Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in AdvanceCOMP.
Software Description:
- advancecomp: collection of recompression utilities
Details:
It was discovered that AdvanceCOMP did not properly manage memory of function
be_uint32_read() under certain circumstances. If a user were tricked into
opening a specially crafted binary file, a remote attacker could possibly use
this issue to cause AdvanceCOMP to crash, resulting in a denial of service.
(CVE-2019-8379)
It was discovered that AdvanceCOMP did not properly manage memory of function
adv_png_unfilter_8() under certain circumstances. If a user were tricked into
opening a specially crafted PNG file, a remote attacker could possibly use this
issue to cause AdvanceCOMP to crash, resulting in a denial of service.
(CVE-2019-8383)
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: advancecomp 2.1-1ubuntu0.18.04.2 Ubuntu 16.04 ESM: advancecomp 1.20-1ubuntu0.2+esm1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-5671-1
CVE-2019-8379, CVE-2019-8383
Get the latest Linux and open source security news straight to your inbox.