Articles / Ubuntu

All articles tagged with Ubuntu

January 12, 2011 09:53 Ubuntu: New CUPS packages fix security vulnerability

0

Under certain circumstances, CUPS could start before its AppArmor profile was loaded and therefore run unconfined. This update ensures the AppArmor profile is loaded before CUPS starts. Updated packages are available from security.ubuntu.com.

January 12, 2011 09:52 Ubuntu: New dpkg packages fix security vulnerability

0

Jakub Wilk and Raphaël Hertzog discovered that dpkg-source did not correctly handle certain paths and symlinks when unpacking source-format version 3.0 packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system. Updated packages are available from security.ubuntu.com.

January 12, 2011 09:49 Ubuntu: New Evince packages fix security vulnerability

0

Jon Larimer discovered that Evince’s font parsers incorrectly handled certain buffer lengths when rendering a DVI file. By tricking a user into opening or previewing a DVI file that uses a specially crafted font file, an attacker could crash evince or execute arbitrary code with the user’s privileges. Updated packages are available from security.ubuntu.com.

December 22, 2010 04:55 Ubuntu: New Eucalyptus packages fix security vulnerability

0

It was discovered that Eucalyptus did not verify password resets from the Admin UI correctly. An unauthenticated remote attacker could issue password reset requests to gain admin privileges in the Eucalyptus environment. Updated packages are available from security.ubuntu.com.

December 15, 2010 17:30 Ubuntu: New Exim packages fix security vulnerability

0

Sergey Kononenko and Eugene Bujak discovered that Exim did not correctly truncate string expansions. A remote attacker could send specially crafted email traffic to run arbitrary code as the Exim user, which could also lead to root privileges. Updated packages are available from security.ubuntu.com.

December 15, 2010 17:26 Ubuntu: New ClamAV packages fix security vulnerability

0

Arkadiusz Miskiewicz and others discovered that the PDF processing code in libclamav improperly validated input. This could allow a remote attacker to craft a PDF document that could crash clamav or possibly execute arbitrary code. It was discovered that an off-by-one error in the icon_cb function in pe_icons.c in libclamav could allow an attacker to corrupt memory, causing clamav to crash or possibly execute arbitrary code. Updated packages are available from security.ubuntu.com.

December 15, 2010 17:22 Ubuntu: New Firefox packages fix security vulnerability

0

Several memory issues in the browser engine were discovered. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. It was discovered that Firefox did not properly verify the about:blank location elements when it was opened via window.open(). An attacker could exploit this to run arbitrary code with chrome privileges. It was discovered that Firefox did not properly handle <div> elements when processing a XUL tree. If a user were tricked into opening a malicious web page, an attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Marc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues. Gregory Fleischer discovered that the Java LiveConnect script could be made to run in the wrong security context. An attacker could exploit this to read local files and run arbitrary code as the user invoking the program. Several problems were discovered in the JavaScript engine. If a user were tricked into opening a malicious web page, an attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Michal Zalewski discovered that Firefox did not always properly handle displaying pages from network or certificate errors. An attacker could exploit this to spoof the location bar, such as in a phishing attack. Yosuke Hasegawa and Masatoshi Kimura discovered that several character encodings would have some characters converted to angle brackets. An attacker could utilize this to perform cross-site scripting attacks. Updated packages are available from security.ubuntu.com.

December 15, 2010 17:20 Ubuntu: New Thunderbird packages fix security vulnerability

0

Several memory issues in the browser engine were discovered. An attacker could exploit these to crash THunderbird or possibly run arbitrary code as the user invoking the program. Marc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues. Updated packages are available from security.ubuntu.com.

