The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[USN-738-1] GLib vulnerability


<< Previous INDEX Search src / Print Next >>
Date: Mon, 16 Mar 2009 17:35:33 -0500
From: Jamie Strandboge <jamie@canonical.com.>
To: [email protected]
Subject: [USN-738-1] GLib vulnerability
Message-ID: <20090316223533.GB6143@severus.strandboge.com.>
Reply-To: Jamie Strandboge <jamie@canonical.com.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="1LKvkjL3sHcu1TtY"
Content-Disposition: inline
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Virus-Scanned: antivirus-gw at tyumen.ru


--1LKvkjL3sHcu1TtY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


Ubuntu Security Notice USN-738-1 March 16, 2009 glib2.0 vulnerability CVE-2008-4316
A security issue affects the following Ubuntu releases: Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: libglib2.0-0 2.14.1-1ubuntu1.1 libglib2.0-udeb 2.14.1-1ubuntu1.1 Ubuntu 8.04 LTS: libglib2.0-0 2.16.6-0ubuntu1.1 libglib2.0-udeb 2.16.6-0ubuntu1.1 Ubuntu 8.10: libglib2.0-0 2.18.2-0ubuntu2.1 libglib2.0-udeb 2.18.2-0ubuntu2.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Diego Petten discovered that the Base64 encoding functions in GLib did not properly handle large strings. If a user or automated system were tricked into processing a crafted Base64 string, an attacker could possibly execute arbitrary code with the privileges of the user invoking the program. Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.14.1-1ubuntu1.1.diff.gz Size/MD5: 17524 138b9912ad61c1f00d6423d4d6931914 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.14.1-1ubuntu1.1.dsc Size/MD5: 1084 33f307cae0cd17458587a5bc7d2b366c http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.14.1.orig.tar.gz Size/MD5: 4514485 dd436aceda2b0fac690d11129b157dc9 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-data_2.14.1-1ubuntu1.1_all.deb Size/MD5: 962 d5405d5d9af95143426424f058465f57 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.14.1-1ubuntu1.1_all.deb Size/MD5: 875550 58bae9747659a721826a4cdb48653b26 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.14.1-1ubuntu1.1_amd64.deb Size/MD5: 750190 1d2cd4e8d958a45164b29137f062cdef http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.14.1-1ubuntu1.1_amd64.deb Size/MD5: 650836 4bffda1840b9be52d2fade1fe9ce5fdf http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.14.1-1ubuntu1.1_amd64.deb Size/MD5: 703086 b7cd2dba039c62260b2c4b7a2d51bebf http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.14.1-1ubuntu1.1_amd64.udeb Size/MD5: 818068 c1d3112c7b466bc514af10a47ae5ad9b i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.14.1-1ubuntu1.1_i386.deb Size/MD5: 682848 25dade5b71bdc66cdd5dbc8c13475d9f http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.14.1-1ubuntu1.1_i386.deb Size/MD5: 600818 5ca07527317218881b8f40e8461b360c http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.14.1-1ubuntu1.1_i386.deb Size/MD5: 636534 a00c0ec906a128cf5c2b686429159c33 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.14.1-1ubuntu1.1_i386.udeb Size/MD5: 765878 9de2564e2d720252ef139450d2c11240 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.14.1-1ubuntu1.1_lpia.deb Size/MD5: 726462 54577f30c31c779e72ad9a85177e2b3f http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.14.1-1ubuntu1.1_lpia.deb Size/MD5: 600250 b221636a099efcf4d4aa45506d3541f1 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.14.1-1ubuntu1.1_lpia.deb Size/MD5: 631880 03b65201612b7505508bb5eb98fd1af4 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.14.1-1ubuntu1.1_lpia.udeb Size/MD5: 767286 8d1f140c6dce14b4b251ece60448f383 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.14.1-1ubuntu1.1_powerpc.deb Size/MD5: 739568 12b519209bc428c9abb801acd63b6f64 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.14.1-1ubuntu1.1_powerpc.deb Size/MD5: 639720 cc7b0a74e988134820bb19696c260c4d http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.14.1-1ubuntu1.1_powerpc.deb Size/MD5: 742996 9584e0e070ff20863b2db8a017cb435d http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.14.1-1ubuntu1.1_powerpc.udeb Size/MD5: 807140 aaa49170708207ea18b4f2d03333c317 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.14.1-1ubuntu1.1_sparc.deb Size/MD5: 659988 65cc53ae2ccdd2840f823e6da13746f4 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.14.1-1ubuntu1.1_sparc.deb Size/MD5: 623398 7b8409a64a69752eac69d0cf481287d2 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.14.1-1ubuntu1.1_sparc.deb Size/MD5: 687116 586af6af18b7609725bc5dfa233a0538 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.14.1-1ubuntu1.1_sparc.udeb Size/MD5: 790234 991a32c2b50a3a6642c3bfd4db97d646 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6-0ubuntu1.1.diff.gz Size/MD5: 33905 23387ef13b5c8d376cc4c34a2b478b8c http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6-0ubuntu1.1.dsc Size/MD5: 1130 4b0ff87617aac27d5c37ad74e564c090 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.16.6.orig.tar.gz Size/MD5: 6491460 65c594a471406a377bee8171a2ea43d4 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.16.6-0ubuntu1.1_all.deb Size/MD5: 1163348 68f5bd3e6cff739347b22cef1f74a18c http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-data_2.16.6-0ubuntu1.1_all.deb Size/MD5: 968 610624ea9065c2fb2f747afaef5b673c amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.1_amd64.deb Size/MD5: 1177248 11381774038a1b6c057371cb4e00bc1b http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.1_amd64.deb Size/MD5: 824454 6baad819579ec0c7c6b8e27f985bedba http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.1_amd64.deb Size/MD5: 985390 c078da0a2f3fbed279025c88e81f6f5a http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.1_amd64.deb Size/MD5: 48242 ea22af17d06494e4a69a3585263c9b0e http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.1_amd64.udeb Size/MD5: 1307358 b344d52fcaf68319dc5b854008e4d926 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.1_i386.deb Size/MD5: 1104366 d0dd8d14dcec10ab2a68b9ad79a5d038 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.1_i386.deb Size/MD5: 758540 aa923e2911938c299179754d4c5806f5 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.1_i386.deb Size/MD5: 874390 5f28d5c785e989c8ea1efe55dd7e3c5d http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.1_i386.deb Size/MD5: 46484 6fa7e8e1a6d84e20d03a8d6628e9c8f3 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.1_i386.udeb Size/MD5: 1238878 13eec74fbd7f4461ad563dd04fa001c8 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.1_lpia.deb Size/MD5: 1126246 ebfa91d95c7d5e3a79c1b7dd537dc96e http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.1_lpia.deb Size/MD5: 749438 643ab4beb0d97ae1bcb83f7e17f2ed93 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.1_lpia.deb Size/MD5: 866202 f67869e2bd1cdbed2461e13e7e1b08cd http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.1_lpia.deb Size/MD5: 46456 76ef2eb8a31b276046e020fe96387fdd http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.1_lpia.udeb Size/MD5: 1232182 2c1606d39bebfd8c8267013432bd5657 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.1_powerpc.deb Size/MD5: 1165976 ec03b242bbe664869a8ffe86006e8bdc http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.1_powerpc.deb Size/MD5: 824912 5bff6cc6019577a2ebf5c558231c1d02 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.1_powerpc.deb Size/MD5: 1033470 d11fcd417812a3028b1d49bbf91970de http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.1_powerpc.deb Size/MD5: 48066 e1e552ae85742bdf20622d82725ebf77 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.1_powerpc.udeb Size/MD5: 1307768 1f140fb5f4143700c5a25cd9aebefe96 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-0ubuntu1.1_sparc.deb Size/MD5: 1031254 26dbaeb3fc08bffaccbd95ca89e38654 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.16.6-0ubuntu1.1_sparc.deb Size/MD5: 781336 0ed705a3fbd1f23324525a0d672a51d7 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.16.6-0ubuntu1.1_sparc.deb Size/MD5: 953920 33853604999c49363f1948ed3e6437b7 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.16.6-0ubuntu1.1_sparc.deb Size/MD5: 47272 645a3b1411446a745ea9bf397528bfaf