|
|
Log in / Subscribe / Register

Ubuntu alert USN-7972-2 (opencc)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-7972-2] OpenCC vulnerability


Date:
              Tue, 26 May 2026 21:05:59 +0000


Message-ID:
              <E1wRyyN-0007EG-AW@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-7972-2
May 26, 2026

opencc vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

OpenCC could be made to crash if it received specially crafted input.

Software Description:
- opencc: simplified-traditional Chinese conversion library

Details:

USN-7972-1 fixed a vulnerability in OpenCC. This update provides the
corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

Original advisory details:

 It was discovered that OpenCC incorrectly handled truncated UTF-8  input.
 An attacker could possibly use this issue to cause OpenCC to  crash,
 resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
  libopencc2                      1.0.5+git20190530-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  opencc                          1.0.5+git20190530-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libopencc2                      1.0.4-5ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  opencc                          1.0.4-5ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7972-2
  https://ubuntu.com/security/notices/USN-7972-1
  CVE-2025-15536




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmoWCygACgkQcpJm3tlz
hgEDzBAAmqkNO9XCr1rTOH11hXZEPpVI3IkvpvbYsOt2hx63Kxc7VfWfHsKGDbKF
wVajBMJoUY7MBhnOb5IRTk7bOup+0G/cvP2Py5lKzN+qrm50k59Z6gLRxKdX9sri
tLpkAWDJLEKnovDkHb7RNv0OKOCjDhnCPDKfPQ1D/Y+HCDmfzXKsygKJqsN+GR5c
TsYtxhdyk0JJQvedAkXVIN1Qn9TDPeLyE7jNPouZK8dmZCCIsYs/bhj21BmbTQE7
40AxIX6dkerDcNTOsHOdLch2mAVblCVvAzskJglaGsIVNGkNUfjp/wGrubDgjv/D
VPzu7mm7CfJ3+JQZQsi1SIYOdAm/iE1XSCyvFYdpBr4PIHR6I4T/tcKm0v/wzKSW
hE8n06gWXqdTBO4rKC4awo5eEOV+SRz9d8dDfaDd+oQuL5WE7Y2xbin/I1E38Ubu
isuFxFdfGPSx2QkRuZsZst3meIMWlAxD8q+HiGetyhtYUGj3Se1Igyk83IkPnswc
1gmaJihE8VX19dwY5uoqvf6ddERqdCOqNzHoDW8mzZFrlREUvw6/gDmAfqQrMtZf
4aANo798m3aH7Ymv7cNYCr+wMYcP4Qd6+PfBPkQK6dfBASixNW4mLbGmDkOrDr9r
GWgR0qBaqDiMBdbpEOg73IINNPNwfvL2ADAIZZBJxfU560AAVsM=
=YiVu
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds