[Full-disclosure] [USN-151-3] zlib vulnerabilities
From: Martin Pitt (martin.pitt_at_canonical.com)
Date: 10/29/05
- Previous message: Vania Martino Toma: "Re: [Full-disclosure] Brain dead SSH scans from Italy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 28 Oct 2005 18:24:37 -0400 To: ubuntu-security-announce@lists.ubuntu.com
===========================================================
Ubuntu Security Notice USN-151-3 October 28, 2005
aide vulnerabilities
CVE-2005-1849, CVE-2005-2096
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)
The following packages are affected:
aide
The problem can be corrected by upgrading the affected package to
version 0.10-3ubuntu0.1 (for Ubuntu 4.10), 0.10-4ubuntu0.1 (for Ubuntu
5.04), or 0.10-6.1ubuntu0.1 (for Ubuntu 5.10). In general, a standard
system upgrade is sufficient to effect the necessary changes.
Details follow:
USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams.
Since aide is statically linked against the zlib library, it is also
affected by these issues. The updated packagages have been rebuilt
against the fixed zlib.
Updated packages for Ubuntu 4.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-3ubuntu0.1.diff.gz
Size/MD5: 28081 d569b7974a6204481346128876a0a530
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-3ubuntu0.1.dsc
Size/MD5: 703 cc5158a58a35e46dfc0bee0b0a34380b
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10.orig.tar.gz
Size/MD5: 234184 39eb7d21064cac7b409c45d038b86cd8
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-3ubuntu0.1_amd64.deb
Size/MD5: 413050 086e1a2279c3cd8ac1b6a2414d48ce18
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-3ubuntu0.1_i386.deb
Size/MD5: 398942 07096e82a51ee10ce965571e08342952
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-3ubuntu0.1_powerpc.deb
Size/MD5: 430230 77d787a8f00bf5058b21010a2c52acfa
Updated packages for Ubuntu 5.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-4ubuntu0.1.diff.gz
Size/MD5: 29359 366869464761485ef3d29915ae294ab1
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-4ubuntu0.1.dsc
Size/MD5: 703 28126aa389a49cc5354e6c704237b334
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10.orig.tar.gz
Size/MD5: 234184 39eb7d21064cac7b409c45d038b86cd8
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-4ubuntu0.1_amd64.deb
Size/MD5: 465630 63bc8c81c424d4bfb00c233a2e97695d
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-4ubuntu0.1_i386.deb
Size/MD5: 431590 109018a99a6588f7f48ee8be595bf2b6
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-4ubuntu0.1_powerpc.deb
Size/MD5: 471800 73571a01182d41ec0f5ce73cd5b8cdbc
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-6.1ubuntu0.1.diff.gz
Size/MD5: 36588 1428d11ede7d4d4996b9f6d719aa9557
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-6.1ubuntu0.1.dsc
Size/MD5: 763 715edd426517405c0f81feff1e7511c7
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10.orig.tar.gz
Size/MD5: 234184 39eb7d21064cac7b409c45d038b86cd8
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-6.1ubuntu0.1_amd64.deb
Size/MD5: 513230 9a1477b093630a538262a137d7c37730
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-6.1ubuntu0.1_i386.deb
Size/MD5: 451422 41c84d68e6e4e69fe919109e00576051
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/a/aide/aide_0.10-6.1ubuntu0.1_powerpc.deb
Size/MD5: 581134 df0712d4d04b4854243c01f7696eb0c5
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- application/pgp-signature attachment: Digital signature
- Previous message: Vania Martino Toma: "Re: [Full-disclosure] Brain dead SSH scans from Italy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
