Unix News Tutorials Events and Stuff: [USN-5198-1] HTMLDOC vulnerability

Friday, December 17, 2021

[USN-5198-1] HTMLDOC vulnerability

-----BEGIN PGP PUBLIC KEY BLOCK-----

xsDNBGG8vp4BDAC4/4SMsZMjF1bZJIknqof/PPXdWL5SzzUJxQlgbjDE/qYzwHLW5/MkMp7yUcKa
ZIQ7kyYDj1jZVZ4g/dOKJvTv4N4Ljm2ZV9jGuaQc13Z2bMvQcikTwu1pxfU2LlpP6lEV9ev1zcmA
sdKtbAEXVpO0RTntIWbnM16lqEzXsgLA+3c9xuUqbEA4wXU2Gbmw5tREacuuITjvJpFJlPzjzwOZ
SwHsyDJ5Ol7zpgOy8bmp57xpVer3iDhELoPNPp4PQxjTK9UzBy8ynXGfP+S74HdoxEJ/Tm42N1US
NKtzX3xRRB9dbiyur6lpqhIwyAaSkZZo/epZ+hPSUq4bAUt+41rpO6iQGk2v7SzHd5HqyNogxwBv
mLYtmydPMDV6l+syPKg0Zq+34ERASdYPEcsxw5kRdgejCTOEse9vySgGb6peOdqGWT/q4m/TcNyQ
RGj68OxfgE2VAGN3b0Bk2/j2mKiyAPV4HnN5O6SclxEC9jrAjLK+BXjEy6QDNVvNj9gF1XsAEQEA
Ac05RmxvcmVuY2lhIENhYnJhbCA8ZmxvcmVuY2lhLmNhYnJhbGJlcmVuZnVzQGNhbm9uaWNhbC5j
b20+wsEPBBMBCAA5FiEE5OPA1SnlIQa8ulLfD1vEi4x8KJQFAmG8vp8FCQWjmoACGwMFCwkIBwIG
FQgJCgsCBRYCAwEAAAoJEA9bxIuMfCiUV64L/17/E5U+W/IJhhqCzGp5A0f/OmutdFyqVJj7hflS
vy6QbLn/1M8qDSplLNOk7QfG0ZXrPNYpTI4s4NurPT6w1aJCTfNHaT2tNxCjKAEoPohLXcp/ipHM
Uw1LBpNwi5iTfOM/KvE7220rwT3odwFavFpVW/+2dbOwTk+Hs9TaMGnRxKXpaiVL8XBFfIgDWWsg
44EOXgp6AO9rtq9NWqVu8Tt7ij2AS4WFnCYjhLy8DJ+IUDWnlu0fwIFcWWnTEVhDc4Zdz+aYmIyx
n4Qjsrkx9NsZWoitVnjED/2/XzbF01Js10p+pBGgPMy+Qx63UzXdJ8ZO61OGu6kiHA+5gBiO+2M0
7HAjENY47NQ90EEFqR6Ddb9WZMeD+fmvFME4TE3NN+Brp3xPvqUzwMExgHGdOpIlKvQpLd6FXj7/
0TFiSX+GnTl78AB3Ya/AJ0z0ndReS+DJUOyDSkimKm76TOm7/0eC+d8srOj5ikRdlMUuu2lDTk21
PuXJjLjXrqd7ljxQr87AzQRhvL6fAQwAz3WtDZMNjXtP2Wt8tvqMe+tUwIFg25rrmP/sidqe1Nma
TN2hyKlDQO4h/SI3xe2Yh6bJnCizYWuvhVSsNeR7ESmpia1CwH6VELB20QVDTG/lTjmrTP43y03T
mWBDiasZtmJnjWiIQrlIKFMUDf5W+kaKhAREKoBVNP+Pcyf6XRGciJZP74gAXV14OjtiMI3PiyDX
VgfZTbg2dBKb83bLd4UsU+HvpQv9KKH3CAN6cKdFwr6gaz4HfkmRERQjA/xOOvx0l0OVk1dNmeQd
qWR1VvBObdYpCn0c3kPFyUbENR4naYrNLAMWbNnk5sP0jvU0l6HJ1Gc/uN0K/MaqnA6w6+iJpzvL
g8kFUL01NRaTI32bMcoax7kF54rDPZdCcq4NT7mWI8n/7G8PoxkEJoXBpjbh42nPvGFT66bgQ/Fi
b4w4L0b77j8YxeAUj3qj1BaXIp+JTdP2/p2DwK10n7PZDmdl/ol9c9iGOeoZa/IH//4yj2fWdgW/
7+Kcq+9UVPzRABEBAAHCwPwEGAEIACYWIQTk48DVKeUhBry6Ut8PW8SLjHwolAUCYby+oAUJBaOa
gAIbDAAKCRAPW8SLjHwolAsGC/90H5T0sMDOVYuLvYxIOQQa898i16niiGPA/XOIWGOu/Qoj2/sl
7bvK1z5juJGvbhS0YphZSumE4voF8krJ4AI41rUdyOCZRV1U62UZ+8FjRy/YYrLQZ1M1TIcU6Cq2
OAeR39uTxAoW6Z/jJunEfFFCtqwjGLQEnELa/xy+g/s7TGIvjIGeFbLaSKaioJcdqStuTC6A7Fjt
MMN24i98vY9aYy9ovFJbhoOTp/DzSvU1ue6x7pYUGqhSmPoaSJyO2NeVrMKd0RaVQzd+d5L1tsdj
7Gy5lqI9RAGH12WbGcAldWZj5+t13cT+TF8mIjTcsuqEoaeFRH8RFGeT1Efbj2d0O+3KdZZzGHTE
uUzgcZUVhDlhRLg9It3SoChsJw6KJFSfhZhHxlGXUtiUl88C7G1YcGuk3TZGLu/E86SBSerbnzuF
amVWv7uLR97/LwgOXBKjHH5HdoHuuWgfitVJkCiKjbu9RFq1KR5FZnQxMv/P6JRW7uImZ2tlVXzl
bhLt3xY=
=N8ji
-----END PGP PUBLIC KEY BLOCK-----
==========================================================================
Ubuntu Security Notice USN-5198-1
December 16, 2021

htmldoc vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.04 LTS

Summary:

HTMLDOC could be made to crash if it received specially crafted
input.

Software Description:
- htmldoc: HTML processor that generates indexed HTML, PS, and PDF

Details:

It was discovered that HTMLDOC improperly handled malformed URIs from an
input
html file. An attacker could use this to cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
htmldoc 1.9.11-2ubuntu0.1
htmldoc-common 1.9.11-2ubuntu0.1

Ubuntu 20.04 LTS:
htmldoc 1.9.7-1ubuntu0.2
htmldoc-common 1.9.7-1ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5198-1
CVE-2021-23180

Package Information:
https://launchpad.net/ubuntu/+source/htmldoc/1.9.11-2ubuntu0.1
https://launchpad.net/ubuntu/+source/htmldoc/1.9.7-1ubuntu0.2

Friday, December 17, 2021

[USN-5198-1] HTMLDOC vulnerability

No comments:

Post a Comment