Ubuntu 18.04 LTS USN-3860-1 Critical Libcaca Denial of Service
Jan 15, 2019
•
LinuxSecurity Advisories
1 - 2 min read
Several security issues were fixed in libcaca.
=========================================================================Ubuntu Security Notice USN-3860-1 January 15, 2019 libcaca vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in libcaca. Software Description: - libcaca: text mode graphics utilities Details: It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-20544) It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-20545, CVE-2018-20548, CVE-2018-20459) It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to access sensitive information. (CVE-2018-20546, CVE-2018-20547) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: caca-utils 0.99.beta19-2ubuntu0.18.10.1 libcaca0 0.99.beta19-2ubuntu0.18.10.1 Ubuntu 18.04 LTS: caca-utils 0.99.beta19-2ubuntu0.18.04.1 libcaca0 0.99.beta19-2ubuntu0.18.04.1 Ubuntu 16.04 LTS: caca-utils 0.99.beta19-2ubuntu0.16.04.1 libcaca0 0.99.beta19-2ubuntu0.16.04.1 Ubuntu 14.04 LTS: caca-utils 0.99.beta18-1ubuntu5.1 libcaca0 0.99.beta18-1ubuntu5.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3860-1 CVE-2018-20544, CVE-2018-20545, CVE-2018-20546, CVE-2018-20547, CVE-2018-20548, CVE-2018-20549 Package Information: https://launchpad.net/ubuntu/+source/libcaca/0.99.beta19-2ubuntu0.18.10.1 https://launchpad.net/ubuntu/+source/libcaca/0.99.beta19-2ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/libcaca/0.99.beta19-2ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/libcaca/0.99.beta18-1ubuntu5.1
PREVIOUS
NEXT
Ubuntu 18.04 LTS USN-3860-1 Critical Libcaca Denial of Service
ubuntu
January 15, 2019
Several security issues were fixed in libcaca.
Summary
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: caca-utils 0.99.beta19-2ubuntu0.18.10.1 libcaca0 0.99.beta19-2ubuntu0.18.10.1 Ubuntu 18.04 LTS: caca-utils 0.99.beta19-2ubuntu0.18.04.1 libcaca0 0.99.beta19-2ubuntu0.18.04.1 Ubuntu 16.04 LTS: caca-utils 0.99.beta19-2ubuntu0.16.04.1 libcaca0 0.99.beta19-2ubuntu0.16.04.1 Ubuntu 14.04 LTS: caca-utils 0.99.beta18-1ubuntu5.1 libcaca0 0.99.beta18-1ubuntu5.1 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-3860-1
CVE-2018-20544, CVE-2018-20545, CVE-2018-20546, CVE-2018-20547,
CVE-2018-20548, CVE-2018-20549
Severity
critical
Lowest
Low
Medium
High
Critical
January 15, 2019
Package Information
https://launchpad.net/ubuntu/+source/libcaca/0.99.beta19-2ubuntu0.18.10.1 https://launchpad.net/ubuntu/+source/libcaca/0.99.beta19-2ubuntu0.18.04.1 https://launchpad.net/ubuntu/+source/libcaca/0.99.beta19-2ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/libcaca/0.99.beta18-1ubuntu5.1
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!