USN-3770-1: Little CMS vulnerabilities
20 September 2018
Several security issues were fixed in Little CMS.
- lcms2 - Little CMS color management library
Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
Quang Nguyen discovered that Little CMS incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart applications using Little
CMS to make all the necessary changes.
- USN-3770-2: lcms2, liblcms2-2, lcms, liblcms-utils, liblcms2-utils, liblcms1