USN-3546-1: gcab vulnerability
USN-3546-1: gcab vulnerability Ubuntu Security Notice USN-3546-1 24th January, 2018 gcab vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 16.04 LTS Summary gcab could be made to crash or run programs if it opened a specially crafted file. Software description gcab – Microsoft Cabinet file manipulation tool Details Richard Hughes discovered that gcab incorrectly handled certain malformedcabinet files. If a user or automated system were tricked into opening aspecially crafted cabinet file, a remote attacker could use this issue tocause gcab to crash, resulting in a denial of service, or possibly executearbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: libgcab-1.0-0 0.7-4ubuntu0.1 gcab 0.7-4ubuntu0.1 Ubuntu 16.04 LTS: libgcab-1.0-0 0.7-1ubuntu0.1 gcab 0.7-1ubuntu0.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a [ more… ]