USN-6163-1: pano13 vulnerabilities
14 June 2023
pano13 could be made to crash or run programs as your login if it opened a specially crafted file.
Releases
Packages
- libpano13 - panorama tools library
Details
It was discovered that pano13 did not properly validate the prefix provided
for PTcrop's output. An attacker could use this issue to cause pano13 to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-20307)
It was discovered that pano13 did not properly handle certain crafted TIFF
images. An attacker could use this issue to cause pano13 to crash,
resulting in a denial of service. (CVE-2021-33293)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04
-
libpano13-3
-
2.9.20~rc3+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
libpano13-bin
-
2.9.20~rc3+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
libpano13-dev
-
2.9.20~rc3+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04
-
libpano13-3
-
2.9.19+dfsg-3ubuntu0.20.04.1
-
libpano13-bin
-
2.9.19+dfsg-3ubuntu0.20.04.1
-
libpano13-dev
-
2.9.19+dfsg-3ubuntu0.20.04.1
Ubuntu 18.04
-
libpano13-3
-
2.9.19+dfsg-3ubuntu0.18.04.1~esm1
Available with Ubuntu Pro
-
libpano13-bin
-
2.9.19+dfsg-3ubuntu0.18.04.1~esm1
Available with Ubuntu Pro
-
libpano13-dev
-
2.9.19+dfsg-3ubuntu0.18.04.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04
-
libpano13-3
-
2.9.19+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
-
libpano13-bin
-
2.9.19+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
-
libpano13-dev
-
2.9.19+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 14.04
-
libpano13-2
-
2.9.18+dfsg-6ubuntu2+esm1
Available with Ubuntu Pro
-
libpano13-bin
-
2.9.18+dfsg-6ubuntu2+esm1
Available with Ubuntu Pro
-
libpano13-dev
-
2.9.18+dfsg-6ubuntu2+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.