About Ubuntu

=========================================================== Ubuntu Security Notice USN-527-1 October 05, 2007 xen-3.0 vulnerability CVE-2007-4993 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: xen-utils-3.0 3.0.3-0ubuntu10.1 In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: Joris van Rantwijk discovered that the Xen host did not correctly validate the contents of a Xen guests's grug.conf file. Xen guest root users could exploit this to run arbitrary commands on the host when the guest system was rebooted.

=========================================================== Ubuntu Security Notice USN-526-1 October 04, 2007 debian-goodies vulnerability CVE-2007-3912 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: debian-goodies 0.23ubuntu0.6.06.1 Ubuntu 6.10: debian-goodies 0.23ubuntu0.6.10.1 Ubuntu 7.04: debian-goodies 0.27ubuntu0.1 In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: Thomas de Grenier de Latour discovered that the checkrestart program included in debian-goodies did not correctly handle shell meta-characters. A local attacker could exploit this to gain the privileges of the user running checkrestart.

=========================================================== Ubuntu Security Notice USN-525-1 October 04, 2007 libsndfile vulnerability CVE-2007-4974 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libsndfile1 1.0.12-3ubuntu1 Ubuntu 6.10: libsndfile1 1.0.16-1ubuntu0.6.10.1 Ubuntu 7.04: libsndfile1 1.0.16-1ubuntu0.7.04.1 After a standard system upgrade you need to restart your session to affect the necessary changes. Details follow: Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges.

=========================================================== Ubuntu Security Notice USN-524-1 October 04, 2007 openoffice.org/-amd64 vulnerability CVE-2007-2834 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: openoffice.org-core 2.0.2-2ubuntu12.5 openoffice.org2-base 2.0.2-2ubuntu12.5 Ubuntu 6.10: openoffice.org-core 2.0.4-0ubuntu7 Ubuntu 7.04: openoffice.org-core 2.2.0-1ubuntu5 After a standard system upgrade you need to restart OpenOffice to affect the necessary changes. Details follow: An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with user privileges.

=========================================================== Ubuntu Security Notice USN-523-1 October 03, 2007 imagemagick vulnerabilities CVE-2007-4985, CVE-2007-4986, CVE-2007-4987, CVE-2007-4988 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libmagick9 6:6.2.4.5-0.6ubuntu0.7 Ubuntu 6.10: libmagick9 7:6.2.4.5.dfsg1-0.10ubuntu0.4 Ubuntu 7.04: libmagick9 7:6.2.4.5.dfsg1-0.14ubuntu0.2 In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: Multiple vulnerabilities were found in the image decoders of ImageMagick. If a user or automated system were tricked into processing a malicious DCM, DIB, XBM, XCF, or XWD image, a remote attacker could execute arbitrary code with user privileges.

=========================================================== Ubuntu Security Notice USN-522-1 September 29, 2007 openssl vulnerabilities CVE-2007-3108, CVE-2007-5135 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libssl0.9.8 0.9.8a-7ubuntu0.4 Ubuntu 6.10: libssl0.9.8 0.9.8b-2ubuntu2.1 Ubuntu 7.04: libssl0.9.8 0.9.8c-4ubuntu0.1 After a standard system upgrade you need to reboot your computer to affect the necessary changes. Details follow: It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. (CVE-2007-3108) Moritz Jodeit discovered that OpenSSL's SSL_get_shared_ciphers function did not correctly check the size of the buffer it was writing to. A remote attacker could exploit this to write one NULL byte past the end of an application's cipher list buffer, possibly leading to arbitrary code execution or a denial of service. (CVE-2007-5135)

=========================================================== Ubuntu Security Notice USN-521-1 September 27, 2007 libmodplug vulnerability CVE-2006-4192 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libmodplug0c2 1:0.7-5ubuntu0.6.06.1 Ubuntu 6.10: libmodplug0c2 1:0.7-5ubuntu0.6.10.1 In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: Luigi Auriemma discovered that libmodplug did not properly sanitize its input. A specially crafted AMF file could be used to exploit this situation to cause buffer overflows and possibly execute arbitrary code as the user.

=========================================================== Ubuntu Security Notice USN-520-1 September 26, 2007 fetchmail vulnerabilities CVE-2007-1558, CVE-2007-4565 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: fetchmail 6.3.2-2ubuntu2.2 Ubuntu 6.10: fetchmail 6.3.4-1ubuntu4.2 Ubuntu 7.04: fetchmail 6.3.6-1ubuntu2.1 In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. (CVE-2007-1558) Earl Chew discovered that fetchmail can be made to de-reference a NULL pointer when contacting SMTP servers. This vulnerability can be used by attackers who control the SMTP server to crash fetchmail and cause a denial of service. (CVE-2007-4565)

=========================================================== Ubuntu Security Notice USN-519-1 September 25, 2007 elinks vulnerability CVE-2007-5034 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: elinks 0.10.6-1ubuntu3.2 Ubuntu 6.10: elinks 0.11.1-1ubuntu2.2 Ubuntu 7.04: elinks 0.11.1-1.2ubuntu2.2 In general, a standard system upgrade is sufficient to affect the necessary changes. Details follow: Kalle Olavi Niemitalo discovered that if elinks makes a POST request to an HTTPS URL through a proxy, information may be sent in clear-text between elinks and the proxy. Attackers with access to the network could steal sensitive information (such as passwords).

