SECURITY

No Image

USN-4987-1: ExifTool vulnerability

2021-06-11 KENNETH 0

USN-4987-1: ExifTool vulnerability It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code. Source: USN-4987-1: ExifTool vulnerability

No Image

USN-4986-3: rpcbind regression

2021-06-11 KENNETH 0

USN-4986-3: rpcbind regression USN-4986-1 fixed a vulnerability in rpcbind. The update caused a regression resulting in rpcbind crashing in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service. Source: USN-4986-3: rpcbind regression

No Image

USN-4971-2: libwebp vulnerabilities

2021-06-10 KENNETH 0

USN-4971-2: libwebp vulnerabilities USN-4971-1 fixed several vulnerabilities in libwebp. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-4971-2: libwebp vulnerabilities

No Image

USN-4986-2: rpcbind vulnerability

2021-06-10 KENNETH 0

USN-4986-2: rpcbind vulnerability USN-4986-1 fixed a vulnerability in rpcbind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service. Source: USN-4986-2: rpcbind vulnerability

No Image

USN-4986-1: rpcbind vulnerability

2021-06-09 KENNETH 0

USN-4986-1: rpcbind vulnerability It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service. Source: USN-4986-1: rpcbind vulnerability