========================================================================== Ubuntu Security Notice USN-3838-1 December 06, 2018
libraw vulnerabilities ==========================================================================A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary:LibRaw could be made to crash or run programs as your login if it opened a
specially crafted file. Software Description: - libraw: raw image decoder library Details:It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:The problem can be corrected by updating your system to the following
package versions: Ubuntu 18.04 LTS: libraw16 0.18.8-1ubuntu0.2 Ubuntu 16.04 LTS: libraw15 0.17.1-1ubuntu0.4 Ubuntu 14.04 LTS: libraw9 0.15.4-1ubuntu0.3After a standard system update you need to restart your session to make all the
necessary changes. References: https://usn.ubuntu.com/usn/usn-3838-1 CVE-2018-5807, CVE-2018-5810, CVE-2018-5811, CVE-2018-5812, CVE-2018-5813, CVE-2018-5815, CVE-2018-5816 Package Information: https://launchpad.net/ubuntu/+source/libraw/0.18.8-1ubuntu0.2 https://launchpad.net/ubuntu/+source/libraw/0.17.1-1ubuntu0.4 https://launchpad.net/ubuntu/+source/libraw/0.15.4-1ubuntu0.3
signature.asc
Description: PGP signature
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
