---

Advisories: March 1, 2005

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200502-33


http://security.gentoo.org/


Severity: Low
Title: MediaWiki: Multiple vulnerabilities
Date: February 28, 2005
Bugs: #80729, #82954
ID: 200502-33


Synopsis

MediaWiki is vulnerable to cross-site scripting, data
manipulation and security bypass attacks.

Background

MediaWiki is a collaborative editing software, used by big
projects like Wikipedia.

Affected packages


     Package             /  Vulnerable  /                   Unaffected

  1  www-apps/mediawiki      < 1.3.11                        >= 1.3.11

Description

A security audit of the MediaWiki project discovered that
MediaWiki is vulnerable to several cross-site scripting and
cross-site request forgery attacks, and that the image deletion
code does not sufficiently sanitize input parameters.

Impact

By tricking a user to load a carefully crafted URL, a remote
attacker could hijack sessions and authentication cookies to inject
malicious script code that will be executed in a user’s browser
session in context of the vulnerable site, or use JavaScript
submitted forms to perform restricted actions. Using the image
deletion flaw, it is also possible for authenticated administrators
to delete arbitrary files via directory traversal.

Workaround

There is no known workaround at this time.

Resolution

All MediaWiki users should upgrade to the latest available
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.3.11"

References

[ 1 ] Secunia Advisory SA14125

http://secunia.com/advisories/14125/

[ 2 ] CAN-2005-0534

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0534

[ 3 ] CAN-2005-0535

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0535

[ 4 ] CAN-2005-0536

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0536

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200502-33.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200503-01


http://security.gentoo.org/


Severity: Normal
Title: Qt: Untrusted library search path
Date: March 01, 2005
Bugs: #75181
ID: 200503-01


Synopsis

Qt may load shared libraries from an untrusted, world-writable
directory, resulting in the execution of arbitrary code.

Background

Qt is a cross-platform GUI toolkit used by KDE.

Affected packages


     Package      /  Vulnerable  /                          Unaffected

  1  x11-libs/qt     < 3.3.4-r2                            >= 3.3.4-r2

Description

Tavis Ormandy of the Gentoo Linux Security Audit Team has
discovered that Qt searches for shared libraries in an untrusted,
world-writable directory.

Impact

A local attacker could create a malicious shared object that
would be loaded by Qt, resulting in the execution of arbitrary code
with the privileges of the Qt application.

Workaround

There is no known workaround at this time.

Resolution

All Qt users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=x11-libs/qt-3.3.4-r2"

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200503-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200503-02


http://security.gentoo.org/


Severity: Normal
Title: phpBB: Multiple vulnerabilities
Date: March 01, 2005
Bugs: #82955
ID: 200503-02


Synopsis

Several vulnerabilities allow remote attackers to gain phpBB
administrator rights or expose and manipulate sensitive data.

Background

phpBB is an Open Source bulletin board package.

Affected packages


     Package         /  Vulnerable  /                       Unaffected

  1  www-apps/phpBB      < 2.0.13                            >= 2.0.13

Description

It was discovered that phpBB contains a flaw in the session
handling code and a path disclosure bug. AnthraX101 discovered that
phpBB allows local users to read arbitrary files, if the “Enable
remote avatars” and “Enable avatar uploading” options are set
(CAN-2005-0259). He also found out that incorrect input validation
in “usercp_avatar.php” and “usercp_register.php” makes phpBB
vulnerable to directory traversal attacks, if the “Gallery avatars”
setting is enabled (CAN-2005-0258).

Impact

Remote attackers can exploit the session handling flaw to gain
phpBB administrator rights. By providing a local and a remote
location for an avatar and setting the “Upload Avatar from a URL:”
field to point to the target file, a malicious local user can read
arbitrary local files. By inserting “/../” sequences into the
“avatarselect” parameter, a remote attacker can exploit the
directory traversal vulnerability to delete arbitrary files. A flaw
in the “viewtopic.php” script can be exploited to expose the full
path of PHP scripts.

Workaround

There is no known workaround at this time.

Resolution

All phpBB users should upgrade to the latest available
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/phpBB-2.0.13"

References

[ 1 ] CAN-2005-0258

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0258

[ 2 ] CAN-2005-0259

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0259

[ 3 ] phpBB announcement

http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=267563

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200503-02.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200503-03


http://security.gentoo.org/


Severity: Normal
Title: Gaim: Multiple Denial of Service issues
Date: March 01, 2005
Bugs: #83253
ID: 200503-03


Synopsis

Multiple vulnerabilities have been found in Gaim which could
allow a remote attacker to crash the application.

Background

Gaim is a full featured instant messaging client which handles a
variety of instant messaging protocols.

Affected packages


     Package      /  Vulnerable  /                          Unaffected

  1  net-im/gaim       < 1.1.4                                >= 1.1.4

Description

Specially crafted SNAC packets sent by other instant-messaging
users can cause Gaim to loop endlessly (CAN-2005-0472). Malformed
HTML code could lead to invalid memory accesses (CAN-2005-0208 and
CAN-2005-0473).

Impact

Remote attackers could exploit these issues, resulting in a
Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All Gaim users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-im/gaim-1.1.4"

References

[ 1 ] CAN-2005-0208

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0208

[ 2 ] CAN-2005-0472

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0472

[ 3 ] CAN-2005-0473

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0473

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200503-03.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200503-04


http://security.gentoo.org/


Severity: High
Title: phpWebSite: Arbitrary PHP execution and path disclosure
Date: March 01, 2005
Bugs: #83297
ID: 200503-04


Synopsis

Remote attackers can upload and execute arbitrary PHP scripts,
another flaw reveals the full path of scripts.

Background

phpWebSite provides a complete web site content management
system.

Affected packages


     Package              /   Vulnerable   /                Unaffected

  1  www-apps/phpwebsite      < 0.10.0-r2                 >= 0.10.0-r2

Description

NST discovered that, when submitting an announcement, uploaded
files aren’t correctly checked for malicious code. They also found
out that phpWebSite is vulnerable to a path disclosure.

Impact

A remote attacker can exploit this issue to upload files to a
directory within the web root. By calling the uploaded script the
attacker could then execute arbitrary PHP code with the rights of
the web server. By passing specially crafted requests to the search
module, remote attackers can also find out the full path of PHP
scripts.

Workaround

There is no known workaround at this time.

Resolution

All phpWebSite users should upgrade to the latest available
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/phpwebsite-0.10.0-r2"

References

[ 1 ] Secunia Advisory SA14399

http://secunia.com/advisories/14399/

[ 2 ] phpWebSite announcement


http://phpwebsite.appstate.edu/index.php?module=announce&ANN_id=922&ANN_user_op=view

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200503-04.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Ubuntu Linux


Ubuntu Security Notice USN-86-1 February 28, 2005
curl vulnerability
CAN-2005-0940


A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libcurl2
libcurl2-gssapi

The problem can be corrected by upgrading the affected package
to version 7.12.0.is.7.11.2-1ubuntu0.1. In general, a standard
system upgrade is sufficient to effect the necessary changes.

Details follow:

infamous41md discovered a buffer overflow in cURL’s NT LAN
Manager (NTLM) authentication handling. By sending a specially
crafted long NTLM reply packet, a remote attacker could overflow
the reply buffer. This could lead to execution of arbitrary
attacker specified code with the privileges of the application
using the cURL library.

Source archives:


http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1.diff.gz

Size/MD5: 160391 4f1c042b0f375a8d06e0403e5baa3b7e

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1.dsc

Size/MD5: 707 5ec7fa4228218f3186ad7f41ef1b56eb

http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2.orig.tar.gz

Size/MD5: 1435629 25e6617ea7dec34d072426942b77801f

amd64 architecture (Athlon64, Opteron, EM64T Xeon)


http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb

Size/MD5: 108602 17f9e77e1a091f5e22024396ab19be5f

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dbg_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb

Size/MD5: 1043660 1163357a2e57d670326df84ccbe01108

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dev_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb

Size/MD5: 568022 b91d5f9a6b39b84962840f8f0a552f91

http://security.ubuntu.com/ubuntu/pool/universe/c/curl/libcurl2-gssapi_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb

Size/MD5: 111892 283edaf68d6a725710ed966a09729fb1

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2_7.12.0.is.7.11.2-1ubuntu0.1_amd64.deb

Size/MD5: 224598 d5549b89c19484e8b4488a46e4b5b727

i386 architecture (x86 compatible Intel/AMD)


http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb

Size/MD5: 107762 dbb0f3404f4955d89e39134c309ba68d

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dbg_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb

Size/MD5: 1028978 6fb4edd748b6b2e92db5cc935fb063cb

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dev_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb

Size/MD5: 556594 31b0848d7a44250a2f3536ead3462a0f

http://security.ubuntu.com/ubuntu/pool/universe/c/curl/libcurl2-gssapi_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb

Size/MD5: 109912 0b5b91da5ca5fc37b1d1e5f04c51962e

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2_7.12.0.is.7.11.2-1ubuntu0.1_i386.deb

Size/MD5: 222848 77aa777db65b32788cea78fdd1d9ef4d

powerpc architecture (Apple Macintosh G3/G4/G5)


http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb

Size/MD5: 110090 ae4f871f3f6126b1ecf787affe26640c

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dbg_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb

Size/MD5: 1052794 4bf356eeaaf1f6af0723cc0c63a4ed57

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2-dev_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb

Size/MD5: 573412 501500cf49764c55476e339e9347cd9a

http://security.ubuntu.com/ubuntu/pool/universe/c/curl/libcurl2-gssapi_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb

Size/MD5: 116296 9f6d567b715c1ee08afecc02c8909783

http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl2_7.12.0.is.7.11.2-1ubuntu0.1_powerpc.deb

Size/MD5: 229450 1c45a89cb1c4852d1260aa21bcc1f6c0


Ubuntu Security Notice USN-87-1 February 28, 2005
cyrus21-imapd vulnerability
CAN-2005-0546


A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

cyrus21-imapd

The problem can be corrected by upgrading the affected package
to version 2.1.16-6ubuntu0.3. In general, a standard system upgrade
is sufficient to effect the necessary changes.

Details follow:

Sean Larsson discovered a buffer overflow in the IMAP “annotate”
extension. This possibly allowed an authenticated IMAP client to
execute arbitrary code with the privileges of the Cyrus IMAP
server.

Source archives:


http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3.diff.gz

Size/MD5: 236064 389812cf102f362acbdd8427d42a3fcc

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3.dsc

Size/MD5: 1040 7b56583400526281be8452c3c9ce24df

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16.orig.tar.gz

Size/MD5: 1687454 8f4ff803a910d0f4e4cfab3b13a6080d

Architecture independent packages:


http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-admin_2.1.16-6ubuntu0.3_all.deb

Size/MD5: 87974 ea896023fb72b192e5b84d97e1c9f612

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-doc_2.1.16-6ubuntu0.3_all.deb

Size/MD5: 206610 6c655f7135379dc53f7a12f648717af3

amd64 architecture (Athlon64, Opteron, EM64T Xeon)


http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-clients_2.1.16-6ubuntu0.3_amd64.deb

Size/MD5: 107060 35173577eee7aa4e58d081ae17423949

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-common_2.1.16-6ubuntu0.3_amd64.deb

Size/MD5: 2071564 a6704031b0a84ab7f7561a2133f91cb4

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-dev_2.1.16-6ubuntu0.3_amd64.deb

Size/MD5: 267960 c406a6936d0442da7ac366601a5bd396

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3_amd64.deb

Size/MD5: 591192 182d1004c78315bf4487021723151a28

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-murder_2.1.16-6ubuntu0.3_amd64.deb

Size/MD5: 526746 3c68af3b07ec57a0ae52b87064c8df63

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-pop3d_2.1.16-6ubuntu0.3_amd64.deb

Size/MD5: 93078 970dc32aeb86f6cdf9f0d385269122ae

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/libcyrus-imap-perl21_2.1.16-6ubuntu0.3_amd64.deb

Size/MD5: 137768 2642bf39e391884bcde4712eb9191b94

i386 architecture (x86 compatible Intel/AMD)


http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-clients_2.1.16-6ubuntu0.3_i386.deb

Size/MD5: 104238 c9a63b935d093726a3f2a816c3982d1f

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-common_2.1.16-6ubuntu0.3_i386.deb

Size/MD5: 1949418 6fcee0507a1bfa3291fbf617da7ac626

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-dev_2.1.16-6ubuntu0.3_i386.deb

Size/MD5: 261406 70d285879999adaf211ccaa36dbb7ab2

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3_i386.deb

Size/MD5: 561746 aec4f8aebecd6ce20f84456926a2dbe6

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-murder_2.1.16-6ubuntu0.3_i386.deb

Size/MD5: 493322 35ad3b8ad6f3a8d010187758a72aab54

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-pop3d_2.1.16-6ubuntu0.3_i386.deb

Size/MD5: 85204 8bb2c9dc9ab196ccd42a67ee5049ae60

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/libcyrus-imap-perl21_2.1.16-6ubuntu0.3_i386.deb

Size/MD5: 133844 15277d0438a3966ff1f091cc2f89f6f2

powerpc architecture (Apple Macintosh G3/G4/G5)


http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-clients_2.1.16-6ubuntu0.3_powerpc.deb

Size/MD5: 106852 d464f8d95c19f2b6e2ab799756ce7253

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-common_2.1.16-6ubuntu0.3_powerpc.deb

Size/MD5: 2083580 9605c7608e077530ceb7ad39e3aa6e1b

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-dev_2.1.16-6ubuntu0.3_powerpc.deb

Size/MD5: 265422 0b3be1bfb756b3f6a81ce253c5564ffa

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-imapd_2.1.16-6ubuntu0.3_powerpc.deb

Size/MD5: 593502 82b7ea2f28f9aec84334a13c9fdfd742

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-murder_2.1.16-6ubuntu0.3_powerpc.deb

Size/MD5: 527656 cf5477019633341b42047261b18f01f2

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/cyrus21-pop3d_2.1.16-6ubuntu0.3_powerpc.deb

Size/MD5: 93268 3589f4386b12fc4c6cec1676713a556a

http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/libcyrus-imap-perl21_2.1.16-6ubuntu0.3_powerpc.deb

Size/MD5: 135818 5a148e9feaa9c0d45cb16e333e32c8aa


Ubuntu Security Notice USN-88-1 February 28, 2005
reportbug information disclosure
https://bugzilla.ubuntulinux.org/6600

https://bugzilla.ubuntulinux.org/6717


A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

reportbug

The problem can be corrected by upgrading the affected package
to version 2.62ubuntu1.1. In general, a standard system upgrade is
sufficient to effect the necessary changes. However, if your users
already have ~/.reportbugrc files with SMTP passwords, you need to
manually change their permissions with

chmod 600 .reportbugrc

Details follow:

Rolf Leggewie discovered two information disclosure bugs in
reportbug.

The per-user configuration file ~/.reportbugrc was created
world-readable. If it contained email smarthost passwords, these
were readable by any other user on the computer storing the home
directory.

reportbug usually includes the settings from ~/.reportbugrc in
generated bug reports. This included the “smtppasswd” setting (the
password for an SMTP email smarthost) as well. The password is now
hidden from reports.

Source archives:


http://security.ubuntu.com/ubuntu/pool/main/r/reportbug/reportbug_2.62ubuntu1.1.dsc

Size/MD5: 540 19dab43ca7c942311e87ad5e48e32a39

http://security.ubuntu.com/ubuntu/pool/main/r/reportbug/reportbug_2.62ubuntu1.1.tar.gz

Size/MD5: 115256 9b3fbec6a6974274068afb08835f0fdc

Architecture independent packages:


http://security.ubuntu.com/ubuntu/pool/main/r/reportbug/reportbug_2.62ubuntu1.1_all.deb

Size/MD5: 104630 f051c98020dffd1e8ae3253ab72e88ce


Ubuntu Security Notice USN-89-1 February 28, 2005
libxml vulnerabilities
CAN-2004-0989


A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libxml1

The problem can be corrected by upgrading the affected package
to version 1:1.8.17-8ubuntu0.1. In general, a standard system
upgrade is sufficient to effect the necessary changes.

Details follow:

Several buffer overflows have been discovered in libxml’s FTP
connection and DNS resolution functions. Supplying very long FTP
URLs or IP addresses might result in execution of arbitrary code
with the privileges of the process using libxml.

This does not affect the core XML parsing code, which is what
the majority of programs use this library for.

Note: The same vulnerability was already fixed for libxml2 in
USN-10-1.

Source archives:


http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml_1.8.17-8ubuntu0.1.diff.gz

Size/MD5: 361144 49c17811be2abc30c48984e0f46454fb

http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml_1.8.17-8ubuntu0.1.dsc

Size/MD5: 756 5d9e3b59a2d624d52af231926a84fb1d

http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml_1.8.17.orig.tar.gz

Size/MD5: 1016403 b8f01e43e1e03dec37dfd6b4507a9568

amd64 architecture (Athlon64, Opteron, EM64T Xeon)


http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml-dev_1.8.17-8ubuntu0.1_amd64.deb

Size/MD5: 385860 672acd61cde9389539ea2e8d68a1d2db

http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml1_1.8.17-8ubuntu0.1_amd64.deb

Size/MD5: 225922 e1f0cdc93c32b6bd256070dc45d5e2a7

i386 architecture (x86 compatible Intel/AMD)


http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml-dev_1.8.17-8ubuntu0.1_i386.deb

Size/MD5: 361434 41037748a8cb40a6bd26b0d0d5ee3387

http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml1_1.8.17-8ubuntu0.1_i386.deb

Size/MD5: 212158 7f149fcc590aa2162810fdae5a47cd29

powerpc architecture (Apple Macintosh G3/G4/G5)


http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml-dev_1.8.17-8ubuntu0.1_powerpc.deb

Size/MD5: 392636 b445671f31603b7e12b8c47fd7ea6697

http://security.ubuntu.com/ubuntu/pool/main/libx/libxml/libxml1_1.8.17-8ubuntu0.1_powerpc.deb

Size/MD5: 220004 e3cd12326fae6972a44ac59a8af97697

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis