You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libmaxminddb

Sigurnosni nedostatak programske biblioteke libmaxminddb

==========================================================================
Ubuntu Security Notice USN-4631-1
November 12, 2020

libmaxminddb vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.10
– Ubuntu 20.04 LTS

Summary:

libmaxminddb could be made to crash if it received specially crafted data.

Software Description:
– libmaxminddb: C library for the MaxMind DB file format

Details:

It was discovered that libmaxminddb incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
applications using libmaxminddb to crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
libmaxminddb0 1.4.2-0ubuntu1.20.10.1

Ubuntu 20.04 LTS:
libmaxminddb0 1.4.2-0ubuntu1.20.04.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4631-1
CVE-2020-28241

Package Information:
https://launchpad.net/ubuntu/+source/libmaxminddb/1.4.2-0ubuntu1.20.10.1
https://launchpad.net/ubuntu/+source/libmaxminddb/1.4.2-0ubuntu1.20.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl+tVjkACgkQZWnYVadE
vpNxWA/+LqRySvQsq/zu0fSIHwqT09dV4/itl6joZrxO3olLthPDf54ScYUpf87a
EOK53koVs9wRmQjMJFTCZj2MM6UB+mbk0lDjCYuVN5f6NuNxRmUIRTn5g2QqqJ8C
h/DE9yy2c5PDenM5JV/xRRuiQz4F5yc985AIRbZJp42f7Nn9IY98eUQhP1pPcLov
YBY42OTL5oP4TFIX+EAuFpv73T8gkZtDcZ+c98YbsYliRe/kvtGuUzo9jxvPgTW0
pQOlKJeJnyS8ar8UL+TEt5bJ632eH2WKyuSDjlJmRiBcNd3fAxfBsiMGob9oTJN7
H2zZ0qsYf/dWjajxnkPEQrvnQrSoSR1iGdwy9Fdtu4oH8qYi29A1TLhQzPZUs8BB
cups/nHqPAYzxJ/4bOEn3pth3BZSw2b6MaWbXi4Gx1maqjUvK5VvNP+jWOhHysoI
GghRYGHBzehHcT14er7RjqO8fZuya2j09+TuerXY6DjUIY/tQSLmK//yaw0U9/2O
sYpF66JsDr/Il7OARxOQDFLq1nDf/I34ZOX3IltXnt3Uw3MnsCYBXsiRLF+3LMQQ
FCiXhVydkwZgdN8L8BPd9oh9gpK3ukK6inZWlvkhtxkM2H1w6jq8lolYZZ0SJNrm
QVjdtzvv6JFXwwTBNVmZxGwMJ0XifSSIo/X3/YU8or4biq0mTK0=
=FUha
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa codemirror-js

Otkriven je sigurnosni nedostatak u programskom paketu codemirror-js za operacijski sustav Debian. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja....

Close