ubuntu-security-announce@lists.ubuntu.com
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
or, via email, send a message with subject or body 'help' to
ubuntu-security-announce-request@lists.ubuntu.com
You can reach the person managing the list at
ubuntu-security-announce-owner@lists.ubuntu.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of ubuntu-security-announce digest..."
Today's Topics:
1. [USN-607-1] Emacs vulnerabilities (Jamie Strandboge)
2. [USN-608-1] KDE vulnerability (Jamie Strandboge)
----------------------------------------------------------------------
Message: 1
Date: Tue, 6 May 2008 11:14:21 -0400
From: Jamie Strandboge <jamie@canonical.com>
Subject: [USN-607-1] Emacs vulnerabilities
To: ubuntu-security-announce@lists.ubuntu.com
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
Message-ID: <20080506151421.GE9973@severus.strandboge.com>
Content-Type: text/plain; charset="us-ascii"
===========================================================
Ubuntu Security Notice USN-607-1 May 06, 2008
emacs21, emacs22 vulnerabilities
CVE-2007-6109, CVE-2008-1694
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
emacs21 21.4a-3ubuntu2.2
emacs21-bin-common 21.4a-3ubuntu2.2
Ubuntu 7.04:
emacs21 21.4a+1-2ubuntu1.2
emacs21-bin-common 21.4a+1-2ubuntu1.2
Ubuntu 7.10:
emacs22 22.1-0ubuntu5.2
emacs22-bin-common 22.1-0ubuntu5.2
Ubuntu 8.04 LTS:
emacs22 22.1-0ubuntu10.1
emacs22-bin-common 22.1-0ubuntu10.1
After a standard system upgrade you need to restart Emacs to effect
the necessary changes.
Details follow:
It was discovered that Emacs did not account for precision when formatting
integers. If a user were tricked into opening a specially crafted file, an
attacker could cause a denial of service or possibly other unspecified
actions. This issue does not affect Ubuntu 8.04. (CVE-2007-6109)
Steve Grubb discovered that the vcdiff script as included in Emacs created
temporary files in an insecure way when used with SCCS. Local users could
exploit a race condition to create or overwrite files with the privileges
of the user invoking the program. (CVE-2008-1694)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a-3ubuntu2.2.diff.gz
Size/MD5: 157739 946b16848893bf736fb1da0a8770e9ba
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a-3ubuntu2.2.dsc
Size/MD5: 814 ec464365033a97498c78ec9f6979106f
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a.orig.tar.gz
Size/MD5: 18113820 0a85e242da6eb61f86fda5ad1c762d5a
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-common_21.4a-3ubuntu2.2_all.deb
Size/MD5: 10984844 c338884085363218ac30e8d0d4022993
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-el_21.4a-3ubuntu2.2_all.deb
Size/MD5: 7151940 423bad3f2c2ceaa31319d0b97afaf9df
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-bin-common_21.4a-3ubuntu2.2_amd64.deb
Size/MD5: 154374 5d61354109dd68f7296d4600610cd13b
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a-3ubuntu2.2_amd64.deb
Size/MD5: 2191840 10890e6791b1ffda1facfdda7354fb93
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a-3ubuntu2.2_amd64.deb
Size/MD5: 1968612 02d52138c72178288d0103fcb29051e8
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-bin-common_21.4a-3ubuntu2.2_i386.deb
Size/MD5: 133762 1c89f48c70d99c29bbe36b9e113ad98c
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a-3ubuntu2.2_i386.deb
Size/MD5: 1994054 8e98e72bf160439bfb36724754603e52
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a-3ubuntu2.2_i386.deb
Size/MD5: 1806468 22befdde9af7d77d3b5147e5413899a0
powerpc architecture (Apple Macintosh G3/G4/G5):
Size/MD5: 147418 7ac667687395fa1b6e6b9e782301c173
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a-3ubuntu2.2_powerpc.deb
Size/MD5: 2111284 94470d00abe98b8e65e6013efb92c697
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a-3ubuntu2.2_powerpc.deb
Size/MD5: 1899142 3d049ec836cc46287b719346d6798d22
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-bin-common_21.4a-3ubuntu2.2_sparc.deb
Size/MD5: 139796 cbb2d13d63ae8890fff481884f5b16fb
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a-3ubuntu2.2_sparc.deb
Size/MD5: 2105354 e282e9d6d16b7d5916cde2043553be88
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a-3ubuntu2.2_sparc.deb
Size/MD5: 1907722 438f989746a9cf9afd25749f4431910d
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1-2ubuntu1.2.diff.gz
Size/MD5: 182032 7dbc994b35d7e249f02c23574a6222f5
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1-2ubuntu1.2.dsc
Size/MD5: 1007 f496bb7ba0442fa58973ffb6e07c79ff
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1.orig.tar.gz
Size/MD5: 15188829 2614ad1ce5c547e682e76049717a704d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs-el_21.4a+1-2ubuntu1.2_all.deb
Size/MD5: 25012 846beb58383167398492846aad17b445
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs-nox_21.4a+1-2ubuntu1.2_all.deb
Size/MD5: 25040 f503dc2a82499be3eabeaa3ae0c66cca
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-common_21.4a+1-2ubuntu1.2_all.deb
Size/MD5: 9373840 4960dc0fa5ba2e6ce5ad34256cd5d786
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-el_21.4a+1-2ubuntu1.2_all.deb
Size/MD5: 7162852 8a22d316cc3698415fcac6dad1326aa9
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs_21.4a+1-2ubuntu1.2_all.deb
Size/MD5: 25084 b4d1717f3bde79665cb1ae80f90c5646
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
Size/MD5: 162980 935d8a528fe967af7e2a48c407e5751e
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-nox_21.4a+1-2ubuntu1.2_amd64.deb
Size/MD5: 1973830 68896a3aa3875885bea6c692165ec42e
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1-2ubuntu1.2_amd64.deb
Size/MD5: 2198768 5effe9175a52a43c8bcd8432b273c6a9
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-bin-common_21.4a+1-2ubuntu1.2_i386.deb
Size/MD5: 147062 78442b932ae2adbb184b588aeb7ee321
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-nox_21.4a+1-2ubuntu1.2_i386.deb
Size/MD5: 1828812 1a45ea1968364af7e437d7a108611692
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1-2ubuntu1.2_i386.deb
Size/MD5: 2024498 6f8fc2c6c9a8ec1b1d0ba026b63e0ea0
powerpc architecture (Apple Macintosh G3/G4/G5):
Size/MD5: 162752 974f92d52ae155389ef2c7e146a34baf
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-nox_21.4a+1-2ubuntu1.2_powerpc.deb
Size/MD5: 1908180 41cf3fdaf6bd2e31fa404cd86ac1f89f
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1-2ubuntu1.2_powerpc.deb
Size/MD5: 2121782 e710e02455b137e853dac65c6eaf4122
sparc architecture (Sun SPARC/UltraSPARC):
Size/MD5: 151940 3b041c2317ff0cbfcc6457e7ae6819fe
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21-nox_21.4a+1-2ubuntu1.2_sparc.deb
Size/MD5: 1917184 6b419c5868ea18644b5c0ba16716db64
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1-2ubuntu1.2_sparc.deb
Size/MD5: 2119882 b6aa7a76d4aa556e6819a4d8117d000e
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1.orig.tar.gz
Size/MD5: 15188829 2614ad1ce5c547e682e76049717a704d
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu5.2.diff.gz
Size/MD5: 33955 3db894a4e961efce52ad440148c90b53
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu5.2.dsc
Size/MD5: 1094 281f0f02fb23e62cb410e0e169ea2b96
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1.orig.tar.gz
Size/MD5: 38172226 6949df37caec2d7a2e0eee3f1b422726
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5ubuntu4.1.diff.gz
Size/MD5: 181948 df629d8ebfb4bbc312ab3ee9270b1e80
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5ubuntu4.1.dsc
Size/MD5: 1000 c338934e3105fa94ce2f2c2227dbd40f
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-common_22.1-0ubuntu5.2_all.deb
Size/MD5: 18578104 fa8fa3cb54a88780a8ef3d8eaa98d442
