Preisgabe von Informationen in Evince
ID: | USN-3959-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, Ubuntu 19.04 |
Datum: | Mo, 29. April 2019, 16:51 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459 |
Applikationen: | evince |
Originalnachricht |
|
--===============1307403809493494922== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-JHjRgai68yKwrQVgCx6Q" --=-JHjRgai68yKwrQVgCx6Q Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: base64 ========================================================================== Ubuntu Security Notice USN-3959-1 April 29, 2019 evince vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Evince could be made to expose sensitive information if it received a specially crafted file. Software Description: - evince: Document viewer Details: It was discovered that Evince incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: evince 3.32.0-1ubuntu0.1 evince-common 3.32.0-1ubuntu0.1 Ubuntu 18.10: evince 3.30.1-1ubuntu1.3 evince-common 3.30.1-1ubuntu1.3 Ubuntu 18.04 LTS: evince 3.28.4-0ubuntu1.1 evince-common 3.28.4-0ubuntu1.1 Ubuntu 16.04 LTS: evince 3.18.2-1ubuntu4.4 evince-common 3.18.2-1ubuntu4.4 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3959-1 CVE-2019-11459 Package Information: https://launchpad.net/ubuntu/+source/evince/3.32.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/evince/3.30.1-1ubuntu1.3 https://launchpad.net/ubuntu/+source/evince/3.28.4-0ubuntu1.1 https://launchpad.net/ubuntu/+source/evince/3.18.2-1ubuntu4.4 |