Ubuntu Security Notice USN-391-1
4th December, 2006
libgsf vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 6.10
- Ubuntu 6.06 LTS
- Ubuntu 5.10
Details
A heap overflow was discovered in the OLE processing code in libgsf. If
a user were tricked into opening a specially crafted OLE document, an
attacker could execute arbitrary code with the user's privileges.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 6.10:
- libgsf-1-114 1.14.1-2ubuntu1.1
- Ubuntu 6.06 LTS:
- libgsf-1-113 1.13.99-0ubuntu2.1
- Ubuntu 5.10:
- libgsf-1 1.12.3-3ubuntu3.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to restart your desktop session
to effect the necessary changes.