:Advisories, November 30, 2006
Advisories, November 30, 2006 0 Talkback[s]
Debian GNU/Linux
Debian Security Advisory DSA 1221-1 security@debian.org http://www.debian.org/security/ Martin Schulzehttp://www.debian.org/security/faq
Package : libgsf
"infamous41md" discovered a heap buffer overflow vulnerability in
libgsf, a GNOME library for reading and writing structured file
formats, which could lead to the execution of arbitrary code.
For the stable distribution (sarge) this problem has been fixed in
version 1.11.1-1sarge1
For the unstable distribution (sid) this problem has been fixed in
version 1.14.2-1
We recommend that you upgrade your libgsf packages.
Upgrade Instructions
wget url
will fetch the file for you
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf_1.11.1-1sarge1.dsc http://security.debian.org/pool/updates/main/libg/libgsf/libgsf_1.11.1-1sarge1.diff.gz http://security.debian.org/pool/updates/main/libg/libgsf/libgsf_1.11.1.orig.tar.gz
Alpha architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_alpha.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_alpha.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_alpha.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_alpha.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_alpha.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_alpha.deb
AMD64 architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_amd64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_amd64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_amd64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_amd64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_amd64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_amd64.deb
ARM architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_arm.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_arm.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_arm.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_arm.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_arm.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_arm.deb
HP Precision architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_hppa.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_hppa.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_hppa.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_hppa.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_hppa.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_hppa.deb
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_i386.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_i386.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_i386.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_i386.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_i386.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_i386.deb
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_ia64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_ia64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_ia64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_ia64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_ia64.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_ia64.deb
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_m68k.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_m68k.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_m68k.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_m68k.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_m68k.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_m68k.deb
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_mips.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_mips.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_mips.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_mips.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_mips.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_mips.deb
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_mipsel.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_mipsel.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_mipsel.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_mipsel.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_mipsel.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_mipsel.deb
PowerPC architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_powerpc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_powerpc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_powerpc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_powerpc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_powerpc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_powerpc.deb
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_s390.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_s390.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_s390.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_s390.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_s390.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_s390.deb
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1_1.11.1-1sarge1_sparc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dbg_1.11.1-1sarge1_sparc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-1-dev_1.11.1-1sarge1_sparc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1_1.11.1-1sarge1_sparc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dbg_1.11.1-1sarge1_sparc.deb http://security.debian.org/pool/updates/main/libg/libgsf/libgsf-gnome-1-dev_1.11.1-1sarge1_sparc.deb
These files will probably be moved into the stable distribution on
its next update.
Debian Security Advisory DSA 1222-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoffhttp://www.debian.org/security/faq
Package : proftpd
Several remote vulnerabilities have been discovered in the proftpd FTP
daemon, which may lead to the execution of arbitrary code or denial
of service. The Common Vulnerabilities and Exposures project identifies
the following problems:
CVE-2006-5815
It was discovered that a buffer overflow in the sreplace() function
may lead to denial of service and possibly the execution of arbitrary
code.
CVE-2006-6170
It was discovered that a buffer overflow in the mod_tls addon module
may lead to the execution of arbitrary code.
CVE-2006-6171
It was discovered that insufficient validation of FTP command buffer
size limits may lead to denial of service. Due to unclear information
this issue was already fixed in DSA-1218 as CVE-2006-5815.
For the stable distribution (sarge) these problem has been fixed in version
1.2.10-15sarge3.
For the unstable distribution (sid) this problem has been fixed in
version 1.3.0-16 of the proftpd-dfsg package.
We recommend that you upgrade your proftpd package.
Upgrade Instructions
wget url
will fetch the file for you
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3.dsc http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3.diff.gz http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10.orig.tar.gz
Architecture independent components:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-doc_1.2.10-15sarge3_all.deb
Alpha architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_alpha.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_alpha.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_alpha.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_alpha.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_alpha.deb
ARM architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_arm.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_arm.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_arm.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_arm.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_arm.deb
HP Precision architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_hppa.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_hppa.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_hppa.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_hppa.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_hppa.deb
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_i386.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_i386.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_i386.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_i386.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_i386.deb
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_ia64.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_ia64.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_ia64.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_ia64.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_ia64.deb
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_m68k.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_m68k.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_m68k.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_m68k.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_m68k.deb
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_mips.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_mips.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_mips.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_mips.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_mips.deb
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_mipsel.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_mipsel.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_mipsel.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_mipsel.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_mipsel.deb
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_powerpc.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_powerpc.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_powerpc.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_powerpc.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_powerpc.deb
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_s390.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_s390.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_s390.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_s390.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_s390.deb
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge3_sparc.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge3_sparc.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge3_sparc.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge3_sparc.deb http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge3_sparc.deb
These files will probably be moved into the stable distribution on
its next update.
http://security.debian.org/ stable/updates mainftp://security.debian.org/debian-security dists/stable/updates/maindebian-security-announce@lists.debian.org http://packages.debian.org/<pkg>
Gentoo Linux
http://security.gentoo.org/
Severity: High
ProFTPD is affected by mutiple vulnerabilities allowing for the remote
execution of arbitrary code.
ProFTPD is a highly-configurable FTP server.
Evgeny Legerov discovered a stack-based buffer overflow in the
s_replace() function in support.c, as well as a buffer overflow in in
the mod_tls module. Additionally, an off-by-two error related to the
CommandBufferSize configuration directive was reported.
An authenticated attacker could exploit the s_replace() vulnerability
by uploading a crafted .message file or sending specially crafted
commands to the server, possibly resulting in the execution of
arbitrary code with the rights of the user running ProFTPD. An
unauthenticated attacker could send specially crafted data to the
server with mod_tls enabled which could result in the execution of
arbitrary code with the rights of the user running ProFTPD. Finally,
the off-by-two error related to the CommandBufferSize configuration
directive was fixed - exploitability of this error is disputed. Note
that the default configuration on Gentoo is to run ProFTPD as an
unprivileged user, and has mod_tls disabled.
There is no known workaround at this time.
All ProFTPD users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-ftp/proftpd-1.3.0a"
[ 1 ] CVE-2006-5815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815
[ 2 ] CVE-2006-6170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6170
[ 3 ] CVE-2006-6171 (disputed)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200611-26.xml
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org .
Copyright 2006 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Mandriva Linux
Mandriva Linux Security Advisory MDKSA-2006:217-1http://www.mandriva.com/security/
Package : proftpd
Problem Description:
A stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0
and earlier, allows remote attackers to cause a denial of service, as
demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."
(CVE-2006-5815)
Buffer overflow in the tls_x509name oneline function in the mod_tls
module, as used in ProFTPD 1.3.0a and earlier, and possibly other
products, allows remote attackers to execute arbitrary code via a large
data length argument, a different vulnerability than CVE-2006-5815.
(CVE-2006-6170)
ProFTPD 1.3.0a and earlier does not properly set the buffer size limit
when CommandBufferSize is specified in the configuration file, which
leads to an off-by-two buffer underflow. NOTE: in November 2006, the
role of CommandBufferSize was originally associated with CVE-2006-5815,
but this was an error stemming from an initial vague disclosure. NOTE:
ProFTPD developers dispute this issue, saying that the relevant memory
location is overwritten by assignment before further use within the
affected function, so this is not a vulnerability. (CVE-2006-6171)
Packages have been patched to correct these issues.
Update:
The previous update incorrectly linked the vd_proftd.pm issue with the
CommandBufferSize issue. These are two distinct issues and the previous
update only addressed CommandBufferSize (CVE-2006-6171), and the
mod_tls issue (CVE-2006-6170).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171
Updated Packages:
Mandriva Linux 2006.0:
Mandriva Linux 2006.0/X86_64:
Mandriva Linux 2007.0:
Mandriva Linux 2007.0/X86_64:
Corporate 3.0:
Corporate 3.0/X86_64:
Corporate 4.0:
Corporate 4.0/X86_64:
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
Ubuntu
http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.10:
Ubuntu 6.06 LTS:
Ubuntu 6.10:
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
A buffer overflow was discovered in GnuPG. By tricking a user into
running gpg interactively on a specially crafted message, an attacker
could execute arbitrary code with the user's privileges. This
vulnerability is not exposed when running gpg in batch mode.
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.5.diff.gz http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.5.dsc http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1.orig.tar.gz
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.5_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.1-1ubuntu1.5_amd64.udeb
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.5_i386.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.1-1ubuntu1.5_i386.udeb
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.5_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.1-1ubuntu1.5_powerpc.udeb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.1-1ubuntu1.5_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.1-1ubuntu1.5_sparc.udeb
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.3.diff.gz http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.3.dsc http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2.orig.tar.gz
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.3_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.2.2-1ubuntu2.3_amd64.udeb
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.3_i386.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.2.2-1ubuntu2.3_i386.udeb
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.3_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.2.2-1ubuntu2.3_powerpc.udeb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.2.2-1ubuntu2.3_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.2.2-1ubuntu2.3_sparc.udeb
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.3-2ubuntu3.1.diff.gz http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.3-2ubuntu3.1.dsc http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.3.orig.tar.gz
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg/gnupg-udeb_1.4.3-2ubuntu3.1_amd64.udeb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.3-2ubuntu3.1_amd64.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.3-2ubuntu3.1_amd64.udeb
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg/gnupg-udeb_1.4.3-2ubuntu3.1_i386.udeb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.3-2ubuntu3.1_i386.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.3-2ubuntu3.1_i386.udeb
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg/gnupg-udeb_1.4.3-2ubuntu3.1_powerpc.udeb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.3-2ubuntu3.1_powerpc.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.3-2ubuntu3.1_powerpc.udeb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg/gnupg-udeb_1.4.3-2ubuntu3.1_sparc.udeb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gnupg_1.4.3-2ubuntu3.1_sparc.deb http://security.ubuntu.com/ubuntu/pool/main/g/gnupg/gpgv-udeb_1.4.3-2ubuntu3.1_sparc.udeb
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.10:
Ubuntu 6.06 LTS:
Ubuntu 6.10:
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
A buffer overflow was discovered in the PostScript processor included in
evince. By tricking a user into opening a specially crafted PS file, an
attacker could crash evince or execute arbitrary code with the user's
privileges.
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.4.0-0ubuntu4.2.diff.gz http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.4.0-0ubuntu4.2.dsc http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.4.0.orig.tar.gz
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.4.0-0ubuntu4.2_amd64.deb
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.4.0-0ubuntu4.2_i386.deb
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.4.0-0ubuntu4.2_powerpc.deb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.4.0-0ubuntu4.2_sparc.deb
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.5.2-0ubuntu3.1.diff.gz http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.5.2-0ubuntu3.1.dsc http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.5.2.orig.tar.gz
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.5.2-0ubuntu3.1_amd64.deb
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.5.2-0ubuntu3.1_i386.deb
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.5.2-0ubuntu3.1_powerpc.deb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.5.2-0ubuntu3.1_sparc.deb
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.6.1-0ubuntu1.1.diff.gz http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.6.1-0ubuntu1.1.dsc http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.6.1.orig.tar.gz
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.6.1-0ubuntu1.1_amd64.deb
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.6.1-0ubuntu1.1_i386.deb
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.6.1-0ubuntu1.1_powerpc.deb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/e/evince/evince_0.6.1-0ubuntu1.1_sparc.deb
