ubuntu-security-announce Digest, Vol 96, Issue 4

Send ubuntu-security-announce mailing list submissions to
ubuntu-security-announce@lists.ubuntu.com

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
or, via email, send a message with subject or body 'help' to
ubuntu-security-announce-request@lists.ubuntu.com

You can reach the person managing the list at
ubuntu-security-announce-owner@lists.ubuntu.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of ubuntu-security-announce digest..."


Today's Topics:

1. [USN-1559-1] GIMP vulnerabilities (Marc Deslauriers)
2. [USN-1560-1] Django vulnerabilities (Marc Deslauriers)
3. [USN-1561-1] ubiquity-slideshow-ubuntu vulnerability
(Marc Deslauriers)
4. [USN-1527-2] XML-RPC for C and C++ vulnerabilities (Tyler Hicks)
5. [USN-1562-1] Linux kernel (Natty backport) vulnerability
(John Johansen)
6. [USN-1563-1] Linux kernel (Oneiric backport) vulnerability
(John Johansen)


----------------------------------------------------------------------

Message: 1
Date: Mon, 10 Sep 2012 09:12:25 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1559-1] GIMP vulnerabilities
Message-ID: <1347282745.3414.173.camel@mdlinux>
Content-Type: text/plain; charset="utf-8"

==========================================================================
Ubuntu Security Notice USN-1559-1
September 10, 2012

gimp vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS

Summary:

GIMP could be made to crash or run programs as your login if it opened a
specially crafted file.

Software Description:
- gimp: The GNU Image Manipulation Program

Details:

Joseph Sheridan discovered that GIMP incorrectly handled certain malformed
headers in FIT files. If a user were tricked into opening a specially
crafted FIT image file, an attacker could cause GIMP to crash.
(CVE-2012-3236)

Murray McAllister discovered that GIMP incorrectly handled malformed KiSS
palette files. If a user were tricked into opening a specially crafted KiSS
palette file, an attacker could cause GIMP to crash, or possibly execute
arbitrary code with the user's privileges. (CVE-2012-3403)

Matthias Weckbecker discovered that GIMP incorrectly handled malformed GIF
image files. If a user were tricked into opening a specially crafted GIF
image file, an attacker could cause GIMP to crash, or possibly execute
arbitrary code with the user's privileges. (CVE-2012-3481)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
gimp 2.6.12-1ubuntu1.1

Ubuntu 11.10:
gimp 2.6.11-2ubuntu4.1

Ubuntu 11.04:
gimp 2.6.11-1ubuntu6.3

Ubuntu 10.04 LTS:
gimp 2.6.8-2ubuntu1.5

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1559-1
CVE-2012-3236, CVE-2012-3403, CVE-2012-3481

Package Information:
https://launchpad.net/ubuntu/+source/gimp/2.6.12-1ubuntu1.1
https://launchpad.net/ubuntu/+source/gimp/2.6.11-2ubuntu4.1
https://launchpad.net/ubuntu/+source/gimp/2.6.11-1ubuntu6.3
https://launchpad.net/ubuntu/+source/gimp/2.6.8-2ubuntu1.5


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20120910/a6d70f0f/attachment-0001.pgp>

------------------------------

Message: 2
Date: Mon, 10 Sep 2012 09:12:48 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1560-1] Django vulnerabilities
Message-ID: <1347282768.3414.174.camel@mdlinux>
Content-Type: text/plain; charset="utf-8"

==========================================================================
Ubuntu Security Notice USN-1560-1
September 10, 2012

python-django vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS

Summary:

Applications using Django could be made to crash or expose sensitive
information.

Software Description:
- python-django: High-level Python web development framework

Details:

It was discovered that Django incorrectly validated the scheme of a
redirect target. If a user were tricked into opening a specially crafted
URL, an attacker could possibly exploit this to conduct cross-site
scripting (XSS) attacks. (CVE-2012-3442)

It was discovered that Django incorrectly handled validating certain
images. A remote attacker could use this flaw to cause the server to
consume memory, leading to a denial of service. (CVE-2012-3443)

Jeroen Dekkers discovered that Django incorrectly handled certain image
dimensions. A remote attacker could use this flaw to cause the server to
consume resources, leading to a denial of service. (CVE-2012-3444)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
python-django 1.3.1-4ubuntu1.2

Ubuntu 11.10:
python-django 1.3-2ubuntu1.3

Ubuntu 11.04:
python-django 1.2.5-1ubuntu1.2

Ubuntu 10.04 LTS:
python-django 1.1.1-2ubuntu1.5

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1560-1
CVE-2012-3442, CVE-2012-3443, CVE-2012-3444

Package Information:
https://launchpad.net/ubuntu/+source/python-django/1.3.1-4ubuntu1.2
https://launchpad.net/ubuntu/+source/python-django/1.3-2ubuntu1.3
https://launchpad.net/ubuntu/+source/python-django/1.2.5-1ubuntu1.2
https://launchpad.net/ubuntu/+source/python-django/1.1.1-2ubuntu1.5


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20120910/6259f604/attachment-0001.pgp>

------------------------------

Message: 3
Date: Mon, 10 Sep 2012 09:59:14 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1561-1] ubiquity-slideshow-ubuntu vulnerability
Message-ID: <1347285554.3414.179.camel@mdlinux>
Content-Type: text/plain; charset="utf-8"

==========================================================================
Ubuntu Security Notice USN-1561-1
September 10, 2012

ubiquity-slideshow-ubuntu vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

ubiquity-slideshow-ubuntu would allow unintended access to files over the
network during system installation.

Software Description:
- ubiquity-slideshow-ubuntu: Ubiquity slideshow for Ubuntu

Details:

Paul Mutton discovered that ubiquity-slideshow-ubuntu incorrectly handled
the Twitter feed displayed during system installation. A remote attacker
could use this flaw to inject code into the Twitter feed and read arbitrary
files off the filesystem during system installation. This flaw has been
resolved in the Ubuntu 12.04.1 LTS installation images by disabling the
Twitter feed.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
ubiquity-slideshow-ubuntu 58.2

Use of the Ubuntu 12.04.1 LTS installation images is required to resolve
this issue.

References:
http://www.ubuntu.com/usn/usn-1561-1
CVE-2012-0956

Package Information:
https://launchpad.net/ubuntu/+source/ubiquity-slideshow-ubuntu/58.2


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20120910/92462133/attachment-0001.pgp>

------------------------------

Message: 4
Date: Mon, 10 Sep 2012 14:43:58 -0700
From: Tyler Hicks <tyhicks@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1527-2] XML-RPC for C and C++ vulnerabilities
Message-ID: <20120910214357.GC3873@boyd>
Content-Type: text/plain; charset="us-ascii"

==========================================================================
Ubuntu Security Notice USN-1527-2
September 10, 2012

xmlrpc-c vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS

Summary:

XML-RPC for C and C++ could be made to cause a denial of service by consuming
excessive CPU and memory resources.

Software Description:
- xmlrpc-c: Lightweight RPC library based on XML and HTTP

Details:

USN-1527-1 fixed vulnerabilities in Expat. This update provides the
corresponding updates for XML-RPC for C and C++. Both issues described in the
original advisory affected XML-RPC for C and C++ in Ubuntu 10.04 LTS, 11.04,
11.10 and 12.04 LTS.

Original advisory details:

It was discovered that Expat computed hash values without restricting the
ability to trigger hash collisions predictably. If a user or application
linked against Expat were tricked into opening a crafted XML file, an attacker
could cause a denial of service by consuming excessive CPU resources.
(CVE-2012-0876)

Tim Boddy discovered that Expat did not properly handle memory reallocation
when processing XML files. If a user or application linked against Expat were
tricked into opening a crafted XML file, an attacker could cause a denial of
service by consuming excessive memory resources. This issue only affected
Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. (CVE-2012-1148)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
libxmlrpc-core-c3 1.16.33-3.1ubuntu5.1

Ubuntu 11.10:
libxmlrpc-core-c3-0 1.16.32-0ubuntu4.1

Ubuntu 11.04:
libxmlrpc-core-c3-0 1.16.32-0ubuntu3.1

Ubuntu 10.04 LTS:
libxmlrpc-core-c3 1.06.27-1ubuntu7.1

After a standard system upgrade you need to restart any applications linked
against XML-RPC for C and C++ to effect the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1527-2
http://www.ubuntu.com/usn/usn-1527-1
CVE-2012-0876, CVE-2012-1148

Package Information:
https://launchpad.net/ubuntu/+source/xmlrpc-c/1.16.33-3.1ubuntu5.1
https://launchpad.net/ubuntu/+source/xmlrpc-c/1.16.32-0ubuntu4.1
https://launchpad.net/ubuntu/+source/xmlrpc-c/1.16.32-0ubuntu3.1
https://launchpad.net/ubuntu/+source/xmlrpc-c/1.06.27-1ubuntu7.1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20120910/2293a09d/attachment-0001.pgp>

------------------------------

Message: 5
Date: Mon, 10 Sep 2012 14:57:50 -0700
From: John Johansen <john.johansen@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1562-1] Linux kernel (Natty backport) vulnerability
Message-ID: <504E625E.7070404@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1562-1
September 10, 2012

linux-lts-backport-natty vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

The system could be made to crash under certain conditions.

Software Description:
- linux-lts-backport-natty: Linux kernel backport from Natty

Details:

Some errors where discovered in the Linux kernel's UDF file system, which
is used to mount some CD-ROMs and DVDs. An unprivileged local user could
use these flaws to crash the system.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.38-15-generic 2.6.38-15.66~lucid1
linux-image-2.6.38-15-generic-pae 2.6.38-15.66~lucid1
linux-image-2.6.38-15-server 2.6.38-15.66~lucid1
linux-image-2.6.38-15-virtual 2.6.38-15.66~lucid1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1562-1
CVE-2012-3400

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-backport-natty/2.6.38-15.66~lucid1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20120910/93620c6c/attachment-0001.pgp>

------------------------------

Message: 6
Date: Mon, 10 Sep 2012 15:06:54 -0700
From: John Johansen <john.johansen@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1563-1] Linux kernel (Oneiric backport) vulnerability
Message-ID: <504E647E.7060108@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1563-1
September 10, 2012

linux-lts-backport-oneiric vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

The system could be made to crash under certain conditions.

Software Description:
- linux-lts-backport-oneiric: Linux kernel backport from Oneiric

Details:

A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS)
protocol implementation. A local, unprivileged user could use this flaw to
cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-3.0.0-25-generic 3.0.0-25.41~lucid1
linux-image-3.0.0-25-generic-pae 3.0.0-25.41~lucid1
linux-image-3.0.0-25-server 3.0.0-25.41~lucid1
linux-image-3.0.0-25-virtual 3.0.0-25.41~lucid1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1563-1
CVE-2012-2372

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-backport-oneiric/3.0.0-25.41~lucid1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20120910/aa917961/attachment.pgp>

------------------------------

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce


End of ubuntu-security-announce Digest, Vol 96, Issue 4
*******************************************************