SECURITY

USN-3429-1: Libplist vulnerability Ubuntu Security Notice USN-3429-1 25th September, 2017 libplist vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Libplist could be made to crash if it opened a specially crafted file. Software description libplist – Library for handling Apple binary and XML property lists Details Wang Junjie discovered that Libplist incorrectly handled certain files.If a user were tricked into opening a crafted file, an attacker could possiblyuse this to cause a crash or denial or service. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: python-plist 1.12-3.1ubuntu0.17.04.1 libplist3 1.12-3.1ubuntu0.17.04.1 libplist-utils 1.12-3.1ubuntu0.17.04.1 Ubuntu 16.04 LTS: python-plist 1.12-3.1ubuntu0.16.04.1 libplist3 1.12-3.1ubuntu0.16.04.1 libplist-utils 1.12-3.1ubuntu0.16.04.1 Ubuntu 14.04 LTS: libplist1 1.10-1ubuntu0.1 libplist-utils 1.10-1ubuntu0.1 python-plist 1.10-1ubuntu0.1 To update your system, please follow these instructions: [ more… ]