Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Ubuntu 22.04 LTS: USN-7266-1 moderate: digiKam security updates

ubuntu
Calendar Grey February 13, 2025
Dist Ubuntu Esm H88
Several vulnerabilities resolved in digiKam impacting different versions of Ubuntu LTS. Make sure to update your system to maintain security.
Several security issues were fixed in digiKam.

Summary

Several security issues were fixed in digiKam.

Software Description:

- digikam: digital photo management application for KDE

Details:

Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in

digiKam, did not correctly parse certain files. An attacker could possibly

use this issue to execute arbitrary code. This issue only affected

Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2017-0691)

It was discovered that Platinum Upnp SDK, vendored in digiKam, was

vulnerable to a path traversal attack. An attacker could possibly use this

issue to leak sensitive information. This issue only affected

Ubuntu 20.04 LTS. (CVE-2020-19858)

It was discovered that LibRaw, vendored in digiKam, did not correctly

handle certain memory operations. If a user or automated system were

tricked into opening a specially crafted file, an attacker could possibly

use this issue to leak sensitive information. This issue only affected

Ubuntu 20.04 LTS. (CVE-202...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
   digikam                         4:7.5.0-3ubuntu0.1~esm1
                                   Available with Ubuntu Pro
   showfoto                        4:7.5.0-3ubuntu0.1~esm1
                                   Available with Ubuntu Pro

Ubuntu 20.04 LTS
   digikam                         4:6.4.0+dfsg-3ubuntu0.1~esm1
                                   Available with Ubuntu Pro
   showfoto                        4:6.4.0+dfsg-3ubuntu0.1~esm1
                                   Available with Ubuntu Pro

Ubuntu 18.04 LTS
   digikam                         4:5.6.0-0ubuntu10+esm1
                                   Available with Ubuntu Pro
   showfoto                        4:5.6.0-0ubuntu10+esm1
                                   Available with Ubuntu Pro

Ubuntu 16.04 LTS
   digikam                         4:4.12.0-0ubuntu7+esm1
                                   Available with Ubuntu Pro
   showfoto                        4:4.12.0-0ubuntu7+esm1
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7266-1

  CVE-2017-0691, CVE-2020-19858, CVE-2020-22628, CVE-2020-35530,

  CVE-2020-35531, CVE-2020-35532, CVE-2020-35533, CVE-2021-32142,

  CVE-2023-1729

Ubuntu Security Notice USN-7266-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here