Little CMS Vulnerability Fixed in Ubuntu 12.10

A couple of other distributions have been affected by this problem

On July 29, Canonical published in a security notice details about a CMS vulnerability for its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.

According to Canonical, Little CMS could be made to crash if it opened a specially crafted file.

For example, it has been discovered that Little CMS did not properly verify certain memory allocations. If a user or an automated system using Little CMS was tricked into opening a specially crafted file, an attacker could have caused Little CMS to crash.

For a more detailed description of the security problems, you can visit Canonical's security notification.

The security flaws can be fixed if you upgrade your system(s) to the liblcms2-2 package, specific to each distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart will not be necessary to implement the changes.

Hot right now  ·  Latest news