Ubuntu alert USN-7466-1 (kicad)
| From: | Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7466-1] KiCad vulnerabilities | |
| Date: | Mon, 28 Apr 2025 12:41:01 -0230 | |
| Message-ID: | <3a71d4d4-0c2d-45dc-9d89-3b5735b30ff2@canonical.com> |
========================================================================== Ubuntu Security Notice USN-7466-1 April 28, 2025 kicad vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: KiCad could be made to crash or run programs if it opened a specially crafted file. Software Description: - kicad: Electronic schematic and PCB design software Details: It was discovered that KiCad incorrectly handled memory when opening malicious files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary commands. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS kicad 5.1.5+dfsg1-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS kicad 4.0.7+dfsg1-1ubuntu2+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7466-1 CVE-2022-23803, CVE-2022-23804, CVE-2022-23946, CVE-2022-23947
Attachment: OpenPGP_signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- wsF5BAABCAAjFiEELOLXZEFYQHcSWEHiyfW2m9Ldu6sFAmgPmoUFAwAAAAAACgkQyfW2m9Ldu6sv ng/9EW4/Q7cFl6wpip7pt7ucTOiMl2s/Sjvx7p+UmBkL2ACzVj4bsubJYb421eV9B1Qd04g7fYSl 4j0zk7W/SaJErZVIKXHDughro0LCgL9Dp2ssFLSbHaZEwreHh6AXH6eowNmptk2ddRwSHzq9H6V4 /O1He2e+kDM6mNS7zhOMM51f+hTIV1u0R9J+iQVOZxZuDz4jqVjjUkF5gAA0WCm1sJX0Ci2RCHbB czZGIMODlcGuoIfStZ7I+e+z9OUWMJVxm8OI3Mc6WA1zd+btQH6raAs6hC/JUmWUdtOhFASnxump 9NADl80gzV4xAJoJP7Irh3xynTZ7mYsLKDqBV1+bBfcbrlsUUvs2utEPmlJqDREAThUnWZIVUMXD 37AmUkNUvyTOh4yuUfNKs+T/YRY6ZB8ZJ42Q3WWoMyCjz4aQhpXmXnGh1vAANU3HK0UZslXH0IcK GJYgK7yndw4cRfBLNpMkrb41axbbV9e/1Ka9hjwy/G1xW6mnYymyKsjIF6eED+FyK/rBY0Q5GAyz xBwUs2tiDPIgHcP3bnHvY8JcSTWihZ4RvJ4CrFSDLP9hB9U2Yj5HftoDeRMiuLbCyX7tjJyIXS0P bdCw304ym+GDkSZjPmnCKHfVXisJHCyV2HmD6cJC7DnvcLEl3lLB2l94pgST2ZHND815a44oT/HL IGk= =Xsx8 -----END PGP SIGNATURE-----
Attachment: None (type=text/plain)