Linux News Today: Libpng Vulnerabilities Fixed in All Supported Ubuntu OSes
Canonical revealed details about three libpng vulnerabilities that have been identified and repaired in Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS.
As the name suggests, libpng is the PNG (Portable Network Graphics) file library and this is quite an important one. It’s used all the time, so users are quite exposed. Fixing the vulnerabilities and updating the system is thus a really good idea.
“It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program,” reads the security notice.
This is just one of the vulnerabilities found and fixed. For a more detailed description of the problems, you can see Canonical’s security notification. Users have been advised to upgrade their systems as soon as possible.
The flaws can be fixed if you upgrade your system to the latest libpng12-0 package specific to each distribution. To apply the patch, users will have to run the Update Manager application. In general, a standard system update will make all the necessary changes, and there is no need for a restart. Also, keep in mind that all the support Ubuntu OSes have been affected by these issues, so upgrading is important.