[Full-disclosure] [USN-212-1] libgda2 vulnerability
From: Martin Pitt (martin.pitt_at_canonical.com)
Date: 10/28/05
- Previous message: Valdis Shkesters: "Re: [Full-disclosure] Re: Microsoft AntiSpyware falling furtherbehind"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 28 Oct 2005 15:38:04 -0400 To: ubuntu-security-announce@lists.ubuntu.com
===========================================================
Ubuntu Security Notice USN-212-1 October 28, 2005
libgda2 vulnerability
CAN-2005-2958
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)
The following packages are affected:
libgda2-1
libgda2-3
The problem can be corrected by upgrading the affected package to
version 1.0.4-1ubuntu0.1 (for Ubuntu 4.10), 1.1.99-1ubuntu0.1 (for
Ubuntu 5.04), or 1.2.1-2ubuntu3.1 (for Ubuntu 5.10). In general, a
standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Steve Kemp discovered two format string vulnerabilities in the logging
handler of the Gnome database access library. Depending on the
application that uses the library, this could have been exploited to
execute arbitrary code with the permission of the user running the
application.
Updated packages for Ubuntu 4.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.0.4-1ubuntu0.1.diff.gz
Size/MD5: 14829 ba4ce8b304539a61ab575d932711070f
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.0.4-1ubuntu0.1.dsc
Size/MD5: 1961 c6eaf76b68cd4ea8f436a62f2dab101b
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.0.4.orig.tar.gz
Size/MD5: 1778950 345980ba52dcc1a4d24092e57869f92c
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-doc_1.0.4-1ubuntu0.1_all.deb
Size/MD5: 212224 354ca028706f54fa53ad89b93fbad5ed
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 72040 2ce51b479b815b0fe71abe3e8bfccfd9
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 18266 345c90c113c27a1241fa9c88949c1a3e
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 13316 f6f3c62598bf67ce54b4c992ce1a2b39
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 24476 0c9eb106b5f1eb434f7aa0eaf8005814
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 12396 d719341406907ed2816b3bbc71e84158
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-1_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 223580 aefc05d04856fc97187de0e8e5a85216
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 279102 e3513da5ad1d08a9e59627630587ac7f
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dbg_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 1734352 8048f322356530e36f10e63282bf9d7c
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.0.4-1ubuntu0.1_amd64.deb
Size/MD5: 313830 a6cd2d0bf8971dcd5814d7cf4a47b122
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 70584 ce56c16f4697028f3bf11250664ba125
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 16470 f59e3521b70e11b2361451a29c8665ff
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 12100 356c229d2e2f559333dc09db7656f20d
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 22490 54f9c4ed879f81658df08404bdb30a57
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 11030 eab5962d136c45315a0b3f704a7134f9
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-1_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 196738 130447269c9b143214c913b6a37b9c69
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 274650 c593c6c45152608abca1f2a1c7509378
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dbg_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 1698036 aaea8cad4c2d58fd3e4079c7a0c93999
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.0.4-1ubuntu0.1_i386.deb
Size/MD5: 246530 f719503a52dcbb72c26937d83f42c3d2
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 71976 3364891a091d4f334222c840bd2384fd
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 18706 711acc62b5889f1296107789fd54c3e1
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 13392 bcf4a6f17df3004302ce4ae5eb0f4b78
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 25044 5c9a121f3e296eb3da8be5d5459f709e
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 12396 34b7b57515cec017f8f57adcd3ce0bc4
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-1_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 205576 e396fbee9af57b5f2c12e0862c615be2
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 279400 0954e2bf905d1ecce113787b38f5d242
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dbg_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 1707936 cec04d93c7bf063e1f020f39cf24d5bd
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.0.4-1ubuntu0.1_powerpc.deb
Size/MD5: 334026 4a23e94cc13a9c510a16c44c6f6c7d92
Updated packages for Ubuntu 5.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.1.99-1ubuntu0.1.diff.gz
Size/MD5: 8586 1c333a3c2c26190125b252ca4f8c9d0a
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.1.99-1ubuntu0.1.dsc
Size/MD5: 2015 bdd8f14c7de66ca7f7e9b62f02403710
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.1.99.orig.tar.gz
Size/MD5: 2024240 50d115c5c363b3a5ffadcd8451952d40
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-doc_1.1.99-1ubuntu0.1_all.deb
Size/MD5: 251970 3cac3fd6ad68e3083d64da50d1178c47
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 18578 da97e9f50e49e901febb32ece5fa5a62
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 19062 33da6da7a2b0cc58cec33f654f54d772
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 13490 11708d137647170d55d7601937d20ce7
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 27632 a05e6371bc7939503d28e10384a3cf7d
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 12144 1c74d73717424367f691528603bbb257
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-1_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 224148 9197c55ce41c9042ee9fa21985b637a9
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 306548 f8bf9572fcc7f8952a20f1948387d6ba
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dbg_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 1801822 38e87b84f5c542efad9c7aa80d112561
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.1.99-1ubuntu0.1_amd64.deb
Size/MD5: 307764 fdb18e04aeef6eff6c95bc797feef7cb
