- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-3925-1
March 28, 2019
freeimage vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
Summary:
FreeImage could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
– freeimage: Support library for graphics image formats (development files)
Details:
It was discovered that an out-of-bounds write vulnerability existed in the XMP
Image handling functionality of the FreeImage library. If a user or automated
system were tricked into opening a specially crafted image, a remote attacker
could overwrite arbitrary memory, resultin in code execution.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
libfreeimage3 3.17.0+ds1-2ubuntu0.1
libfreeimageplus3 3.17.0+ds1-2ubuntu0.1
Ubuntu 14.04 LTS:
libfreeimage3 3.15.4-3ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3925-1
CVE-2016-5684
Package Information:
https://launchpad.net/ubuntu/+source/freeimage/3.17.0+ds1-2ubuntu0.1
https://launchpad.net/ubuntu/+source/freeimage/3.15.4-3ubuntu0.1
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAlydED0ACgkQdyg1Qz0o
XX0hvg/+ITX0Fcg7ueW7bUKOB/UsZVQywbgDqs260ZXyLp1/60M7fUm8t7YEy4ZU
pDlVPm+krK+5efFbsSZTLLcdNpHqF7wkIonldXD7N0FKi3O9hB3TY05Q/ulGr44K
MelEng5Q8fxtkMmOsZQubrgffS9sIcFlENwFwXn/wW4nUXoMItSWnvM0b4lOGbmt
RyHYnbE8I3Ul1U1+EyLqh/gzr/zpMbBEWX3sG4FtIJwLFz17Ukalc856PO6PBtaH
meOOc56VS0QrbRsAQAuIJ2olcuBPdHtDbxz6qVkzfhVWel7kaFl736Ea/hqnM3qY
GM29GoNgA0HMk0JQmcRmGiSeFBmn/ylQ0bsq/8diJ0wSm1LR94t0327Z+7RklWTA
7deb8ebIg/7fbO2z/xpyeJwe27Qhi7HfPWuFARuUHYXQeTllHP+9HPd4Ygy1SHyu
21xrBtcTtC4XgcuVqyLYK/Qd/nIl3cLUtmL8QMxEeHXVm8HVS0E5w4uS1K8g3Cbj
jcLNur91eLvlbjTUqp51tcnqVsaukTdRS/EJR4mM7oUg5rCW+OHjBF7/ChlG5DxL
q1abLhnIMGJwCOpitFPwwkP4ajNf4bPrsTd6ifv9M6vc7uM75BSgwGxz+CTseAmn
UouP3E/6V9ojBSQZ0CGSOZIx9tMF0UnmMgBi/+obZmmEqLgsee8=
=dg0j
—–END PGP SIGNATURE—–
—
| Autor | Josip Papratovic |
| Cert id | NCERT-REF-2019-03-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
