnerability in expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM lib64expat1 – 2.1.0-4ubuntu1.4+esm1 libexpat1 – 2.1.0-4ubuntu1.4+esm1 Ubuntu 12.04 ESM lib64expat1 – 2.0.1-7.2ubuntu1.6 libexpat1 – 2.0.1-7.2ubuntu1.6 To update your system, please follow [ more… ]

USN-4040-1: Expat vulnerability expat vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Expat could be made to consume a high amount of RAM and CPU resources if it received a specially crafted XML file. Software Description expat – XML parsing C library Details It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 libexpat1 – 2.2.6-1ubuntu0.19.04 Ubuntu 18.10 libexpat1 – 2.2.6-1ubuntu0.18.10 Ubuntu 18.04 LTS libexpat1 – 2.2.5-3ubuntu0.1 Ubuntu 16.04 LTS lib64expat1 – 2.1.0-7ubuntu0.16.04.4 libexpat1 – 2.1.0-7ubuntu0.16.04.4 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all [ more… ]