지락문화예술공작단

USN-3228-1: libevent vulnerabilities Ubuntu Security Notice USN-3228-1 13th March, 2017 libevent vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in libevent. Software description libevent – Asynchronous event notification library Details Guido Vranken discovered that libevent incorrectly handled memory whenprocessing certain data. A remote attacker could possibly use this issuewith an application that uses libevent to cause a denial of service, orpossibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: libevent-2.0-5 2.0.21-stable-2ubuntu0.16.10.1 Ubuntu 16.04 LTS: libevent-2.0-5 2.0.21-stable-2ubuntu0.16.04.1 Ubuntu 14.04 LTS: libevent-2.0-5 2.0.21-stable-1ubuntu1.14.04.2 Ubuntu 12.04 LTS: libevent-2.0-5 2.0.16-stable-1ubuntu0.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary [ more… ]

USN-3229-1: Python Imaging Library vulnerabilities Ubuntu Security Notice USN-3229-1 13th March, 2017 python-imaging vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the Python Imaging Library. Software description python-imaging – Python Imaging Library Details It was discovered that the Python Imaging Library incorrectly handledcertain compressed text chunks in PNG images. A remote attacker couldpossibly use this issue to cause the Python Imaging Library to crash,resulting in a denial of service. (CVE-2014-9601) Cris Neckar discovered that the Python Imaging Library incorrectly handledcertain malformed images. A remote attacker could use this issue to causethe Python Imaging Library to crash, resulting in a denial of service, orpossibly obtain sensitive information. (CVE-2016-9189) Cris Neckar discovered that the Python Imaging Library incorrectly handledcertain malformed images. A remote attacker could use this issue [ more… ]

USN-3230-1: Pillow vulnerabilities Ubuntu Security Notice USN-3230-1 13th March, 2017 pillow vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Pillow. Software description pillow – Python Imaging Library Details It was discovered that Pillow incorrectly handled certain compressed textchunks in PNG images. A remote attacker could possibly use this issue tocause Pillow to crash, resulting in a denial of service. This issue onlyaffected Ubuntu 14.04 LTS. (CVE-2014-9601) Cris Neckar discovered that Pillow incorrectly handled certain malformedimages. A remote attacker could use this issue to cause Pillow to crash,resulting in a denial of service, or possibly obtain sensitive information.(CVE-2016-9189) Cris Neckar discovered that Pillow incorrectly handled certain malformedimages. A remote attacker could use this issue to cause Pillow to crash,resulting in a denial [ more… ]