You are here
Home > Preporuke > Ranjivost programske biblioteke lzo2

Ranjivost programske biblioteke lzo2

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-2300-1
July 24, 2014

lzo2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS

Summary:

LZO could be made to crash or run programs if it processed specially
crafted data.

Software Description:
– lzo2: data compression library

Details:

Don A. Bailey discovered that LZO incorrectly handled certain input data.
An attacker could use this issue to cause LZO to crash, resulting in a
denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
liblzo2-2 2.06-1.2ubuntu1.1

Ubuntu 12.04 LTS:
liblzo2-2 2.06-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2300-1
CVE-2014-4607

Package Information:
https://launchpad.net/ubuntu/+source/lzo2/2.06-1.2ubuntu1.1
https://launchpad.net/ubuntu/+source/lzo2/2.06-1ubuntu0.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJT0Q6SAAoJEGVp2FWnRL6TZ4sQAK+l0DTuQk4ldun0+yDU6kWB
WdznW5UgOkB/PR5ETANi+0e8uoDg23pslkNhS+2KOvyEMBpjHUp8geLNhapmk9CX
EhkfrBdaOXAAdHXWgikajm9PcsLM5lASX2d2KQSG0rNbK7zEfFnUPg6SiiAMZS2F
umQEB+KosrRV1rScykW0QZs5DbfvpYWRh4qcx+L78FtthjSaJDpq5E6sIdSrnmj2
krkUeNpUoHr4SWX8T4NNtD/f2UHRziLja+plEDRJ4z8DxviV09/3sSkkJTUOG3wt
itO2Vk/Bi8XeDLwmpoxE3N4Yezy1NHHLQhMtKnJutcz8Ag7aSlJe+yPwqdPHf+75
7Equkr08VUq53kyqydBRMj2CJWCv+7znNk8SZlpD0k7hVxi2fnGn22tFREgT3FHF
HPv8QNMocZvnlQ8c/KQoyGT71Nj2g7niVrDDwvW51WnaKxT8S1Q2aScwqMBzL6BW
mHGjFX/uobBsXpeSdknHOg6uCzkWMtyOryagB8Ov5asFWdERpS/W+3Q5jzcP+tqP
hx2r2lcNaBQiZLwn90B/qHCKFClKCYifGxtDDjp4PiT6cwszyXee6mql4HHqGFN6
1b7DMwI2wVxTVYR5JGfi5pkeBpa1ClMWuvfL+eWYp9wb+ZEzzxOrHuzanoEPSFqD
9gXdEYF11Gs7rL4sBxaW
=07kH
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Nadogradnja za firefox

Izdana je nadogradnja za otklanjanje više ranjivosti web preglednika, firefox, za Fedoru. Otkrivene ranjivosti mogle su biti iskorištene za uskraćivanje...

Close