USN-693-1: LittleCMS vulnerability
17 December 2008
LittleCMS vulnerability
Releases
Packages
- lcms -
Details
It was discovered that certain gamma operations in lcms were not
correctly bounds-checked. If a user or automated system were tricked into
processing a malicious image, a remote attacker could crash applications
linked against liblcms1, leading to a denial of service, or possibly
execute arbitrary code with user privileges.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 8.10
Ubuntu 8.04
Ubuntu 7.10
In general, a standard system upgrade is sufficient to effect the
necessary changes.
References
Related notices
- USN-652-1: liblcms1, lcms