Security announcements
USN-795-1: Nagios vulnerability
Submitted by MarcDeslauriers on Thu, 2009-07-02 18:31Referenced CVEs:
CVE-2009-2288
Description:
===========================================================
Ubuntu Security Notice USN-795-1 July 02, 2009
nagios2, nagios3 vulnerability
CVE-2009-2288
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
nagios2 2.11-1ubuntu1.5
Ubuntu 8.10:
nagios3 3.0.2-1ubuntu1.2
Ubuntu 9.04:
nagios3 3.0.6-2ubuntu1.1
After a standard system upgrade you need to restart Nagios to effect
the necessary changes.
Details follow:
It was discovered that Nagios did not properly parse certain commands
submitted using the WAP web interface. An authenticated user could exploit
this flaw and execute arbitrary programs on the server.
USN-794-1: Perl vulnerability
Submitted by MarcDeslauriers on Thu, 2009-07-02 18:30Referenced CVEs:
CVE-2009-1391
Description:
===========================================================
Ubuntu Security Notice USN-794-1 July 02, 2009
libcompress-raw-zlib-perl, perl vulnerability
CVE-2009-1391
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
libcompress-raw-zlib-perl 2.008-1ubuntu0.1
Ubuntu 8.10:
libcompress-raw-zlib-perl 2.011-2ubuntu0.1
perl 5.10.0-11.1ubuntu2.3
Ubuntu 9.04:
libcompress-raw-zlib-perl 2.015-1ubuntu0.1
perl 5.10.0-19ubuntu1.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that the Compress::Raw::Zlib Perl module incorrectly
handled certain zlib compressed streams. If a user or automated system were
tricked into processing a specially crafted compressed stream or file, a
remote attacker could crash the application, leading to a denial of
service.
USN-793-1: Linux kernel vulnerabilities
Submitted by KeesCook on Thu, 2009-07-02 05:43Referenced CVEs:
CVE-2009-1072, CVE-2009-1184, CVE-2009-1192, CVE-2009-1242, CVE-2009-1265, CVE-2009-1336, CVE-2009-1337, CVE-2009-1338, CVE-2009-1360, CVE-2009-1385, CVE-2009-1439, CVE-2009-1630, CVE-2009-1633, CVE-2009-1914, CVE-2009-1961
Description:
===========================================================
Ubuntu Security Notice USN-793-1 July 02, 2009
linux, linux-source-2.6.15 vulnerabilities
CVE-2009-1072, CVE-2009-1184, CVE-2009-1192, CVE-2009-1242,
CVE-2009-1265, CVE-2009-1336, CVE-2009-1337, CVE-2009-1338,
CVE-2009-1360, CVE-2009-1385, CVE-2009-1439, CVE-2009-1630,
CVE-2009-1633, CVE-2009-1914, CVE-2009-1961
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
linux-image-2.6.15-54-386 2.6.15-54.77
linux-image-2.6.15-54-686 2.6.15-54.77
linux-image-2.6.15-54-amd64-generic 2.6.15-54.77
linux-image-2.6.15-54-amd64-k8 2.6.15-54.77
linux-image-2.6.15-54-amd64-server 2.6.15-54.77
