You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libsoup2.4

Sigurnosni nedostatak programske biblioteke libsoup2.4

by Marina Dimic Vugec - 0

==========================================================================
Ubuntu Security Notice USN-3701-1
July 03, 2018

libsoup2.4 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 17.10
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

libsoup could be made to crash if it received a specially crafted
input.

Software Description:
– libsoup2.4: HTTP client/server library for GNOME

Details:

It was discovered that libsoup incorrectly handled certain cookie
requests. An attacker could possibly use this to cause a denial of
service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
libsoup2.4-1                    2.62.1-1ubuntu0.1

Ubuntu 17.10:
libsoup2.4-1                    2.60.1-1ubuntu0.1

Ubuntu 16.04 LTS:
libsoup2.4-1                    2.52.2-1ubuntu0.3

Ubuntu 14.04 LTS:
libsoup2.4-1                    2.44.2-1ubuntu2.3

In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-3701-1
CVE-2018-12910

Package Information:
https://launchpad.net/ubuntu/+source/libsoup2.4/2.62.1-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libsoup2.4/2.60.1-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libsoup2.4/2.52.2-1ubuntu0.3
https://launchpad.net/ubuntu/+source/libsoup2.4/2.44.2-1ubuntu2.3—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJbO8v6AAoJEEW851uECx9pNp8P/2rg9Vpu20CG7H4Czv/pgqY5
Zsa/uZAOIuwiIg12dz58RR5UVDZEe8SN3L1dti80xCA+4x7QKLdQ2UT0XuxYER8/
40jqzr+AO42s5o0PFP07u64ak5PGkxT2gummNvj83qgkZeCTQV7HM382Y4wwoBvU
vIu8Zxzggu+7MErMfTFjBXVIpZanlN7pnvvw87nR612bhqWR7Yie9xBynL2+hgtc
dwcKH7mRt9jdlZhlkYVeUJnMiBtdEoJfRwACI+oGIzDcdgYa/v3DZGB5HN1ltJcn
4WVRF/y2BsTMXTMr+xy4xMz3GC/9EX1AW2OYNg9nqmGRMe6HnBkV5hoNP28BJu1x
LUP63TGicwT4b67Qjtq7dCEoTDWkGi5mpbH7mgnEafp1Mq7Wv08stan05Z6DC6IS
Fh3iSYiGM4NUrxAzOcEG8L2o/Q38ky6cN1s68BXhT9gAPQEkGcQc0zOKDsQrgrgV
1emxL3hLjgJ7cz6szFyea0yoSVVuN8SePAGUZsuWos3vJ0BfzztH69SlzvL/rR8n
3bkofx9qvl/xF3WqE5SltymxG9LhVZGl+DFX5sgheCVU9Q3eSLeuPj//4sw7ojQi
XWupViV/eEmbPCV/wzm9zUpZ/6AmkFLjXP7K6MoSFFh0169x2dVNoU1ELsUSCPjp
rBIrdv0FCysNoeWwfz34
=DJDv
—–END PGP SIGNATURE—–

Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libsoup

Otkriven je sigurnosni nedostatak programske biblioteke libsoup za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuju izazivanje DoS stanja. Savjetuje...

Close