USN-2371-1: Exuberant Ctags vulnerability

8 October 2014

exuberant-ctags vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Exuberant Ctags could be made to consume resources.

Software Description

  • exuberant-ctags - build tag file indexes of source code definitions

Details

It was discovered that Exuberant Ctags incorrectly handled certain minified js files. An attacker could use this issue to possibly cause Exuberant Ctags to consume resources, resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 LTS
exuberant-ctags - 1:5.9~svn20110310-7ubuntu0.1
Ubuntu 12.04 LTS
exuberant-ctags - 1:5.9~svn20110310-3ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References