drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in ExiV2
Name: |
Denial of Service in ExiV2 |
|
ID: |
USN-2454-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.10 |
|
Datum: |
Mi, 7. Januar 2015, 21:40 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9449 |
|
Applikationen: |
ExiV2 |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============3288968411596515414== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="ADTs9lajKxKCkkvdxxPNQCNupLsjI6HRG"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ADTs9lajKxKCkkvdxxPNQCNupLsjI6HRG Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2454-1 January 07, 2015
exiv2 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
Summary:
Exiv2 could be made to crash if it opened a specially crafted file.
Software Description: - exiv2: EXIF/IPTC metadata manipulation tool
Details:
It was discovered that Exiv2 incorrectly handled certain tag values in video files. If a user or automated system were tricked into opening a specially-crafted video file, a remote attacker could cause Exiv2 to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.10: libexiv2-13 0.24-2ubuntu1.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2454-1 CVE-2014-9449
Package Information: https://launchpad.net/ubuntu/+source/exiv2/0.24-2ubuntu1.1
--ADTs9lajKxKCkkvdxxPNQCNupLsjI6HRG Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJUrX5VAAoJEGVp2FWnRL6TwTUP/Ay0untC/uLu+OS0YjppjaVS 1Q29s1UK/7PtIlFGbACb/4CrWwVPvMDtoEE2I+zvU91mWoWhxK2aRCr0/8vZmfNw 7rR79bgzq9QExHASb6gKlONstFnrSQNIOZPDKWa6F8FpE0bMo4N7F9imQzP6kmAZ b0huo6vyivhRthiJwB4qSozMYl2QEahYCKGONjvE8N5e5CLTW75aT6A7JvNzWAIr MYsPIiJTBL5SW24D2PidVt5JFd/4t3IsccYj/lMQv7la8JB5SofR6dJJtylXYouv Tmg/KNk1wiSUFKWW5d/PRRW3RVxAgunF7i8GoVhfyYvixR9BFjZb0+vnv69ifIpl EOSUDx7wt2iOeriWkBaWm+d+MW+FEYs6rG2wfXj253sEEoBX+bTuRZfHiQT/Sk0m mcta2a4QdtsOfDD/a1uIYnPprGsy/Cbvsk3nc7fa0NoAkbVL2nHDyN+tXRC6Tais wEQnBhtEw4n9SgWyM83afTWCrnCArEgWpD8ccbu2tckmI6p3ciSb30VzGomJpcK8 El2svmkeMiuXh4jUbqeAAbmr3YdXTJXSUbKmlcmqe/NTIFvfrI7kahEBkyyhdq1h C5Wqpxl48uwDbAPTGX/sHyX42iMnONsRoFxnIaQjV+QctHyVpR1mjyIA5cIMa4iS mfD8M6ArtgunkbQFhlj6 =STfH -----END PGP SIGNATURE-----
--ADTs9lajKxKCkkvdxxPNQCNupLsjI6HRG--
--===============3288968411596515414== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3288968411596515414==--
|
|
|
|