CVE-2017-1000229 Ubuntu Security Notification for Optipng Vulnerability (USN-3495-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that OptiPNG incorrectly handled memory.

漏洞危害

A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code.

解决方案

Refer to Ubuntu advisory USN-3495-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3495-1: 16.04 (Xenial) on src (optipng)

USN-3495-1: 17.10 (artful) on src (optipng)

USN-3495-1: 17.04 (zesty) on src (optipng)

USN-3495-1: 14.04 (Kylin) on src (optipng)

Leave a Reply