USN-4803-1: Gifsicle vulnerabilities
15 March 2021
Gifsicle could be made to crash or run programs as an administrator if it opened a specially crafted file.
Releases
Packages
- gifsicle - Tool for manipulating GIF images
Details
It was discovered that Gifsicle did not properly handle certain input. If a
user were tricked into opening a malicious GIF, an attacker could
potentially execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
gifsicle
-
1.88-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 14.04
-
gifsicle
-
1.78-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.