linux-image-2.6.15-54-amd64-xeon 2.6.15-54.77
linux-image-2.6.15-54-hppa32 2.6.15-54.77
linux-image-2.6.15-54-hppa32-smp 2.6.15-54.77
linux-image-2.6.15-54-hppa64 2.6.15-54.77
linux-image-2.6.15-54-hppa64-smp 2.6.15-54.77
linux-image-2.6.15-54-itanium 2.6.15-54.77
linux-image-2.6.15-54-itanium-smp 2.6.15-54.77
linux-image-2.6.15-54-k7 2.6.15-54.77
linux-image-2.6.15-54-mckinley 2.6.15-54.77
linux-image-2.6.15-54-mckinley-smp 2.6.15-54.77
linux-image-2.6.15-54-powerpc 2.6.15-54.77
linux-image-2.6.15-54-powerpc-smp 2.6.15-54.77
linux-image-2.6.15-54-powerpc64-smp 2.6.15-54.77
linux-image-2.6.15-54-server 2.6.15-54.77
linux-image-2.6.15-54-server-bigiron 2.6.15-54.77
linux-image-2.6.15-54-sparc64 2.6.15-54.77
linux-image-2.6.15-54-sparc64-smp 2.6.15-54.77
Ubuntu 8.04 LTS:
linux-image-2.6.24-24-386 2.6.24-24.55
linux-image-2.6.24-24-generic 2.6.24-24.55
linux-image-2.6.24-24-hppa32 2.6.24-24.55
linux-image-2.6.24-24-hppa64 2.6.24-24.55
linux-image-2.6.24-24-itanium 2.6.24-24.55
linux-image-2.6.24-24-lpia 2.6.24-24.55
linux-image-2.6.24-24-lpiacompat 2.6.24-24.55
linux-image-2.6.24-24-mckinley 2.6.24-24.55
linux-image-2.6.24-24-openvz 2.6.24-24.55
linux-image-2.6.24-24-powerpc 2.6.24-24.55
linux-image-2.6.24-24-powerpc-smp 2.6.24-24.55
linux-image-2.6.24-24-powerpc64-smp 2.6.24-24.55
linux-image-2.6.24-24-rt 2.6.24-24.55
linux-image-2.6.24-24-server 2.6.24-24.55
linux-image-2.6.24-24-sparc64 2.6.24-24.55
linux-image-2.6.24-24-sparc64-smp 2.6.24-24.55
linux-image-2.6.24-24-virtual 2.6.24-24.55
linux-image-2.6.24-24-xen 2.6.24-24.55
Ubuntu 8.10:
linux-image-2.6.27-14-generic 2.6.27-14.35
linux-image-2.6.27-14-server 2.6.27-14.35
linux-image-2.6.27-14-virtual 2.6.27-14.35
Ubuntu 9.04:
linux-image-2.6.28-13-generic 2.6.28-13.45
linux-image-2.6.28-13-imx51 2.6.28-13.45
linux-image-2.6.28-13-iop32x 2.6.28-13.45
linux-image-2.6.28-13-ixp4xx 2.6.28-13.45
linux-image-2.6.28-13-lpia 2.6.28-13.45
linux-image-2.6.28-13-server 2.6.28-13.45
linux-image-2.6.28-13-versatile 2.6.28-13.45
linux-image-2.6.28-13-virtual 2.6.28-13.45
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
ATTENTION: Due to an unavoidable ABI change for Ubuntu 8.04, 8.10 and 9.04
the kernel updates have been given a new version number, which requires
you to recompile and reinstall all third party kernel modules you
might have installed. If you use linux-restricted-modules, you have to
update that package as well to get modules which work with the new kernel
version. Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-server, linux-powerpc), a standard system
upgrade will automatically perform this as well.
