About Ubuntu

=========================================================== Ubuntu Security Notice USN-802-2 August 19, 2009 apache2 regression https://launchpad.net/bugs/409987 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.8 apache2-mpm-perchild 2.0.55-4ubuntu2.8 apache2-mpm-prefork 2.0.55-4ubuntu2.8 apache2-mpm-worker 2.0.55-4ubuntu2.8 libapr0 2.0.55-4ubuntu2.8 Ubuntu 8.04 LTS: apache2-mpm-event 2.2.8-1ubuntu0.11 apache2-mpm-perchild 2.2.8-1ubuntu0.11 apache2-mpm-prefork 2.2.8-1ubuntu0.11 apache2-mpm-worker 2.2.8-1ubuntu0.11 apache2.2-common 2.2.8-1ubuntu0.11 Ubuntu 8.10: apache2-mpm-event 2.2.9-7ubuntu3.3 apache2-mpm-prefork 2.2.9-7ubuntu3.3 apache2-mpm-worker 2.2.9-7ubuntu3.3 apache2.2-common 2.2.9-7ubuntu3.3 Ubuntu 9.04: apache2-mpm-event 2.2.11-2ubuntu2.3 apache2-mpm-prefork 2.2.11-2ubuntu2.3 apache2-mpm-worker 2.2.11-2ubuntu2.3 apache2.2-common 2.2.11-2ubuntu2.3 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-802-1 fixed vulnerabilities in Apache. The upstream fix for CVE-2009-1891 introduced a regression that would cause Apache children to occasionally segfault when mod_deflate is used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that mod_proxy_http did not properly handle a large amount of streamed data when used as a reverse proxy. A remote attacker could exploit this and cause a denial of service via memory resource consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04. (CVE-2009-1890) It was discovered that mod_deflate did not abort compressing large files when the connection was closed. A remote attacker could exploit this and cause a denial of service via CPU resource consumption. (CVE-2009-1891)

=========================================================== Ubuntu Security Notice USN-819-1 August 19, 2009 linux, linux-source-2.6.15 vulnerability CVE-2009-2692 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-54-386 2.6.15-54.79 linux-image-2.6.15-54-686 2.6.15-54.79 linux-image-2.6.15-54-amd64-generic 2.6.15-54.79 linux-image-2.6.15-54-amd64-k8 2.6.15-54.79 linux-image-2.6.15-54-amd64-server 2.6.15-54.79 linux-image-2.6.15-54-amd64-xeon 2.6.15-54.79 linux-image-2.6.15-54-hppa32 2.6.15-54.79 linux-image-2.6.15-54-hppa32-smp 2.6.15-54.79 linux-image-2.6.15-54-hppa64 2.6.15-54.79 linux-image-2.6.15-54-hppa64-smp 2.6.15-54.79 linux-image-2.6.15-54-itanium 2.6.15-54.79 linux-image-2.6.15-54-itanium-smp 2.6.15-54.79 linux-image-2.6.15-54-k7 2.6.15-54.79 linux-image-2.6.15-54-mckinley 2.6.15-54.79 linux-image-2.6.15-54-mckinley-smp 2.6.15-54.79 linux-image-2.6.15-54-powerpc 2.6.15-54.79 linux-image-2.6.15-54-powerpc-smp 2.6.15-54.79 linux-image-2.6.15-54-powerpc64-smp 2.6.15-54.79 linux-image-2.6.15-54-server 2.6.15-54.79 linux-image-2.6.15-54-server-bigiron 2.6.15-54.79 linux-image-2.6.15-54-sparc64 2.6.15-54.79 linux-image-2.6.15-54-sparc64-smp 2.6.15-54.79 Ubuntu 8.04 LTS: linux-image-2.6.24-24-386 2.6.24-24.59 linux-image-2.6.24-24-generic 2.6.24-24.59 linux-image-2.6.24-24-hppa32 2.6.24-24.59 linux-image-2.6.24-24-hppa64 2.6.24-24.59 linux-image-2.6.24-24-itanium 2.6.24-24.59 linux-image-2.6.24-24-lpia 2.6.24-24.59 linux-image-2.6.24-24-lpiacompat 2.6.24-24.59 linux-image-2.6.24-24-mckinley 2.6.24-24.59 linux-image-2.6.24-24-openvz 2.6.24-24.59 linux-image-2.6.24-24-powerpc 2.6.24-24.59 linux-image-2.6.24-24-powerpc-smp 2.6.24-24.59 linux-image-2.6.24-24-powerpc64-smp 2.6.24-24.59 linux-image-2.6.24-24-rt 2.6.24-24.59 linux-image-2.6.24-24-server 2.6.24-24.59 linux-image-2.6.24-24-sparc64 2.6.24-24.59 linux-image-2.6.24-24-sparc64-smp 2.6.24-24.59 linux-image-2.6.24-24-virtual 2.6.24-24.59 linux-image-2.6.24-24-xen 2.6.24-24.59 Ubuntu 8.10: linux-image-2.6.27-14-generic 2.6.27-14.39 linux-image-2.6.27-14-server 2.6.27-14.39 linux-image-2.6.27-14-virtual 2.6.27-14.39 Ubuntu 9.04: linux-image-2.6.28-15-generic 2.6.28-15.49 linux-image-2.6.28-15-imx51 2.6.28-15.49 linux-image-2.6.28-15-iop32x 2.6.28-15.49 linux-image-2.6.28-15-ixp4xx 2.6.28-15.49 linux-image-2.6.28-15-lpia 2.6.28-15.49 linux-image-2.6.28-15-server 2.6.28-15.49 linux-image-2.6.28-15-versatile 2.6.28-15.49 linux-image-2.6.28-15-virtual 2.6.28-15.49 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Tavis Ormandy and Julien Tinnes discovered that Linux did not correctly initialize certain socket operation function pointers. A local attacker could exploit this to gain root privileges. By default, Ubuntu 8.04 and later with a non-zero /proc/sys/vm/mmap_min_addr setting were not vulnerable.

