Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 554
Alerts This Week
Warning Icon 1 554

Ubuntu 12.04 LTS USN-2401-1 Moderate: Konversation Denial Of Service

ubuntu
Calendar Grey November 10, 2014
Scroller Ubuntu Esm H88
Follow these steps to update Ubuntu 12.04 LTS and address the Konversation crash vulnerability caused by malformed network traffic Ensure your system remains secure
Konversation could be made to crash if it received specially crafted network traffic.

Summary

Konversation could be made to crash if it received specially crafted

network traffic.

Software Description:

- konversation: Internet Relay Chat (IRC) client for KDE

Details:

Manuel Nickschas discovered that Konversation did not properly perform

input sanitization when using Blowfish ECB encryption. A remote attacker

could exploit this to cause a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
  konversation                    1.4-1ubuntu2.1

After a standard system update you need to restart Konversation to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-2401-1

CVE-2014-8483

=========================================================================Ubuntu Security Notice USN-2401-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.