December 15, 2010 17:18 Ubuntu: New Kerberos packages fix security vulnerability

0

It was discovered that Kerberos did not properly determine the acceptability of certain checksums. A remote attacker could use certain checksums to alter the prompt message, modify a response to a Key Distribution Center (KDC) or forge a KRB-SAFE message. It was discovered that Kerberos did not properly determine the acceptability of certain checksums. A remote attacker could use certain checksums to forge GSS tokens or gain privileges. It was discovered that Kerberos did not reject RC4 key-derivation checksums. An authenticated remote user could use this issue to forge AD-SIGNEDPATH or AD-KDC-ISSUED signatures and possibly gain privileges. It was discovered that Kerberos did not properly restrict the use of TGT credentials for armoring TGS requests. A remote authenticated user could use this flaw to impersonate a client. Updated packages are available from security.ubuntu.com.

December 08, 2010 08:21 Ubuntu: New OpenSSL packages fix security vulnerability

0

It was discovered that an old bug workaround in the SSL/TLS server code allowed an attacker to modify the stored session cache ciphersuite. This could possibly allow an attacker to downgrade the ciphersuite to a weaker one on subsequent connections. It was discovered that an old bug workaround in the SSL/TLS server code allowed allowed an attacker to modify the stored session cache ciphersuite. An attacker could possibly take advantage of this to force the use of a disabled cipher. Updated packages are available from security.ubuntu.com.

December 08, 2010 08:20 Ubuntu: New ImageMagick packages fix security vulnerability

0

It was discovered that ImageMagick would search for configuration files in the current directory. If a user were tricked into opening or processing an image in an arbitrary directory, a local attacker could execute arbitrary code with the user’s privileges. Updated packages are available from security.ubuntu.com.

December 08, 2010 08:18 Ubuntu: New Python Paste packages fix security vulnerability

0

It was discovered that Python Paste did not properly sanitize certain strings, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. Updated packages are available from security.ubuntu.com.

December 08, 2010 08:17 Ubuntu: New Quagga packages fix security vulnerability

0

It was discovered that Quagga incorrectly handled certain Outbound Route Filtering (ORF) records. A remote authenticated attacker could use this flaw to cause a denial of service or potentially execute arbitrary code. It was discovered that Quagga incorrectly parsed certain AS paths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. Updated packages are available from security.ubuntu.com.

December 08, 2010 08:12 Ubuntu: New Bind packages fix security vulnerability

0

It was discovered that Bind would incorrectly allow a ncache entry and a rrsig for the same type. A remote attacker could exploit this to cause Bind to crash, resulting in a denial of service. It was discovered that Bind would incorrectly mark zone data as insecure when the zone is undergoing a key algorithm rollover. Updated packages are available from security.ubuntu.com.

December 01, 2010 07:33 Ubuntu: New OpenJDK packages fix security vulnerability

0

It was discovered that certain system property information was being leaked, which could allow an attacker to obtain sensitive information. Updated packages are available from security.ubuntu.com.

December 01, 2010 07:32 Ubuntu: New Linux Kernel packages fix security vulnerability

0

Nelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. Updated packages are available from security.ubuntu.com.

December 01, 2010 07:26 Ubuntu: New Apache packages fix security vulnerability

0

It was discovered that Apache’s mod_cache and mod_dav modules incorrectly handled requests that lacked a path. A remote attacker could exploit this with a crafted request and cause a denial of service. It was discovered that Apache did not properly handle memory when destroying APR buckets. A remote attacker could exploit this with crafted requests and cause a denial of service via memory exhaustion. Updated packages are available from security.ubuntu.com.

December 01, 2010 07:24 Ubuntu: New APR-Util packages fix security vulnerability

0

It was discovered that APR-util did not properly handle memory when destroying APR buckets. An attacker could exploit this and cause a denial of service via memory exhaustion. Updated packages are available from security.ubuntu.com.

November 24, 2010 08:40 Ubuntu: New OpenSSL packages fix security vulnerability

0

Rob Hulswit discovered a race condition in the OpenSSL TLS server extension parsing code when used within a threaded server. A remote attacker could trigger this flaw to cause a denial of service or possibly execute arbitrary code with application privileges. Updated packages are available from security.ubuntu.com.