=========================================================== Ubuntu Security Notice USN-818-1 August 17, 2009 curl vulnerability CVE-2009-2417 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libcurl3 7.15.1-1ubuntu3.2 Ubuntu 8.04 LTS: libcurl3 7.18.0-1ubuntu2.2 Ubuntu 8.10: libcurl3 7.18.2-1ubuntu4.4 Ubuntu 9.04: libcurl3 7.18.2-8ubuntu4.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Scott Cantor discovered that Curl did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

=========================================================== Ubuntu Security Notice USN-816-1 August 12, 2009 fetchmail vulnerability CVE-2009-2666 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: fetchmail 6.3.2-2ubuntu2.3 Ubuntu 8.04 LTS: fetchmail 6.3.8-10ubuntu1.1 Ubuntu 8.10: fetchmail 6.3.8-11ubuntu3.1 Ubuntu 9.04: fetchmail 6.3.9~rc2-4ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Matthias Andree discovered that fetchmail did not properly handle certificates with NULL characters in the certificate name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

=========================================================== Ubuntu Security Notice USN-815-1 August 11, 2009 libxml2 vulnerabilities CVE-2008-3529, CVE-2009-2414, CVE-2009-2416 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.5 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.4 Ubuntu 8.10: libxml2 2.6.32.dfsg-4ubuntu1.2 Ubuntu 9.04: libxml2 2.6.32.dfsg-5ubuntu4.2 After a standard system upgrade you need to restart your sessions to effect the necessary changes. Details follow: It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. (CVE-2009-2414) It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. (CVE-2009-2416) USN-644-1 fixed a vulnerability in libxml2. This advisory provides the corresponding update for Ubuntu 9.04. Original advisory details: It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service. (CVE-2008-3529)

