drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in libKDcraw
Name: |
Denial of Service in libKDcraw |
|
ID: |
USN-1978-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 LTS |
|
Datum: |
Di, 1. Oktober 2013, 08:00 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1439 |
|
Applikationen: |
LibRaw |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============7313972783801966918== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="GK7hxQ79kNtMvkb1Q0FH6XMOBh9shW4HV"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --GK7hxQ79kNtMvkb1Q0FH6XMOBh9shW4HV Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1978-1 September 30, 2013
libkdcraw vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
libKDcraw could be made to crash if it opened a specially crafted file.
Software Description: - libkdcraw: RAW picture decoding library
Details:
It was discovered that libKDcraw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against libKDcraw could be made to crash, resulting in a denial of service. (CVE-2013-1438, CVE-2013-1439)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libkdcraw20 4:4.8.5-0ubuntu0.3
After a standard system update you need to restart your session to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1978-1 CVE-2013-1438, CVE-2013-1439
Package Information: https://launchpad.net/ubuntu/+source/libkdcraw/4:4.8.5-0ubuntu0.3
--GK7hxQ79kNtMvkb1Q0FH6XMOBh9shW4HV Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCgAGBQJSSbPLAAoJEGVp2FWnRL6TRc0P/0sBzeo+DGPxG7NFHH0d0mdQ KX5bZ1ZfzAng/tdD094xNWv1/qYwDoD33wp0AJRswSYHZspp/DFCVjhI46spPO4m 7n5LKBBjOvQQX1e543jvNhRiPKkI64x2y+o20/A+Inog8JgipkaW8Nch9cgaD27V 42/k4CHXYPH4D8feXaSIrhshOugpk1UVz+SoqzTjQbnlQxdRgPBAfvT/sn70LTZt PuDltn2M8SoqpfRDojOvdg5Wfz8W0ghVSag3aFXUfbMPKpr7zixClx3UIQO3yQMk acD3dh9eKphw2NAkBOgnzEMQsQ9NCN2jmjr3VZ2jKnh+CDP6kD9Mt6FQeaA1MnXq DuM5nsw1+sD1uWZ2kwCGy60DeyAPufUgyqOCkZ8p8R6f1GcS+XpvGSAOzJOmi+t0 yomMtVwPeqjqnG4DXAaAyjY6FCzmxqR7HLa8CH63aEzSt4xuNRCAu8WvEfrXg8SV p/t+Tqcxh6bO14pOcZ3AM6zhRka5y3Lp3E9b81tcF/AOWj45W1q7Jk29JTjV2NRk m4O+KFCe4vblY/Ifzzk2O6xieKIXhjS4Zcr5I6LSqbC347Zjme7vbW5lALsRzsJn u6Cftt/MXoDM3TjZFxFIup1DqZIjwrLkiL0WPfAUPLn90TmsypAx5qLhAF3RR49z GRK4PVpeEp39Z2LvsRXS =/F5T -----END PGP SIGNATURE-----
--GK7hxQ79kNtMvkb1Q0FH6XMOBh9shW4HV--
--===============7313972783801966918== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7313972783801966918==--
|
|
|
|