Univention Bugzilla – Bug 31444
libxv: Multiple issues (2.4)
Last modified: 2019-04-11 19:24:36 CEST
CVE-2013-1989 CVE-2013-2066 Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.
The maintenance with bug and security fixes for UCS 2.4-x has ended on the 31st of December 2013. Customers still on UCS 2.4-x are encouraged to update to UCS 3.x. Please contact your partner or Univention for any questions.