News

=========================================================== Ubuntu Security Notice USN-648-1 September 30, 2008 nasm vulnerability CVE-2008-2719 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: nasm 0.99.06-2ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Philipp Thomas discovered that the ppscan function of nasm contained an off-by-one error. If a user or automated system were tricked into assembling a specially crafted ASM file, a remote attacker could execute arbitrary commands with user privileges.