Details follow:
Igor Zhbanov discovered that NFS clients were able to create device nodes
even when root_squash was enabled. An authenticated remote attacker
could create device nodes with open permissions, leading to a loss of
privacy or escalation of privileges. Only Ubuntu 8.10 and 9.04 were
affected. (CVE-2009-1072)
Dan Carpenter discovered that SELinux did not correctly handle
certain network checks when running with compat_net=1. A local
attacker could exploit this to bypass network checks. Default Ubuntu
installations do not enable SELinux, and only Ubuntu 8.10 and 9.04 were
affected. (CVE-2009-1184)
Shaohua Li discovered that memory was not correctly initialized in the
AGP subsystem. A local attacker could potentially read kernel memory,
leading to a loss of privacy. (CVE-2009-1192)
Benjamin Gilbert discovered that the VMX implementation of KVM did
not correctly handle certain registers. An attacker in a guest VM
could exploit this to cause a host system crash, leading to a denial
of service. This only affected 32bit hosts. Ubuntu 6.06 was not
affected. (CVE-2009-1242)
Thomas Pollet discovered that the Amateur Radio X.25 Packet Layer Protocol
did not correctly validate certain fields. A remote attacker could exploit
this to read kernel memory, leading to a loss of privacy. (CVE-2009-1265)
Trond Myklebust discovered that NFS did not correctly handle certain
long filenames. An authenticated remote attacker could exploit this to
cause a system crash, leading to a denial of service. Only Ubuntu 6.06
was affected. (CVE-2009-1336)
Oleg Nesterov discovered that the kernel did not correctly handle
CAP_KILL. A local user could exploit this to send signals to arbitrary
processes, leading to a denial of service. (CVE-2009-1337)
Daniel Hokka Zakrisson discovered that signal handling was not correctly
limited to process namespaces. A local user could bypass namespace
restrictions, possibly leading to a denial of service. Only Ubuntu 8.04
was affected. (CVE-2009-1338)
Pavel Emelyanov discovered that network namespace support for IPv6 was
not correctly handled. A remote attacker could send specially crafted
IPv6 traffic that would cause a system crash, leading to a denial of
service. Only Ubuntu 8.10 and 9.04 were affected. (CVE-2009-1360)
Neil Horman discovered that the e1000 network driver did not correctly
validate certain fields. A remote attacker could send a specially
crafted packet that would cause a system crash, leading to a denial of
service. (CVE-2009-1385)
Pavan Naregundi discovered that CIFS did not correctly check lengths
when handling certain mount requests. A remote attacker could send
specially crafted traffic to cause a system crash, leading to a denial
of service. (CVE-2009-1439)
Simon Vallet and Frank Filz discovered that execute permissions were
not correctly handled by NFSv4. A local user could bypass permissions
and run restricted programs, possibly leading to an escalation of
privileges. (CVE-2009-1630)
Jeff Layton and Suresh Jayaraman discovered buffer overflows in the CIFS
client code. A malicious remote server could exploit this to cause a
system crash or execute arbitrary code as root. (CVE-2009-1633)
Mikulas Patocka discovered that /proc/iomem was not correctly
initialized on Sparc. A local attacker could use this file to crash
the system, leading to a denial of service. Ubuntu 6.06 was not
affected. (CVE-2009-1914)
Miklos Szeredi discovered that OCFS2 did not correctly handle certain
splice operations. A local attacker could exploit this to cause
a system hang, leading to a denial of service. Ubuntu 6.06 was not
affected. (CVE-2009-1961)
USN-782-1: Thunderbird vulnerabilities
Submitted by JamesStrandboge on Fri, 2009-06-26 00:17Referenced CVEs:
CVE-2009-1303, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1392, CVE-2009-1833, CVE-2009-1836, CVE-2009-1838, CVE-2009-1841
Description:
===========================================================
Ubuntu Security Notice USN-782-1 June 25, 2009
thunderbird vulnerabilities
CVE-2009-1303, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307,
CVE-2009-1308, CVE-2009-1309, CVE-2009-1392, CVE-2009-1833,
CVE-2009-1836, CVE-2009-1838, CVE-2009-1841
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
thunderbird 2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1
Ubuntu 8.10:
thunderbird 2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1
Ubuntu 9.04:
thunderbird 2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1
After a standard system upgrade you need to restart Thunderbird to effect
the necessary changes.
Details follow:
Several flaws were discovered in the JavaScript engine of Thunderbird. If a
user had JavaScript enabled and were tricked into viewing malicious web
content, a remote attacker could cause a denial of service or possibly
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2009-1303, CVE-2009-1305, CVE-2009-1392, CVE-2009-1833,
CVE-2009-1838)
Several flaws were discovered in the way Thunderbird processed malformed
URI schemes. If a user were tricked into viewing a malicious website and
had JavaScript and plugins enabled, a remote attacker could execute
arbitrary JavaScript or steal private data. (CVE-2009-1306, CVE-2009-1307,
CVE-2009-1309)
Cefn Hoile discovered Thunderbird did not adequately protect against
embedded third-party stylesheets. If JavaScript were enabled, an attacker
could exploit this to perform script injection attacks using XBL bindings.