http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.16.6-0ubuntu1.1_sparc.udeb Size/MD5: 1264084 3ddff1ddcc82db1dbf71d8e8d721dca6 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2-0ubuntu2.1.diff.gz Size/MD5: 32950 fb2918028808c8a64ce59493c54f8af7 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2-0ubuntu2.1.dsc Size/MD5: 1552 3328bb4e4189019d5f4e176cafb281fa http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/glib2.0_2.18.2.orig.tar.gz Size/MD5: 6792476 0f2bf241fc93d95a0bd599a9c2a352ca Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-data_2.18.2-0ubuntu2.1_all.deb Size/MD5: 960 82bb052062e7549056c74f0d78b29205 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-doc_2.18.2-0ubuntu2.1_all.deb Size/MD5: 1152002 5e2500f783559bb9cfb5fdbaece3f3c6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.1_amd64.deb Size/MD5: 1248304 0d8cb8be6edfaa6304a80f9deea3acb0 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.1_amd64.deb Size/MD5: 842594 591be969c4f238b16a344fd939d79acc http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.1_amd64.deb Size/MD5: 1027604 91dfe71e0007ed7881176e51e1b8b900 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.1_amd64.deb Size/MD5: 44114 e0ec4eae45f8e47a518dd7388bf06227 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.1_amd64.udeb Size/MD5: 1401412 98004c1bec49d2598cedec9c26fd6276 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.1_i386.deb Size/MD5: 1173896 db2153c03262bd465f15d050651a5842 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.1_i386.deb Size/MD5: 771208 fc627a9cae11d15f8f3582e13a13a080 http://security.ubuntu.com/ubuntu/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.1_i386.deb Size/MD5: 910628 f85ad3d2608f57bbf581aa4483fb97f4 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.1_i386.deb Size/MD5: 42644 41055523fc27443aeedfb2e1e3740eb4 http://security.ubuntu.com/ubuntu/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.1_i386.udeb Size/MD5: 1330172 7010f1b8b22ea7e17f0de5ef98a6bf8a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.1_lpia.deb Size/MD5: 1195138 6ab371ce2a75e218a7de6260b4bc57b9 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.1_lpia.deb Size/MD5: 760558 97da9faad005ee2cf24565518d4e9985 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.1_lpia.deb Size/MD5: 901682 19bf37c54f3e6fb11b13ec3db08292b9 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.1_lpia.deb Size/MD5: 42516 023bd2caa36a94489075279cecf03399 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.1_lpia.udeb Size/MD5: 1319420 95809f6fbfc8ef3761256f12e5524e98 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.1_powerpc.deb Size/MD5: 1237852 df13662cf69aad0ade051afadfbe974a http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.1_powerpc.deb Size/MD5: 845582 ef5936463716b8f9926ed4574282d313 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.1_powerpc.deb Size/MD5: 1079766 11eb08fed0b00df691c43f6a1a8fcc13 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.1_powerpc.deb Size/MD5: 43918 441be4fe2d26600e6675b08b7da29499 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.1_powerpc.udeb Size/MD5: 1404140 d28d4a3b73b8407d10ff48980706106d sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0-dbg_2.18.2-0ubuntu2.1_sparc.deb Size/MD5: 1077366 d68576f4973e127ac1cccb41fc37bb19 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-0_2.18.2-0ubuntu2.1_sparc.deb Size/MD5: 790732 72be4f8c2ee1c0f41747e82736e6aed8 http://ports.ubuntu.com/pool/main/g/glib2.0/libglib2.0-dev_2.18.2-0ubuntu2.1_sparc.deb Size/MD5: 985182 a3c1cae1359421e28c9068c7cc8a59e9 http://ports.ubuntu.com/pool/universe/g/glib2.0/libgio-fam_2.18.2-0ubuntu2.1_sparc.deb Size/MD5: 43182 19a63d0f654eb9212eb9693ecc4e47f8 http://ports.ubuntu.com/pool/universe/g/glib2.0/libglib2.0-udeb_2.18.2-0ubuntu2.1_sparc.udeb Size/MD5: 1349790 68bb632ebf858ae4eb87cc48a1d76514 --1LKvkjL3sHcu1TtY Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkm+1DUACgkQW0JvuRdL8Br7OACeJIDo5/gdsSM2CoPaX3E8+RA6 sJIAoJuq6PkIvRxTCN7zDuCVZDj5P5v4 =2JkC -----END PGP SIGNATURE----- --1LKvkjL3sHcu1TtY--

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру