========================================================================== Ubuntu Security Notice USN-3669-1 June 04, 2018 liblouis vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 17.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Liblouis. Software Description: - liblouis: Braille translation library - utilities Details: It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-11410) It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. (CVE-2018-11440) It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2018-11577) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: liblouis-bin 3.5.0-1ubuntu0.1 liblouis14 3.5.0-1ubuntu0.1 Ubuntu 17.10: liblouis-bin 3.0.0-3ubuntu1.1 liblouis12 3.0.0-3ubuntu1.1 Ubuntu 16.04 LTS: liblouis-bin 2.6.4-2ubuntu0.2 liblouis9 2.6.4-2ubuntu0.2 Ubuntu 14.04 LTS: liblouis-bin 2.5.3-2ubuntu1.3 liblouis2 2.5.3-2ubuntu1.3 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3669-1 CVE-2018-11410, CVE-2018-11440, CVE-2018-11577 Package Information: https://launchpad.net/ubuntu/+source/liblouis/3.5.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/liblouis/3.0.0-3ubuntu1.1 https://launchpad.net/ubuntu/+source/liblouis/2.6.4-2ubuntu0.2 https://launchpad.net/ubuntu/+source/liblouis/2.5.3-2ubuntu1.3