drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in LibRaw
Name: |
Mehrere Probleme in LibRaw |
|
ID: |
USN-3838-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS |
|
Datum: |
Do, 6. Dezember 2018, 08:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5811
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5816 |
|
Applikationen: |
LibRaw |
|
Originalnachricht |
--===============4462815372149220469== Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature"
--=-=-= Content-Type: text/plain; format=flowed
========================================================================== Ubuntu Security Notice USN-3838-1 December 06, 2018
libraw vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
LibRaw could be made to crash or run programs as your login if it opened a specially crafted file.
Software Description: - libraw: raw image decoder library
Details:
It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: libraw16 0.18.8-1ubuntu0.2
Ubuntu 16.04 LTS: libraw15 0.17.1-1ubuntu0.4
Ubuntu 14.04 LTS: libraw9 0.15.4-1ubuntu0.3
After a standard system update you need to restart your session to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3838-1 CVE-2018-5807, CVE-2018-5810, CVE-2018-5811, CVE-2018-5812, CVE-2018-5813, CVE-2018-5815, CVE-2018-5816
Package Information: https://launchpad.net/ubuntu/+source/libraw/0.18.8-1ubuntu0.2 https://launchpad.net/ubuntu/+source/libraw/0.17.1-1ubuntu0.4 https://launchpad.net/ubuntu/+source/libraw/0.15.4-1ubuntu0.3
--=-=-= Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEiOlTC8vdwgBRe16w9JjS2d59rZwFAlwInyUACgkQ9JjS2d59 rZzeAAgAkKzSHfwcYRVMpsCpHx5ToZB8POS0ndmG3wxVzTQWlb+PNpF1DtHfXwGC 2INZC7LHJwgyhmK8uwfOCFVvlCZJkIPnnmG2nmgEkSH2Rbd5DRM11levDNj8O3c5 P6YLH17nGBwZLJanxVkHD64rR1jA8ICWGJKyVPjx+62UGkOLRnFpMlRGSLOno51b R0rN4Gss66ilqJMQJHHnTGtkDmjeXUHryx6JtblYqI2wVDgP4Af4RiSFBModu/1G whq3eA1Do244GYrN15cDAzQQ0QqQ9WJzeAAkIxqW7fxV/8+EpGoCK9+yz1rbqtgZ NRTw3x+VY/mT4CJ3nn/odY0kjkbbOA== =ytDq -----END PGP SIGNATURE----- --=-=-=--
--===============4462815372149220469== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|