You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa libmspack

Sigurnosni nedostaci programskog paketa libmspack

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3394-1
August 17, 2017

libmspack vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 17.04
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in libmspack.

Software Description:
– libmspack: library for Microsoft compression formats

Details:

It was discovered that libmspack incorrectly handled certain malformed CHM
files. A remote attacker could use this issue to cause libmspack to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2017-6419)

It was discovered that libmspack incorrectly handled certain malformed CAB
files. A remote attacker could use this issue to cause libmspack to crash,
resulting in a denial of service. (CVE-2017-6419)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
libmspack0 0.5-1ubuntu0.17.04.1

Ubuntu 16.04 LTS:
libmspack0 0.5-1ubuntu0.16.04.1

In general, a standard system update will make all the necessary changes.

References:
https://www.ubuntu.com/usn/usn-3394-1
CVE-2017-11423, CVE-2017-6419

Package Information:
https://launchpad.net/ubuntu/+source/libmspack/0.5-1ubuntu0.17.04.1
https://launchpad.net/ubuntu/+source/libmspack/0.5-1ubuntu0.16.04.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJZldRrAAoJEGVp2FWnRL6TXuQP/1onyoCI8cAOaK+amcNqf8pa
4d0wclMraHS7m7xRRwlZwJC5v/2r6etZ6Yzhdwko5x+6DVLN+jP3EfzJayHFdC+p
DBtQkYfACBkXGrkRL1sSssOzQLRUQeIfUx/s0JgmTKVASTxE2mLe3GbwBwfni10u
8Ks1GJE89Ab0ctSgCu012zZwQaOGfhlgq2wWwGbX8RezkIpWKV0m1HNtiA89gQZw
E6ZLkuXSC7usEWXqN6+2GSxtK5MY8TRxBZJygXst8N3RnzLmgRm+PauBaGfUYCX5
xY34MJ+72UsED/VLjbgzAd4h1j9vWIIMlIcNLmBzim8xyOPsusQN9HFqBEO0zMn/
nPt3lnSDPbZC+eeFIeKY5gNgd4FcIu9YOyKipgyJqW/OQ0bHkdxoyqYXExVQV7mm
eanuTWi8YDValju8QAmphZth2MUynYC7LCdQ0i3S9OwgHbo5Qfhu14V9iDgx3nbg
vzb8UlDm5eAnObIGWfcEPDJoSudTlnXHrMpA9R/LD5jrdzRMD9dk12r9+t9DbkSk
0e+JZC9gcuxut/ZVbZJuVHBNJ4m1blVqfrbcKPNEHXjTKZo1o9uRXPCVMqCK+2pm
X+Q29Xig10zpgGd4DpT60pbkMXJHiKdqT8ehtM5Y+rJuQEK+UQw930p1D/yzGoz7
JxjdfpDBTPco4nQklh4L
=Mbsi
—–END PGP SIGNATURE—–

AutorVlatka Misic
Cert idNCERT-REF-2017-08-0139-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa subversion

Otkriveni su sigurnosni nedostaci u programskom paketu subversion za operacijski sustav SUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanjem...

Close