=========================================================== Ubuntu Security Notice USN-518-1 September 25, 2007 linux-source-2.6.15/17/20 vulnerabilities CVE-2007-3731, CVE-2007-3739, CVE-2007-3740, CVE-2007-4573 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-29-386 2.6.15-29.60 linux-image-2.6.15-29-686 2.6.15-29.60 linux-image-2.6.15-29-amd64-generic 2.6.15-29.60 linux-image-2.6.15-29-amd64-k8 2.6.15-29.60 linux-image-2.6.15-29-amd64-server 2.6.15-29.60 linux-image-2.6.15-29-amd64-xeon 2.6.15-29.60 linux-image-2.6.15-29-hppa32 2.6.15-29.60 linux-image-2.6.15-29-hppa32-smp 2.6.15-29.60 linux-image-2.6.15-29-hppa64 2.6.15-29.60 linux-image-2.6.15-29-hppa64-smp 2.6.15-29.60 linux-image-2.6.15-29-itanium 2.6.15-29.60 linux-image-2.6.15-29-itanium-smp 2.6.15-29.60 linux-image-2.6.15-29-k7 2.6.15-29.60 linux-image-2.6.15-29-mckinley 2.6.15-29.60 linux-image-2.6.15-29-mckinley-smp 2.6.15-29.60 linux-image-2.6.15-29-powerpc 2.6.15-29.60 linux-image-2.6.15-29-powerpc-smp 2.6.15-29.60 linux-image-2.6.15-29-powerpc64-smp 2.6.15-29.60 linux-image-2.6.15-29-server 2.6.15-29.60 linux-image-2.6.15-29-server-bigiron 2.6.15-29.60 linux-image-2.6.15-29-sparc64 2.6.15-29.60 linux-image-2.6.15-29-sparc64-smp 2.6.15-29.60 Ubuntu 6.10: linux-image-2.6.17-12-386 2.6.17.1-12.41 linux-image-2.6.17-12-generic 2.6.17.1-12.41 linux-image-2.6.17-12-hppa32 2.6.17.1-12.41 linux-image-2.6.17-12-hppa64 2.6.17.1-12.41 linux-image-2.6.17-12-itanium 2.6.17.1-12.41 linux-image-2.6.17-12-mckinley 2.6.17.1-12.41 linux-image-2.6.17-12-powerpc 2.6.17.1-12.41 linux-image-2.6.17-12-powerpc-smp 2.6.17.1-12.41 linux-image-2.6.17-12-powerpc64-smp 2.6.17.1-12.41 linux-image-2.6.17-12-server 2.6.17.1-12.41 linux-image-2.6.17-12-server-bigiron 2.6.17.1-12.41 linux-image-2.6.17-12-sparc64 2.6.17.1-12.41 linux-image-2.6.17-12-sparc64-smp 2.6.17.1-12.41 Ubuntu 7.04: linux-image-2.6.20-16-386 2.6.20-16.32 linux-image-2.6.20-16-generic 2.6.20-16.32 linux-image-2.6.20-16-hppa32 2.6.20-16.32 linux-image-2.6.20-16-hppa64 2.6.20-16.32 linux-image-2.6.20-16-itanium 2.6.20-16.32 linux-image-2.6.20-16-lowlatency 2.6.20-16.32 linux-image-2.6.20-16-mckinley 2.6.20-16.32 linux-image-2.6.20-16-powerpc 2.6.20-16.32 linux-image-2.6.20-16-powerpc-smp 2.6.20-16.32 linux-image-2.6.20-16-powerpc64-smp 2.6.20-16.32 linux-image-2.6.20-16-server 2.6.20-16.32 linux-image-2.6.20-16-server-bigiron 2.6.20-16.32 linux-image-2.6.20-16-sparc64 2.6.20-16.32 linux-image-2.6.20-16-sparc64-smp 2.6.20-16.32 After a standard system upgrade you need to reboot your computer to affect the necessary changes. Details follow: Evan Teran discovered that the Linux kernel ptrace routines did not correctly handle certain requests robustly. Local attackers could exploit this to crash the system, causing a denial of service. (CVE-2007-3731) It was discovered that hugetlb kernels on PowerPC systems did not prevent the stack from colliding with reserved kernel memory. Local attackers could exploit this and crash the system, causing a denial of service. (CVE-2007-3739) It was discovered that certain CIFS filesystem actions did not honor the umask of a process. Local attackers could exploit this to gain additional privileges. (CVE-2007-3740) Wojciech Purczynski discovered that the Linux kernel ia32 syscall emulation in x86_64 kernels did not correctly clear the high bits of registers. Local attackers could exploit this to gain root privileges. (CVE-2007-4573)