(CVE-2009-1308)
Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that
Thunderbird did not properly handle error responses when connecting to a
proxy server. If a user had JavaScript enabled while using Thunderbird to
view websites and a remote attacker were able to perform a
man-in-the-middle attack, this flaw could be exploited to view sensitive
information. (CVE-2009-1836)
It was discovered that Thunderbird could be made to run scripts with
elevated privileges. If a user had JavaScript enabled while having
certain non-default add-ons installed and were tricked into viewing a
malicious website, an attacker could cause a chrome privileged object, such
as the browser sidebar, to run arbitrary code via interactions with the
attacker controlled website. (CVE-2009-1841)
USN-792-1: OpenSSL vulnerabilities
Submitted by MarcDeslauriers on Thu, 2009-06-25 18:28Referenced CVEs:
CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387
Description:
===========================================================
Ubuntu Security Notice USN-792-1 June 25, 2009
openssl vulnerabilities
CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386,
CVE-2009-1387
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libssl0.9.8 0.9.8a-7ubuntu0.9
Ubuntu 8.04 LTS:
libssl0.9.8 0.9.8g-4ubuntu3.7
Ubuntu 8.10:
libssl0.9.8 0.9.8g-10.1ubuntu2.4
Ubuntu 9.04:
libssl0.9.8 0.9.8g-15ubuntu3.2
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
Details follow:
It was discovered that OpenSSL did not limit the number of DTLS records it
would buffer when they arrived with a future epoch. A remote attacker could
cause a denial of service via memory resource consumption by sending a
large number of crafted requests. (CVE-2009-1377)
It was discovered that OpenSSL did not properly free memory when processing
DTLS fragments. A remote attacker could cause a denial of service via
memory resource consumption by sending a large number of crafted requests.
(CVE-2009-1378)
It was discovered that OpenSSL did not properly handle certain server
certificates when processing DTLS packets. A remote DTLS server could cause
a denial of service by sending a message containing a specially crafted
server certificate. (CVE-2009-1379)
It was discovered that OpenSSL did not properly handle a DTLS
ChangeCipherSpec packet when it occured before ClientHello. A remote
attacker could cause a denial of service by sending a specially crafted
request. (CVE-2009-1386)
It was discovered that OpenSSL did not properly handle out of sequence
DTLS handshake messages. A remote attacker could cause a denial of service
by sending a specially crafted request. (CVE-2009-1387)
USN-791-2: Moodle vulnerability
Submitted by KeesCook on Wed, 2009-06-24 20:02Referenced CVEs:
CVE-2009-1171
Description:
===========================================================
Ubuntu Security Notice USN-791-2 June 24, 2009
moodle vulnerability
CVE-2009-1171
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 9.04:
moodle 1.9.4.dfsg-0ubuntu1.1
After a standard system upgrade you need to access the Moodle instance
and accept the database update to clear any invalid cached data.
Details follow:
Christian Eibl discovered that the TeX filter in Moodle allowed any
function to be used. An authenticated remote attacker could post a
specially crafted TeX formula to execute arbitrary TeX functions,
potentially reading any file accessible to the web server user, leading
to a loss of privacy. (CVE-2009-1171, MSA-09-0009)
USN-791-3: Smarty vulnerability
Submitted by KeesCook on Wed, 2009-06-24 20:01Referenced CVEs:
CVE-2009-1669
Description:
===========================================================
Ubuntu Security Notice USN-791-3 June 24, 2009
smarty vulnerability
CVE-2009-1669
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 9.04:
smarty 2.6.22-1ubuntu1.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that Smarty did not correctly filter certain math
inputs. A remote attacker using Smarty via a web service could exploit
this to execute subsets of shell commands as the web server user.
