About Ubuntu

=========================================================== Ubuntu Security Notice USN-210-1 October 18, 2005 netpbm-free vulnerability CAN-2005-2978 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: netpbm The problem can be corrected by upgrading the affected package to version 2:10.0-5ubuntu0.2 (for Ubuntu 4.10), 2:10.0-8ubuntu0.2 (for Ubuntu 5.04), or 2:10.0-8ubuntu1.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A buffer overflow was found in the "pnmtopng" conversion program. By tricking an user (or automated system) to process a specially crafted PNM image with pnmtopng, this could be exploited to execute arbitrary code with the privileges of the user running pnmtopng.