You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa PDFResurrect

Sigurnosni nedostatak programskog paketa PDFResurrect

==========================================================================
Ubuntu Security Notice USN-4642-1
November 24, 2020

pdfresurrect vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

PDFResurrect could be made to crash or run programs as your login if it
opened a specially crafted file.

Software Description:
– pdfresurrect: tool for extracting versioning data from PDF documents

Details:

It was discovered that PDFResurrect incorrectly handled certain memory
operations during PDF summary generation. An attacker could use this to
cause out-of-bounds writes, resulting in a denial of service (system crash)
or arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
pdfresurrect 0.12-6ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4642-1
CVE-2020-9549

Package Information:
https://launchpad.net/ubuntu/+source/pdfresurrect/0.12-6ubuntu0.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAl+8VFAACgkQdyg1Qz0o
XX1bUQ/+M6MRs9Zro8C9qf2x7zGUN9/UcT/tf60h1X3JUEhU3YlCqCRShNnMkhPA
Q+sE9upRKiYpcHcyCoXnTbRz/HPrnRK7zlY1iNsatagbPc1Rag6XKFOK5UdkxCrj
E8QRFXg16qE46idN97C7KryBPB35Su4faJkaPRkjNbAZSp+Qu6/qdqh5EkWFVUWZ
Ml+jxtCetIA030fV8FCFC4eAMfmeijGRqGbOiM/XdNL27C4ZoT5metzDX27jQdfG
aU85+2OrkwduZhQRE8TLGkOgwSPAEM+AQcAalYKDMpkbKhVZ6tsImx3sSyVistXq
qJ0mMy9YwEbHody7wFfEC5+W+Q83NeYxKbQd3fNrI/NMBSlDODkoBrmHwBat/DBj
Tm82v28/fsl966lGe1BuoD2nLNQtZkrJmc0EmkBk5qPPtfCMwLnmh819MdOzyenZ
Uayr7L9E/bpwH1AM1mIKSSRKaBCkbFRVewIpNe2oCZokEYFPJYTAAiRJFRbXGykX
iw8PLlkcYFLMCaTtY1NeRkhjCGxtlYltnH+MkyyNUWS8cQHwy/32vxMv/p8FScgf
PxT4XgwFjvupV7qvVXdvdyKQF78k7FrfwMmDn9D7KHv7d1fvFgKxN2pLbGG59VVA
glNbzgmZWKVpjwEvCotv30LWYfSlYUrvtaLI22s1liu/5QgjEkA=
=AQf3
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programske biblioteke libextractor

Otkriveni su sigurnosni nedostaci programske biblioteke libextractor za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja. Savjetuje...

Close