Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Ubuntu 14.04 LTS: USN-2961-1 Moderate: lcms2 Library Risk

Calendar May 04, 2016 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory security issue code execution moderate severity application crash ubuntu lcms2
Applications using the Little CMS library could be made to crash orrun programs as your login if it opened a specially crafted file. 
=========================================================================Ubuntu Security Notice USN-2961-1
May 04, 2016

lcms2 vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

Applications using the Little CMS library could be made to crash or
run programs as your login if it opened a specially crafted file.

Software Description:
- lcms2: Little CMS color management library

Details:

It was discovered that a double free() could occur when the intent handling
code in the Little CMS library detected an error. An attacker could use
this to specially craft a file that caused an application using the Little
CMS library to crash or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
  liblcms2-2                      2.5-0ubuntu4.1
  liblcms2-utils                  2.5-0ubuntu4.1

After a standard system update you need to restart applications using
Little CMS to make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-2961-1
  CVE-2013-7455

Package Information:
  https://launchpad.net/ubuntu/+source/lcms2/2.5-0ubuntu4.1

Ubuntu 14.04 LTS: USN-2961-1 Moderate: lcms2 Library Risk

ubuntu
Calendar Grey May 4, 2016
Dist Ubuntu Esm H88
Boost your Ubuntu 14.04 LTS security and stability by addressing the Little CMS vulnerability. Follow our steps to safeguard your applications from threats
Applications using the Little CMS library could be made to crash orrun programs as your login if it opened a specially crafted file.

Summary

Topics%20covered

Topics Covered

security advisory security issue code execution moderate severity application crash ubuntu lcms2

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: liblcms2-2 2.5-0ubuntu4.1 liblcms2-utils 2.5-0ubuntu4.1 After a standard system update you need to restart applications using Little CMS to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-2961-1

CVE-2013-7455

May 04, 2016

Topics%20covered

Topics Covered

security advisory security issue code execution moderate severity application crash ubuntu lcms2

Package Information

https://launchpad.net/ubuntu/+source/lcms2/2.5-0ubuntu4.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here