-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEE5rkwSLC9ntq84w397Dtram9gyMMFAmVmKqwFAwAAAAAACgkQ7Dtram9gyMNY
hQgAggqfMt+/eDHzBKCML0dASKs3VhXkVr2IjyV9OxPGiQO/+s3Fg1DzG/FR/qzDm+2GAY5sPXXX
5aQsiE+HjtLfLq76Kfc+5mmRhZSjitShQqonZQZ1WpPqqPFdfZOHE/809oOzCnJZLZdbneKdzsE5
flUzU/fgFeOBU0CzlVGKqgHghxjZdQ68Mk23NiXpe3vCLuxKZcZTLDV0VyBhJTDJpKt6Vh03abx5
9HurfGKiB6la5hBmyR6lnVICFl+540zGe5XEvIlt0H/TECTqmNTjL+Mvq4aA96Qj8BBfMI+5T2Lm
zz/kpt9+Kt6UF4Wh3C8ma2rEFhrUNii1TsA6OS4DQQ==
=OYLI
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-6518-1
November 28, 2023
afflib vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
AFFLIB could be made to crash if it opened a specially crafted
file.
Software Description:
- afflib: Advanced Forensics Format Library
Details:
Luis Rocha discovered that AFFLIB incorrectly handled certain input files.
If a user or automated system were tricked into processing a specially
crafted AFF image file, a remote attacker could possibly use this issue
to cause a denial of service via application crash. (CVE-2018-8050)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
afflib-tools 3.7.16-2ubuntu0.1~esm1
libafflib0v5 3.7.16-2ubuntu0.1~esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro):
afflib-tools 3.7.7-3ubuntu0.1~esm1
libafflib0v5 3.7.7-3ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6518-1
CVE-2018-8050
No comments:
Post a Comment