USN-791-1: Moodle vulnerabilities
Submitted by KeesCook on Wed, 2009-06-24 19:54Referenced CVEs:
CVE-2007-3215, CVE-2008-4796, CVE-2008-4810, CVE-2008-4811, CVE-2008-5153, CVE-2008-5432, CVE-2008-5619, CVE-2008-6124, CVE-2009-0499, CVE-2009-0500, CVE-2009-0501, CVE-2009-0502, CVE-2009-1171, CVE-2009-1669
Description:
===========================================================
Ubuntu Security Notice USN-791-1 June 24, 2009
moodle vulnerabilities
CVE-2007-3215, CVE-2008-4796, CVE-2008-4810, CVE-2008-4811,
CVE-2008-5153, CVE-2008-5432, CVE-2008-5619, CVE-2008-6124,
CVE-2009-0499, CVE-2009-0500, CVE-2009-0501, CVE-2009-0502,
CVE-2009-1171, CVE-2009-1669
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
moodle 1.8.2-1ubuntu4.2
Ubuntu 8.10:
moodle 1.8.2-1.2ubuntu2.1
After a standard system upgrade you need to access the Moodle instance
and accept the database update to clear any invalid cached data.
Details follow:
Thor Larholm discovered that PHPMailer, as used by Moodle, did not
correctly escape email addresses. A local attacker with direct access
to the Moodle database could exploit this to execute arbitrary commands
as the web server user. (CVE-2007-3215)
Nigel McNie discovered that fetching https URLs did not correctly escape
shell meta-characters. An authenticated remote attacker could execute
arbitrary commands as the web server user, if curl was installed and
configured. (CVE-2008-4796, MSA-09-0003)
It was discovered that Smarty (also included in Moodle), did not
correctly filter certain inputs. An authenticated remote attacker could
exploit this to execute arbitrary PHP commands as the web server user.
(CVE-2008-4810, CVE-2008-4811, CVE-2009-1669)
It was discovered that the unused SpellChecker extension in Moodle did not
correctly handle temporary files. If the tool had been locally modified,
it could be made to overwrite arbitrary local files via symlinks.
(CVE-2008-5153)
Mike Churchward discovered that Moodle did not correctly filter Wiki page
titles in certain areas. An authenticated remote attacker could exploit
this to cause cross-site scripting (XSS), which could be used to modify
or steal confidential data of other users within the same web domain.
(CVE-2008-5432, MSA-08-0022)
It was discovered that the HTML sanitizer, "Login as" feature, and logging
in Moodle did not correctly handle certain inputs. An authenticated
remote attacker could exploit this to generate XSS, which could be used
to modify or steal confidential data of other users within the same
web domain. (CVE-2008-5619, CVE-2009-0500, CVE-2009-0502, MSA-08-0026,
MSA-09-0004, MSA-09-0007)
It was discovered that the HotPot module in Moodle did not correctly
filter SQL inputs. An authenticated remote attacker could execute
arbitrary SQL commands as the moodle database user, leading to a loss
of privacy or denial of service. (CVE-2008-6124, MSA-08-0010)
Kevin Madura discovered that the forum actions and messaging settings
in Moodle were not protected from cross-site request forgery (CSRF).