=========================================================== Ubuntu Security Notice USN-814-1 August 11, 2009 openjdk-6 vulnerabilities CVE-2009-0217, CVE-2009-1896, CVE-2009-2475, CVE-2009-2476, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674, CVE-2009-2675, CVE-2009-2676, CVE-2009-2689, CVE-2009-2690 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: icedtea6-plugin 6b12-0ubuntu6.5 openjdk-6-jre 6b12-0ubuntu6.5 openjdk-6-jre-lib 6b12-0ubuntu6.5 Ubuntu 9.04: icedtea6-plugin 6b14-1.4.1-0ubuntu11 openjdk-6-jre 6b14-1.4.1-0ubuntu11 openjdk-6-jre-lib 6b14-1.4.1-0ubuntu11 After a standard system upgrade you need to restart any Java applications to effect the necessary changes. Details follow: It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. (CVE-2009-0217) It was discovered that JAR bundles would appear signed if only one element was signed. If a user were tricked into running a malicious Java applet, a remote attacker could exploit this to gain access to private information and potentially run untrusted code. (CVE-2009-1896) It was discovered that certain variables could leak information. If a user were tricked into running a malicious Java applet, a remote attacker could exploit this to gain access to private information and potentially run untrusted code. (CVE-2009-2475, CVE-2009-2690) A flaw was discovered the OpenType checking. If a user were tricked into running a malicious Java applet, a remote attacker could bypass access restrictions. (CVE-2009-2476) It was discovered that the XML processor did not correctly check recursion. If a user or automated system were tricked into processing a specially crafted XML, the system could crash, leading to a denial of service. (CVE-2009-2625) It was discovered that the Java audio subsystem did not correctly validate certain parameters. If a user were tricked into running an untrusted applet, a remote attacker could read system properties. (CVE-2009-2670) Multiple flaws were discovered in the proxy subsystem. If a user were tricked into running an untrusted applet, a remote attacker could discover local user names, obtain access to sensitive information, or bypass socket restrictions, leading to a loss of privacy. (CVE-2009-2671, CVE-2009-2672, CVE-2009-2673) Flaws were discovered in the handling of JPEG images, Unpack200 archives, and JDK13Services. If a user were tricked into running an untrusted applet, a remote attacker could load a specially crafted file that would bypass local file access protections and run arbitrary code with user privileges. (CVE-2009-2674, CVE-2009-2675, CVE-2009-2676, CVE-2009-2689)

=========================================================== Ubuntu Security Notice USN-813-3 August 08, 2009 apr-util vulnerability CVE-2009-2412 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libaprutil1 1.2.12+dfsg-3ubuntu0.2 Ubuntu 8.10: libaprutil1 1.2.12+dfsg-7ubuntu0.3 Ubuntu 9.04: libaprutil1 1.2.12+dfsg-8ubuntu0.3 After a standard system upgrade you need to restart any applications using apr-util, such as Subversion and Apache, to effect the necessary changes. Details follow: USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr-util. Original advisory details: Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.

=========================================================== Ubuntu Security Notice USN-813-2 August 08, 2009 apache2 vulnerability CVE-2009-2412 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libapr0 2.0.55-4ubuntu2.7 After a standard system upgrade you need to restart any applications using apr, such as Subversion and Apache, to effect the necessary changes. Details follow: USN-813-1 fixed vulnerabilities in apr. This update provides the corresponding updates for apr as provided by Apache on Ubuntu 6.06 LTS. Original advisory details: Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.

=========================================================== Ubuntu Security Notice USN-813-1 August 08, 2009 apr vulnerability CVE-2009-2412 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libapr1 1.2.11-1ubuntu0.1 Ubuntu 8.10: libapr1 1.2.12-4ubuntu0.1 Ubuntu 9.04: libapr1 1.2.12-5ubuntu0.1 After a standard system upgrade you need to restart any applications using apr, such as Subversion and Apache, to effect the necessary changes. Details follow: Matt Lewis discovered that apr did not properly sanitize its input when allocating memory. If an application using apr processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user invoking the application.

=========================================================== Ubuntu Security Notice USN-812-1 August 08, 2009 subversion vulnerability CVE-2009-2411 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libsvn0 1.3.1-3ubuntu1.2 Ubuntu 8.04 LTS: libsvn1 1.4.6dfsg1-2ubuntu1.1 Ubuntu 8.10: libsvn1 1.5.1dfsg1-1ubuntu2.1 Ubuntu 9.04: libsvn1 1.5.4dfsg1-1ubuntu2.1 After a standard system upgrade you need to restart any applications that use Subversion, such as Apache when using mod_dav_svn, to effect the necessary changes. Details follow: Matt Lewis discovered that Subversion did not properly sanitize its input when processing svndiff streams, leading to various integer and heap overflows. If a user or automated system processed crafted input, a remote attacker could cause a denial of service or potentially execute arbitrary code as the user processing the input.