Headline
Ubuntu Security Notice USN-5996-1
Ubuntu Security Notice 5996-1 - It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
=========================================================================Ubuntu Security Notice USN-5996-1April 04, 2023liblouis vulnerabilities=========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.10- Ubuntu 22.04 LTS- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS- Ubuntu 16.04 ESMSummary:Several security issues were fixed in liblouis.Software Description:- liblouis: Braille translation library - utilitiesDetails:It was discovered that Liblouis incorrectly handled certain files.An attacker could possibly use this issue to cause a denial of service.(CVE-2023-26767, CVE-2023-26768, CVE-2023-26769)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.10: liblouis-bin 3.22.0-2ubuntu0.1 liblouis20 3.22.0-2ubuntu0.1Ubuntu 22.04 LTS: liblouis-bin 3.20.0-2ubuntu0.2 liblouis20 3.20.0-2ubuntu0.2Ubuntu 20.04 LTS: liblouis-bin 3.12.0-3ubuntu0.2 liblouis20 3.12.0-3ubuntu0.2Ubuntu 18.04 LTS: liblouis-bin 3.5.0-1ubuntu0.5 python-louis 3.5.0-1ubuntu0.5Ubuntu 16.04 ESM: liblouis-bin 2.6.4-2ubuntu0.4+esm1 liblouis9 2.6.4-2ubuntu0.4+esm1In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-5996-1 CVE-2023-26767, CVE-2023-26768, CVE-2023-26769Package Information: https://launchpad.net/ubuntu/+source/liblouis/3.22.0-2ubuntu0.1 https://launchpad.net/ubuntu/+source/liblouis/3.20.0-2ubuntu0.2 https://launchpad.net/ubuntu/+source/liblouis/3.12.0-3ubuntu0.2 https://launchpad.net/ubuntu/+source/liblouis/3.5.0-1ubuntu0.5
Related news
Gentoo Linux Security Advisory 202409-18 - Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. Versions greater than or equal to 3.25.0 are affected.
Ubuntu Security Notice 5996-2 - USN-5996-1 fixed vulnerabilities in Liblouis. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint.
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions.
Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c.