Wikimedia case study Background

Most people with a passing acquaintance with a browser or Google search know Wikipedia, the web-based encyclopedia spanning topics from the ridiculous to the sublime. Want Britney Spear’s bio? It’s there.Wikimedia case study Background

Most people with a passing acquaintance with a browser or Google search know Wikipedia, the web-based encyclopedia spanning topics from the ridiculous to the sublime. Want Britney Spear’s bio? It’s there.

read more

Referenced CVEs: CVE-2008-2376, CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905Description:  =========================================================== Ubuntu Security Notice USN-651-1 October 10, 2008 ruby1.8 vulnerabilities CVE-2008-2376, CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libruby1.8 1.8.4-1ubuntu1.6 ruby1.8 1.8.4-1ubuntu1.6 Ubuntu 7.04: libruby1.8 1.8.5-4ubuntu2.3 ruby1.8 1.8.5-4ubuntu2.3 Ubuntu 7.10: libruby1.8 1.8.6.36-1ubuntu3.3 ruby1.8 1.8.6.36-1ubuntu3.3 Ubuntu 8.04 LTS: libruby1.8 1.8.6.111-2ubuntu1.2 ruby1.8 1.8.6.111-2ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2376) Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. (CVE-2008-3443) Keita Yamaguchi discovered several safe level vulnerabilities in Ruby. An attacker could use this to bypass intended access restrictions. (CVE-2008-3655) Keita Yamaguchi discovered that WEBrick in Ruby did not properly validate paths ending with ".". A remote attacker could send a crafted HTTP request and cause a denial of service. (CVE-2008-3656) Keita Yamaguchi discovered that the dl module in Ruby did not check the taintness of inputs. An attacker could exploit this vulnerability to bypass safe levels and execute dangerous functions. (CVE-2008-3657) Luka Treiber and Mitja Kolsek discovered that REXML in Ruby did not always use expansion limits when processing XML documents. If a user or automated system were tricked into open a crafted XML file, an attacker could cause a denial of service via CPU consumption. (CVE-2008-3790) Jan Lieskovsky discovered several flaws in the name resolver of Ruby. A remote attacker could exploit this to spoof DNS entries, which could lead to misdirected traffic. This is a different vulnerability from CVE-2008-1447. (CVE-2008-3905)

Referenced CVEs: CVE-2007-4476Description:  =========================================================== Ubuntu Security Notice USN-650-1 October 02, 2008 cpio vulnerability CVE-2007-4476 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cpio 2.6-10ubuntu0.3 Ubuntu 7.04: cpio 2.6-17ubuntu0.7.04.1 Ubuntu 7.10: cpio 2.8-1ubuntu2.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A buffer overflow was discovered in cpio. If a user were tricked into opening a crafted cpio archive, an attacker could cause a denial of service via application crash, or possibly execute code with the privileges of the user invoking the program. (CVE-2007-4476)

Referenced CVEs: CVE-2008-1657, CVE-2008-4109Description:  =========================================================== Ubuntu Security Notice USN-649-1 October 01, 2008 openssh vulnerabilities CVE-2008-1657, CVE-2008-4109 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: openssh-server 1:4.2p1-7ubuntu3.5 Ubuntu 7.04: openssh-server 1:4.3p2-8ubuntu1.5 Ubuntu 7.10: openssh-server 1:4.6p1-5ubuntu0.6 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that the ForceCommand directive could be bypassed. If a local user created a malicious ~/.ssh/rc file, they could execute arbitrary commands as their user id. This only affected Ubuntu 7.10. (CVE-2008-1657) USN-355-1 fixed vulnerabilities in OpenSSH. It was discovered that the fixes for this issue were incomplete. A remote attacker could attempt multiple logins, filling all available connection slots, leading to a denial of service. This only affected Ubuntu 6.06 and 7.04. (CVE-2008-4109)

Referenced CVEs: CVE-2008-2719Description:  =========================================================== Ubuntu Security Notice USN-648-1 September 30, 2008 nasm vulnerability CVE-2008-2719 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: nasm 0.99.06-2ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Philipp Thomas discovered that the ppscan function of nasm contained an off-by-one error. If a user or automated system were tricked into assembling a specially crafted ASM file, a remote attacker could execute arbitrary commands with user privileges.

Referenced CVEs: CVE-2008-3835, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4070Description:  =========================================================== Ubuntu Security Notice USN-647-1 September 26, 2008 mozilla-thunderbird, thunderbird vulnerabilities CVE-2008-3835, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4070 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: mozilla-thunderbird 1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.6.06.1 Ubuntu 7.04: mozilla-thunderbird 1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.7.04.1 Ubuntu 7.10: thunderbird 2.0.0.17+nobinonly-0ubuntu0.7.10.1 Ubuntu 8.04 LTS: thunderbird 2.0.0.17+nobinonly-0ubuntu0.8.04.1 After a standard system upgrade you need to restart Thunderbird to effect the necessary changes. Details follow: It was discovered that the same-origin check in Thunderbird could be bypassed. If a user had JavaScript enabled and were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the browser engine of Thunderbird. If a user had JavaScript enabled, this could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Thunderbird. If a user had JavaScript enabled and were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks if a user had JavaScript enabled. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Thunderbird. If a user had JavaScript enabled and were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Georgi Guninski discovered that Thunderbird improperly handled cancelled newsgroup messages. If a user opened a crafted newsgroup message, an attacker could cause a buffer overrun and potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4070)

Description:  =========================================================== Ubuntu Security Notice USN-645-3 September 25, 2008 firefox-3.0, xulrunner-1.9 regression https://launchpad.net/bugs/270429 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: firefox 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 xulrunner-1.9 1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1 After a standard system upgrade you need to restart Firefox and any applications that use xulrunner, such as Epiphany, to effect the necessary changes. Details follow: USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream patches introduced a regression in the saved password handling. While password data was not lost, if a user had saved any passwords with non-ASCII characters, Firefox could not access the password database. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069)

Ubuntu server team wants to know – how do you Ubuntu?

Co-sponsored by Canonical and RedMonk, survey asks community about its server usage

LONDON, September 25, 2008 – Canonical Ltd., the commercial sponsor of Ubuntu, is asking users of Ubuntu Server edition just exactly how they are using it and in what kind of organisations.

Ubuntu server team wants to know – how do you Ubuntu?

Co-sponsored by Canonical and RedMonk, survey asks community about its server usage

LONDON, September 25, 2008 – Canonical Ltd., the commercial sponsor of Ubuntu, is asking users of Ubuntu Server edition just exactly how they are using it and in what kind of organisations.

read more

Referenced CVEs: CVE-2008-0016, CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069Description:  =========================================================== Ubuntu Security Notice USN-645-2 September 24, 2008 firefox vulnerabilities CVE-2008-0016, CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.15~prepatch080614e-0ubuntu3 After a standard system upgrade you need to restart Firefox to effect the necessary changes. Details follow: USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu 7.04, 7.10 and 8.04 LTS. This provides the corresponding update for Ubuntu 6.06 LTS. Original advisory details: Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069)

Referenced CVEs: CVE-2008-0016, CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069Description:  =========================================================== Ubuntu Security Notice USN-645-1 September 24, 2008 firefox, firefox-3.0, xulrunner-1.9 vulnerabilities CVE-2008-0016, CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: firefox 2.0.0.17+0nobinonly-0ubuntu0.7.4 Ubuntu 7.10: firefox 2.0.0.17+1nobinonly-0ubuntu0.7.10 Ubuntu 8.04 LTS: firefox-3.0 3.0.2+build6+nobinonly-0ubuntu0.8.04.1 xulrunner-1.9 1.9.0.2+build6+nobinonly-0ubuntu0.8.04.1 After a standard system upgrade you need to restart Firefox and any applications that use xulrunner, such as Epiphany, to effect the necessary changes. Details follow: Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069)

Referenced CVEs: CVE-2008-1801, CVE-2008-1802, CVE-2008-1803Description:  =========================================================== Ubuntu Security Notice USN-646-1 September 18, 2008 rdesktop vulnerabilities CVE-2008-1801, CVE-2008-1802, CVE-2008-1803 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: rdesktop 1.4.1-1.1ubuntu0.6.06.1 Ubuntu 7.04: rdesktop 1.5.0-1ubuntu1.1 Ubuntu 7.10: rdesktop 1.5.0-2ubuntu0.1 Ubuntu 8.04 LTS: rdesktop 1.5.0-3+cvs20071006ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that rdesktop did not properly validate the length of packet headers when processing RDP requests. If a user were tricked into connecting to a malicious server, an attacker could cause a denial of service or possible execute arbitrary code with the privileges of the user. (CVE-2008-1801) Multiple buffer overflows were discovered in rdesktop when processing RDP redirect requests. If a user were tricked into connecting to a malicious server, an attacker could cause a denial of service or possible execute arbitrary code with the privileges of the user. (CVE-2008-1802) It was discovered that rdesktop performed a signed integer comparison when reallocating dynamic buffers which could result in a heap-based overflow. If a user were tricked into connecting to a malicious server, an attacker could cause a denial of service or possible execute arbitrary code with the privileges of the user. (CVE-2008-1802)

Referenced CVEs: CVE-2008-3281, CVE-2008-3529Description:  =========================================================== Ubuntu Security Notice USN-644-1 September 11, 2008 libxml2 vulnerabilities CVE-2008-3281, CVE-2008-3529 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.3 Ubuntu 7.04: libxml2 2.6.27.dfsg-1ubuntu3.3 Ubuntu 7.10: libxml2 2.6.30.dfsg-2ubuntu1.3 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service. (CVE-2008-3529) USN-640-1 fixed vulnerabilities in libxml2. When processing extremely large XML documents with valid entities, it was possible to incorrectly trigger the newly added vulnerability protections. This update fixes the problem. (CVE-2008-3281)

Referenced CVEs: CVE-2008-1806, CVE-2008-1807, CVE-2008-1808Description:  =========================================================== Ubuntu Security Notice USN-643-1 September 11, 2008 freetype vulnerabilities CVE-2008-1806, CVE-2008-1807, CVE-2008-1808 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.5 Ubuntu 7.04: libfreetype6 2.2.1-5ubuntu1.2 Ubuntu 7.10: libfreetype6 2.3.5-1ubuntu4.7.10.1 Ubuntu 8.04 LTS: libfreetype6 2.3.5-1ubuntu4.8.04.1 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: Multiple flaws were discovered in the PFB and TTF font handling code in freetype. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges or cause the application linked against freetype to crash, leading to a denial of service.

Referenced CVEs: CVE-2008-3889Description:  =========================================================== Ubuntu Security Notice USN-642-1 September 10, 2008 postfix vulnerability CVE-2008-3889 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: postfix 2.4.5-3ubuntu1.3 Ubuntu 8.04 LTS: postfix 2.5.1-2ubuntu1.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Wietse Venema discovered that Postfix leaked internal file descriptors when executing non-Postfix commands. A local attacker could exploit this to cause Postfix to run out of descriptors, leading to a denial of service.

Referenced CVEs: CVE-2008-3651, CVE-2008-3652Description:  =========================================================== Ubuntu Security Notice USN-641-1 September 09, 2008 ipsec-tools vulnerabilities CVE-2008-3651, CVE-2008-3652 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: racoon 1:0.6.5-4ubuntu1.2 Ubuntu 7.04: racoon 1:0.6.6-3ubuntu3.1 Ubuntu 7.10: racoon 1:0.6.6-3.1ubuntu3.1 Ubuntu 8.04 LTS: racoon 1:0.6.7-1.1ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that there were multiple ways to leak memory during the IKE negotiation when handling certain packets. If a remote attacker sent repeated malicious requests, the "racoon" key exchange server could allocate large amounts of memory, possibly leading to a denial of service.

Referenced CVEs: CVE-2008-3281Description:  =========================================================== Ubuntu Security Notice USN-640-1 September 03, 2008 libxml2 vulnerability CVE-2008-3281 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.2 Ubuntu 7.04: libxml2 2.6.27.dfsg-1ubuntu3.2 Ubuntu 7.10: libxml2 2.6.30.dfsg-2ubuntu1.2 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Andreas Solberg discovered that libxml2 did not handle recursive entities safely. If an application linked against libxml2 were made to process a specially crafted XML document, a remote attacker could exhaust the system's CPU resources, leading to a denial of service.

Referenced CVEs: CVE-2008-2327Description:  =========================================================== Ubuntu Security Notice USN-639-1 September 02, 2008 tiff vulnerability CVE-2008-2327 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libtiff4 3.7.4-1ubuntu3.3 Ubuntu 7.04: libtiff4 3.8.2-6ubuntu1 Ubuntu 7.10: libtiff4 3.8.2-7ubuntu2.1 Ubuntu 8.04 LTS: libtiff4 3.8.2-7ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Drew Yao discovered that the TIFF library did not correctly validate LZW compressed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could execute arbitrary code or cause an application linked against libtiff to crash, leading to a denial of service.

Referenced CVEs: CVE-2008-3533Description:  =========================================================== Ubuntu Security Notice USN-638-1 August 27, 2008 yelp vulnerability CVE-2008-3533 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: yelp 2.20.0-0ubuntu3.1 Ubuntu 8.04 LTS: yelp 2.22.1-0ubuntu2.8.04.3 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges.

Referenced CVEs: CVE-2008-2812, CVE-2008-2931, CVE-2008-3272, CVE-2008-3275Description:  =========================================================== Ubuntu Security Notice USN-637-1 August 25, 2008 linux, linux-source-2.6.15/20/22 vulnerabilities CVE-2008-2812, CVE-2008-2931, CVE-2008-3272, CVE-2008-3275 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: linux-image-2.6.15-52-386 2.6.15-52.71 linux-image-2.6.15-52-686 2.6.15-52.71 linux-image-2.6.15-52-amd64-generic 2.6.15-52.71 linux-image-2.6.15-52-amd64-k8 2.6.15-52.71 linux-image-2.6.15-52-amd64-server 2.6.15-52.71 linux-image-2.6.15-52-amd64-xeon 2.6.15-52.71 linux-image-2.6.15-52-hppa32 2.6.15-52.71 linux-image-2.6.15-52-hppa32-smp 2.6.15-52.71 linux-image-2.6.15-52-hppa64 2.6.15-52.71 linux-image-2.6.15-52-hppa64-smp 2.6.15-52.71 linux-image-2.6.15-52-itanium 2.6.15-52.71 linux-image-2.6.15-52-itanium-smp 2.6.15-52.71 linux-image-2.6.15-52-k7 2.6.15-52.71 linux-image-2.6.15-52-mckinley 2.6.15-52.71 linux-image-2.6.15-52-mckinley-smp 2.6.15-52.71 linux-image-2.6.15-52-powerpc 2.6.15-52.71 linux-image-2.6.15-52-powerpc-smp 2.6.15-52.71 linux-image-2.6.15-52-powerpc64-smp 2.6.15-52.71 linux-image-2.6.15-52-server 2.6.15-52.71 linux-image-2.6.15-52-server-bigiron 2.6.15-52.71 linux-image-2.6.15-52-sparc64 2.6.15-52.71 linux-image-2.6.15-52-sparc64-smp 2.6.15-52.71 Ubuntu 7.04: linux-image-2.6.20-17-386 2.6.20-17.39 linux-image-2.6.20-17-generic 2.6.20-17.39 linux-image-2.6.20-17-hppa32 2.6.20-17.39 linux-image-2.6.20-17-hppa64 2.6.20-17.39 linux-image-2.6.20-17-itanium 2.6.20-17.39 linux-image-2.6.20-17-lowlatency 2.6.20-17.39 linux-image-2.6.20-17-mckinley 2.6.20-17.39 linux-image-2.6.20-17-powerpc 2.6.20-17.39 linux-image-2.6.20-17-powerpc-smp 2.6.20-17.39 linux-image-2.6.20-17-powerpc64-smp 2.6.20-17.39 linux-image-2.6.20-17-server 2.6.20-17.39 linux-image-2.6.20-17-server-bigiron 2.6.20-17.39 linux-image-2.6.20-17-sparc64 2.6.20-17.39 linux-image-2.6.20-17-sparc64-smp 2.6.20-17.39 Ubuntu 7.10: linux-image-2.6.22-15-386 2.6.22-15.58 linux-image-2.6.22-15-cell 2.6.22-15.58 linux-image-2.6.22-15-generic 2.6.22-15.58 linux-image-2.6.22-15-hppa32 