About Ubuntu

=========================================================== Ubuntu Security Notice USN-268-1 April 06, 2006 kaffeine vulnerability CVE-2006-0051 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: kaffeine The problem can be corrected by upgrading the affected package to version 0.6-0ubuntu2.1 (for Ubuntu 5.04), or 0.7-0ubuntu4.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Marcus Meissner discovered a buffer overflow in the http_peek() function. By tricking an user into opening a specially crafted playlist URL with Kaffeine, a remote attacker could exploit this to execute arbitrary code with the user's privileges.