==========================================================================
Ubuntu Security Notice USN-2371-1
October 08, 2014
exuberant-ctags vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
Summary:
Exuberant Ctags could be made to consume resources.
Software Description:
– exuberant-ctags: build tag file indexes of source code definitions
Details:
It was discovered that Exuberant Ctags incorrectly handled certain minified
js files. An attacker could use this issue to possibly cause Exuberant
Ctags to consume resources, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
exuberant-ctags 1:5.9~svn20110310-7ubuntu0.1
Ubuntu 12.04 LTS:
exuberant-ctags 1:5.9~svn20110310-3ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2371-1
CVE-2014-7204
Package Information:
https://launchpad.net/ubuntu/+source/exuberant-ctags/1:5.9~svn20110310-7ubuntu0.1
https://launchpad.net/ubuntu/+source/exuberant-ctags/1:5.9~svn20110310-3ubuntu0.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
iQIcBAEBCgAGBQJUNWzAAAoJEGVp2FWnRL6T+D0P/17oh5cnWcuodobuDPNjFxFW
Sswa9ktp3MItZ50+syghY6xm3OJe0AfxMLjt45fAKY0MUoKGNnTTh1NpCdBAAYKh
TN+d+7r21T3stJDyoaZWvGE7yJZhSEBEDmGhyBsX156h/EFhUiqqfxuANEaWIVmJ
dL7OUbv2Zk+JBlylpI5AzNnnK69HRWlu+V0GJcpswih7bQ9lTSLpDZdKRiGdO/+y
5ZLdFxu08XsporsLEAEUoFr2ML0eYkOAgNRUYAXJBM6ul+qARD2XLkoEkL/XSoCO
BFxUYBWfZDYdHnIzBFRlCepUsvNnFDM+oAnZkBx6v0Stjm7pEcqATc2umyWZ5c0W
wHlwoINfOeoXfDzSEz+aWsvzP9CtiCU66TzZLP4n7O0QT8efl4s8qoNUhsOKrIka
aKlB+NjkU8vmY91BPM8gfyLBPieOjfUgoHjX/bRLjxBbnx2ujlm8lZbXtQUoY//E
EmhUKdvubUfqV+/jeycwJhPoM0jYVsDMHKXcwZluFGZ8ppb4rSAg1zc9UZErz72N
EJuy2i4MZgY9QeVeR6gcL4UvFiZpmskwc7O5TPl6qAZylfpy2Fji5SWBSPJczEBj
eJqmBrI3nWKb3V0tbIJ7/FgpPNzg4HDiwgOio9uEca1BoFAFYgKqFEx/6rRXs2gk
fifqrWrWBdFaDnEvtNPs
=axQV
—–END PGP SIGNATURE—–
—