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-el_22.1-0ubuntu5.2_all.deb
Size/MD5: 11170978 f25ae521b3f1724a8d8843f295041cd4
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs_22.1-0ubuntu5.2_all.deb
Size/MD5: 4662 8dc7132e1a5af78b55215b84469ae1b9
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs-el_21.4a+1-5ubuntu4.1_all.deb
Size/MD5: 25592 afcbeb38b4cde8ddffa4db4ba018137a
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs-nox_21.4a+1-5ubuntu4.1_all.deb
Size/MD5: 25614 6afc7910cb880fa093cde307b5aab916
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-common_21.4a+1-5ubuntu4.1_all.deb
Size/MD5: 9355778 046bb2dff26cfbbd912137e45315b4fe
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-el_21.4a+1-5ubuntu4.1_all.deb
Size/MD5: 7163432 18a14bfd72666b02b1439e41dd2cc5fe
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu5.2_amd64.deb
Size/MD5: 180050 08b02722b453893ff89555b49f146344
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu5.2_amd64.deb
Size/MD5: 1933346 4dc94ff16af6848286ca78d0d777cc15
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu5.2_amd64.deb
Size/MD5: 2216240 965f4ba15123628f05bbd9a781586f72
Size/MD5: 164266 97c5f7b186775ad98ddca27121ad76e4
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5ubuntu4.1_amd64.deb
Size/MD5: 1972818 01b4f374bad7c15bb0aa1169d6476565
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5ubuntu4.1_amd64.deb
Size/MD5: 2197742 dd2000356b850add7e504c854ccdc930
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu5.2_amd64.deb
Size/MD5: 2209380 ebb403f937b46113b9e072bbece6232f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu5.2_i386.deb
Size/MD5: 161270 895662aa8516e918feb7cfd8ba7d7929
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu5.2_i386.deb
Size/MD5: 1705248 127802e7138ece17cc0da68197cbd889
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu5.2_i386.deb
Size/MD5: 1953870 58a1ad70cb90985b2b50bcf4b0e7bb25
Size/MD5: 147652 82655002b952bee4bab7e10cedc2fc05
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5ubuntu4.1_i386.deb
Size/MD5: 1831036 358940c65329d729c7c88aba8e557d5e
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5ubuntu4.1_i386.deb
Size/MD5: 2027284 f757ebb6f7355664e36b7fb9a304cb28
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu5.2_i386.deb
Size/MD5: 1946476 b708446eb850c267a232b1d11d2df6c8
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu5.2_lpia.deb
Size/MD5: 162384 20164f227a88dc1f674385d9ab9bf650
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu5.2_lpia.deb
Size/MD5: 1718994 6ac9e1196af78692572fe28e8a4f6584
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22_22.1-0ubuntu5.2_lpia.deb
Size/MD5: 1970856 02e37f952e944e164760709e44b20312
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21-bin-common_21.4a+1-5ubuntu4.1_lpia.deb
Size/MD5: 148560 e81745b0ef447a0b95196e7958f7456a
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5ubuntu4.1_lpia.deb
Size/MD5: 1846066 00d803f9891f92bbb7ac2771099ec78a
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21_21.4a+1-5ubuntu4.1_lpia.deb
Size/MD5: 2036426 dcb466ff09e7e0ef13eabded0c7c59fa
http://ports.ubuntu.com/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu5.2_lpia.deb
Size/MD5: 1962770 608c5f496324545fb1dbb96a11edb817
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu5.2_powerpc.deb
Size/MD5: 179312 16bd166a523c10300ffadea8fb0302ed
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu5.2_powerpc.deb
Size/MD5: 1845026 b50e97c67194fe0b2756c2c3831a2191
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu5.2_powerpc.deb
Size/MD5: 2117768 f7f1fc05438d2ba2e553b27dec94253d
Size/MD5: 163306 cc5c808c12fd48433ff1fd75f33840f9
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5ubuntu4.1_powerpc.deb
Size/MD5: 1908562 c68bc284d0084f75d91b3a7d0bcec45d
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5ubuntu4.1_powerpc.deb
Size/MD5: 2122156 1dc3ca8336cab94a7b7f724be634ebe4
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu5.2_powerpc.deb
Size/MD5: 2108420 7ce47e4b11e3c7f0af094a7e3ee08015
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu5.2_sparc.deb
Size/MD5: 166486 34a2374b79585601adf058addc31bb90
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu5.2_sparc.deb
Size/MD5: 1802902 20d1a5041bc7e43e2a2f7793a893359b
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu5.2_sparc.deb
Size/MD5: 2053844 59dcd16e0e91cf80fdfe67aeedd9a940
Size/MD5: 152614 2c546d2dce59dca71bd6f1b9818c3718
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5ubuntu4.1_sparc.deb
Size/MD5: 1920256 fa78407a112a7673fd1e6acab2de93fe
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5ubuntu4.1_sparc.deb
Size/MD5: 2122038 be417b5fa07951eada2bceea860e2c86
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu5.2_sparc.deb
Size/MD5: 2048900 96f3c49d235eb2c9ed69f91515a2976c
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/e/emacs21/emacs21_21.4a+1.orig.tar.gz
Size/MD5: 15188829 2614ad1ce5c547e682e76049717a704d
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu10.1.diff.gz
Size/MD5: 37055 a1293448ed4edb74a2c8a47bccd9172d
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu10.1.dsc
Size/MD5: 1075 934dc84b6c1c06132bd8f362ddcfdbae
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1.orig.tar.gz
Size/MD5: 38172226 6949df37caec2d7a2e0eee3f1b422726
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5.3ubuntu1.1.diff.gz
Size/MD5: 182122 2b0d09d9fc5ae17066aaca5d05b386ed
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5.3ubuntu1.1.dsc
Size/MD5: 980 890a6b7a2e18c5bca00ed9148c0524b5
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-common_22.1-0ubuntu10.1_all.deb
Size/MD5: 18579926 5a0727f7f5f6cf739e230547355a6a2b
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-el_22.1-0ubuntu10.1_all.deb
Size/MD5: 11172898 39e69e0859296315d56fc6a0564bb68d
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs_22.1-0ubuntu10.1_all.deb
Size/MD5: 6338 7ba9bcf755b8895cb2ef0dfafb303e1f
Size/MD5: 9355700 8d9efeb92b38c561adf4dba0e1ab9d2a
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-el_21.4a+1-5.3ubuntu1.1_all.deb
Size/MD5: 7163792 7a100ced5d59d0d3b389da7c8d59e92e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu10.1_amd64.deb
Size/MD5: 181710 a54d1b2b9accff76f0cfb1733db1b80d
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu10.1_amd64.deb
Size/MD5: 1934920 24305ac286e360ab265d8d361500d6d6
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu10.1_amd64.deb
Size/MD5: 2216432 70aa5501e74dc25c9b7cae12eedd7f28
Size/MD5: 164366 ebb6b1ebcc992aba7f8bc4fb1263239c
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5.3ubuntu1.1_amd64.deb
Size/MD5: 1972700 969f65c47809cc8f370fe36f8371bb39
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5.3ubuntu1.1_amd64.deb
Size/MD5: 2196686 efd1f492d2530da2a6c2b573bb7e7b02
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu10.1_amd64.deb
Size/MD5: 2209108 965de6dc3033614ca8990328fb8957ab
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu10.1_i386.deb
Size/MD5: 163354 f33d8936e77bc4312773510d3153c8eb
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu10.1_i386.deb
Size/MD5: 1709606 929a01783326e1551fe32df05f2fed4e
http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubuntu10.1_i386.deb
Size/MD5: 1957028 a369723c26ec3449c4d5099179fb9939
Size/MD5: 148094 99ce11408d8f977bb43bd02fcac061c3
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5.3ubuntu1.1_i386.deb
Size/MD5: 1832082 6e1b5c05a2cda7aac65724e32486c832
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs21/emacs21_21.4a+1-5.3ubuntu1.1_i386.deb
Size/MD5: 2024278 31a31e0a4fed1fff7f931360be5b3352
http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu10.1_i386.deb
Size/MD5: 1950278 2d120a7f64c9a60cc8810588625776fe
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu10.1_lpia.deb
Size/MD5: 164116 dfb69e65a51fef756bcc604cc42fe5b1
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu10.1_lpia.deb
Size/MD5: 1720572 31373baf94bed1ec92c56d73c7e79ec0
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22_22.1-0ubuntu10.1_lpia.deb
Size/MD5: 1971640 a395c7e86624d06ec16200f774c82e98
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21-bin-common_21.4a+1-5.3ubuntu1.1_lpia.deb
Size/MD5: 148900 1d1cf78df8764e4746beac04234dc01f
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5.3ubuntu1.1_lpia.deb
Size/MD5: 1844006 0fdc3fc157627e97e7b6febb3b70e708
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21_21.4a+1-5.3ubuntu1.1_lpia.deb
Size/MD5: 2039920 c44db3af3800b4397d26917b3394e151
http://ports.ubuntu.com/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu10.1_lpia.deb
Size/MD5: 1965790 1e2f57c4f5bcf7e3f647d2a953ebb229
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu10.1_powerpc.deb
Size/MD5: 180528 239a92d572afc2f0b7432f0c0a05667d
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu10.1_powerpc.deb
Size/MD5: 1849526 03ef87e4967176fbda166824bac88ab1
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22_22.1-0ubuntu10.1_powerpc.deb
Size/MD5: 2125440 d4e86de9c1d6a225fabdc64007beac5a
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21-bin-common_21.4a+1-5.3ubuntu1.1_powerpc.deb
Size/MD5: 164506 7fcbf512ad1ead6cf8d66be9ac9bbe36
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5.3ubuntu1.1_powerpc.deb
Size/MD5: 1906276 f81249c3b1cf5b153d58fea7826cd18c
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21_21.4a+1-5.3ubuntu1.1_powerpc.deb
Size/MD5: 2126438 7d3a67c2d26aef5b193c1d4d75f6f97c
http://ports.ubuntu.com/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu10.1_powerpc.deb
Size/MD5: 2115248 a12e8a1965c743a46dfbfe4e18dcecc3
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22-bin-common_22.1-0ubuntu10.1_sparc.deb
Size/MD5: 168794 65ed7d6e68cdcb2412fde7c64c3de100
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22-nox_22.1-0ubuntu10.1_sparc.deb
Size/MD5: 1800482 e7069e07b891fdd40c489ea9c672ec6f
http://ports.ubuntu.com/pool/main/e/emacs22/emacs22_22.1-0ubuntu10.1_sparc.deb
Size/MD5: 2054446 848ac5bfd52832662956327c9b0aa392
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21-bin-common_21.4a+1-5.3ubuntu1.1_sparc.deb
Size/MD5: 153318 646dfb28a5253490165e4a8386f69b15
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21-nox_21.4a+1-5.3ubuntu1.1_sparc.deb
Size/MD5: 1915094 ce5bb01dd25d76a4e5dfaca1866d712a
http://ports.ubuntu.com/pool/universe/e/emacs21/emacs21_21.4a+1-5.3ubuntu1.1_sparc.deb
Size/MD5: 2117952 397564c6ad4c592ec5ce60e77bc02384
http://ports.ubuntu.com/pool/universe/e/emacs22/emacs22-gtk_22.1-0ubuntu10.1_sparc.deb
Size/MD5: 2046982 08f5a0173fee18a96b8ad8c052d07759
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20080506/3b8fc116/attachment.pgp
------------------------------
Message: 2
Date: Tue, 6 May 2008 11:23:48 -0400
From: Jamie Strandboge <jamie@canonical.com>
Subject: [USN-608-1] KDE vulnerability
To: ubuntu-security-announce@lists.ubuntu.com
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
Message-ID: <20080506152348.GF9973@severus.strandboge.com>
Content-Type: text/plain; charset="us-ascii"
===========================================================
Ubuntu Security Notice USN-608-1 May 06, 2008
kdelibs vulnerability
CVE-2008-1671
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 7.04:
kdelibs4c2a 4:3.5.6-0ubuntu14.3
Ubuntu 7.10:
kdelibs4c2a 4:3.5.8-0ubuntu3.4
Ubuntu 8.04 LTS:
kdelibs4c2a 4:3.5.9-0ubuntu7.1
After a standard system upgrade you need to restart your session to effect
the necessary changes.
Details follow:
It was discovered that start_kdeinit in KDE 3 did not properly sanitize
its input. A local attacker could exploit this to send signals to other
processes and cause a denial of service or possibly execute arbitrary
code. (CVE-2008-1671)
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.6-0ubuntu14.3.diff.gz
Size/MD5: 596652 da418b8ebaea51f42461f776e0c5cecb
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.6-0ubuntu14.3.dsc
Size/MD5: 1747 90107fcd45e14254c866ca01c1ccf2b9
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.6.orig.tar.gz
Size/MD5: 18823660 4be0bd486cc5ea3986118217c3b75d25
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.6-0ubuntu14.3_all.deb
Size/MD5: 7218696 d5188fa869e0ec05440976976ddf8382
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.6-0ubuntu14.3_all.deb
Size/MD5: 33827090 66cf487c04f08459e4559b1ad97db922
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.6-0ubuntu14.3_all.deb
Size/MD5: 41262 58a69eac46fb2389d8cd90fc7fa402d1
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.6-0ubuntu14.3_amd64.deb
Size/MD5: 27211714 40842a00f20980ac0f9e9f8c9a49a092
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.6-0ubuntu14.3_amd64.deb
Size/MD5: 1350066 5ad6640f0a932e1fd4aa98df7a2a58ea
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.6-0ubuntu14.3_amd64.deb
Size/MD5: 10828872 1cb1b281f9ba98283f5f93edb797a765
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.6-0ubuntu14.3_i386.deb
Size/MD5: 26370110 87c6e79f57d8d8a7b432d6011ae80be7
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.6-0ubuntu14.3_i386.deb
Size/MD5: 1347678 0587b24a11d7359aa187d37b4b8e16e4
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.6-0ubuntu14.3_i386.deb
Size/MD5: 9972814 54f2982fc3a1b4ecc33f0142d0d02b53
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.6-0ubuntu14.3_powerpc.deb
Size/MD5: 28173368 6e52368c014995a4be1cf33a523dd160
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.6-0ubuntu14.3_powerpc.deb
Size/MD5: 1354748 c982967dde2fba411c81da8e1e062398
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.6-0ubuntu14.3_powerpc.deb
Size/MD5: 10774716 51cd73160ef71b65ae0f3dd975abee44
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.6-0ubuntu14.3_sparc.deb
Size/MD5: 25522584 5795173c783689033dbc6a41727144b5
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.6-0ubuntu14.3_sparc.deb
Size/MD5: 1348548 9600053681008605d22af3a1d930ede3
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.6-0ubuntu14.3_sparc.deb
Size/MD5: 9931936 321b1bfad1c7fa5c33f0b6db691fdb26
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.8-0ubuntu3.4.diff.gz
Size/MD5: 562869 167178a97e02d8284ab306dcc6c1db17
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.8-0ubuntu3.4.dsc
Size/MD5: 1797 333e99dcdf32fa56e49d4532e4095694
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.8.orig.tar.gz
Size/MD5: 18552571 246f21901251fca7f1290c2e8697b64d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.8-0ubuntu3.4_all.deb
Size/MD5: 7295362 22d25cfab5c194e2002b1e12c17f3271
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.8-0ubuntu3.4_all.deb
Size/MD5: 36363404 937ee42c1f472184deefe8591da3ebc4
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.8-0ubuntu3.4_all.deb
Size/MD5: 44300 23cfbaeb24d0703f74efc214c55ca018
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_amd64.deb
Size/MD5: 27037238 890e850434a5c83a8ffd5d8f1321e7b8
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_amd64.deb
Size/MD5: 1355352 27c69e27af8839177f322f362921be01
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_amd64.deb
Size/MD5: 10895934 fa2a495af30f4077793cb6b1d983f1f3
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_i386.deb
Size/MD5: 26294976 dca366a3de0d93df15bea161bc7f121a
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_i386.deb
Size/MD5: 1352930 c6946be5c01838ab2606c493a16c92eb
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_i386.deb
Size/MD5: 10004352 879659b72e7c3cfdfb36fb8063ea11b3
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_lpia.deb
Size/MD5: 40346126 6498e55b6560d425e9e7b2e9065e7fd6
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_lpia.deb
Size/MD5: 1353772 6057fc6e610970d160eceed72e8cb970
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_lpia.deb
Size/MD5: 9905502 ac9c42d11345430248999837020e9dc4
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_powerpc.deb
Size/MD5: 28042230 7f46ada529d1913d4c545df6fa6d7d54
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_powerpc.deb
Size/MD5: 1359658 cb8ade67cf281e44d1842a4d52ab0575
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_powerpc.deb
Size/MD5: 10816596 df76e127f64c04b93a19c03168bd93d9
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.8-0ubuntu3.4_sparc.deb
Size/MD5: 25383262 2a9f223f12ddda70f2cf210b775854a0
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.8-0ubuntu3.4_sparc.deb
Size/MD5: 1353852 8924dcf22920ef3b46adbc65b6436f77
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.8-0ubuntu3.4_sparc.deb
Size/MD5: 9973226 2ebcdefa51de504c924a8d86515e600f
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.9-0ubuntu7.1.diff.gz
Size/MD5: 695602 7d45c0a647c19779f032b97758fa64c4
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.9-0ubuntu7.1.dsc
Size/MD5: 1703 f181223540bca62ef4192cb80ab8dd46
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.9.orig.tar.gz
Size/MD5: 18570047 ffac2da24f43637276a284c8da684ccc
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-data_3.5.9-0ubuntu7.1_all.deb
Size/MD5: 7307834 fdfb3247eb3cad27f49eb20708033729
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-doc_3.5.9-0ubuntu7.1_all.deb
Size/MD5: 25540382 8f906f8192fa3a80b777b855ddd910e5
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs_3.5.9-0ubuntu7.1_all.deb
Size/MD5: 9312 b0018dc14f4e31858895280bfc223909
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_amd64.deb
Size/MD5: 26750120 ea385c6af643cdca0ad1d7573054423f
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_amd64.deb
Size/MD5: 1381478 9d5caa2e345c82e1f7e6885eb32774d3
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_amd64.deb
Size/MD5: 10652212 bb1f2ece3e729cf6562ffc7496056b5f
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_i386.deb
Size/MD5: 25982116 f284da4dc57ab5daf02233c691ba7d99
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_i386.deb
Size/MD5: 1409928 361548471006854a4c8f183838278733
http://security.ubuntu.com/ubuntu/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_i386.deb
Size/MD5: 9616092 03f7a235870a008c0d89d23b4b358bdb
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_lpia.deb
Size/MD5: 25957868 77394437a4c8afa62da7e64c4b45600f
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_lpia.deb
Size/MD5: 1375846 a3badfd278dc41e1be1fbf9d471da7a0
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_lpia.deb
Size/MD5: 9638718 2619cab676a8d46456df859438eeb224
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_powerpc.deb
Size/MD5: 27652968 41cc7dd3c95ce9a6a1710f224297cbc8
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_powerpc.deb
Size/MD5: 1393426 0a7671afcb122ef75322c23b49cd851e
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_powerpc.deb
Size/MD5: 10452110 a32f2bc6e51ab35bb6b3ff1eae5ba152
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs-dbg_3.5.9-0ubuntu7.1_sparc.deb
Size/MD5: 25015618 66237ba3bfdaf94c33fd22427142028c
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4-dev_3.5.9-0ubuntu7.1_sparc.deb
Size/MD5: 1376442 143bdcfb35b27ac8471cd3147fde0415
http://ports.ubuntu.com/pool/main/k/kdelibs/kdelibs4c2a_3.5.9-0ubuntu7.1_sparc.deb
Size/MD5: 9585790 68f8c46133112ac8f8928bfb1bb376c8
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20080506/4c3033e2/attachment.pgp
------------------------------
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
End of ubuntu-security-announce Digest, Vol 44, Issue 2
*******************************************************
No comments:
Post a Comment