Monday, February 24, 2025

[USN-7286-1] iniParser vulnerability

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAme8qsMFAwAAAAAACgkQZWnYVadEvpMT
1xAAnwinoECSsOdJab761UXI8iHrK0fmGVabUbLUiU1h6ygBWoFBfV8gZqpchW9spUJm5KRKJD0Q
/96J5Qq8S5jaGJtZeHe5p+AHi63KQPB7jBmUz3ZwfA3pUsfodWE9LOPRgXQlZ3kQS+SkOrwHH5Dh
WOnIV1xGdvsvdBADDq1lbRFyVSvC6iIzTYwlkOQBqK0lu4bedU5Ua/1GK3FpgJUO7Q+Q4WkR7AGA
S5GWDIj3Py9ED2aqfkJ2r9wIVVEn5sXd7xtA2D0kijSL4w1z5e+8nNwueQkjzXnhhXOFJ+3oEEJ6
VuiyzSaFUquS4WRxfTK2D4b+g4OPwq1rkFg90LtVUACiIWzwuTxSh5ZDHLUE6eACBNK4vsFEBPk8
1OoK47lZ982YgjsvayucnpsEWWajeyHQU13S+q+Pld1bNui6Kg+yIiPBzBc85AngrdoY4+TtVKBN
6xk3FBh5CWm3+LJrueG8ysVWkJDOT14j2/vA9G/wFKqCUiKHPof7DVUVLAbOqblVWoMrSOrGUaZa
nRh8mYUEg0e+dALexcBJoyZauZ6VqkqhyuXK+KZnw/tnhEIWaNNFXnWDw4OUCCwPbJptLzO8R/Zx
lXiQavdrxRZXqKa9jUJKEwUw/KyOI5UWNHxSZorS5QjCpNhHyeOfwivBjGD2au0eJSw7Ryw/ysiS
GcA=
=zL6c
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7286-1
February 24, 2025

iniparser vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

iniparser could be made to crash if it opened a specially crafted file.

Software Description:
- iniparser: INI file reader/writer

Details:

It was discovered that iniParser incorrectly handled certain files. An
attacker could possibly use this issue to cause iniParser to crash,
resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
libiniparser1 4.2.1-1ubuntu0.1

Ubuntu 24.04 LTS
libiniparser1 4.1-7ubuntu0.1

Ubuntu 22.04 LTS
libiniparser1 4.1-4ubuntu4.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7286-1
CVE-2025-0633

Package Information:
https://launchpad.net/ubuntu/+source/iniparser/4.2.1-1ubuntu0.1
https://launchpad.net/ubuntu/+source/iniparser/4.1-7ubuntu0.1
https://launchpad.net/ubuntu/+source/iniparser/4.1-4ubuntu4.2

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)