============================================================================ Ubuntu Security Notice USN-1978-1 September 30, 2013 libkdcraw vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: libKDcraw could be made to crash if it opened a specially crafted file. Software Description: - libkdcraw: RAW picture decoding library Details: It was discovered that libKDcraw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against libKDcraw could be made to crash, resulting in a denial of service. (CVE-2013-1438, CVE-2013-1439) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: libkdcraw20 4:4.8.5-0ubuntu0.3 After a standard system update you need to restart your session to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1978-1 CVE-2013-1438, CVE-2013-1439 Package Information: https://launchpad.net/ubuntu/+source/libkdcraw/4:4.8.5-0ubuntu0.3