지락문화예술공작단

USN-3914-1: NTFS-3G vulnerability ntfs-3g vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary NTFS-3G could be made to crash or potentially run programs as an administrator if executed with specially crafted arguments. Software Description ntfs-3g – read/write NTFS driver for FUSE Details A heap buffer overflow was discovered in NTFS-3G when executing it with a relative mount point path that is too long. A local attacker could potentially exploit this to execute arbitrary code as the administrator. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 ntfs-3g – 1:2017.3.23-2ubuntu0.18.10.1 Ubuntu 18.04 LTS ntfs-3g – 1:2017.3.23-2ubuntu0.18.04.1 Ubuntu 16.04 LTS ntfs-3g – 1:2015.3.14AR.1-1ubuntu0.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all [ more… ]

USN-3912-1: GDK-PixBuf vulnerability gdk-pixbuf vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file. Software Description gdk-pixbuf – GDK Pixbuf library Details It was discovered that the GDK-PixBuf library did not properly handle certain BMP images. If an user or automated system were tricked into opening a specially crafted BMP file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS libgdk-pixbuf2.0-0 – 2.32.2-1ubuntu1.6 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart your [ more… ]