========================================================================== Ubuntu Security Notice USN-4198-1 November 21, 2019
djvulibre vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.10 - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in DjVuLibre. Software Description: - djvulibre: DjVu image format library and tools Details: It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: libdjvulibre21 3.5.27.1-13ubuntu0.1 Ubuntu 19.04: libdjvulibre21 3.5.27.1-10ubuntu0.1 Ubuntu 18.04 LTS: libdjvulibre21 3.5.27.1-8ubuntu0.1 Ubuntu 16.04 LTS: libdjvulibre21 3.5.27.1-5ubuntu0.1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://usn.ubuntu.com/4198-1 CVE-2019-15142, CVE-2019-15143, CVE-2019-15144, CVE-2019-15145, CVE-2019-18804 Package Information: https://launchpad.net/ubuntu/+source/djvulibre/3.5.27.1-13ubuntu0.1 https://launchpad.net/ubuntu/+source/djvulibre/3.5.27.1-10ubuntu0.1 https://launchpad.net/ubuntu/+source/djvulibre/3.5.27.1-8ubuntu0.1 https://launchpad.net/ubuntu/+source/djvulibre/3.5.27.1-5ubuntu0.1
signature.asc
Description: OpenPGP digital signature
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
