Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 12.04 ESM USN-3860-2: Critical libcaca DoS and Code Execution

ubuntu
Calendar Grey January 15, 2019
Dist Ubuntu Esm H88
The Debian Security Advisory DSA-1234-5 resolves various libpng vulnerabilities impacting Debian 9 LTS. Keep your systems protected!
Several security issues were fixed in libcaca.

Summary

Several security issues were fixed in libcaca.

Software Description:

- libcaca: text mode graphics utilities

Details:

USN-3860-1 fixed a vulnerability in libcaca. This update provides

the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 It was discovered that libcaca incorrectly handled certain images.

 An attacker could possibly use this issue to cause a denial of

 service. (CVE-2018-20544)

 It was discovered that libcaca incorrectly handled certain images.

 An attacker could possibly use this issue to execute arbitrary code.

 (CVE-2018-20545, CVE-2018-20548, CVE-2018-20459)

 It was discovered that libcaca incorrectly handled certain images.

 An attacker could possibly use this issue to access sensitive

 information. (CVE-2018-20546, CVE-2018-20547)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  caca-utils                      0.99.beta17-2.1ubuntu2.1
  libcaca0                        0.99.beta17-2.1ubuntu2.1

In general, a standard system update will make all the necessary
changes.

References

  https://ubuntu.com/security/notices/USN-3860-2

  https://ubuntu.com/security/notices/USN-3860-1

  CVE-2018-20544, CVE-2018-20545, CVE-2018-20546, CVE-2018-20547,

  CVE-2018-20548, CVE-2018-20549

Severity
critical
Lowest
Low
Medium
High
Critical

January 15, 2019

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here