Ubuntu Security Notice 3474-1 - Raphael Sanchez Prudencio discovered that Liblouis incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a denial of service or potentially execute arbitrary code.
868f63ea0d6695535f657289f1be16c26bb01476391f0140fecd677a0758202a
===========================================================================
Ubuntu Security Notice USN-3474-1
November 06, 2017
liblouis vulnerability
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Liblouis could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- liblouis: Braille translation library - utilities
Details:
Raphael Sanchez Prudencio discovered that Liblouis incorrectly handled
certain files. If a user were tricked into opening a crafted file, an
attacker could possibly use this to cause a denial of service or
potentially execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
liblouis-bin2.5.3-2ubuntu1.2
liblouis2=C2=A02.5.3-2ubuntu1.2
In general, a standard system update will make all the necessary
changes.
References:
https://www.ubuntu.com/usn/usn-3474-1
CVE-2014-8184
Package Information:
https://launchpad.net/ubuntu/+source/liblouis/2.5.3-2ubuntu1.2