Login
Newsletter
Werbung

Sicherheit: Denial of Service in libmysofa
Aktuelle Meldungen Distributionen
Name: Denial of Service in libmysofa
ID: USN-4033-1
Distribution: Ubuntu
Plattformen: Ubuntu 18.04 LTS, Ubuntu 18.10, Ubuntu 19.04
Datum: Di, 25. Juni 2019, 06:40
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10672
Applikationen: libmysofa

Originalnachricht


--===============8341933378862449231==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="s6izf6carf6tyt2b"
Content-Disposition: inline


--s6izf6carf6tyt2b
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4033-1
June 24, 2019

libmysofa vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.04
- Ubuntu 18.10
- Ubuntu 18.04 LTS

Summary:

libmysofa could be made to crash if it received specially crafted
input.

Software Description:
- libmysofa: library to read HRTFs stored in the AES69-2015 SOFA format

Details:

It was discovered that a libmysofa component does not properly validate
multiplications and additions, and may crash with some specific input.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
libmysofa0 0.6~dfsg0-2ubuntu0.19.04.1

Ubuntu 18.10:
libmysofa0 0.6~dfsg0-2ubuntu0.18.10.1

Ubuntu 18.04 LTS:
libmysofa0 0.6~dfsg0-2ubuntu0.18.04.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4033-1
CVE-2019-10672

Package Information:
https://launchpad.net/ubuntu/+source/libmysofa/0.6~dfsg0-2ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/libmysofa/0.6~dfsg0-2ubuntu0.18.10.1
https://launchpad.net/ubuntu/+source/libmysofa/0.6~dfsg0-2ubuntu0.18.04.1

--s6izf6carf6tyt2b
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEkCdEQ5T6DutSveCybUp5kL3izGYFAl0RX5UACgkQbUp5kL3i
zGanTw/8Cc7cWezEu9aruLKYGzGOPuEUu1mnQNeRAOFotnw+XxfUZY6R2z4bGNKK
2/X8p39DJ2wkY3OfnFid5AHJEIYvnzm/IiwqX3E+Hssfe9TRlXzqBUwy3TOSpuDh
WVxEtVnsCCeJznQU3fOu4MUbch5Uh36retDCooOViKifwLlMpw6soy4AR8Krxl8+
Jgt3xMwflX/Buw9k3hXwvrUcvzZRwDbGM8YOV0Rb5N+t5X1fp22+7prUW3mvCk9l
gEsZAaOV8lWOizm+J4qybLj+49mSySYgSmeR70L3nderWmrO9X3TsUF5+Ymhq53o
hnV+tfvoyuK9nH7SI+ERxTyawF5U0iypxfReedmzYw9fpM/5wh2GYdNu4dkbLnqR
wM3wXQhZmbpWLmgzavqy2UJUYzODJKC63Ss9e28YFKWvh+K0pKeRzCGevK2dT1EP
l5j8JCxBqjJgAehWvZO5kAvES9UT7gRuNWO0bgpfWyU5wmvJlDfIW/1ccMgmU9+x
zbuVHMgjteNNOHiq0iwFTFCus4qsQNfV7XPMwaLba44IEViV0RB3kWfr0HnClHEl
U4HqG3UQdL7JnXlYuAH+Y6tU6GM7jqjf2Uh+YDd9u18q3KXPrWm2n/fFtiVa137d
1OCFSKhjxJ9QQc2PMk1gI5+jKpCoQFUT+xIEXebNa90tt//zJ+4=
=j7Pl
-----END PGP SIGNATURE-----

--s6izf6carf6tyt2b--


--===============8341933378862449231==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung