It was discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could use this issue to cause libXpm to crash, resulting in a denial of service, or possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libxpm-dev", "binary_version": "1:3.5.10-1ubuntu0.1" }, { "binary_name": "libxpm-dev-dbgsym", "binary_version": "1:3.5.10-1ubuntu0.1" }, { "binary_name": "libxpm4", "binary_version": "1:3.5.10-1ubuntu0.1" }, { "binary_name": "libxpm4-dbg", "binary_version": "1:3.5.10-1ubuntu0.1" }, { "binary_name": "libxpm4-dbgsym", "binary_version": "1:3.5.10-1ubuntu0.1" }, { "binary_name": "xpmutils", "binary_version": "1:3.5.10-1ubuntu0.1" }, { "binary_name": "xpmutils-dbgsym", "binary_version": "1:3.5.10-1ubuntu0.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libxpm-dev", "binary_version": "1:3.5.11-1ubuntu0.16.04.1" }, { "binary_name": "libxpm-dev-dbgsym", "binary_version": "1:3.5.11-1ubuntu0.16.04.1" }, { "binary_name": "libxpm4", "binary_version": "1:3.5.11-1ubuntu0.16.04.1" }, { "binary_name": "libxpm4-dbg", "binary_version": "1:3.5.11-1ubuntu0.16.04.1" }, { "binary_name": "libxpm4-dbgsym", "binary_version": "1:3.5.11-1ubuntu0.16.04.1" }, { "binary_name": "xpmutils", "binary_version": "1:3.5.11-1ubuntu0.16.04.1" }, { "binary_name": "xpmutils-dbgsym", "binary_version": "1:3.5.11-1ubuntu0.16.04.1" } ] }