Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Ubuntu 21.04 USN-4957-1 Moderate: DjVuLibre Memory Issue Advisory

ubuntu
Calendar Grey May 17, 2021
Dist Ubuntu Esm H88
Multiple vulnerabilities addressed in DjVuLibre can potentially result in service interruptions or unauthorized remote code execution.
Several security issues were fixed in DjVuLibre.

Summary

Several security issues were fixed in DjVuLibre.

Software Description:

- djvulibre: DjVu image format library and tools

Details:

It was discovered that DjVuLibre incorrectly handled certain memory

operations. If a user or automated system were tricked into processing a

specially crafted DjVu file, a remote attacker could cause applications

to hang or crash, resulting in a denial of service, or possibly execute

arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
  libdjvulibre21                  3.5.28-1ubuntu0.1

Ubuntu 20.10:
  libdjvulibre21                  3.5.27.1-15ubuntu0.1

Ubuntu 20.04 LTS:
  libdjvulibre21                  3.5.27.1-14ubuntu0.1

Ubuntu 18.04 LTS:
  libdjvulibre21                  3.5.27.1-8ubuntu0.3

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4957-1

CVE-2021-32490, CVE-2021-32491, CVE-2021-32492, CVE-2021-32493,

CVE-2021-3500

May 17, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here