ubuntu-security-announce Digest, Vol 101, Issue 13

Send ubuntu-security-announce mailing list submissions to
ubuntu-security-announce@lists.ubuntu.com

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
or, via email, send a message with subject or body 'help' to
ubuntu-security-announce-request@lists.ubuntu.com

You can reach the person managing the list at
ubuntu-security-announce-owner@lists.ubuntu.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of ubuntu-security-announce digest..."


Today's Topics:

1. [USN-1746-1] Pidgin vulnerabilities (Marc Deslauriers)
2. [USN-1747-1] Transmission vulnerability (Marc Deslauriers)
3. [USN-1748-1] Thunderbird vulnerabilities (Jamie Strandboge)
4. [USN-1749-1] Linux kernel (Quantal HWE) vulnerability
(John Johansen)


----------------------------------------------------------------------

Message: 1
Date: Mon, 25 Feb 2013 09:27:02 -0500
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1746-1] Pidgin vulnerabilities
Message-ID: <512B74B6.4060404@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1746-1
February 25, 2013

pidgin vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in Pidgin.

Software Description:
- pidgin: graphical multi-protocol instant messaging client for X

Details:

Chris Wysopal discovered that Pidgin incorrectly handled file transfers in
the MXit protocol handler. A remote attacker could use this issue to create
or overwrite arbitrary files. This issue only affected Ubuntu 11.10,
Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2013-0271)

It was discovered that Pidgin incorrectly handled long HTTP headers in the
MXit protocol handler. A malicious remote server could use this issue to
execute arbitrary code. (CVE-2013-0272)

It was discovered that Pidgin incorrectly handled long user IDs in the
Sametime protocol handler. A malicious remote server could use this issue
to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-0273)

It was discovered that Pidgin incorrectly handled long strings when
processing UPnP responses. A remote attacker could use this issue to cause
Pidgin to crash, resulting in a denial of service. (CVE-2013-0274)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
libpurple0 1:2.10.6-0ubuntu2.2
pidgin 1:2.10.6-0ubuntu2.2

Ubuntu 12.04 LTS:
libpurple0 1:2.10.3-0ubuntu1.3
pidgin 1:2.10.3-0ubuntu1.3

Ubuntu 11.10:
libpurple0 1:2.10.0-0ubuntu2.2
pidgin 1:2.10.0-0ubuntu2.2

Ubuntu 10.04 LTS:
libpurple0 1:2.6.6-1ubuntu4.6
pidgin 1:2.6.6-1ubuntu4.6

After a standard system update you need to restart Pidgin to make all the
necessary changes.

References:
http://www.ubuntu.com/usn/usn-1746-1
CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274

Package Information:
https://launchpad.net/ubuntu/+source/pidgin/1:2.10.6-0ubuntu2.2
https://launchpad.net/ubuntu/+source/pidgin/1:2.10.3-0ubuntu1.3
https://launchpad.net/ubuntu/+source/pidgin/1:2.10.0-0ubuntu2.2
https://launchpad.net/ubuntu/+source/pidgin/1:2.6.6-1ubuntu4.6


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130225/806b171f/attachment-0001.pgp>

------------------------------

Message: 2
Date: Mon, 25 Feb 2013 10:15:08 -0500
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1747-1] Transmission vulnerability
Message-ID: <512B7FFC.509@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1747-1
February 25, 2013

transmission vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10

Summary:

Transmission could be made to crash or run programs if it received
specially crafted network traffic.

Software Description:
- transmission: lightweight BitTorrent client

Details:

It was discovered that Transmission incorrectly handled certain micro
transport protocol packets. A remote attacker could use this issue to cause
a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
transmission-common 2.61-0ubuntu2.2

Ubuntu 12.04 LTS:
transmission-common 2.51-0ubuntu1.3

Ubuntu 11.10:
transmission-common 2.33-0ubuntu2.1

After a standard system update you need to restart Transmission to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1747-1
CVE-2012-6129

Package Information:
https://launchpad.net/ubuntu/+source/transmission/2.61-0ubuntu2.2
https://launchpad.net/ubuntu/+source/transmission/2.51-0ubuntu1.3
https://launchpad.net/ubuntu/+source/transmission/2.33-0ubuntu2.1


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130225/0a58e827/attachment-0001.pgp>

------------------------------

Message: 3
Date: Mon, 25 Feb 2013 18:09:48 -0600
From: Jamie Strandboge <jamie@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1748-1] Thunderbird vulnerabilities
Message-ID: <512BFD4C.9060907@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"


==========================================================================
Ubuntu Security Notice USN-1748-1
February 25, 2013

thunderbird vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and
System Only Wrappers (SOW). If a user were tricked into opening a specially
crafted page and had scripting enabled, a remote attacker could exploit
this to bypass security protections to obtain sensitive information or
potentially execute code with the privileges of the user invoking
Thunderbird. (CVE-2013-0773)

Frederik Braun discovered that Thunderbird made the location of the active
browser profile available to JavaScript workers. Scripting for Thunderbird
is disabled by default in Ubuntu. (CVE-2013-0774)

A use-after-free vulnerability was discovered in Thunderbird. An attacker
could potentially exploit this to execute code with the privileges of the
user invoking Thunderbird if scripting were enabled. (CVE-2013-0775)

Michal Zalewski discovered that Thunderbird would not always show the
correct address when cancelling a proxy authentication prompt. A remote
attacker could exploit this to conduct URL spoofing and phishing attacks
if scripting were enabled.
(CVE-2013-0776)

Abhishek Arya discovered several problems related to memory handling. If
the user were tricked into opening a specially crafted page, an attacker
could possibly exploit these to cause a denial of service via application
crash, or potentially execute code with the privileges of the user invoking
Thunderbird. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780,
CVE-2013-0781, CVE-2013-0782)

Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight,
Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke
Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron
discovered multiple memory safety issues affecting Thunderbird. If a user
had scripting enabled and was tricked into opening a specially crafted
page, an attacker could possibly exploit these to cause a denial of service
via application crash. (CVE-2013-0783, CVE-2013-0784)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
thunderbird 17.0.3+build1-0ubuntu0.12.10.1

Ubuntu 12.04 LTS:
thunderbird 17.0.3+build1-0ubuntu0.12.04.1

Ubuntu 11.10:
thunderbird 17.0.3+build1-0ubuntu0.11.10.1

Ubuntu 10.04 LTS:
thunderbird 17.0.3+build1-0ubuntu0.10.04.1

After a standard system update you need to restart Thunderbird to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1748-1
CVE-2013-0773, CVE-2013-0774, CVE-2013-0775, CVE-2013-0776,
CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780,
CVE-2013-0781, CVE-2013-0782, CVE-2013-0783, CVE-2013-0784,
https://launchpad.net/bugs/1131110

Package Information:

https://launchpad.net/ubuntu/+source/thunderbird/17.0.3+build1-0ubuntu0.12.10.1

https://launchpad.net/ubuntu/+source/thunderbird/17.0.3+build1-0ubuntu0.12.04.1

https://launchpad.net/ubuntu/+source/thunderbird/17.0.3+build1-0ubuntu0.11.10.1

https://launchpad.net/ubuntu/+source/thunderbird/17.0.3+build1-0ubuntu0.10.04.1




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130225/59734b59/attachment-0001.pgp>

------------------------------

Message: 4
Date: Tue, 26 Feb 2013 01:19:31 -0800
From: John Johansen <john.johansen@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1749-1] Linux kernel (Quantal HWE) vulnerability
Message-ID: <512C7E23.9050801@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1749-1
February 26, 2013

linux-lts-quantal vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux-lts-quantal: Linux hardware enablement kernel from Quantal

Details:

Brad Spengler discovered a bounds checking error for netlink messages
requesting SOCK_DIAG_BY_FAMILY. An unprivileged local user could exploit
this flaw to crash the system or run programs as an administrator.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.5.0-25-generic 3.5.0-25.39~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1749-1
CVE-2013-1763

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-25.39~precise1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130226/90432693/attachment-0001.pgp>

------------------------------

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce


End of ubuntu-security-announce Digest, Vol 101, Issue 13
*********************************************************