DistroStuff

=========================================================== Ubuntu Security Notice USN-638-1 August 27, 2008yelp vulnerabilityCVE-2008-3533===========================================================A security issue affects the following Ubuntu releases:Ubuntu 7.10Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 7.10: yelp 2.20.0-0ubuntu3.1Ubuntu 8.04 LTS: yelp 2.22.1-0ubuntu2.8.04.3In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Aaron Grattafiori discovered that the Gnome Help Viewer did not handleformat strings correctly when displaying certain error messages. If auser were tricked into opening a specially crafted URI, a remote attackercould execute arbitrary code with user privileges.

=========================================================== Ubuntu Security Notice USN-637-1 August 25, 2008linux, linux-source-2.6.15/20/22 vulnerabilitiesCVE-2008-2812, CVE-2008-2931, CVE-2008-3272, CVE-2008-3275===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.04Ubuntu 7.10Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: linux-image-2.6.15-52-386 2.6.15-52.71 linux-image-2.6.15-52-686 2.6.15-52.71 linux-image-2.6.15-52-amd64-generic 2.6.15-52.71 linux-image-2.6.15-52-amd64-k8 2.6.15-52.71 linux-image-2.6.15-52-amd64-server 2.6.15-52.71 linux-image-2.6.15-52-amd64-xeon 2.6.15-52.71 linux-image-2.6.15-52-hppa32 2.6.15-52.71 linux-image-2.6.15-52-hppa32-smp 2.6.15-52.71 linux-image-2.6.15-52-hppa64 2.6.15-52.71 linux-image-2.6.15-52-hppa64-smp 2.6.15-52.71 linux-image-2.6.15-52-itanium 2.6.15-52.71 linux-image-2.6.15-52-itanium-smp 2.6.15-52.71 linux-image-2.6.15-52-k7 2.6.15-52.71 linux-image-2.6.15-52-mckinley 2.6.15-52.71 linux-image-2.6.15-52-mckinley-smp 2.6.15-52.71 linux-image-2.6.15-52-powerpc 2.6.15-52.71 linux-image-2.6.15-52-powerpc-smp 2.6.15-52.71 linux-image-2.6.15-52-powerpc64-smp 2.6.15-52.71 linux-image-2.6.15-52-server 2.6.15-52.71 linux-image-2.6.15-52-server-bigiron 2.6.15-52.71 linux-image-2.6.15-52-sparc64 2.6.15-52.71 linux-image-2.6.15-52-sparc64-smp 2.6.15-52.71Ubuntu 7.04: linux-image-2.6.20-17-386 2.6.20-17.39 linux-image-2.6.20-17-generic 2.6.20-17.39 linux-image-2.6.20-17-hppa32 2.6.20-17.39 linux-image-2.6.20-17-hppa64 2.6.20-17.39 linux-image-2.6.20-17-itanium 2.6.20-17.39 linux-image-2.6.20-17-lowlatency 2.6.20-17.39 linux-image-2.6.20-17-mckinley 2.6.20-17.39 linux-image-2.6.20-17-powerpc 2.6.20-17.39 linux-image-2.6.20-17-powerpc-smp 2.6.20-17.39 linux-image-2.6.20-17-powerpc64-smp 2.6.20-17.39 linux-image-2.6.20-17-server 2.6.20-17.39 linux-image-2.6.20-17-server-bigiron 2.6.20-17.39 linux-image-2.6.20-17-sparc64 2.6.20-17.39 linux-image-2.6.20-17-sparc64-smp 2.6.20-17.39Ubuntu 7.10: linux-image-2.6.22-15-386 2.6.22-15.58 linux-image-2.6.22-15-cell 2.6.22-15.58 