About Ubuntu

=========================================================== Ubuntu Security Notice USN-14-1 November 1, 2004 xpdf vulnerabilities CAN-2004-0888, CAN-2004-0889 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: xpdf-reader xpdf-utils cupsys tetex-bin The problem can be corrected by upgrading the affected package(s) to version 1.1.20final+cvs20040330-4ubuntu16.2 (cupsys), version 3.00-8ubuntu1.2 (xpdf-reader, xpdf-utils), or version 2.0.2-21ubuntu0.2 (tetex-bin). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Markus Meissner discovered even more integer overflow vulnerabilities in xpdf, a viewer for PDF files. These integer overflows can eventually lead to buffer overflows. The Common UNIX Printing System (CUPS) uses the same code to print PDF files; tetex-bin uses the code to generate PDF output and process included PDF files. In any case, these vulnerabilities could be exploited by an attacker providing a specially crafted PDF file which, when processed by CUPS, xpdf, or pdflatex, could result in abnormal program termination or the execution of program code supplied by the attacker. In the case of CUPS, this bug could be exploited to gain the privileges of the CUPS print server (by default, user cupsys). In the cases of xpdf and pdflatex, this bug could be exploited to gain the privileges of the user invoking the program.

=========================================================== Ubuntu Security Notice USN-13-1 November 1, 2004 groff utility vulnerability CAN-2004-0969 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: groff The problem can be corrected by upgrading the affected package to version 1.18.1.1-1ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Recently, Trustix Secure Linux discovered a vulnerability in the groff package. The utility "groffer" created a temporary directory in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the program.

=========================================================== Ubuntu Security Notice USN-12-1 October 29, 2004 ppp Denial of Service http://www.securityfocus.com/archive/1/379450 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: ppp The problem can be corrected by upgrading the affected packages to version 2.4.2+20040428-2ubuntu6.2. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It has been discovered that ppp does not properly verify certain data structures used in the CBCP protocol. This vulnerability could allow an attacker to cause the pppd server to crash due to an invalid memory access, leading to a denial of service. However, there is no possibility of code execution or privilege escalation.

=========================================================== Ubuntu Security Notice USN-11-1 October 28, 2004 libgd2 vulnerabilities CAN-2004-0990 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: libgd2-xpm libgd2-noxpm The problem can be corrected by upgrading the affected packages to version 2.0.23-2ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Several buffer overflows have been discovered in libgd's PNG handling functions. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PHP. One possible target would be a PHP driven photo website that lets users upload images. Therefore this vulnerability might lead to privilege escalation to a web server's privileges.

=========================================================== Ubuntu Security Notice USN-10-1 October 28, 2004 XML library vulnerabilities CAN-2004-0981 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: libxml2 The problem can be corrected by upgrading the affected package to version 2.6.11-3ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Several buffer overflows have been discovered in libxml2's FTP connection and DNS resolution functions. Supplying very long FTP URLs or IP addresses might result in execution of arbitrary code with the privileges of the process using libxml2. Since libxml2 is used in packages like php4-imagick, the vulnerability also might lead to privilege escalation, like executing attacker supplied code with a web server's privileges. However, this does not affect the core XML parsing code, which is what the majority of programs use this library for.

=========================================================== Ubuntu Security Notice USN-9-1 October 27, 2004 tetex-bin vulnerabilities CAN-2004-0888 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: tetex-bin The problem can be corrected by upgrading the affected package to version 2.0.2-21ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Chris Evans and Marcus Meissner recently discovered several integer overflow vulnerabilities in xpdf, a viewer for PDF files. Because tetex-bin contains xpdf code, it is also affected. These vulnerabilities could be exploited by an attacker providing a specially crafted TeX, LaTeX, or PDF file. Processing such a file with pdflatex could result in abnormal program termination or the execution of program code supplied by the attacker. This bug could be exploited to gain the privileges of the user invoking pdflatex.

=========================================================== Ubuntu Security Notice USN-8-1 October 27, 2004 gaim vulnerabilities CAN-2004-0891 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: gaim The problem can be corrected by upgrading the affected package to version 1:1.0.0-1ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A buffer overflow and two remote crashes were recently discovered in gaim's MSN protocol handler. An attacker could potentially execute arbitrary code with the user's privileges by crafting and sending a particular MSN message.

=========================================================== Ubuntu Security Notice USN-7-1 October 27, 2004 imagemagick vulnerability CAN-2004-0981 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: libmagick6 The problem can be corrected by upgrading the affected package to version 5:6.0.2.5-1ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A buffer overflow in imagemagick's EXIF parsing routine has been discovered in imagemagick versions prior to 6.1.0. Trying to query EXIF information of a malicious image file might result in execution of arbitrary code with the user's privileges. Since imagemagick can be used in custom printing systems, this also might lead to privilege escalation (execute code with the printer spooler's privileges). However, Ubuntu's standard printing system does not use imagemagick, thus there is no risk of privilege escalation in a standard installation.

=========================================================== Ubuntu Security Notice USN-6-1 October 27, 2004 postgresql contributed script vulnerability CAN-2004-0977 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: postgresql-contrib The problem can be corrected by upgrading the affected package to version 7.4.5-3ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Recently, Trustix Secure Linux discovered a vulnerability in the postgresql-contrib package. The script "make_oidjoins_check" created temporary files in an insecure way, which allowed a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the script.

=========================================================== Ubuntu Security Notice USN-5-1 October 27, 2004 gettext vulnerabilities CAN-2004-0966 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: gettext The problem can be corrected by upgrading the affected package to version 0.14.1-2ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Recently, Trustix Secure Linux discovered some vulnerabilities in the gettext package. The programs "autopoint" and "gettextize" created temporary files in an insecure way, which allowed a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program.