November 17, 2010 08:35 Ubuntu: New MySQL packages fix security vulnerability

0

A variety of security vulnerabilities were discovered in MySQL, a popular relational database server. Updated packages are available from security.ubuntu.com.

November 17, 2010 08:28 Ubuntu: New libxml2 packages fix security vulnerability

0

Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program. Updated packages are available from security.ubuntu.com.

November 17, 2010 08:26 Ubuntu: New libvpx packages fix security vulnerability

0

Christoph Diehl discovered that libvpx did not properly perform bounds checking. If an application using libvpx opened a specially crafted WebM file, an attacker could cause a denial of service or possibly execute code as the user invoking the program. Updated packages are available from security.ubuntu.com.

November 10, 2010 05:33 Ubuntu: New CUPS packages fix security vulnerability

0

Emmanuel Bouillon discovered that CUPS did not properly handle certain Internet Printing Protocol (IPP) packets. A remote attacker could use this flaw to cause a denial of service or possibly execute arbitrary code. Updated packages are available from security.ubuntu.com.

November 10, 2010 05:31 Ubuntu: New FreeType packages fix security vulnerability

0

It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. Updated packages are available from security.ubuntu.com.

November 10, 2010 05:29 Ubuntu: New Pidgin packages fix security vulnerability

0

Pierre Noguès discovered that Pidgin incorrectly handled malformed SLP messages in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. Daniel Atallah discovered that Pidgin incorrectly handled the return code of the Base64 decoding function. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. Updated packages are available from security.ubuntu.com.

November 03, 2010 09:42 Ubuntu: New OpenJDK packages fix security vulnerability

0

Among other issues, it was discovered that the HttpURLConnection class did not validate request headers set by java applets. It was discovered that JNDI could leak information that would allow an attacker to to access information about otherwise-protected internal network names. It was discovered that HttpURLConnection improperly handled the “chunked” transfer encoding method, which could allow attackers to conduct HTTP response splitting attacks. It was discovered that the NetworkInterface class improperly checked the network “connect” permissions for local network addresses. It was discovered that UIDefault.ProxyLazyValue had unsafe reflection usage, allowing an attacker to create objects. It was discovered that multiple flaws in the CORBA reflection implementation could allow an attacker to execute arbitrary code by misusing permissions granted to certain system objects. Updated packages are available from security.ubuntu.com.

November 03, 2010 09:36 Ubuntu: New Firefox packages fix security vulnerability

0

Morten Krakvik discovered a heap-based buffer overflow in Firefox. If a user were tricked into navigating to a malicious site, an attacker could cause a denial of service or possibly execute arbitrary code as the user invoking the program. Updated packages are available from security.ubuntu.com.

October 27, 2010 04:26 Ubuntu: New GNU C Library packages fix security vulnerabi...

0

Tavis Ormandy discovered multiple flaws in the GNU C Library’s handling of the LD_AUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges. Updated packages are available from security.ubuntu.com.

October 27, 2010 04:23 Ubuntu: New libvirt packages fix security vulnerability

0

It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. It was discovered that libvirt would create new VMs without setting a backing store format. A privileged attacker in the guest could exploit this to read arbitrary files on the host. Jeremy Nickurak discovered that libvirt created iptables rules with too lenient mappings of source ports. A privileged attacker in the guest could bypass intended restrictions to access privileged resources on the host. Updated packages are available from security.ubuntu.com.

October 27, 2010 04:22 Ubuntu: New Thunderbird packages fix security vulnerability

0

Various flaws were discovered in the browser engine. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Alexander Miller, Sergey Glazunov, and others discovered several flaws in the JavaScript engine. If JavaScript were enabled, an attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Eduardo Vela Nava discovered that Thunderbird could be made to violate the same-origin policy by using modal calls with JavaScript. If JavaScript were enabled, an attacker could exploit this to steal information from another site. Dmitri GribenkoDmitri Gribenko discovered that Thunderbird did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program. Updated packages are available from security.ubuntu.com.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.