2.6.22-15.58 linux-image-2.6.22-15-hppa64 2.6.22-15.58 linux-image-2.6.22-15-itanium 2.6.22-15.58 linux-image-2.6.22-15-lpia 2.6.22-15.58 linux-image-2.6.22-15-lpiacompat 2.6.22-15.58 linux-image-2.6.22-15-mckinley 2.6.22-15.58 linux-image-2.6.22-15-powerpc 2.6.22-15.58 linux-image-2.6.22-15-powerpc-smp 2.6.22-15.58 linux-image-2.6.22-15-powerpc64-smp 2.6.22-15.58 linux-image-2.6.22-15-rt 2.6.22-15.58 linux-image-2.6.22-15-server 2.6.22-15.58 linux-image-2.6.22-15-sparc64 2.6.22-15.58 linux-image-2.6.22-15-sparc64-smp 2.6.22-15.58 linux-image-2.6.22-15-ume 2.6.22-15.58 linux-image-2.6.22-15-virtual 2.6.22-15.58 linux-image-2.6.22-15-xen 2.6.22-15.58 Ubuntu 8.04 LTS: linux-image-2.6.24-19-386 2.6.24-19.41 linux-image-2.6.24-19-generic 2.6.24-19.41 linux-image-2.6.24-19-hppa32 2.6.24-19.41 linux-image-2.6.24-19-hppa64 2.6.24-19.41 linux-image-2.6.24-19-itanium 2.6.24-19.41 linux-image-2.6.24-19-lpia 2.6.24-19.41 linux-image-2.6.24-19-lpiacompat 2.6.24-19.41 linux-image-2.6.24-19-mckinley 2.6.24-19.41 linux-image-2.6.24-19-openvz 2.6.24-19.41 linux-image-2.6.24-19-powerpc 2.6.24-19.41 linux-image-2.6.24-19-powerpc-smp 2.6.24-19.41 linux-image-2.6.24-19-powerpc64-smp 2.6.24-19.41 linux-image-2.6.24-19-rt 2.6.24-19.41 linux-image-2.6.24-19-server 2.6.24-19.41 linux-image-2.6.24-19-sparc64 2.6.24-19.41 linux-image-2.6.24-19-sparc64-smp 2.6.24-19.41 linux-image-2.6.24-19-virtual 2.6.24-19.41 linux-image-2.6.24-19-xen 2.6.24-19.41 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. (CVE-2008-2812) The do_change_type routine did not correctly validation administrative users. A local attacker could exploit this to block mount points or cause private mounts to be shared, leading to denial of service or a possible loss of privacy. (CVE-2008-2931) Tobias Klein discovered that the OSS interface through ALSA did not correctly validate the device number. A local attacker could exploit this to access sensitive kernel memory, leading to a denial of service or a loss of privacy. (CVE-2008-3272) Zoltan Sogor discovered that new directory entries could be added to already deleted directories. A local attacker could exploit this, filling up available memory and disk space, leading to a denial of service. (CVE-2008-3275) In certain situations, the fix for CVE-2008-0598 from USN-623-1 was causing infinite loops in the writev syscall. This update corrects the mistake. We apologize for the inconvenience.

Referenced CVEs: CVE-2008-2936Description:  =========================================================== Ubuntu Security Notice USN-636-1 August 19, 2008 postfix vulnerability CVE-2008-2936 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: postfix 2.2.10-1ubuntu0.2 Ubuntu 7.04: postfix 2.3.8-2ubuntu0.2 Ubuntu 7.10: postfix 2.4.5-3ubuntu1.2 Ubuntu 8.04 LTS: postfix 2.5.1-2ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Sebastian Krahmer discovered that Postfix was not correctly handling mailbox ownership when dealing with Linux's implementation of hardlinking to symlinks. In certain mail spool configurations, a local attacker could exploit this to append data to arbitrary files as the root user. The default Ubuntu configuration was not vulnerable.