Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 23.10 USN-6760-1 moderate: Gerbv application crash details

ubuntu
Calendar Grey April 30, 2024
Dist Ubuntu Esm H88
Discover the details of the Ubuntu 6780-2 advisory that resolves a potential vulnerability in Gerbv caused by specially designed input files. Ensure your system is secure and update today!
Gerbv could be made to crash if it opened a specially crafted input file.

Summary

Gerbv could be made to crash if it opened a specially crafted input file.

Software Description:

- - gerbv: Gerber file viewer for PCB design

Details:

George-Andrei Iosif and David Fernandez Gonzalez discovered that Gerbv did

not properly initialize a data structure when parsing certain nested

RS-274X format files. If a user were tricked into opening a specially

crafted file, an attacker could possibly use this issue to cause a denial

of service (application crash).

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10
  gerbv                           2.9.8-1ubuntu0.1

Ubuntu 22.04 LTS
  gerbv                           2.8.2-1ubuntu0.1~esm2
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  gerbv                           2.7.0-1ubuntu0.2

Ubuntu 18.04 LTS
  gerbv                           2.6.1-3ubuntu0.1~esm2
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  gerbv                           2.6.0-1ubuntu0.16.04.1~esm2
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  gerbv                           2.6.0-1ubuntu0.14.04.1~esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6760-1

CVE-2023-4508

Severity
important
Lowest
Low
Medium
High
Critical

Hash: SHA512

Package Information

-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETB/nIDy9nvCSgAUj3gXQmO/Tr3wFAmYxdyoACgkQ3gXQmO/T
r3yNiQ/+KvuxjndpQCm6GeS+17sRUl3W93JhcMAbai01bJN+5OttDZyqm0pP8d7t
i9ZYyPBV4buYjfKcx2X4yHXRjaer1vctmyy9zxA7hcJd5yTaXU2xH8ks0Ei4rFbg
DM1rl3470ifaGH4/NTnM2iberSrgG8fbeGGDb3IUpWIQpMZp13PlIQp5dG++4hI1
CY9d5jdbp/FEH4sVdCozJmDBoZ/tdd7vn3HGXH1Y3i7Pw3RcOUNeNvBALIx81TnS
JkuFl6ttT194rptxm2151ZFWPNS609kusUd0lUTDWdgQm9Macw7F4RtRLqVGdnHJ
SZMWbrjKRq/VS0oItBPnEcUGkQ88kEH7tMPfnYB8f9L17B6jMiEI6NM4IgMt8fgM
Al3Un5x6V/nrTo7jUum/zAS1Ru5iq1EoGK7d794iIH96d8VD9yDejQIZgL0mSsaP
UxPNelvedu/pGjwd2AUo8Dm5G76J/Ah0zXZrkWkP8Ex6mLkOGLSR5zsj8Joj0ZRt
5neI8EtWTzeSMTKA4qW9YyUgM4nqz0T2jPE9VsCzIThxZLp5WM3WtKPAwzi1ITNL
oRwPcfulKUQfLdszRAJyVX5/zP821wlapS4O6ZsDBk6y3g30j8J95OmS+qpwWS3G
jSssybjnxb7nt9qV3gK2jboEo0Mv/YEhI4tEsF1UaDjLSDtvKfA=
=8lge
-----END PGP SIGNATURE-----

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here