Send ubuntu-security-announce mailing list submissions to
ubuntu-security-announce@lists.ubuntu.com
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
or, via email, send a message with subject or body 'help' to
ubuntu-security-announce-request@lists.ubuntu.com
You can reach the person managing the list at
ubuntu-security-announce-owner@lists.ubuntu.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of ubuntu-security-announce digest..."
Today's Topics:
1. [USN-1856-1] libxcursor vulnerability (Marc Deslauriers)
2. [USN-1863-1] libxrender vulnerability (Marc Deslauriers)
3. [USN-1864-1] libxres vulnerability (Marc Deslauriers)
4. [USN-1868-1] libxvmc vulnerabilities (Marc Deslauriers)
5. [USN-1869-1] libxxf86dga vulnerabilities (Marc Deslauriers)
6. [USN-1852-1] libdmx vulnerability (Marc Deslauriers)
----------------------------------------------------------------------
Message: 1
Date: Wed, 05 Jun 2013 14:26:57 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1856-1] libxcursor vulnerability
Message-ID: <51AF82F1.2080109@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"
==========================================================================
Ubuntu Security Notice USN-1856-1
June 05, 2013
libxcursor vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in libxcursor.
Software Description:
- libxcursor: X cursor management library
Details:
Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
libxcursor1 1:1.1.13-1ubuntu0.13.04.1
Ubuntu 12.10:
libxcursor1 1:1.1.13-1ubuntu0.12.10.1
Ubuntu 12.04 LTS:
libxcursor1 1:1.1.12-1ubuntu0.1
After a standard system update you need to restart your session to make all
the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1856-1
CVE-2013-2003
Package Information:
https://launchpad.net/ubuntu/+source/libxcursor/1:1.1.13-1ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxcursor/1:1.1.13-1ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxcursor/1:1.1.12-1ubuntu0.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/d24a2e97/attachment.pgp>
------------------------------
Message: 2
Date: Wed, 05 Jun 2013 14:29:12 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1863-1] libxrender vulnerability
Message-ID: <51AF8378.7050004@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"
==========================================================================
Ubuntu Security Notice USN-1863-1
June 05, 2013
libxrender vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in libxrender.
Software Description:
- libxrender: X Rendering Extension client library
Details:
Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
libxrender1 1:0.9.7-1ubuntu0.13.04.1
Ubuntu 12.10:
libxrender1 1:0.9.7-1ubuntu0.12.10.1
Ubuntu 12.04 LTS:
libxrender1 1:0.9.6-2ubuntu0.1
Ubuntu 10.04 LTS:
libxrender1 1:0.9.5-1ubuntu0.1
After a standard system update you need to restart your session to make all
the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1863-1
CVE-2013-1987
Package Information:
https://launchpad.net/ubuntu/+source/libxrender/1:0.9.7-1ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxrender/1:0.9.7-1ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxrender/1:0.9.6-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libxrender/1:0.9.5-1ubuntu0.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/810d0e2b/attachment.pgp>
------------------------------
Message: 3
Date: Wed, 05 Jun 2013 14:29:32 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1864-1] libxres vulnerability
Message-ID: <51AF838C.6020205@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"
==========================================================================
Ubuntu Security Notice USN-1864-1
June 05, 2013
libxres vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in libxres.
Software Description:
- libxres: X11 Resource extension library
Details:
Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
libxres1 2:1.0.6-1ubuntu0.13.04.1
Ubuntu 12.10:
libxres1 2:1.0.6-1ubuntu0.12.10.1
Ubuntu 12.04 LTS:
libxres1 2:1.0.5-1ubuntu0.1
After a standard system update you need to restart your session to make all
the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1864-1
CVE-2013-1988
Package Information:
https://launchpad.net/ubuntu/+source/libxres/2:1.0.6-1ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxres/2:1.0.6-1ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxres/2:1.0.5-1ubuntu0.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/c92f00f0/attachment.pgp>
------------------------------
Message: 4
Date: Wed, 05 Jun 2013 14:30:47 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1868-1] libxvmc vulnerabilities
Message-ID: <51AF83D7.1070300@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"
==========================================================================
Ubuntu Security Notice USN-1868-1
June 05, 2013
libxvmc vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in libxvmc.
