You are here
Home > Preporuke > Sigurnosni nedostaci programske biblioteke libx11

Sigurnosni nedostaci programske biblioteke libx11

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3758-1
August 30, 2018

libx11 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in libx11.

Software Description:
– libx11: X11 client-side library

Details:

Tobias Stoeckmann discovered that libx11 incorrectly handled certain
images. An attacker could possibly use this issue to access sensitive
information (CVE-2016-7942)

Tobias Stoeckmann discovered that libx11 incorrectly handled certain
inputs. An attacker could possibly use this issue to access sensitive
information. (CVE-2016-7943)

It was discovered that libx11 incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2018-14598, CVE-2018-14599, CVE-2018-14600)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
libx11-6                        2:1.6.4-3ubuntu0.1
libx11-dev                      2:1.6.4-3ubuntu0.1

Ubuntu 16.04 LTS:
libx11-6                        2:1.6.3-1ubuntu2.1
libx11-dev                      2:1.6.3-1ubuntu2.1

Ubuntu 14.04 LTS:
libx11-6                        2:1.6.2-1ubuntu2.1
libx11-dev                      2:1.6.2-1ubuntu2.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3758-1
CVE-2016-7942, CVE-2016-7943, CVE-2018-14598, CVE-2018-14599,
CVE-2018-14600

Package Information:
https://launchpad.net/ubuntu/+source/libx11/2:1.6.4-3ubuntu0.1
https://launchpad.net/ubuntu/+source/libx11/2:1.6.3-1ubuntu2.1
https://launchpad.net/ubuntu/+source/libx11/2:1.6.2-1ubuntu2.1—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJbiD9+AAoJEEW851uECx9pGPYP/10sQxGuie8+/pLF8/Ts6W5r
z7p+YB7SNgq7VzgvkQFf3o12iF1TvTC+n+iALX1LPlKi0WNv6YAmoumv0w2cfZtB
2FkqDu8syn3BGbrxbAC34OnEIkYaG9x7Mcq71lrJKrNii7HHgiuojYk/lQbP+XXr
48yZo1SycstOHkq1zIN6qdCP9vkkAUb8csC/bu7RT/ubnhDp9PCNeJZBY4U7EZHF
OgK4exajrDMFm62eO9nA/X1Hy/6v490dV4wUG9p7nNTn2UQ5P9b26gYUHAggIbnu
dixMcFcjaP78QJY+tveE1YCLtK1RXfY4CpKwAHmvcmo0NJgaEh+SbfD8+pdm40wa
19SeBSU5s/XHmLEgZBbquo9xOysLT90idrWyOPL3DZoaYvLe71wn0thLhskbE+25
ujNXL70rV/ccHqKX48GPmeQENlsAo54983YuAj0BLKC/VbnJqjRro8i8rQEeUSKd
m69dlRhKjucZgVr9oBnrx5mzJN/m/dtlhFbj50lUqIwYNHgwlkEZ8WWUC8D4s7/q
mzLs6HhwSnZzUx7fRfZgYZo0YiHmX+p42+qsyJ8/eYrP0tuz8SPXMMZXA8ZknIDx
m2OPM6kGRmO3cUqBGBECXAUvhgryh0O6mwyJRMeRZe/J+4BfOhQNXhmj0D2lFb5O
1z2+qPCx7Bwa8fqXMK3Z
=l0q4
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3758-2
August 30, 2018

libx11 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in libx11.

Software Description:
– libx11: X11 client-side library

Details:

USN-3758-1 fixed several vulnerabilities in libx11. This update
provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

Tobias Stoeckmann discovered that libx11 incorrectly handled certain
images. An attacker could possibly use this issue to access sensitive
information (CVE-2016-7942)

Tobias Stoeckmann discovered that libx11 incorrectly handled certain
inputs. An attacker could possibly use this issue to access sensitive
information. (CVE-2016-7943)

It was discovered that libx11 incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of
service. (CVE-2018-14598, CVE-2018-14599, CVE-2018-14600)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
libx11-6                        2:1.4.99.1-0ubuntu2.4
libx11-dev                      2:1.4.99.1-0ubuntu2.4

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3758-2
https://usn.ubuntu.com/usn/usn-3758-1
CVE-2016-7942, CVE-2016-7943, CVE-2018-14598, CVE-2018-14599,
CVE-2018-14600—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJbiEaiAAoJEEW851uECx9pVyQP/Avty2C+rHdZwY4S6u8vLBSG
l6oPl1VBYYDichsJ773b7NZvRNCMVaOQTUft2HTRqBQgO3GMegzlPM/ceQrjyB37
ETv3fvFCPY+xeS52Cly+lGbemGhDGU8N2VqFV0IxrCTrMBVY8vnluhKX9dNwXLoO
RBNg3BgAo8DuaukU45R96UHPwaNFFQz0CiM1xs/kYuTjq4t4RpL45Aj0/KrcBk81
iOnZxJUpz+dEdRFXDcpDmDYIvMGblnWGicn1hlJ7qk+K7LM1GTPxoWBG/hWhBDOf
MnnRt634C7NOd5Ief4Bam/99i8SNSCwbPtzrw3f0B10lbfqs3hmWqwiCXBNAy5pe
AZyvP3Mnp5oVSQWDzV630P/0Un826aYk9SjSo0ZicMI/oralGAST2C5lJr8yQteI
7WO5WiEcKtUNKIgbN+f3zLy7TMK5cdWGxB7nzisOi6OpfHp1BGWsfwwpqaPpJLKR
6TEazObwmFA+XWkZgJNGh29zqU6bIMwyjb89wSlLfTqgaKqpeEDARI5Jc1RXFuSz
d0BgXkUxzzdTvhvKG7bM1xTskmuNjPUOsvCBe3dSkMtMArm2oacCZBF5FzvVwNmH
qbktLnoHOl1pXARwchR4qEvOtygDBMaCiMyp+P/9cz0FTW/bWlzg4ejT+JXEzjEu
VxHJMpiwDsHmYHbaCt1x
=dBTd
—–END PGP SIGNATURE—–

AutorZvonimir Bosnjak
Cert idNCERT-REF-2018-08-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa tomcat

Otkriveni su sigurnosni nedostaci u programskom paketu tomcat za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju stjecanje uvećanih ovlasti,...

Close