Ubuntu Security Notice 3782-1 - Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS.
487abc1a3964d03e149224612c3eaf988c06aa29e13e9a9a28d7bb89115f3eab
==========================================================================
Ubuntu Security Notice USN-3782-1
October 03, 2018
liblouis vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Liblouis.
Software Description:
- liblouis: Braille translation library - utilities
Details:
Henri Salo discovered that Liblouis incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2018-12085)
It was discovered that Liblouis incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2018-17294)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
liblouis-bin 3.5.0-1ubuntu0.3
liblouis14 3.5.0-1ubuntu0.3
Ubuntu 16.04 LTS:
liblouis-bin 2.6.4-2ubuntu0.4
liblouis9 2.6.4-2ubuntu0.4
Ubuntu 14.04 LTS:
liblouis-bin 2.5.3-2ubuntu1.5
liblouis2 2.5.3-2ubuntu1.5
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3782-1
CVE-2018-12085, CVE-2018-17294
Package Information:
https://launchpad.net/ubuntu/+source/liblouis/3.5.0-1ubuntu0.3
https://launchpad.net/ubuntu/+source/liblouis/2.6.4-2ubuntu0.4
https://launchpad.net/ubuntu/+source/liblouis/2.5.3-2ubuntu1.5