If an authenticated user were tricked into visiting a malicious
website while logged into Moodle, a remote attacker could change the
user's configurations or forum content. (CVE-2009-0499, MSA-09-0008,
MSA-08-0023)
Daniel Cabezas discovered that Moodle would leak usernames from the
Calendar Export tool. A remote attacker could gather a list of users,
leading to a loss of privacy. (CVE-2009-0501, MSA-09-0006)
Christian Eibl discovered that the TeX filter in Moodle allowed any
function to be used. An authenticated remote attacker could post
a specially crafted TeX formula to execute arbitrary TeX functions,
potentially reading any file accessible to the web server user, leading
to a loss of privacy. (CVE-2009-1171, MSA-09-0009)
Johannes Kuhn discovered that Moodle did not correctly validate user
permissions when attempting to switch user accounts. An authenticated
remote attacker could switch to any other Moodle user, leading to a loss
of privacy. (MSA-08-0003)
Hanno Boeck discovered that unconfigured Moodle instances contained
XSS vulnerabilities. An unauthenticated remote attacker could exploit
this to modify or steal confidential data of other users within the same
web domain. (MSA-08-0004)
Debbie McDonald, Mauno Korpelainen, Howard Miller, and Juan Segarra
Montesinos discovered that when users were deleted from Moodle, their
profiles and avatars were still visible. An authenticated remote attacker
could exploit this to store information in profiles even after they were
removed, leading to spam traffic. (MSA-08-0015, MSA-09-0001, MSA-09-0002)
Lars Vogdt discovered that Moodle did not correctly filter certain inputs.
An authenticated remote attacker could exploit this to generate XSS from
which they could modify or steal confidential data of other users within
the same web domain. (MSA-08-0021)
It was discovered that Moodle did not correctly filter inputs for group
creation, mnet, essay question, HOST param, wiki param, and others.
An authenticated remote attacker could exploit this to generate XSS
from which they could modify or steal confidential data of other users
within the same web domain. (MDL-9288, MDL-11759, MDL-12079, MDL-12793,
MDL-14806)
It was discovered that Moodle did not correctly filter SQL inputs when
performing a restore. An attacker authenticated as a Moodle administrator
could execute arbitrary SQL commands as the moodle database user,
leading to a loss of privacy or denial of service. (MDL-11857)
USN-790-1: Cyrus SASL vulnerability
Submitted by KeesCook on Wed, 2009-06-24 18:28Referenced CVEs:
CVE-2009-0688
Description:
===========================================================
Ubuntu Security Notice USN-790-1 June 24, 2009
cyrus-sasl2 vulnerability
CVE-2009-0688
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
libsasl2 2.1.19.dfsg1-0.1ubuntu3.1
Ubuntu 8.04 LTS:
libsasl2-2 2.1.22.dfsg1-18ubuntu2.1
Ubuntu 8.10:
libsasl2-2 2.1.22.dfsg1-21ubuntu2.1
Ubuntu 9.04:
libsasl2-2 2.1.22.dfsg1-23ubuntu3.1
After a standard system upgrade you need to restart services using SASL
to effect the necessary changes.
Details follow:
James Ralston discovered that the Cyrus SASL base64 encoding function
could be used unsafely. If a remote attacker sent a specially crafted
request to a service that used SASL, it could lead to a loss of privacy,
or crash the application, resulting in a denial of service.
USN-789-1: GStreamer Good Plugins vulnerability
Submitted by MarcDeslauriers on Mon, 2009-06-22 13:24Referenced CVEs:
CVE-2009-1932
Description:
===========================================================
Ubuntu Security Notice USN-789-1 June 22, 2009
gst-plugins-good0.10 vulnerability
CVE-2009-1932
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
gstreamer0.10-plugins-good 0.10.3-0ubuntu4.2
Ubuntu 8.04 LTS:
gstreamer0.10-plugins-good 0.10.7-3ubuntu0.3
Ubuntu 8.10:
gstreamer0.10-plugins-good 0.10.10.4-1ubuntu1.2
Ubuntu 9.04:
gstreamer0.10-plugins-good 0.10.14-1ubuntu0.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Tielei Wang discovered that GStreamer Good Plugins did not correctly handle
malformed PNG image files. If a user were tricked into opening a crafted
PNG image file with a GStreamer application, an attacker could cause a
denial of service via application crash, or possibly execute arbitrary code
with the privileges of the user invoking the program.