linux-image-2.6.22-15-generic 2.6.22-15.58 linux-image-2.6.22-15-hppa32 2.6.22-15.58 linux-image-2.6.22-15-hppa64 2.6.22-15.58 linux-image-2.6.22-15-itanium 2.6.22-15.58 linux-image-2.6.22-15-lpia 2.6.22-15.58 linux-image-2.6.22-15-lpiacompat 2.6.22-15.58 linux-image-2.6.22-15-mckinley 2.6.22-15.58 linux-image-2.6.22-15-powerpc 2.6.22-15.58 linux-image-2.6.22-15-powerpc-smp 2.6.22-15.58 linux-image-2.6.22-15-powerpc64-smp 2.6.22-15.58 linux-image-2.6.22-15-rt 2.6.22-15.58 linux-image-2.6.22-15-server 2.6.22-15.58 linux-image-2.6.22-15-sparc64 2.6.22-15.58 linux-image-2.6.22-15-sparc64-smp 2.6.22-15.58 linux-image-2.6.22-15-ume 2.6.22-15.58 linux-image-2.6.22-15-virtual 2.6.22-15.58 linux-image-2.6.22-15-xen 2.6.22-15.58Ubuntu 8.04 LTS: linux-image-2.6.24-19-386 2.6.24-19.41 linux-image-2.6.24-19-generic 2.6.24-19.41 linux-image-2.6.24-19-hppa32 2.6.24-19.41 linux-image-2.6.24-19-hppa64 2.6.24-19.41 linux-image-2.6.24-19-itanium 2.6.24-19.41 linux-image-2.6.24-19-lpia 2.6.24-19.41 linux-image-2.6.24-19-lpiacompat 2.6.24-19.41 linux-image-2.6.24-19-mckinley 2.6.24-19.41 linux-image-2.6.24-19-openvz 2.6.24-19.41 linux-image-2.6.24-19-powerpc 2.6.24-19.41 linux-image-2.6.24-19-powerpc-smp 2.6.24-19.41 linux-image-2.6.24-19-powerpc64-smp 2.6.24-19.41 linux-image-2.6.24-19-rt 2.6.24-19.41 linux-image-2.6.24-19-server 2.6.24-19.41 linux-image-2.6.24-19-sparc64 2.6.24-19.41 linux-image-2.6.24-19-sparc64-smp 2.6.24-19.41 linux-image-2.6.24-19-virtual 2.6.24-19.41 linux-image-2.6.24-19-xen 2.6.24-19.41After a standard system upgrade you need to reboot your computer toeffect the necessary changes.Details follow:It was discovered that there were multiple NULL-pointer functiondereferences in the Linux kernel terminal handling code. A local attackercould exploit this to execute arbitrary code as root, or crash the system,leading to a denial of service. (CVE-2008-2812)The do_change_type routine did not correctly validation administrativeusers. A local attacker could exploit this to block mount points or causeprivate mounts to be shared, leading to denial of service or a possibleloss of privacy. (CVE-2008-2931)Tobias Klein discovered that the OSS interface through ALSA did notcorrectly validate the device number. A local attacker could exploit thisto access sensitive kernel memory, leading to a denial of service or a lossof privacy. (CVE-2008-3272)Zoltan Sogor discovered that new directory entries could be added toalready deleted directories. A local attacker could exploit this, fillingup available memory and disk space, leading to a denial of service.(CVE-2008-3275)In certain situations, the fix for CVE-2008-0598 from USN-623-1 was causinginfinite loops in the writev syscall. This update corrects the mistake. Weapologize for the inconvenience.

=========================================================== Ubuntu Security Notice USN-636-1 August 19, 2008postfix vulnerabilityCVE-2008-2936===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.04Ubuntu 7.10Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: postfix 2.2.10-1ubuntu0.2Ubuntu 7.04: postfix 2.3.8-2ubuntu0.2Ubuntu 7.10: postfix 2.4.5-3ubuntu1.2Ubuntu 8.04 LTS: postfix 2.5.1-2ubuntu1.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Sebastian Krahmer discovered that Postfix was not correctly handlingmailbox ownership when dealing with Linux's implementation of hardlinkingto symlinks. In certain mail spool configurations, a local attackercould exploit this to append data to arbitrary files as the root user.The default Ubuntu configuration was not vulnerable.

=========================================================== Ubuntu Security Notice USN-635-1 August 06, 2008xine-lib vulnerabilitiesCVE-2008-0073, CVE-2008-0225, CVE-2008-0238, CVE-2008-0486,CVE-2008-1110, CVE-2008-1161, CVE-2008-1482, CVE-2008-1686,CVE-2008-1878===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.04Ubuntu 7.10Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libxine-main1 1.1.1+ubuntu2-7.9Ubuntu 7.04: libxine-main1 1.1.4-2ubuntu3.1Ubuntu 7.10: libxine1 1.1.7-1ubuntu1.3Ubuntu 8.04 LTS: libxine1 1.1.11.1-1ubuntu3.1After a standard system upgrade you need to restart applicationslinked against xine-lib to effect the necessary changes.Details follow:Alin Rad Pop discovered an array index vulnerability in the SDPparser. If a user or automated system were tricked into opening amalicious RTSP stream, a remote attacker may be able to executearbitrary code with the privileges of the user invoking the program.(CVE-2008-0073)Luigi Auriemma discovered that xine-lib did not properly checkbuffer sizes in the RTSP header-handling code. If xine-lib opened anRTSP stream with crafted SDP attributes, a remote attacker may beable to execute arbitrary code with the privileges of the userinvoking the program. (CVE-2008-0225, CVE-2008-0238)Damian Frizza and Alfredo Ortega discovered that xine-lib did notproperly validate FLAC tags. If a user or automated system weretricked into opening a crafted FLAC file, a remote attacker may beable to execute arbitrary code with the privileges of the userinvoking the program. (CVE-2008-0486)It was discovered that the ASF demuxer in xine-lib did not properlycheck the length if the ASF header. If a user or automated systemwere tricked into opening a crafted ASF file, a remote attackercould cause a denial of service or possibly execute arbitrary codewith the privileges of the user invoking the program. (CVE-2008-1110)It was discovered that the Matroska demuxer in xine-lib did notproperly verify frame sizes. If xine-lib opened a crafted ASF file,a remote attacker could cause a denial of service or possiblyexecute arbitrary code with the privileges of the user invokingthe program. (CVE-2008-1161)Luigi Auriemma discovered multiple integer overflows in xine-lib. Ifa user or automated system were tricked into opening a crafted FLV,MOV, RM, MVE, MKV or CAK file, a remote attacker may be able toexecute arbitrary code with the privileges of the user invoking theprogram. (CVE-2008-1482)It was discovered that xine-lib did not properly validate its inputwhen processing Speex file headers. If a user or automated systemwere tricked into opening a specially crafted Speex file, anattacker could create a denial of service or possibly executearbitrary code as the user invoking the program. (CVE-2008-1686)Guido Landi discovered a stack-based buffer overflow in xine-libwhen processing NSF files. If xine-lib opened a specially craftedNSF file with a long NSF title, an attacker could create a denial ofservice or possibly execute arbitrary code as the user invoking theprogram. (CVE-2008-1878)

=========================================================== Ubuntu Security Notice USN-626-2 August 04, 2008devhelp, epiphany-browser, midbrowser, yelp updatehttps://launchpad.net/bugs/253462===========================================================A security issue affects the following Ubuntu releases:Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 8.04 LTS: devhelp 0.19-1ubuntu1.8.04.3 epiphany-gecko 2.22.2-0ubuntu0.8.04.5 midbrowser 0.3.0rc1a-1~8.04.2 yelp 2.22.1-0ubuntu2.8.04.2After a standard system upgrade you need to restart Devhelp, Epiphany,Midbrowser and Yelp to effect the necessary changes.Details follow:USN-626-1 fixed vulnerabilities in xulrunner-1.9. The changes requiredthat Devhelp, Epiphany, Midbrowser and Yelp also be updated to use thenew xulrunner-1.9.Original advisory details: A flaw was discovered in the browser engine. A variable could be made to overflow causing the browser to crash. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2785) Billy Rios discovered that Firefox and xulrunner, as used by browsers such as Epiphany, did not properly perform URI splitting with pipe symbols when passed a command-line URI. If Firefox or xulrunner were passed a malicious URL, an attacker may be able to execute local content with chrome privileges. (CVE-2008-2933)

=========================================================== Ubuntu Security Notice USN-634-1 August 01, 2008openldap2.2, openldap2.3 vulnerabilityCVE-2008-2952===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.04Ubuntu 7.10Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: slapd 2.2.26-5ubuntu2.8Ubuntu 7.04: slapd 2.3.30-2ubuntu0.3Ubuntu 7.10: slapd 2.3.35-1ubuntu0.3Ubuntu 8.04 LTS: slapd 2.4.9-0ubuntu0.8.04.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Cameron Hotchkies discovered that OpenLDAP did not correctly handlecertain ASN.1 BER data. A remote attacker could send a specially craftedpacket and crash slapd, leading to a denial of service.

=========================================================== Ubuntu Security Notice USN-633-1 August 01, 2008libxslt vulnerabilitiesCVE-2008-1767, CVE-2008-2935===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.04Ubuntu 7.10Ubuntu 8.04 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libxslt1.1 1.1.15-1ubuntu1.2Ubuntu 7.04: libxslt1.1 1.1.20-0ubuntu2.2Ubuntu 7.10: libxslt1.1 1.1.21-2ubuntu2.2Ubuntu 8.04 LTS: libxslt1.1 1.1.22-1ubuntu1.2In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:It was discovered that long transformation matches in libxslt couldoverflow. If an attacker were able to make an application linked againstlibxslt process malicious XSL style sheet input, they could executearbitrary code with user privileges or cause the application to crash,leading to a denial of serivce. (CVE-2008-1767)Chris Evans discovered that the RC4 processing code in libxslt did notcorrectly handle corrupted key information. If a remote attacker wereable to make an application linked against libxslt process maliciousXML input, they could crash the application, leading to a denial ofservice. (CVE-2008-2935)