Ubuntu - news, usn

USN-656-1: CUPS vulnerabilities

JamesStrandboge — Wed, 15 Oct 2008 21:51:59 +0000

Referenced CVEs:

CVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641

Description:

=========================================================== Ubuntu Security Notice USN-656-1 October 15, 2008 cupsys vulnerabilities CVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.11 Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.6 Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.8 Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that the SGI image filter in CUPS did not perform proper bounds checking. If a user or automated system were tricked into opening a crafted SGI image, an attacker could cause a denial of service. (CVE-2008-3639) It was discovered that the texttops filter in CUPS did not properly validate page metrics. If a user or automated system were tricked into opening a crafted text file, an attacker could cause a denial of service. (CVE-2008-3640) It was discovered that the HP-GL filter in CUPS did not properly check for invalid pen parameters. If a user or automated system were tricked into opening a crafted HP-GL or HP-GL/2 file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-3641) NOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the the fix for CVE-2008-1722 applied. This update includes fixes for the problem. We apologize for the inconvenience.

USN-655-1: exiv2 vulnerabilities

KeesCook — Wed, 15 Oct 2008 02:26:49 +0000

Referenced CVEs:

CVE-2007-6353, CVE-2008-2696

Description:

=========================================================== Ubuntu Security Notice USN-655-1 October 15, 2008 exiv2 vulnerabilities CVE-2007-6353, CVE-2008-2696 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: libexiv2-0.12 0.12-0ubuntu2.1 Ubuntu 7.10: libexiv2-0 0.15-1ubuntu2.1 Ubuntu 8.04 LTS: libexiv2-2 0.16-3ubuntu1.1 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges. (CVE-2007-6353) Joakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696)

USN-654-1: libexif vulnerabilities

KeesCook — Wed, 15 Oct 2008 00:32:37 +0000

Referenced CVEs:

CVE-2007-6351, CVE-2007-6352

Description:

=========================================================== Ubuntu Security Notice USN-654-1 October 14, 2008 libexif vulnerabilities CVE-2007-6351, CVE-2007-6352 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libexif12 0.6.12-2ubuntu0.3 Ubuntu 7.04: libexif12 0.6.13-5ubuntu0.3 Ubuntu 7.10: libexif12 0.6.16-1ubuntu0.1 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: Meder Kydyraliev discovered that libexif did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexif to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.

USN-653-1: D-Bus vulnerabilities

KeesCook — Tue, 14 Oct 2008 17:24:17 +0000

Referenced CVEs:

CVE-2008-0595, CVE-2008-3834

Description:

=========================================================== Ubuntu Security Notice USN-653-1 October 14, 2008 dbus vulnerabilities CVE-2008-0595, CVE-2008-3834 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libdbus-1-2 0.60-6ubuntu8.3 Ubuntu 7.04: libdbus-1-3 1.0.2-1ubuntu4.2 Ubuntu 7.10: libdbus-1-3 1.1.1-3ubuntu4.2 Ubuntu 8.04 LTS: libdbus-1-3 1.1.20-1ubuntu3.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Havoc Pennington discovered that the D-Bus daemon did not correctly validate certain security policies. If a local user sent a specially crafted D-Bus request, they could bypass security policies that had a "send_interface" defined. (CVE-2008-0595) It was discovered that the D-Bus library did not correctly validate certain corrupted signatures. If a local user sent a specially crafted D-Bus request, they could crash applications linked against the D-Bus library, leading to a denial of service. (CVE-2008-3834)

USN-652-1: LittleCMS vulnerability

KeesCook — Tue, 14 Oct 2008 17:23:32 +0000

Referenced CVEs:

CVE-2007-2741

Description:

=========================================================== Ubuntu Security Notice USN-652-1 October 14, 2008 lcms vulnerability CVE-2007-2741 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: liblcms1 1.13-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Chris Evans discovered that certain ICC operations in lcms were not correctly bounds-checked. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could crash applications linked against liblcms1, leading to a denial of service, or possibly execute arbitrary code with user privileges.

Wikimedia chooses Ubuntu for all of its servers

root — Mon, 13 Oct 2008 14:06:33 +0000

Wikimedia case study

Background

Most people with a passing acquaintance with a browser or Google search know Wikipedia, the web-based encyclopedia spanning topics from the ridiculous to the sublime. Want Britney Spear’s bio? It’s there.

Wikimedia case study

Background

USN-651-1: Ruby vulnerabilities

JamesStrandboge — Fri, 10 Oct 2008 02:25:29 +0000

Referenced CVEs:

CVE-2008-2376, CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905

Description:

=========================================================== Ubuntu Security Notice USN-651-1 October 10, 2008 ruby1.8 vulnerabilities CVE-2008-2376, CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libruby1.8 1.8.4-1ubuntu1.6 ruby1.8 1.8.4-1ubuntu1.6 Ubuntu 7.04: libruby1.8 1.8.5-4ubuntu2.3 ruby1.8 1.8.5-4ubuntu2.3 Ubuntu 7.10: libruby1.8 1.8.6.36-1ubuntu3.3 ruby1.8 1.8.6.36-1ubuntu3.3 Ubuntu 8.04 LTS: libruby1.8 1.8.6.111-2ubuntu1.2 ruby1.8 1.8.6.111-2ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2376) Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. (CVE-2008-3443) Keita Yamaguchi discovered several safe level vulnerabilities in Ruby. An attacker could use this to bypass intended access restrictions. (CVE-2008-3655) Keita Yamaguchi discovered that WEBrick in Ruby did not properly validate paths ending with ".". A remote attacker could send a crafted HTTP request and cause a denial of service. (CVE-2008-3656) Keita Yamaguchi discovered that the dl module in Ruby did not check the taintness of inputs. An attacker could exploit this vulnerability to bypass safe levels and execute dangerous functions. (CVE-2008-3657) Luka Treiber and Mitja Kolsek discovered that REXML in Ruby did not always use expansion limits when processing XML documents. If a user or automated system were tricked into open a crafted XML file, an attacker could cause a denial of service via CPU consumption. (CVE-2008-3790) Jan Lieskovsky discovered several flaws in the name resolver of Ruby. A remote attacker could exploit this to spoof DNS entries, which could lead to misdirected traffic. This is a different vulnerability from CVE-2008-1447. (CVE-2008-3905)

USN-650-1: cpio vulnerability

JamesStrandboge — Thu, 02 Oct 2008 22:19:32 +0000

Referenced CVEs:

CVE-2007-4476

Description:

=========================================================== Ubuntu Security Notice USN-650-1 October 02, 2008 cpio vulnerability CVE-2007-4476 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cpio 2.6-10ubuntu0.3 Ubuntu 7.04: cpio 2.6-17ubuntu0.7.04.1 Ubuntu 7.10: cpio 2.8-1ubuntu2.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A buffer overflow was discovered in cpio. If a user were tricked into opening a crafted cpio archive, an attacker could cause a denial of service via application crash, or possibly execute code with the privileges of the user invoking the program. (CVE-2007-4476)

USN-649-1: OpenSSH vulnerabilities

KeesCook — Wed, 01 Oct 2008 22:29:37 +0000

Referenced CVEs:

CVE-2008-1657, CVE-2008-4109

Description:

=========================================================== Ubuntu Security Notice USN-649-1 October 01, 2008 openssh vulnerabilities CVE-2008-1657, CVE-2008-4109 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: openssh-server 1:4.2p1-7ubuntu3.5 Ubuntu 7.04: openssh-server 1:4.3p2-8ubuntu1.5 Ubuntu 7.10: openssh-server 1:4.6p1-5ubuntu0.6 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that the ForceCommand directive could be bypassed. If a local user created a malicious ~/.ssh/rc file, they could execute arbitrary commands as their user id. This only affected Ubuntu 7.10. (CVE-2008-1657) USN-355-1 fixed vulnerabilities in OpenSSH. It was discovered that the fixes for this issue were incomplete. A remote attacker could attempt multiple logins, filling all available connection slots, leading to a denial of service. This only affected Ubuntu 6.06 and 7.04. (CVE-2008-4109)

USN-648-1: nasm vulnerability

KeesCook — Tue, 30 Sep 2008 20:36:00 +0000

Referenced CVEs:

CVE-2008-2719

Description:

=========================================================== Ubuntu Security Notice USN-648-1 September 30, 2008 nasm vulnerability CVE-2008-2719 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: nasm 0.99.06-2ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Philipp Thomas discovered that the ppscan function of nasm contained an off-by-one error. If a user or automated system were tricked into assembling a specially crafted ASM file, a remote attacker could execute arbitrary commands with user privileges.