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 17506 f527ff8ca670357feb93007e166ed4f1
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 17368 7845367c1b81632880aa36aa429a7fa2
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 12436 2f881650ffd1310f45c4f789d2596294
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 26012 42dcb9bb5b0b21140360aa21e29497ac
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 11062 99c13906571f17675dc0d4951facdc92
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-1_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 206700 1e4c48bf1a2863c574174787d8929996
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 301632 53217aec9dde9b83a4f6fb9b6bc95161
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dbg_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 1778954 15fdde243d26de9a60b77907624e8dd9
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.1.99-1ubuntu0.1_i386.deb
Size/MD5: 248406 a798e54b5c89073d67798f154eb709cc
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 18938 6c885e902438bc2082cfb6f81a9e1613
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 19584 b1258f2da21064974a0dcf83bc1dd514
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 13758 56a9537ccd9fa9f304095559f5dc4fb1
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 28532 c292dd8b75613f320df5e6352540097b
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 12452 ed890b1dfe7198cc26eca83e61f6e8f0
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-1_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 215548 1dd5a8a5d3c1c199fcbe5f549419f7e4
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 307350 88f5f699b17fe80431b68ad8b2749476
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dbg_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 2922290 47c9ad0c2370f639337794fbb350f69c
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.1.99-1ubuntu0.1_powerpc.deb
Size/MD5: 311146 613cb5bf05953af61b485c9c6abc45f5
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.2.1-2ubuntu3.1.diff.gz
Size/MD5: 10175 a0581f32596cc721eeaa933f508d6e6f
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.2.1-2ubuntu3.1.dsc
Size/MD5: 1992 9158d234ff184030863d6a50afe6697b
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2_1.2.1.orig.tar.gz
Size/MD5: 2038045 ca6103ad97d565c08a613b13b6b32f8d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-doc_1.2.1-2ubuntu3.1_all.deb
Size/MD5: 246388 7142c393d12e3146fae1a15de535b10f
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 18546 15be35e689037fd226ad4f528aac4bfc
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 19578 da4f42e21631a4a644b1aff013ecc6c2
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 13698 2c344fa51462e375a155323e02f5fd55
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 28754 55b01eb7fc20f4d7862d53c11b2821c3
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 12282 33d0f3be65110d072d664c06ed929298
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/libgda2-3-dbg_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 416856 675183d4545f2e3f0c229bfb1fe377c6
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-3_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 239950 604676f4cb12564db11adf6668882650
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 307488 2699efd00caadec2bd6885670f1a6475
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.2.1-2ubuntu3.1_amd64.deb
Size/MD5: 332512 34c36816a9037ddbb7503286c52eceab
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 16676 330563f77bf572f20ae414dd84ea78f1
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 17244 36fec55d50978dfd0723f4d37f707c2a
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 12344 55cd204876243d2d71e98c15c0e0806c
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 26508 8ac8e0eb58bb5533b4f53ba56823cfc6
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 10960 728d197c4d4ab1066efcd8622e5b9749
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/libgda2-3-dbg_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 337150 2616e6eb277bb65c09cbd01882e01e9e
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-3_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 214874 4df22945859ddd132641d9ae8e774f44
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 304172 f11c6831a48fa5f2a80737b62aff20b5
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.2.1-2ubuntu3.1_i386.deb
Size/MD5: 264982 9ebcbc5d33d6a9bbb1a8b898950ce832
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-freetds_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 18778 971fa11b5e31722f1b3d96694430d738
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-mysql_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 19934 a60c238b1556e0a3889c21a20804b144
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-odbc_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 14016 a04e7b90000ca4d9fd44e934163b2420
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-postgres_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 29294 428c8acd0677a7028215cb97200a366b
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/gda2-sqlite_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 12756 b6b74dbaffe3e0475b9bf88e9aa9e3d7
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgda2/libgda2-3-dbg_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 400498 b2cbd77cc9113f309425d88b316ae748
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-3_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 232080 3ff7a24735140e8bed80f51508c69d78
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-common_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 310282 4d614c824c5c3b3ffe0880c559c633e3
http://security.ubuntu.com/ubuntu/pool/main/libg/libgda2/libgda2-dev_1.2.1-2ubuntu3.1_powerpc.deb
Size/MD5: 336260 fdb3fc9d7a77b97f7515c2a778e98693
-- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- application/pgp-signature attachment: Digital signature
- Previous message: Valdis Shkesters: "Re: [Full-disclosure] Re: Microsoft AntiSpyware falling furtherbehind"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
