Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5999-1

Ubuntu Security Notice 5999-1 - It was discovered that trim-newlines incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

Packet Storm
#vulnerability#ubuntu#dos

==========================================================================
Ubuntu Security Notice USN-5999-1
April 05, 2023

node-trim-newlines vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS

Summary:

A security issue was fixed in trim-newlines.

Software Description:

  • node-trim-newlines: Trim newlines from the start and/or end of a string

Details:

It was discovered that trim-newlines incorrectly handled certain inputs.
If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2021-33623)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
node-trim-newlines 1.0.0-1ubuntu0.20.04.1

Ubuntu 18.04 LTS:
node-trim-newlines 1.0.0-1ubuntu0.18.04.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5999-1
CVE-2021-33623

Package Information:

https://launchpad.net/ubuntu/+source/node-trim-newlines/1.0.0-1ubuntu0.20.04.1

https://launchpad.net/ubuntu/+source/node-trim-newlines/1.0.0-1ubuntu0.18.04.1

Related news

CVE-2021-33623: trim-newlines

The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution