[USN-5476-1] Liblouis vulnerabilities


========================================================================== Ubuntu Security Notice USN-5476-1 June 13, 2022
liblouis vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 22.04 LTS – Ubuntu 21.10 – Ubuntu 20.04 LTS – Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in liblouis.
Software Description: – liblouis: Braille translation library – utilities
Details:
Han Zheng discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue was addressed in Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2022-26981)
It was discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2022-31783)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS: liblouis-bin 3.20.0-2ubuntu0.1 liblouis20 3.20.0-2ubuntu0.1
Ubuntu 21.10: liblouis-bin 3.18.0-1ubuntu0.2 liblouis20 3.18.0-1ubuntu0.2
Ubuntu 20.04 LTS: liblouis-bin 3.12.0-3ubuntu0.1 liblouis20 3.12.0-3ubuntu0.1
Ubuntu 18.04 LTS: liblouis-bin 3.5.0-1ubuntu0.4 liblouis14 3.5.0-1ubuntu0.4
In general, a standard system update will make all the necessary changes.
References: ubuntu.com/security/notices/USN-5476-1 CVE-2022-26981, CVE-2022-31783
Package Information: launchpad.net/ubuntu/+source/liblouis/3.20.0-2ubuntu0.1 launchpad.net/ubuntu/+source/liblouis/3.18.0-1ubuntu0.2 launchpad.net/ubuntu/+source/liblouis/3.12.0-3ubuntu0.1 launchpad.net/ubuntu/+source/liblouis/3.5.0-1ubuntu0.4