You are here
Home > Preporuke > Sigurnosni nedostaci programske biblioteke libonig

Sigurnosni nedostaci programske biblioteke libonig

==========================================================================
Ubuntu Security Notice USN-4460-1
August 17, 2020

libonig vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM

Summary:

Several security issues were fixed in Oniguruma.

Software Description:
– libonig: regular expressions library

Details:

It was discovered that Oniguruma incorrectly handled certain regular
expressions. An attacker could possibly use this issue to cause a denial
of service, obtain sensitive information or other unspecified impact.
(CVE-2019-16163, CVE-2019-19012, CVE-2019-19204, CVE-2019-19246)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
libonig2 5.9.1-1ubuntu1.1+esm2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4460-1
CVE-2019-16163, CVE-2019-19012, CVE-2019-19204, CVE-2019-19246
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEECtyyz6azUy6AZBzSkGeI6zGnN/8FAl860TMACgkQkGeI6zGn
N/8biQ//SeM6+aIuPwD8tYc7wSfKO0CGPOxOM5u/v1YkrOHkBXoE0qAd+n7CZ0JV
9W3o47jEchLwUv480HO5hVMIDrmDm0wflSE7e2uzhKF24ZCllyG3Wy+CoolYZGp+
ud6wjBp0EzY1HX24QVaOs2PQw4kMZWIbF5U+004/UsB2qGzYCVXoN1MfZRq3YF00
Zr9S+Bp9+tRMmxG93dYVJDCxx9a3GLdpW6KEagt6V5ewJTYtge4NgJH0WqLyGKvq
ElMjoGjznuY7C/5EPLmcjPHRC+SpIwKy5Iw+eUfWtTQUpEqRvXv/iNOhueFM9CoK
OR+BPj8RvsV3QOKeWlKM7Ppe2T5Ih1288BFU32K/rtkhhPx8F+oGNBS7oLRA2kcF
Npk+WGbf15e+iT3KwQWHsP0odU5uW1Qm9f720gkVv+FH3+OW5N+4zilFUEgcnQEm
BFpBeaR/ZpTXLVfMEjHZN8iGgrRPAXhFukYPKuOLdB65PI6NnwP/bzHWukFZ5daR
0zFCFFQb04yi7U9VlNTVY8sPOELnb+993Ro6syzk8NYojBkeUJTf0+k5dS56Z9kn
pbKBrI9FoRSq1Md46fVz344LHZ/rydvcwAY/ewldWes76ID/NXXqI9ife0zEKzCE
cbCulc5d6P0PuIWtsrf7owrq6n5PEY4ihsm3ZscJh9Z5A4SNeaU=
=n9bh
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa OpenShift Container platform 4.5.6

Otkriveni su sigurnosni nedostaci u programskom paketu OpenShift Container 4.5.6 za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje...

Close