==========================================================================
Ubuntu Security Notice USN-4087-1
August 06, 2019
BWA vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 19.04
– Ubuntu 18.04 LTS
Summary:
BWA could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
– bwa: Software package for mapping DNA sequences against a large reference genome
Details:
It was discovered that Burrows-Wheeler Aligner (BWA) mishandled certain
crafted .alt files. An attacker could use this vulnerability to cause a
denial of service (crash) or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
bwa 0.7.17-3~ubuntu0.19.04.1
Ubuntu 18.04 LTS:
bwa 0.7.17-1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4087-1
CVE-2019-10269
Package Information:
https://launchpad.net/ubuntu/+source/bwa/0.7.17-3~ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/bwa/0.7.17-1ubuntu0.1
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAl1JyCsACgkQdyg1Qz0o
XX16nhAArGf8cbB07dvbyGHw67X7YRvuH5AyxdgAPgC/RnvajkFV3JaKHXOtO0h6
RQ8+YTg0zEG5NrSSr+rbKa2s8K571RmfpzlGPNd0ilubQ+n1ArPH2R+tRkBwCI6O
4RW2QHCfdmVQbbo7pRsCaZM8iTTaPCNAzkth7vzgfXmCH3RuGfqEIFA3DNUzVvwu
aQIcjhzhTestFdyZ1U7dRc95eXfTfRwUuz+6s9RwbmSD4vAKWkROQKINqfJrVlSC
UpuzKOJNW6x6MqI2N1yabbo2PzBEfwUYuT0E2z6L6LkNQluC2RFwdyBY8rmww2sh
+i4mY1xS2nzDiR4I9zWf1DRboFYj8eceoSBLo7FCtFzOByaoiDpXkPjh4cXUQWNJ
aAxITruoc/4rXZTyy30MXzRwlQ1R+BVCu0DCI7DamR7ywr8aHDcj5xYVAGCFAiHJ
yaAdTJi3OdAZ1RFwz0XtelZW3AcNCM1B7Kgssq77rMhSHxVv8pkNjDkzm/IQaSwG
aoySAm9Jpj/Rc6I8bm9fylpDVGKEfyPVX1XGOA2W3mWi7ZXp6eSKXb0LQT01pYuf
PiOqfrwwpsX8jBDe83YnRgIGX4cJfAgcg2mGg9FgndpA9QLARxPdXkWFOYIyWEp7
QJzJU4mepHZ/WyaTUrIv0WK/2PE8YM+HRgAkb+muOf2wOJv1AWQ=
=kXw0
—–END PGP SIGNATURE—–
—