drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in libexif
Name: |
Mehrere Probleme in libexif |
|
ID: |
USN-4277-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 12.04 ESM, Ubuntu 18.04 LTS, Ubuntu 14.04 ESM, Ubuntu 19.10 |
|
Datum: |
Di, 11. Februar 2020, 23:34 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6328
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7544 |
|
Applikationen: |
libexif |
|
Originalnachricht |
--===============9200418798829343630== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="lrZ03NoBR/3+SXJZ" Content-Disposition: inline
--lrZ03NoBR/3+SXJZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4277-1 February 11, 2020
libexif vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in libexif.
Software Description: - libexif: library to parse EXIF files
Details:
Liu Bingchang discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2016-6328)
Lili Xu and Bingchang Liu discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2017-7544)
It was discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-9278)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.10: libexif12 0.6.21-5.1ubuntu0.1
Ubuntu 18.04 LTS: libexif12 0.6.21-4ubuntu0.1
Ubuntu 16.04 LTS: libexif12 0.6.21-2ubuntu0.1
Ubuntu 14.04 ESM: libexif12 0.6.21-1ubuntu1+esm1
Ubuntu 12.04 ESM: libexif12 0.6.20-2ubuntu0.2
After a standard system update you need to restart your session to effect the necessary changes.
References: https://usn.ubuntu.com/4277-1 CVE-2016-6328, CVE-2017-7544, CVE-2019-9278
Package Information: https://launchpad.net/ubuntu/+source/libexif/0.6.21-5.1ubuntu0.1 https://launchpad.net/ubuntu/+source/libexif/0.6.21-4ubuntu0.1 https://launchpad.net/ubuntu/+source/libexif/0.6.21-2ubuntu0.1
--lrZ03NoBR/3+SXJZ Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl5C+pQACgkQRbznW4QL H2mXYA/+MzL1mu/i4T2sy6KjvQ3UuOdoqRkS/+ThYKGSy5IcOoozLgdBvsxsmcKy zh7tRukJ4LmSxpzmrP/uBsfnFMYbrRJTxEdOozwTKYFNNADTJBzO/3Ad4SgzZOHa vzwm5WvIG65bx4SFIqjtrRwFw9HAj1n83yRbAENpeCsVhNf+RD9EZ29zca4OKQe5 iSVvfapK90jwOUeHlAmo71W7J+A3kAMSlGdSEdwIsmCNWpqGJaoV2e9v/PIofbkB YVobgSf4ldenAJ6cxK/yNz6ToqWTLWSCuDU+pcZlo3W3NAeCGUAkVgrcbvn0G/Mx CH/ZDbQJaEq3mNZesYX22oB7hsX3o9BWJA+TAT9yP836CPZdgOgKuNankghM5Gi0 2z4iRD2U2B/MNHmyhsoTy6E4PJnq0YDLVrwny8+vxHprAW7OCh2jR3oDYhD3ILhP 77VuJo+jfn12rKX2H5MORw+Y+9s1Kkdmwy/j+wivqaHKENLJ4TjEaHui/SWvgUKD qWjWCRgZnu9EUJ6or8K9z4a0X6SgpUoIpsI3Z37zLF/iC7Z1EUmEfrQIsLqzsGjC IWRcnTGVYnHldgFJoUmNpYsMyp7AK1t6gkrNWPv15ol06W0lim2X2Rhv9JHQLjcA /nzwXRbQ3WBdyQnD3lUx/wPfRrolwLqhrPkxI5ub734A3lzFfRU= =CZTb -----END PGP SIGNATURE-----
--lrZ03NoBR/3+SXJZ--
--===============9200418798829343630== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|