Mehrere Probleme in DjVuLibre (Aktualisierung)
ID: | USN-4957-2 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 16.04 ESM |
Datum: | Di, 18. Mai 2021, 23:43 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32492
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3500 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32490 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32491 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32493 |
Applikationen: | DjVuLibre |
Update von: | Mehrere Probleme in DjVuLibre |
Originalnachricht |
|
--===============5273782237485791879== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="mP3DRpeJDSE+ciuQ" Content-Disposition: inline --mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-4957-2 May 18, 2021 djvulibre vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: Several security issues were fixed in DjVuLibre. Software Description: - djvulibre: DjVu image format library and tools Details: USN-4957-1 fixed several vulnerabilities in DjVuLibre. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: libdjvulibre21 3.5.27.1-5ubuntu0.1+esm1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4957-2 https://ubuntu.com/security/notices/USN-4957-1 CVE-2021-32490, CVE-2021-32491, CVE-2021-32492, CVE-2021-32493, CVE-2021-3500 --mP3DRpeJDSE+ciuQ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAmCj12UACgkQRbznW4QL H2nOARAAsyPhUcaIAH7in+r5iW8Bi1BW58w12iJ0a1QvdlvVml+dlFoKPWdShn2n tIm8IIxDcUkRgcnXQFmT6z1PUV9WoKQb83da7wA73w5nPrkdPjjkhDxuOSN5Zm/6 c6Dupw0obz9aqcr1jHevgRp22XnvLky+XNIZ131i4ttC7JpEiixpUTW9NBw/aDL5 VOleVBI3clm/L25pFpZdnlZVEqp7wIr7P22cP5O+3jr5kwoslgyXoNhc4yYSsOcC 8uDoRXlrmSAE/BKsGAPuqRXoyJc6nGl55N37RnqBMcebDk6F/hzX5U1aphIrDKNC TFhrz0D2/fzq9nZ/sYnhdExc4AOi3WUvjQ06IetohaEgMVxifeO4gFp/6yqJtVEj IoBZokPtxy4psJ5hKgDH2QNvyo5iJ/SIegQiMT/kauWW3N2XeK8jF0WALk9oO5hd TmIRW5qf0tF3i97mAqXknpBAIEymztS2qV4OqiuiFLnCsBGeIopyTZdJTHy6Db3y rBtb5bIi2xXMV6S2masvdXAq98G76jZHzxvpITUdLtspUAy+R1IVuXpr6K166RZc rClu7PgHaQsOp2Bi6EPyl7uc/HIuUYYBEZsNhDrYyIQde8LtqUXsdk91+pZXIkWW 1qAe63WJ6HsfmBrETeV6TaCQoV4u0Mm+YL8cbRWgmY9eTTo4ZZs= =SWRj -----END PGP SIGNATURE----- --mP3DRpeJDSE+ciuQ-- --===============5273782237485791879== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |