Noticias de Seguridad en Ubuntu

Referenced CVEs: CVE-2008-4225, CVE-2008-4226Description:  =========================================================== Ubuntu Security Notice USN-673-1 November 19, 2008 libxml2 vulnerabilities CVE-2008-4225, CVE-2008-4226 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.4 Ubuntu 7.10: libxml2 2.6.30.dfsg-2ubuntu1.4 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.3 Ubuntu 8.10: libxml2 2.6.32.dfsg-4ubuntu1.1 After a standard system upgrade you need to restart your sessions to effect the necessary changes. Details follow: Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service. (CVE-2008-4225) Drew Yao discovered that libxml2 did not correctly handle large memory allocations. If a user or automated system were tricked into processing a very large XML document, a remote attacker could cause applications linked against libxml2 to crash, leading to a denial of service. (CVE-2008-4226)

Referenced CVEs: CVE-2008-5050Description:  =========================================================== Ubuntu Security Notice USN-672-1 November 17, 2008 clamav vulnerability CVE-2008-5050 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: libclamav5 0.94.dfsg.1-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Moritz Jodeit discovered that ClamAV did not correctly handle certain strings when examining a VBA project. If a remote attacker tricked ClamAV into processing a malicious VBA file, ClamAV would crash, leading to a denial of service.

Referenced CVEs: CVE-2008-0017 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5015 CVE-2008-5016 CVE-2008-5017 CVE-2008-5018 CVE-2008-5019 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024 Description: =========================================================== Ubuntu Security Notice USN-667-1 November 17, 2008 firefox, firefox-3.0, xulrunner-1.9 vulnerabilities CVE-2008-0017, CVE-2008-4582, CVE-2008-5012, CVE-2008-5013, CVE-2008-5014, CVE-2008-5015, CVE-2008-5016, CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021, CVE-2008-5022, CVE-2008-5023, CVE-2008-5024 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1 Ubuntu 7.10: firefox 2.0.0.18+nobinonly-0ubuntu0.7.10 Ubuntu 8.04 LTS: firefox-3.0 3.0.4+nobinonly-0ubuntu0.8.04.1 xulrunner-1.9 1.9.0.4+nobinonly-0ubuntu0.8.04.1 Ubuntu 8.10: abrowser 3.0.4+nobinonly-0ubuntu0.8.10.1 firefox-3.0 3.0.4+nobinonly-0ubuntu0.8.10.1 xulrunner-1.9 1.9.0.4+nobinonly-0ubuntu0.8.10.1 After a standard system upgrade you need to restart Firefox and any application that use xulrunner, such as Epiphany, to effect the necessary changes. Details follow: Liu Die Yu discovered an information disclosure vulnerability in Firefox when using saved .url shortcut files. If a user were tricked into downloading a crafted .url file and a crafted HTML file, an attacker could steal information from the user's cache. (CVE-2008-4582) Georgi Guninski, Michal Zalewsk and Chris Evans discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker could obtain private information from data stored in the images, or discover information about software on the user's computer. This issue only affects Firefox 2. (CVE-2008-5012) It was discovered that Firefox did not properly check if the Flash module was properly unloaded. By tricking a user into opening a crafted SWF file, an attacker could cause Firefox to crash and possibly execute arbitrary code with user privileges. This issue only affects Firefox 2. (CVE-2008-5013) Jesse Ruderman discovered that Firefox did not properly guard locks on non-native objects. If a user were tricked into opening a malicious website, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges. This issue only affects Firefox 2. (CVE-2008-5014) Luke Bryan discovered that Firefox sometimes opened file URIs with chrome privileges. If a user saved malicious code locally, then opened the file in the same tab as a privileged document, an attacker could run arbitrary JavaScript code with chrome privileges. This issue only affects Firefox 3.0. (CVE-2008-5015) Several problems were discovered in the browser, layout and JavaScript engines. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. (CVE-2008-5016, CVE-2008-5017, CVE-2008-5018) David Bloom discovered that the same-origin check in Firefox could be bypassed by utilizing the session restore feature. An attacker could exploit this to run JavaScript in the context of another site or execute arbitrary JavaScript code with chrome privileges. (CVE-2008-5019) Justin Schuh discovered a flaw in Firefox's mime-type parsing. If a user were tricked into opening a malicious website, an attacker could send a crafted header in the HTTP index response, causing a browser crash and execute arbitrary code with user privileges. (CVE-2008-0017) A flaw was discovered in Firefox's DOM constructing code. If a user were tricked into opening a malicious website, an attacker could cause the browser to crash and potentially execute arbitrary code with user privileges. (CVE-2008-5021) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker could execute JavaScript in the context of a different website. (CVE-2008-5022) Collin Jackson discovered various flaws in Firefox when processing stylesheets which allowed JavaScript to be injected into signed JAR files. If a user were tricked into opening malicious web content, an attacker could execute arbitrary code with the privileges of the signed JAR or of a different website. (CVE-2008-5023) Chris Evans discovered that Firefox did not properly parse E4X documents, leading to quote characters in the namespace not being properly escaped. (CVE-2008-5024)

Referenced CVEs: CVE-2008-2079, CVE-2008-3963, CVE-2008-4097, CVE-2008-4098Description: =========================================================== Ubuntu Security Notice USN-671-1 November 17, 2008 mysql-dfsg-5.0 vulnerabilities CVE-2008-2079, CVE-2008-3963, CVE-2008-4097, CVE-2008-4098 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: mysql-server-5.0 5.0.22-0ubuntu6.06.11 Ubuntu 7.10: mysql-server-5.0 5.0.45-1ubuntu3.4 Ubuntu 8.04 LTS: mysql-server-5.0 5.0.51a-3ubuntu5.4 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behaviour by disallowing the use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. (CVE-2008-2079, CVE-2008-4097 and CVE-2008-4098) It was discovered that MySQL did not handle empty bit-string literals properly. An attacker could exploit this problem and cause the MySQL server to crash, leading to a denial of service. (CVE-2008-3963)

Description:  =========================================================== Ubuntu Security Notice USN-670-1 November 13, 2008 vm-builder vulnerability https://bugs.launchpad.net/+bug/296841 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: passwd 1:4.0.13-7ubuntu3.3 Ubuntu 7.10: passwd 1:4.0.18.1-9ubuntu0.1 Ubuntu 8.04 LTS: passwd 1:4.0.18.2-1ubuntu2.1 Ubuntu 8.10: passwd 1:4.1.1-1ubuntu1.1 python-vm-builder 0.9-0ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Mathias Gug discovered that vm-builder improperly set the root password when creating virtual machines. An attacker could exploit this to gain root privileges to the virtual machine by using a predictable password. This vulnerability only affects virtual machines created with vm-builder under Ubuntu 8.10, and does not affect native Ubuntu installations. An update was made to the shadow package to detect vulnerable systems and disable password authentication for the root account. Vulnerable virtual machines which an attacker has access to should be considered compromised, and appropriate actions taken to secure the machine.

Referenced CVEs: CVE-2007-6389, CVE-2008-0887Description: =========================================================== Ubuntu Security Notice USN-669-1 November 11, 2008 gnome-screensaver vulnerabilities CVE-2007-6389, CVE-2008-0887 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: gnome-screensaver 2.14.3-0ubuntu1.1 Ubuntu 7.10: gnome-screensaver 2.20.0-0ubuntu4.3 After a standard system upgrade you need to restart all user sessions on your computer to effect the necessary changes. Details follow: It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. (CVE-2007-6389) Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication service. During a network interruption, or by disconnecting the network cable, a local attacker could gain access to locked sessions. (CVE-2008-0887)

Referenced CVEs: CVE-2008-4907Description:  =========================================================== Ubuntu Security Notice USN-666-1 November 07, 2008 dovecot vulnerability CVE-2008-4907 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: dovecot-imapd 1:1.1.4-0ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that certain email headers were not correctly handled by Dovecot. If a remote attacker sent a specially crafted email to a user with a mailbox managed by Dovecot, that user's mailbox would become inaccessible through Dovecot, leading to a denial of service.

Referenced CVEs: CVE-2008-4395Description:  =========================================================== Ubuntu Security Notice USN-662-2 November 06, 2008 linux-ubuntu-modules-2.6.22/24 vulnerability CVE-2008-4395 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: linux-ubuntu-modules-2.6.22-15-386 2.6.22-15.40 linux-ubuntu-modules-2.6.22-15-generic 2.6.22-15.40 linux-ubuntu-modules-2.6.22-15-rt 2.6.22-15.40 linux-ubuntu-modules-2.6.22-15-server 2.6.22-15.40 Ubuntu 8.04 LTS: linux-ubuntu-modules-2.6.24-21-386 2.6.24-21.33 linux-ubuntu-modules-2.6.24-21-generic 2.6.24-21.33 linux-ubuntu-modules-2.6.24-21-rt 2.6.24-21.33 linux-ubuntu-modules-2.6.24-21-server 2.6.24-21.33 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: USN-662-1 fixed vulnerabilities in ndiswrapper in Ubuntu 8.10. This update provides the corresponding updates for Ubuntu 8.04 and 7.10. Original advisory details: Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. For a system using ndiswrapper, a physically near-by attacker could generate specially crafted wireless network traffic and execute arbitrary code with root privileges. (CVE-2008-4395)

Referenced CVEs: CVE-2008-0554Description:  =========================================================== Ubuntu Security Notice USN-665-1 November 06, 2008 netpbm-free vulnerability CVE-2008-0554 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: netpbm 2:10.0-10ubuntu1.1 Ubuntu 7.10: netpbm 2:10.0-11ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Netpbm could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges.

Referenced CVEs: CVE-2008-0553Description:  =========================================================== Ubuntu Security Notice USN-664-1 November 06, 2008 tk8.0, tk8.3, tk8.4 vulnerability CVE-2008-0553 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: tk8.0 8.0.5-11ubuntu0.1 tk8.3 8.3.5-4ubuntu1.2 tk8.4 8.4.12-0ubuntu1.2 Ubuntu 7.10: tk8.3 8.3.5-6ubuntu3.1 tk8.4 8.4.15-1ubuntu1.1 Ubuntu 8.04 LTS: tk8.4 8.4.16-2ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that Tk could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges.

Description:  =========================================================== Ubuntu Security Notice USN-663-1 November 05, 2008 system-tools-backends regression https://launchpad.net/bugs/287134 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: system-tools-backends 2.6.0-1ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that passwords changed (or new users created) via the "Users and Groups" tool were created with 3DES hashing. This reduced the security of stored user passwords, and was a regression from the correct MD5 hashing. This update fixes the problem; future password changes will correct the hashing used. We apologize for the inconvenience.

Referenced CVEs: CVE-2008-3528, CVE-2008-4395Description:  =========================================================== Ubuntu Security Notice USN-662-1 November 05, 2008 linux vulnerability CVE-2008-3528, CVE-2008-4395 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: linux-image-2.6.27-7-generic 2.6.27-7.16 linux-image-2.6.27-7-server 2.6.27-7.16 linux-image-2.6.27-7-virtual 2.6.27-7.16 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: It was discovered that the Linux kernel could be made to hang temporarily when mounting corrupted ext2/3 filesystems. If a user were tricked into mounting a specially crafted filesystem, a remote attacker could cause system hangs, leading to a denial of service. (CVE-2008-3528) Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. For a system using ndiswrapper, a physically near-by attacker could generate specially crafted wireless network traffic and execute arbitrary code with root privileges. (CVE-2008-4395)

Referenced CVEs: CVE-2008-3863, CVE-2008-4306Description:  =========================================================== Ubuntu Security Notice USN-660-1 November 03, 2008 enscript vulnerability CVE-2008-3863, CVE-2008-4306 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: enscript 1.6.4-7ubuntu0.2 Ubuntu 7.10: enscript 1.6.4-11ubuntu0.2 Ubuntu 8.04 LTS: enscript 1.6.4-12ubuntu0.8.04.1 Ubuntu 8.10: enscript 1.6.4-12ubuntu0.8.10.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Ulf Härnhammar discovered multiple stack overflows in enscript's handling of special escape arguments. If a user or automated system were tricked into processing a malicious file with the "-e" option enabled, a remote attacker could execute arbitrary code or cause enscript to crash, possibly leading to a denial of service.

Description:  =========================================================== Ubuntu Security Notice USN-661-1 October 30, 2008 linux regression https://launchpad.net/bugs/264019 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: linux-image-2.6.27-7-generic 2.6.27-7.15 linux-image-2.6.27-7-server 2.6.27-7.15 linux-image-2.6.27-7-virtual 2.6.27-7.15 procps 1:3.2.7-9ubuntu2.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Version 2.6.27 of the Linux kernel changed the order of options in TCP headers. While this change was RFC-compliant, it was found that some old routers and consumer DSL modems would not route traffic for these systems when TCP timestamps were enabled. As a workaround, TCP timestamps were disabled via sysctl. This update restores the previous ordering of TCP options, and reenables TCP timestamps. We apologize for the inconvenience.

Referenced CVEs: CVE-2007-6716, CVE-2008-2372, CVE-2008-3276, CVE-2008-3525, CVE-2008-3526, CVE-2008-3534, CVE-2008-3535, CVE-2008-3792, CVE-2008-3831, CVE-2008-3915, CVE-2008-4113, CVE-2008-4445Description:  =========================================================== Ubuntu Security Notice USN-659-1 October 27, 2008 linux, linux-source-2.6.15/22 vulnerabilities CVE-2007-6716, CVE-2008-2372, CVE-2008-3276, CVE-2008-3525, CVE-2008-3526, CVE-2008-3534, CVE-2008-3535, CVE-2008-3792, CVE-2008-3831, CVE-2008-3915, CVE-2008-4113, CVE-2008-4445 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-52-386 2.6.15-52.73 linux-image-2.6.15-52-686 2.6.15-52.73 linux-image-2.6.15-52-amd64-generic 2.6.15-52.73 linux-image-2.6.15-52-amd64-k8 2.6.15-52.73 linux-image-2.6.15-52-amd64-server 2.6.15-52.73 linux-image-2.6.15-52-amd64-xeon 2.6.15-52.73 linux-image-2.6.15-52-hppa32 2.6.15-52.73 linux-image-2.6.15-52-hppa32-smp 2.6.15-52.73 linux-image-2.6.15-52-hppa64 2.6.15-52.73 linux-image-2.6.15-52-hppa64-smp 2.6.15-52.73 linux-image-2.6.15-52-itanium 2.6.15-52.73 linux-image-2.6.15-52-itanium-smp 2.6.15-52.73 linux-image-2.6.15-52-k7 2.6.15-52.73 linux-image-2.6.15-52-mckinley 2.6.15-52.73 linux-image-2.6.15-52-mckinley-smp 2.6.15-52.73 linux-image-2.6.15-52-powerpc 2.6.15-52.73 linux-image-2.6.15-52-powerpc-smp 2.6.15-52.73 linux-image-2.6.15-52-powerpc64-smp 2.6.15-52.73 linux-image-2.6.15-52-server 2.6.15-52.73 linux-image-2.6.15-52-server-bigiron 2.6.15-52.73 linux-image-2.6.15-52-sparc64 2.6.15-52.73 linux-image-2.6.15-52-sparc64-smp 2.6.15-52.73 Ubuntu 7.10: linux-image-2.6.22-15-386 2.6.22-15.59 linux-image-2.6.22-15-cell 2.6.22-15.59 linux-image-2.6.22-15-generic 2.6.22-15.59 linux-image-2.6.22-15-hppa32 2.6.22-15.59 linux-image-2.6.22-15-hppa64 2.6.22-15.59 linux-image-2.6.22-15-itanium 2.6.22-15.59 linux-image-2.6.22-15-lpia 2.6.22-15.59 linux-image-2.6.22-15-lpiacompat 2.6.22-15.59 linux-image-2.6.22-15-mckinley 2.6.22-15.59 linux-image-2.6.22-15-powerpc 2.6.22-15.59 linux-image-2.6.22-15-powerpc-smp 2.6.22-15.59 linux-image-2.6.22-15-powerpc64-smp 2.6.22-15.59 linux-image-2.6.22-15-rt 2.6.22-15.59 linux-image-2.6.22-15-server 2.6.22-15.59 linux-image-2.6.22-15-sparc64 2.6.22-15.59 linux-image-2.6.22-15-sparc64-smp 2.6.22-15.59 linux-image-2.6.22-15-ume 2.6.22-15.59 linux-image-2.6.22-15-virtual 2.6.22-15.59 linux-image-2.6.22-15-xen 2.6.22-15.59 Ubuntu 8.04 LTS: linux-image-2.6.24-21-386 2.6.24-21.43 linux-image-2.6.24-21-generic 2.6.24-21.43 linux-image-2.6.24-21-hppa32 2.6.24-21.43 