Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Ubuntu 14.04 ESM, 12.04 ESM: USN-4359-2 Moderate APT Crash

ubuntu
Calendar Grey May 28, 2020
Dist Ubuntu Esm H88
A vulnerability in Ubuntu's APT has been discovered, potentially causing crashes with specially crafted files in ESM versions. Update your system promptly to mitigate this issue
APT could be made to crash if it opened a specially crafted file.

Summary

APT could be made to crash if it opened a specially crafted file.

Software Description:

- apt: Advanced front-end for dpkg

Details:

USN-4359-1 fixed a vulnerability in APT. This update provides

the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.

Original advisory details:

It was discovered that APT incorrectly handled certain filenames during

package installation. If an attacker could provide a specially crafted

package to be installed by the system administrator, this could cause APT

to crash.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
  apt                             1.0.1ubuntu2.24+esm1

Ubuntu 12.04 ESM:
  apt                             0.8.16~exp12ubuntu10.29

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4359-2

https://ubuntu.com/security/notices/USN-4359-1

CVE-2020-3810

May 28, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.