ubuntu-security-announce Digest, Vol 104, Issue 13

Send ubuntu-security-announce mailing list submissions to
ubuntu-security-announce@lists.ubuntu.com

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
or, via email, send a message with subject or body 'help' to
ubuntu-security-announce-request@lists.ubuntu.com

You can reach the person managing the list at
ubuntu-security-announce-owner@lists.ubuntu.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of ubuntu-security-announce digest..."


Today's Topics:

1. [USN-1839-1] Linux kernel (OMAP4) vulnerabilities (John Johansen)
2. [USN-1841-1] Tomcat vulnerabilities (Marc Deslauriers)
3. [USN-1831-2] OpenStack Nova regression (Jamie Strandboge)


----------------------------------------------------------------------

Message: 1
Date: Tue, 28 May 2013 05:21:19 -0700
From: John Johansen <john.johansen@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1839-1] Linux kernel (OMAP4) vulnerabilities
Message-ID: <51A4A13F.5040800@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1839-1
May 28, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

A flaw was discovered in the Linux kernel's perf_events interface. A local
user could exploit this flaw to escalate privileges on the system.
(CVE-2013-2094)

Andy Lutomirski discover an error in the Linux kernel's credential handling
on unix sockets. A local user could exploit this flaw to gain
administrative privileges. (CVE-2013-1979)

A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet
driver for the Linux kernel. A local user could exploit this flaw to cause
a denial of service (crash the system) or potentially escalate privileges
on the system. (CVE-2013-1929)

A flaw was discovered in the Linux kernel's ftrace subsystem interface. A
local user could exploit this flaw to cause a denial of service (system
crash). (CVE-2013-3301)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1432-omap4 3.2.0-1432.41

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1839-1
CVE-2013-1929, CVE-2013-1979, CVE-2013-2094, CVE-2013-3301

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1432.41

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130528/33abb403/attachment-0001.pgp>

------------------------------

Message: 2
Date: Tue, 28 May 2013 13:28:29 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1841-1] Tomcat vulnerabilities
Message-ID: <51A4E93D.5040404@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1841-1
May 28, 2013

tomcat6, tomcat7 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in Tomcat.

Software Description:
- tomcat7: Servlet and JSP engine
- tomcat6: Servlet and JSP engine

Details:

It was discovered that Tomcat incorrectly handled certain requests
submitted using chunked transfer encoding. A remote attacker could use this
flaw to cause the Tomcat server to stop responding, resulting in a denial
of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS.
(CVE-2012-3544)

It was discovered that Tomcat incorrectly handled certain authentication
requests. A remote attacker could possibly use this flaw to inject a
request that would get executed with a victim's credentials. This issue
only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 12.10.
(CVE-2013-2067)

It was discovered that Tomcat sometimes exposed elements of a previous
request to the current request. This could allow a remote attacker to
possibly obtain sensitive information. This issue only affected Ubuntu
12.10 and Ubuntu 13.04. (CVE-2013-2071)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libtomcat7-java 7.0.35-1~exp2ubuntu1.1

Ubuntu 12.10:
libtomcat7-java 7.0.30-0ubuntu1.2

Ubuntu 12.04 LTS:
libtomcat6-java 6.0.35-1ubuntu3.3

Ubuntu 10.04 LTS:
libtomcat6-java 6.0.24-2ubuntu1.13

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1841-1
CVE-2012-3544, CVE-2013-2067, CVE-2013-2071

Package Information:
https://launchpad.net/ubuntu/+source/tomcat7/7.0.35-1~exp2ubuntu1.1
https://launchpad.net/ubuntu/+source/tomcat7/7.0.30-0ubuntu1.2
https://launchpad.net/ubuntu/+source/tomcat6/6.0.35-1ubuntu3.3
https://launchpad.net/ubuntu/+source/tomcat6/6.0.24-2ubuntu1.13


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130528/c929aa6d/attachment-0001.pgp>

------------------------------

Message: 3
Date: Tue, 28 May 2013 22:26:57 -0500
From: Jamie Strandboge <jamie@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1831-2] OpenStack Nova regression
Message-ID: <51A57581.2000604@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"


==========================================================================
Ubuntu Security Notice USN-1831-2
May 29, 2013

nova regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

USN-1831-1 introduced a regression in OpenStack Nova.

Software Description:
- nova: OpenStack Compute cloud infrastructure

Details:

USN-1831-1 fixed a vulnerability in OpenStack Nova. The upstream fix
introduced a regression where instances using uncached QCOW2 images would
fail to start. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Loganathan Parthipan discovered that Nova did not verify the size of QCOW2
instance storage. An authenticated attacker could exploit this to cause a
denial of service by creating an image with a large virtual size with
little data, then filling the virtual disk.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
python-nova 2012.2.3-0ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1831-2
http://www.ubuntu.com/usn/usn-1831-1
https://launchpad.net/bugs/1183606

Package Information:
https://launchpad.net/ubuntu/+source/nova/2012.2.3-0ubuntu2.2




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130528/d46e18bb/attachment-0001.pgp>

------------------------------

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce


End of ubuntu-security-announce Digest, Vol 104, Issue 13
*********************************************************