linux-image-2.6.24-21-hppa64 2.6.24-21.43 linux-image-2.6.24-21-itanium 2.6.24-21.43 linux-image-2.6.24-21-lpia 2.6.24-21.43 linux-image-2.6.24-21-lpiacompat 2.6.24-21.43 linux-image-2.6.24-21-mckinley 2.6.24-21.43 linux-image-2.6.24-21-openvz 2.6.24-21.43 linux-image-2.6.24-21-powerpc 2.6.24-21.43 linux-image-2.6.24-21-powerpc-smp 2.6.24-21.43 linux-image-2.6.24-21-powerpc64-smp 2.6.24-21.43 linux-image-2.6.24-21-rt 2.6.24-21.43 linux-image-2.6.24-21-server 2.6.24-21.43 linux-image-2.6.24-21-sparc64 2.6.24-21.43 linux-image-2.6.24-21-sparc64-smp 2.6.24-21.43 linux-image-2.6.24-21-virtual 2.6.24-21.43 linux-image-2.6.24-21-xen 2.6.24-21.43 After a standard system upgrade you need to reboot your computer to effect the necessary changes. ATTENTION: For systems without the hardy-updates pocket enabled, the 8.04 kernel update will include an unavoidable ABI change. The kernel update has been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-386, linux-powerpc, linux-amd64-generic), a standard system upgrade will automatically perform this as well. Details follow: It was discovered that the direct-IO subsystem did not correctly validate certain structures. A local attacker could exploit this to cause a system crash, leading to a denial of service. (CVE-2007-6716) It was discovered that the disabling of the ZERO_PAGE optimization could lead to large memory consumption. A local attacker could exploit this to allocate all available memory, leading to a denial of service. (CVE-2008-2372) It was discovered that the Datagram Congestion Control Protocol (DCCP) did not correctly validate its arguments. If DCCP was in use, a remote attacker could send specially crafted network traffic and cause a system crash, leading to a denial of service. (CVE-2008-3276) It was discovered that the SBNI WAN driver did not correctly check for the NET_ADMIN capability. A malicious local root user lacking CAP_NET_ADMIN would be able to change the WAN device configuration, leading to a denial of service. (CVE-2008-3525) It was discovered that the Stream Control Transmission Protocol (SCTP) did not correctly validate the key length in the SCTP_AUTH_KEY option. If SCTP is in use, a remote attacker could send specially crafted network traffic that would crash the system, leading to a denial of service. (CVE-2008-3526) It was discovered that the tmpfs implementation did not correctly handle certain sequences of inode operations. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-3534) It was discovered that the readv/writev functions did not correctly handle certain sequences of file operations. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2008-3535) It was discovered that SCTP did not correctly validate its userspace arguments. A local attacker could call certain sctp_* functions with malicious options and cause a system crash, leading to a denial of service. (CVE-2008-3792, CVE-2008-4113, CVE-2008-4445) It was discovered the the i915 video driver did not correctly validate memory addresses. A local attacker could exploit this to remap memory that could cause a system crash, leading to a denial of service. (CVE-2008-3831) Johann Dahm and David Richter discovered that NFSv4 did not correctly handle certain file ACLs. If NFSv4 is in use, a local attacker could create a malicious ACL that could cause a system crash, leading to a denial of service. (CVE-2008-3915)

Referenced CVEs: CVE-2008-1502Description:  =========================================================== Ubuntu Security Notice USN-658-1 October 23, 2008 moodle vulnerability CVE-2008-1502 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: moodle 1.8.2-1ubuntu2.1 Ubuntu 8.04 LTS: moodle 1.8.2-1ubuntu4.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Lukasz Pilorz discovered that the HTML filtering used in Moodle was not strict enough. A remote attacker could send malicious requests to Moodle and execute arbitrary code as the web server user.

Referenced CVEs: CVE-2008-3699Description:  =========================================================== Ubuntu Security Notice USN-657-1 October 21, 2008 amarok vulnerability CVE-2008-3699 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: amarok 2:1.4.7-0ubuntu3.1 Ubuntu 8.04 LTS: amarok 2:1.4.9.1-0ubuntu3.1 After a standard system upgrade you need to restart Amarok to effect the necessary changes. Details follow: Dwayne Litzenberger discovered that Amarok created temporary files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. (CVE-2008-3699)

Referenced CVEs: CVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641Description:  =========================================================== Ubuntu Security Notice USN-656-1 October 15, 2008 cupsys vulnerabilities CVE-2008-1722, CVE-2008-3639, CVE-2008-3640, CVE-2008-3641 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.11 Ubuntu 7.04: cupsys 1.2.8-0ubuntu8.6 Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.8 Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that the SGI image filter in CUPS did not perform proper bounds checking. If a user or automated system were tricked into opening a crafted SGI image, an attacker could cause a denial of service. (CVE-2008-3639) It was discovered that the texttops filter in CUPS did not properly validate page metrics. If a user or automated system were tricked into opening a crafted text file, an attacker could cause a denial of service. (CVE-2008-3640) It was discovered that the HP-GL filter in CUPS did not properly check for invalid pen parameters. If a user or automated system were tricked into opening a crafted HP-GL or HP-GL/2 file, a remote attacker could cause a denial of service or execute arbitrary code with user privileges. In Ubuntu 7.10 and 8.04 LTS, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-3641) NOTE: The previous update for CUPS on Ubuntu 6.06 LTS did not have the the fix for CVE-2008-1722 applied. This update includes fixes for the problem. We apologize for the inconvenience.

Referenced CVEs: CVE-2007-6353, CVE-2008-2696Description:  =========================================================== Ubuntu Security Notice USN-655-1 October 15, 2008 exiv2 vulnerabilities CVE-2007-6353, CVE-2008-2696 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: libexiv2-0.12 0.12-0ubuntu2.1 Ubuntu 7.10: libexiv2-0 0.15-1ubuntu2.1 Ubuntu 8.04 LTS: libexiv2-2 0.16-3ubuntu1.1 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: Meder Kydyraliev discovered that exiv2 did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges. (CVE-2007-6353) Joakim Bildrulle discovered that exiv2 did not correctly handle Nikon lens EXIF information. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexiv2 to crash, leading to a denial of service. (CVE-2008-2696)

Referenced CVEs: CVE-2007-6351, CVE-2007-6352Description:  =========================================================== Ubuntu Security Notice USN-654-1 October 14, 2008 libexif vulnerabilities CVE-2007-6351, CVE-2007-6352 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libexif12 0.6.12-2ubuntu0.3 Ubuntu 7.04: libexif12 0.6.13-5ubuntu0.3 Ubuntu 7.10: libexif12 0.6.16-1ubuntu0.1 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: Meder Kydyraliev discovered that libexif did not correctly handle certain EXIF headers. If a user or automated system were tricked into processing a specially crafted image, a remote attacker could cause the application linked against libexif to crash, leading to a denial of service, or possibly executing arbitrary code with user privileges.