Software Description:
- libxvmc: X11 Video extension library
Details:
Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
libxvmc1 2:1.0.7-1ubuntu1.13.04.1
Ubuntu 12.10:
libxvmc1 2:1.0.7-1ubuntu1.12.10.1
Ubuntu 12.04 LTS:
libxvmc1 2:1.0.6-1ubuntu2.1
After a standard system update you need to restart your session to make all
the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1868-1
CVE-2013-1990, CVE-2013-1999
Package Information:
https://launchpad.net/ubuntu/+source/libxvmc/2:1.0.7-1ubuntu1.13.04.1
https://launchpad.net/ubuntu/+source/libxvmc/2:1.0.7-1ubuntu1.12.10.1
https://launchpad.net/ubuntu/+source/libxvmc/2:1.0.6-1ubuntu2.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/b601df5c/attachment.pgp>
------------------------------
Message: 5
Date: Wed, 05 Jun 2013 14:31:08 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1869-1] libxxf86dga vulnerabilities
Message-ID: <51AF83EC.5080100@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"
==========================================================================
Ubuntu Security Notice USN-1869-1
June 05, 2013
libxxf86dga vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in libxxf86dga.
Software Description:
- libxxf86dga: X11 Direct Graphics Access extension library
Details:
Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
libxxf86dga1 2:1.1.3-2ubuntu0.13.04.1
Ubuntu 12.10:
libxxf86dga1 2:1.1.3-2ubuntu0.12.10.1
Ubuntu 12.04 LTS:
libxxf86dga1 2:1.1.2-1ubuntu0.1
After a standard system update you need to restart your session to make all
the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1869-1
CVE-2013-1991, CVE-2013-2000
Package Information:
https://launchpad.net/ubuntu/+source/libxxf86dga/2:1.1.3-2ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxxf86dga/2:1.1.3-2ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxxf86dga/2:1.1.2-1ubuntu0.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/169965c7/attachment.pgp>
------------------------------
Message: 6
Date: Wed, 05 Jun 2013 14:25:23 -0400
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Subject: [USN-1852-1] libdmx vulnerability
Message-ID: <51AF8293.9020700@canonical.com>
Content-Type: text/plain; charset="iso-8859-1"
==========================================================================
Ubuntu Security Notice USN-1852-1
June 05, 2013
libdmx vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in libdmx.
Software Description:
- libdmx: X11 Distributed Multihead extension library
Details:
Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
libdmx1 1:1.1.2-1ubuntu0.13.04.1
Ubuntu 12.10:
libdmx1 1:1.1.2-1ubuntu0.12.10.1
Ubuntu 12.04 LTS:
libdmx1 1:1.1.1-1ubuntu0.1
After a standard system update you need to restart your session to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1852-1
CVE-2013-1992
Package Information:
https://launchpad.net/ubuntu/+source/libdmx/1:1.1.2-1ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libdmx/1:1.1.2-1ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libdmx/1:1.1.1-1ubuntu0.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20130605/64528acd/attachment.pgp>
------------------------------
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
End of ubuntu-security-announce Digest, Vol 105, Issue 2
********************************************************
News
Subscribe to:
Post Comments (Atom)
Blog Archive
-
▼
2013
(149)
-
▼
June
(17)
- ubuntu-security-announce Digest, Vol 105, Issue 17
- ubuntu-security-announce Digest, Vol 105, Issue 16
- ubuntu-security-announce Digest, Vol 105, Issue 15
- ubuntu-security-announce Digest, Vol 105, Issue 14
- ubuntu-security-announce Digest, Vol 105, Issue 13
- ubuntu-security-announce Digest, Vol 105, Issue 12
- ubuntu-security-announce Digest, Vol 105, Issue 11
- ubuntu-security-announce Digest, Vol 105, Issue 10
- ubuntu-security-announce Digest, Vol 105, Issue 9
- ubuntu-security-announce Digest, Vol 105, Issue 8
- ubuntu-security-announce Digest, Vol 105, Issue 7
- ubuntu-security-announce Digest, Vol 105, Issue 6
- ubuntu-security-announce Digest, Vol 105, Issue 5
- ubuntu-security-announce Digest, Vol 105, Issue 3
- ubuntu-security-announce Digest, Vol 105, Issue 2
- ubuntu-security-announce Digest, Vol 105, Issue 4
- ubuntu-security-announce Digest, Vol 105, Issue 1
-
▼
June
(17)
No comments:
Post a Comment