News

=========================================================== Ubuntu Security Notice USN-309-1 July 05, 2006 libmms vulnerability CVE-2006-2200 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: libmms0 0.1-0ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Several buffer overflows were found in libmms. By tricking a user into opening a specially crafted remote multimedia stream with an application using libmms, a remote attacker could overwrite an arbitrary memory portion with zeros, thereby crashing the program. In Ubuntu 5.10, this affects the GStreamer MMS plugin (gstreamer0.8-mms). Other Ubuntu releases do not support this library.