Ubuntu security

USN-4497-1: OpenJPEG vulnerabilities It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-9112) It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it could be made to crash or potentially execute arbitrary code. (CVE-2018-20847, CVE-2018-21010, CVE-2020-6851, CVE-2020-8112, CVE-2020-15389) It was discovered that OpenJPEG incorrectly handled certain BMP files. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2019-12973) Source: USN-4497-1: OpenJPEG vulnerabilities

USN-4496-1: Apache XML-RPC vulnerability It was discovered that Apache XML-RPC (aka ws-xmlrpc) does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-17570) Source: USN-4496-1: Apache XML-RPC vulnerability

USN-4495-1: Apache Log4j vulnerability It was discovered that Apache Log4j does not properly deserialize untrusted data. An attacker could possibly use this issue to remotely execute arbitrary code. (CVE-2019-17571) Source: USN-4495-1: Apache Log4j vulnerability

USN-4494-1: GUPnP vulnerability It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks. Source: USN-4494-1: GUPnP vulnerability

USN-4493-1: cryptsetup vulnerability It was discovered that cryptsetup incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Source: USN-4493-1: cryptsetup vulnerability