|
|
|
Choosing A Webhost: |
[USN-92-1] LessTif vulnerabilities: msg#00002linux.ubuntu.security.announce
=========================================================== Ubuntu Security Notice USN-92-1 March 07, 2005 lesstif1-1 vulnerabilities CAN-2005-0605 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: lesstif1 lesstif2 The problem can be corrected by upgrading the affected package to version 1:0.93.94-4ubuntu1.3. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library. If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image. Ubuntu does not contain any server applications using LessTif, so there is no possibility of privilege escalation. Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif1-1_0.93.94-4ubuntu1.3.diff.gz Size/MD5: 106559 10390280498a19d8bedcf41c3ad075b6 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif1-1_0.93.94-4ubuntu1.3.dsc Size/MD5: 864 ef7eb1b1a2351d703c9d472e147d6b45 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif1-1_0.93.94.orig.tar.gz Size/MD5: 4862623 9eb87b5470333ccb31425a47d24f5a96 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif-doc_0.93.94-4ubuntu1.3_all.deb Size/MD5: 342218 50dba994fe17e5f253c3b44e3bdb493a amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/l/lesstif1-1/lesstif-bin_0.93.94-4ubuntu1.3_amd64.deb Size/MD5: 176958 845526d2d517b5d43722d32f7b4f96d9 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif-dev_0.93.94-4ubuntu1.3_amd64.deb Size/MD5: 917352 bc37061d1a23c0f9e50631e370c6e02a http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif1_0.93.94-4ubuntu1.3_amd64.deb Size/MD5: 660772 ab61d20f4cad00783adc89eb2e5ad05d http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif2-dev_0.93.94-4ubuntu1.3_amd64.deb Size/MD5: 1068764 22057fe13cf32c6824b80b1aca8582f8 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif2_0.93.94-4ubuntu1.3_amd64.deb Size/MD5: 743410 8307888562686c76a7584a437634455e i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/l/lesstif1-1/lesstif-bin_0.93.94-4ubuntu1.3_i386.deb Size/MD5: 159596 215b85f45344b66cd9e621b651dae399 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif-dev_0.93.94-4ubuntu1.3_i386.deb Size/MD5: 803756 43a39b02e359fc7eba44a2acc651d77f http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif1_0.93.94-4ubuntu1.3_i386.deb Size/MD5: 598112 fa697d9c1b794e6b5d4f98c3c445695d http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif2-dev_0.93.94-4ubuntu1.3_i386.deb Size/MD5: 934076 c3404cb03872cd7ad7ed71b734f74f0e http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif2_0.93.94-4ubuntu1.3_i386.deb Size/MD5: 674350 22c7ce01cf8ee09172d25d494470e6ae powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/l/lesstif1-1/lesstif-bin_0.93.94-4ubuntu1.3_powerpc.deb Size/MD5: 171868 4c2102527ad30213dcb759caae0b42db http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif-dev_0.93.94-4ubuntu1.3_powerpc.deb Size/MD5: 946186 97efaff3cb3f0c558a65ddff84441d48 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif1_0.93.94-4ubuntu1.3_powerpc.deb Size/MD5: 626094 7307c73f4fbc10560da35f87ba11ccf3 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif2-dev_0.93.94-4ubuntu1.3_powerpc.deb Size/MD5: 1094772 0fc4e231e5e9d032065c80b997bc5562 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/lesstif2_0.93.94-4ubuntu1.3_powerpc.deb Size/MD5: 706738 d2a53253e733c907eb48d3640024c47a
|
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | [USN-91-1] EXIF library vulnerability, Martin Pitt |
|---|---|
| Next by Date: | [USN-93-1] Squid vulnerability, Martin Pitt |
| Previous by Thread: | [USN-91-1] EXIF library vulnerability, Martin Pitt |
| Next by Thread: | [USN-93-1] Squid vulnerability, Martin Pitt |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
Free MagazinesCisco NewsReceive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business. subscribe Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field. subscribe The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business. subscribe Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company. subscribe Total Telecom Total Telecom is "The Economist of the communications industry". subscribe |
