News

Wednesday, June 05, 2013

ubuntu-security-announce Digest, Vol 105, Issue 3

Send ubuntu-security-announce mailing list submissions to
ubuntu-security-announce@lists.ubuntu.com

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
or, via email, send a message with subject or body 'help' to
ubuntu-security-announce-request@lists.ubuntu.com

You can reach the person managing the list at
ubuntu-security-announce-owner@lists.ubuntu.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of ubuntu-security-announce digest..."


Today's Topics:

1. [USN-1853-1] libfs vulnerability (Marc Deslauriers)
2. [USN-1857-1] libxext vulnerability (Marc Deslauriers)
3. [USN-1860-1] libxinerama vulnerability (Marc Deslauriers)
4. [USN-1861-1] libxp vulnerability (Marc Deslauriers)
5. [USN-1854-1] libx11 vulnerabilities (Marc Deslauriers)
6. [USN-1858-1] libxfixes vulnerability (Marc Deslauriers)


----------------------------------------------------------------------

Message: 1
Date: Wed, 05 Jun 2013 14:25:49 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1853-1] libfs vulnerability
Message-ID: <51AF82AD.8000507@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1853-1
June 05, 2013

libfs vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in libfs.

Software Description:
- libfs: X11 Font Services library

Details:

Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libfs6 2:1.0.4-1ubuntu0.13.04.1

Ubuntu 12.10:
libfs6 2:1.0.4-1ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libfs6 2:1.0.3-1ubuntu0.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1853-1
CVE-2013-1996

Package Information:
https://launchpad.net/ubuntu/+source/libfs/2:1.0.4-1ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libfs/2:1.0.4-1ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libfs/2:1.0.3-1ubuntu0.1


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/23412aaf/attachment.pgp>

------------------------------

Message: 2
Date: Wed, 05 Jun 2013 14:27:15 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1857-1] libxext vulnerability
Message-ID: <51AF8303.4050605@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1857-1
June 05, 2013

libxext vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in libxext.

Software Description:
- libxext: X11 miscellaneous extensions library

Details:

Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libxext6 2:1.3.1-2ubuntu0.13.04.1

Ubuntu 12.10:
libxext6 2:1.3.1-2ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libxext6 2:1.3.0-3ubuntu0.1

Ubuntu 10.04 LTS:
libxext6 2:1.1.1-2ubuntu0.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1857-1
CVE-2013-1982

Package Information:
https://launchpad.net/ubuntu/+source/libxext/2:1.3.1-2ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxext/2:1.3.1-2ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxext/2:1.3.0-3ubuntu0.1
https://launchpad.net/ubuntu/+source/libxext/2:1.1.1-2ubuntu0.1


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/f2b9e7e8/attachment.pgp>

------------------------------

Message: 3
Date: Wed, 05 Jun 2013 14:27:57 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1860-1] libxinerama vulnerability
Message-ID: <51AF832D.1070803@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1860-1
June 05, 2013

libxinerama vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in libxinerama.

Software Description:
- libxinerama: X11 Xinerama extension library

Details:

Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libxinerama1 2:1.1.2-1ubuntu0.13.04.1

Ubuntu 12.10:
libxinerama1 2:1.1.2-1ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libxinerama1 2:1.1.1-3ubuntu0.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1860-1
CVE-2013-1985

Package Information:
https://launchpad.net/ubuntu/+source/libxinerama/2:1.1.2-1ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxinerama/2:1.1.2-1ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxinerama/2:1.1.1-3ubuntu0.1


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/480a2a31/attachment.pgp>

------------------------------

Message: 4
Date: Wed, 05 Jun 2013 14:28:34 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1861-1] libxp vulnerability
Message-ID: <51AF8352.8010705@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1861-1
June 05, 2013

libxp vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in libxp.

Software Description:
- libxp: X Printing Extension (Xprint) client library

Details:

Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libxp6 1:1.0.1-2ubuntu0.13.04.1

Ubuntu 12.10:
libxp6 1:1.0.1-2ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libxp6 1:1.0.1-2ubuntu0.12.04.1

After a standard system update you need to restart your session to make all
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1861-1
CVE-2013-2062

Package Information:
https://launchpad.net/ubuntu/+source/libxp/1:1.0.1-2ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxp/1:1.0.1-2ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxp/1:1.0.1-2ubuntu0.12.04.1


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/51dc6ccf/attachment.pgp>

------------------------------

Message: 5
Date: Wed, 05 Jun 2013 14:26:18 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1854-1] libx11 vulnerabilities
Message-ID: <51AF82CA.4040204@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1854-1
June 05, 2013

libx11 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in libx11.

Software Description:
- libx11: X11 client-side library

Details:

Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libx11-6 2:1.5.0-1ubuntu1.1

Ubuntu 12.10:
libx11-6 2:1.5.0-1ubuntu0.1

Ubuntu 12.04 LTS:
libx11-6 2:1.4.99.1-0ubuntu2.1

Ubuntu 10.04 LTS:
libx11-6 2:1.3.2-1ubuntu3.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1854-1
CVE-2013-1981, CVE-2013-1997, CVE-2013-2004

Package Information:
https://launchpad.net/ubuntu/+source/libx11/2:1.5.0-1ubuntu1.1
https://launchpad.net/ubuntu/+source/libx11/2:1.5.0-1ubuntu0.1
https://launchpad.net/ubuntu/+source/libx11/2:1.4.99.1-0ubuntu2.1
https://launchpad.net/ubuntu/+source/libx11/2:1.3.2-1ubuntu3.1


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/4ea0248b/attachment.pgp>

------------------------------

Message: 6
Date: Wed, 05 Jun 2013 14:27:34 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1858-1] libxfixes vulnerability
Message-ID: <51AF8316.4060105@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"

==========================================================================
Ubuntu Security Notice USN-1858-1
June 05, 2013

libxfixes vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in libxfixes.

Software Description:
- libxfixes: X11 miscellaneous fixes extension library

Details:

Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libxfixes3 1:5.0-4ubuntu5.13.04.1

Ubuntu 12.10:
libxfixes3 1:5.0-4ubuntu5.12.10.1

Ubuntu 12.04 LTS:
libxfixes3 1:5.0-4ubuntu4.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1858-1
CVE-2013-1983

Package Information:
https://launchpad.net/ubuntu/+source/libxfixes/1:5.0-4ubuntu5.13.04.1
https://launchpad.net/ubuntu/+source/libxfixes/1:5.0-4ubuntu5.12.10.1
https://launchpad.net/ubuntu/+source/libxfixes/1:5.0-4ubuntu4.1


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/b3eadc2c/attachment.pgp>

------------------------------

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce


End of ubuntu-security-announce Digest, Vol 105, Issue 3
********************************************************

No comments:

Blog Archive