==========================================================================
Ubuntu Security Notice USN-3815-2
November 12, 2018
gettext vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 12.04 ESM
Summary:
gettext could be made to execute arbitrary code if it received
a specially crafted message.
Software Description:
– gettext: GNU Internationalization utilities
Details:
USN-3815-1 fixed a vulnerability in gettext. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that gettext incorrectly handled certain messages.
An attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
gettext 0.18.1.1-5ubuntu3.1
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3815-2
https://usn.ubuntu.com/usn/usn-3815-1
CVE-2018-18751—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJb6YAhAAoJEEW851uECx9plfsP+wYkQJvtkzAIiHy2vmdfH1eg
oPfb91SCegtaqyxrALmiTIjv7LYEzv8/vATrGPIgkbETOJvMrBCP6+kVhWTFuwAO
Mbi3tJyvBtPmHeA9RtmDzCAWhnGdhoqid7WiMXNflUbKgX6unJwqD0v99Zl+4owP
VvoBsN8Z9qCVzmZRXFm5/Ffq1trSPLvKqsSVMc7N8MII2eyy+Op6o9XOHPBFJYxt
ucDDK1EmmlE4RrJ1dsMCQ8JJbe754Y9tWQib+hizJgYyLyUzyv/XYyESwuJ1eTIG
aPPVr9PdvPJT5YuTR9Xc6HxiT+mhnWHNMhb9zwDxFW4h30rsUC9F7RA7ZbrjkZZC
ohUDLnz0m7uZrf1iQuyKBLki5uguKyduO/UA4tv8GJM5JptXdLAZKpczWyIFjAGp
fnvHmmanGnEPoipc+3h9FBxWeJy+0lcMGDjUthm4+yP9S6uIGT6J/LOoE6lsvmUK
Jv/44u+2C1a1ffSbpMi1S48iwFpIJBAs57iAvh2rpKzDBGv3cPV1k1OxUFPPQnue
OMrEJBmeZVmemPS/CJfDrRMyruBMCyVORaG/npSOVa+xJI4oj93U1cF49LG+ixzW
Qx31CtgvRPpVHTYIGnWpeftdSHURHUkk4CvSeJGovP2mu7G2xRXrp+dNmGg9p5Si
2G+dr/cQIxpoKImRyjLx
=65du
—–END PGP SIGNATURE—–
—
==========================================================================
Ubuntu Security Notice USN-3815-1
November 12, 2018
gettext vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS
Summary:
gettext could be made to execute arbitrary code if it received
a specially crafted message.
Software Description:
– gettext: GNU Internationalization utilities
Details:
It was discovered that gettext incorrectly handled certain messages.
An attacker could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.10:
gettext 0.19.8.1-8ubuntu0.1
Ubuntu 18.04 LTS:
gettext 0.19.8.1-6ubuntu0.1
Ubuntu 16.04 LTS:
gettext 0.19.7-2ubuntu3.1
Ubuntu 14.04 LTS:
gettext 0.18.3.1-1ubuntu3.1
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3815-1
CVE-2018-18751
Package Information:
https://launchpad.net/ubuntu/+source/gettext/0.19.8.1-8ubuntu0.1
https://launchpad.net/ubuntu/+source/gettext/0.19.8.1-6ubuntu0.1
https://launchpad.net/ubuntu/+source/gettext/0.19.7-2ubuntu3.1
https://launchpad.net/ubuntu/+source/gettext/0.18.3.1-1ubuntu3.1—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAABCAAGBQJb6XdJAAoJEEW851uECx9pwdAP/1qdjMdksKg+WUP7JiiO4Iql
O4s6AkJEJPoT75w0WSRMpOH9WnrWSrp/1c12WhCJUbLyXA0NYG1X06uUD4ZnSAG1
4PVOcupxi9Ts48Mj4g7K+VUxcn1+eG3TOYQ/euR6IKzjoOltSWlpIUht/537mSiR
VVqG8gtpLx9ohDX5LvzlNB0bWSiIwfbSSjrNdhmeA4MgwZnN65qGJlhGYRK2Pyn1
m/sZcf9StBtuudsMxDYmcOlEAcraBiV8pNVtg/8qyxMGCR+FOCIkUdko1aVrCQDc
NLhKrqggud1isOXBAS5QCUNo64/6uj/W8MXBjoAyDnpDHoI2+4TVgdUb6stsnofK
78bAJGmdhHRatYTGgy4rp/s/Xfxwg5imYx5qYYafRhJGWkm3JBL+DCdfvUyEuohO
A/Ly09BIaEGvZkcoxYNtTYHZzkLKyjRkmlhUtUEU3qX5WWLV9W2Rmk3eny72ouNH
zPN2DcnNVy6HjeBNqFK62p/3o6HNQVhO1NtP3eY6viwliS4kHSDTN/PJXQVFfgxi
B86rtWr2cwjbTKOjm7SxZdWxBdlrmrVQhYkaXMqzHnNMsvDDMxpZtSAnSfTJAlrw
SfxecibKWQM5rIICjUhjDFF+j7LoeADHeshSECgOZglfiTLq6HGZTswM7kwElgFb
s2T2C/dFa4NL+M69Spj0
=Bmvq
—–END PGP SIGNATURE—–
—