You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa doxygen

Sigurnosni nedostatak programskog paketa doxygen

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4002-1
June 03, 2019

doxygen vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Doxygen could be made to run scripts as your login if it received a
specially crafted query.

Software Description:
– doxygen: Documentation system for C, C++, Java, Python and other
languages

Details:

It was discovered that Doxygen incorrectly handled certain queries.
An attacker could possibly use this issue to execute arbitrary code
and compromise sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  doxygen                         1.8.11-1ubuntu0.1

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-4002-1
  CVE-2016-10245

Package Information:
  https://launchpad.net/ubuntu/+source/doxygen/1.8.11-1ubuntu0.1—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJc9SB4AAoJEEW851uECx9p8i0P/06Zy50DkygbUlhNRkPgZwoy
SXxp6oKWbD+DututL8QdE3m0gxbp60DZFddm6VgXRB1ITEoH9P0BSSRZbKzE4S87
+sDZaggMOnlizJCGSKCQRxy0FUeteIIDZoNKCPSAxTn88aelS8pHsppAFJKltpwQ
abJQREl4OTTXOC/K0WNpvJHtA2wRn0BlhG4PLHUoxS7qQ8aR+PUmo6OomGXsMiEG
vOlTTymPDtpE7PA4JvjTOsQc2tCcozDLX58l9PBPU5C3JMeL0+zpIKC9FH7EFYTj
D18gJcKaI2sfHyXPGBlnbElLPXfx+no7YfeX0xFxPOrEfPe1sVaIqIk7+kEM4R4y
BolpVR8i3IVH7/T+37EVZj3b2g5QWXDafVxIwRTqI0wrMArGDwwdrFNwZVjFL/E5
G/t1gqyH3QM2C0/+c7uJxyj+2MjjzKbmnWN4ONgtFqRnqeAYjuV/zG8QUesapgLK
VLUwxQcWKY4P/zGHNae0w63abbLpyMeL1XIqKqCwhJl/wTXslwMxfww9yZCv4x14
OE0//+AhG6XEEntP4GP4g+qze1c5AAp9OF3VLdfs8txjR/Qa6mDuX0Fvhjvhp4yZ
NUA4YenCndrr/TFUSQ+uSHqZB/rm7HljIK8mOzK8h/8lVnUQLVK2RbVoWYSmYoa9
kG0sM/4Zxxc2Mim0fn4a
=tf6y
—–END PGP SIGNATURE—–

AutorJosip Papratovic
Cert idNCERT-REF-2019-06-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libtasn1

Otkriven je sigurnosni nedostatak programske biblioteke libtasn1 za operacijski sustav openSUSE. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...

Close