
USN-3408-1: Liblouis vulnerabilities
USN-3408-1: Liblouis vulnerabilities Ubuntu Security Notice USN-3408-1 4th September, 2017 liblouis vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Liblouis. Software description liblouis – Braille translation library – utilities Details It was discovered that an illegal address access can be made inLiblouis. A remote attacker can take advantange of this toaccess sensitive information. (CVE-2017-13738, CVE-2017-13744) It was discovered a heap-based buffer overflow that causes bytesout-of-bounds write in Liblouis. A remote attacker can use this todenial of service or remote code execution. (CVE-2017-13739) It was discovered a stack-based buffer overflow in Liblouis. A remoteattacker can use this to denial of service or possibly unspecified otherimpact. (CVE-2017-13740, CVE-2017-13742) Update instructions The problem can be corrected by updating your system to the following package [ more… ]