Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in libextractor.
Software Description:
- libextractor: library used to extract metadata from files
Details:
It was discovered that Libextractor incorrectly handled zero sample rate.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2017-15266)
It was discovered that Libextractor incorrectly handled certain FLAC
metadata. An attacker could possibly use this issue to cause a denial of
service. (CVE-2017-15267)
It was discovered that Libextractor incorrectly handled certain specially
crafted files. An attacker could possibly use this issue to cause a denial
of service. (CVE-2017-15600, CVE-2018-16430, CVE-2018-20430)
It was discovered that Libextractor incorrectly handled certain inputs. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2017-15601)
It was discovered that Libextractor incorrectly handled integers. An
attacker could possibly use this issue to cause a ...
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: extract 1:1.3-4+deb9u3build0.16.04.1 libextractor-dev 1:1.3-4+deb9u3build0.16.04.1 libextractor3 1:1.3-4+deb9u3build0.16.04.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4641-1
CVE-2017-15266, CVE-2017-15267, CVE-2017-15600, CVE-2017-15601,
CVE-2017-15602, CVE-2017-15922, CVE-2017-17440, CVE-2018-14346,
CVE-2018-14347, CVE-2018-16430, CVE-2018-20430, CVE-2018-20431
Get the latest Linux and open source security news straight to your inbox.