==========================================================================
Ubuntu Security Notice USN-4518-1
September 17, 2020

xawtv vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

xawtv could be made to expose sensitive information and escalate
user privileges if it received specially crafted input.

Software Description:
- xawtv: X11 program for watching TV

Details:

Matthias Gerstner discovered that xawtv incorrectly handled opening files.
A local attacker could possibly use this issue to open and write to
arbitrary files and escalate privileges. (CVE-2020-13696)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  alevtd                          3.103-3+deb8u1build0.16.04.1
  fbtv                            3.103-3+deb8u1build0.16.04.1
  pia                             3.103-3+deb8u1build0.16.04.1
  radio                           3.103-3+deb8u1build0.16.04.1
  scantv                          3.103-3+deb8u1build0.16.04.1
  streamer                        3.103-3+deb8u1build0.16.04.1
  ttv                             3.103-3+deb8u1build0.16.04.1
  v4l-conf                        3.103-3+deb8u1build0.16.04.1
  webcam                          3.103-3+deb8u1build0.16.04.1
  xawtv                           3.103-3+deb8u1build0.16.04.1
  xawtv-plugin-qt                 3.103-3+deb8u1build0.16.04.1
  xawtv-plugins                   3.103-3+deb8u1build0.16.04.1
  xawtv-tools                     3.103-3+deb8u1build0.16.04.1

In general, a standard system update will make all the necessary changes.

References:
  https://usn.ubuntu.com/4518-1
  CVE-2020-13696

Package Information:
  https://launchpad.net/ubuntu/+source/xawtv/3.103-3+deb8u1build0.16.04.1