About Ubuntu

=========================================================== Ubuntu Security Notice USN-701-2 January 06, 2009 mozilla-thunderbird vulnerabilities CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5511, CVE-2008-5512 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: mozilla-thunderbird 1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1 After a standard system upgrade you need to restart Thunderbird to effect the necessary changes. Details follow: Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. (CVE-2008-5500) Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. If a user had Javascript enabled, an attacker could exploit this to read data from other domains. (CVE-2008-5503) Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. When Javascript is enabled, it's possible that sensitive information could be revealed in the XMLHttpRequest response. (CVE-2008-5506) Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker may be able to steal a limited amount of private data. (CVE-2008-5507) Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. (CVE-2008-5508) Several flaws were discovered in the Javascript engine. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker could exploit this to execute arbitrary Javascript code within the context of another website or with chrome privileges. (CVE-2008-5511, CVE-2008-5512)

=========================================================== Ubuntu Security Notice USN-701-1 January 06, 2009 thunderbird vulnerabilities CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: thunderbird 2.0.0.19+nobinonly-0ubuntu0.7.10.1 Ubuntu 8.04 LTS: thunderbird 2.0.0.19+nobinonly-0ubuntu0.8.04.1 Ubuntu 8.10: thunderbird 2.0.0.19+nobinonly-0ubuntu0.8.10.1 After a standard system upgrade you need to restart Thunderbird to effect the necessary changes. Details follow: Several flaws were discovered in the browser engine. If a user had Javascript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. (CVE-2008-5500) Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. If a user had Javascript enabled, an attacker could exploit this to read data from other domains. (CVE-2008-5503) Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. When Javascript is enabled, it's possible that sensitive information could be revealed in the XMLHttpRequest response. (CVE-2008-5506) Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker may be able to steal a limited amount of private data. (CVE-2008-5507) Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. (CVE-2008-5508) Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. (CVE-2008-5510) Several flaws were discovered in the Javascript engine. If a user were tricked into opening a malicious website and had Javascript enabled, an attacker could exploit this to execute arbitrary Javascript code within the context of another website or with chrome privileges. (CVE-2008-5511, CVE-2008-5512)

=========================================================== Ubuntu Security Notice USN-703-1 January 06, 2009 xterm vulnerabilities CVE-2006-7236, CVE-2008-2383 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: xterm 208-3.1ubuntu3.1 Ubuntu 7.10: xterm 229-1ubuntu0.1 Ubuntu 8.04 LTS: xterm 229-1ubuntu1.1 Ubuntu 8.10: xterm 235-1ubuntu1.1 After a standard system upgrade you need to restart any running xterms to effect the necessary changes. Details follow: Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary commands with user privileges. (CVE-2006-7236, CVE-2008-2382)

=========================================================== Ubuntu Security Notice USN-702-1 January 05, 2009 samba vulnerability CVE-2009-0022 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: samba 2:3.2.3-1ubuntu3.4 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Gunter Höckel discovered that Samba with registry shares enabled did not properly validate share names. An authenticated user could gain access to the root filesystem by using an older version of smbclient and specifying an empty string as a share name. This is only an issue if registry shares are enabled on the server by setting "registry shares = yes", "include = registry", or "config backend = registry", which is not the default.

=========================================================== Ubuntu Security Notice USN-700-1 December 24, 2008 libarchive-tar-perl, perl vulnerabilities CVE-2007-4829, CVE-2008-1927, CVE-2008-5302, CVE-2008-5303 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libarchive-tar-perl 1.26-2ubuntu0.1 libperl5.8 5.8.7-10ubuntu1.2 Ubuntu 7.10: libarchive-tar-perl 1.31-1ubuntu0.1 libperl5.8 5.8.8-7ubuntu3.4 perl-modules 5.8.8-7ubuntu3.4 Ubuntu 8.04 LTS: libarchive-tar-perl 1.36-1ubuntu0.1 libperl5.8 5.8.8-12ubuntu0.3 perl-modules 5.8.8-12ubuntu0.3 Ubuntu 8.10: perl-modules 5.10.0-11.1ubuntu2.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Jonathan Smith discovered that the Archive::Tar Perl module did not correctly handle symlinks when extracting archives. If a user or automated system were tricked into opening a specially crafted tar file, a remote attacker could over-write arbitrary files. (CVE-2007-4829) Tavis Ormandy and Will Drewry discovered that Perl did not correctly handle certain utf8 characters in regular expressions. If a user or automated system were tricked into using a specially crafted expression, a remote attacker could crash the application, leading to a denial of service. Ubuntu 8.10 was not affected by this issue. (CVE-2008-1927) A race condition was discovered in the File::Path Perl module's rmtree function. If a local attacker successfully raced another user's call of rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06 and 8.10 were not affected by this issue. (CVE-2008-5302) A race condition was discovered in the File::Path Perl module's rmtree function. If a local attacker successfully raced another user's call of rmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected by this issue. (CVE-2008-5303)

=========================================================== Ubuntu Security Notice USN-677-2 December 23, 2008 openoffice.org-l10n update https://launchpad.net/bugs/310359 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: openoffice.org-l10n-af 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ar 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-as-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-be-by 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-bg 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-bn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-br 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-bs 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ca 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-common 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-cs 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-cy 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-da 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-de 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-dz 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-el 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-en-gb 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-en-za 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-eo 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-es 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-et 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-eu 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-fa 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-fi 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-fr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ga 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-gl 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-gu-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-he 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-hi-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-hr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-hu 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-it 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ja 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ka 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-km 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-kn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ko 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ku 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-lo 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-lt 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-lv 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-mk 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ml-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-mr-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-nb 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ne 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-nl 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-nn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-nr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ns 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-or-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-pa-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-pl 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-pt 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-pt-br 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ro 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ru 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-rw 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sk 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sl 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ss 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-st 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sv 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-sw 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ta-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-te-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-tg 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-th 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ti-er 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-tn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-tr 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ts 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-uk 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ur-in 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-uz 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-ve 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-vi 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-xh 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-zh-cn 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-zh-tw 1:2.4.1-1ubuntu2.1 openoffice.org-l10n-zu 1:2.4.1-1ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-677-1 fixed vulnerabilities in OpenOffice.org. The changes required that openoffice.org-l10n also be updated for the new version in Ubuntu 8.04 LTS. Original advisory details: Multiple memory overflow flaws were discovered in OpenOffice.org's handling of WMF and EMF files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges. (CVE-2008-2237, CVE-2008-2238) Dmitry E. Oboukhov discovered that senddoc, as included in OpenOffice.org, created temporary files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS. (CVE-2008-4937)

=========================================================== Ubuntu Security Notice USN-698-3 December 23, 2008 nagios2 vulnerabilities CVE-2008-5027, CVE-2008-5028 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: nagios2 2.11-1ubuntu1.4 After a standard system upgrade you need to restart Nagios to effect the necessary changes. Details follow: It was discovered that Nagios was vulnerable to a Cross-site request forgery (CSRF) vulnerability. If an authenticated nagios user were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands to be processed by Nagios and execute arbitrary programs. This update alters Nagios behaviour by disabling submission of CMD_CHANGE commands. (CVE-2008-5028) It was discovered that Nagios did not properly parse commands submitted using the web interface. An authenticated user could use a custom form or a browser addon to bypass security restrictions and submit unauthorized commands. (CVE-2008-5027)

=========================================================== Ubuntu Security Notice USN-699-1 December 22, 2008 blender vulnerabilities CVE-2008-1102, CVE-2008-4863 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: blender 2.41-1ubuntu4.1 After a standard system upgrade you need to restart Blender to effect the necessary changes. Details follow: It was discovered that Blender did not correctly handle certain malformed Radiance RGBE images. If a user were tricked into opening a .blend file containing a specially crafted Radiance RGBE image, an attacker could execute arbitrary code with the user's privileges. (CVE-2008-1102) It was discovered that Blender did not properly sanitize the Python search path. A local attacker could execute arbitrary code by inserting a specially crafted Python file in the Blender working directory. (CVE-2008-4863)

=========================================================== Ubuntu Security Notice USN-698-2 December 22, 2008 nagios3 vulnerabilities CVE-2008-5027, CVE-2008-5028 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: nagios3 3.0.2-1ubuntu1.1 After a standard system upgrade you need to restart Nagios to effect the necessary changes. Details follow: It was discovered that Nagios was vulnerable to a Cross-site request forgery (CSRF) vulnerability. If an authenticated nagios user were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands to be processed by Nagios and execute arbitrary programs. This update alters Nagios behaviour by disabling submission of CMD_CHANGE commands. (CVE-2008-5028) It was discovered that Nagios did not properly parse commands submitted using the web interface. An authenticated user could use a custom form or a browser addon to bypass security restrictions and submit unauthorized commands. (CVE-2008-5027)

=========================================================== Ubuntu Security Notice USN-698-1 December 22, 2008 nagios vulnerability CVE-2008-5027 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: nagios-common 2:1.3-cvs.20050402-8ubuntu8 After a standard system upgrade you need to restart Nagios to effect the necessary changes. Details follow: It was discovered that Nagios did not properly parse commands submitted using the web interface. An authenticated user could use a custom form or a browser addon to bypass security restrictions and submit unauthorized commands.