星球

RSS | RDF | ATOM

USN-1351-1: AccountsService vulnerability

2012/1/31 22:37:38 | Ubuntu security notices

Ubuntu Security Notice USN-1351-1


31st January, 2012


accountsservice vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 11.10





Summary


AccountsService could be made to overwrite files as the administrator.





Software description





  • accountsservice
    - query and manipulate user account information







Details


Hayawardh Vijayakumar discovered that AccountsService incorrectly handled
privileges when modifying the language settings on Ubuntu. A local attacker
could exploit this issue to modify arbitrary files, and possibly create a
denial of service or obtain increased privileges.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 11.10:




accountsservice

0.6.14-1git1ubuntu1.1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to reboot your computer to make
all the necessary changes.





References




CVE-2011-4406


USN-1352-1: Software Properties vulnerability

2012/1/31 22:37:38 | Ubuntu security notices

Ubuntu Security Notice USN-1352-1


31st January, 2012


software-properties vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 11.10


  • Ubuntu 11.04


  • Ubuntu 10.10


  • Ubuntu 10.04 LTS





Summary


Software Properties could be tricked into installing arbitrary PPA GPG
keys.





Software description





  • software-properties
    - manage the repositories that you install software from













Details


David Black discovered that Software Properties incorrectly validated
server certificates when performing secure connections to download PPA GPG
key fingerprints. If a remote attacker were able to perform a
man-in-the-middle attack, this flaw could be exploited to install altered
package repository GPG keys.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 11.10:




python-software-properties

0.81.13.3





Ubuntu 11.04:




python-software-properties

0.80.9.1





Ubuntu 10.10:




python-software-properties

0.76.7.1





Ubuntu 10.04 LTS:




python-software-properties

0.75.10.2






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2011-4407


請改用國網中心的鏡像站(mirror)

2012/1/29 5:08:00 | 凍仁的 Ubuntu 筆記
大約一年前,台灣的鏡像站(mirror)開始不穩,凍仁則改用 shadow.ind.ntou.edu.tw 鏡像站。2011/10/12 凍仁發現其首頁有大大的標題寫著「ftp.tw.debian.org 以及 tw.archive.ubuntu.com 的管理者正在尋求資源」才終於知道這些 mirror 不穩的原因,幫不上忙的凍仁,只能上 Plurk 問前輩們,最後在前輩們的提醒下改用國網中心[1]的 mirror 就穩定了。

可以看的出來下方有幾個網域名稱(Domain name)是指到同一個 IP,凍仁雖不能肯定是指到同一台 Server,但可以肯定的是機器不夠力了!

OS Mirror IP
Debian  opensource.nchc.org.tw   211.73.64.9 
 Ubuntu  free.nchc.org.tw  211.73.64.9 
 Ubuntu  ftp.twaren.net 140.110.123.9
 2001:e10:5c00:5::9 
國網中心的 mirror。


OS Mirror IP
Debian  ftp.tw.debian.org   140.138.145.242 
 Ubuntu  tw.archive.ubuntu.com  140.138.145.242 
 Ubuntu   shadow.ind.ntou.edu.tw  140.121.80.201
凍仁原先使用的 mirror。


1. 使用更新管理員更換 mirror

1.1. 開啟「更新管理員」。

1.2. 點選「設定」按鈕。

1.3. 點選「下載自:」 一欄,並點選「其他...」。

1.4. 找到國網中心的 mirror 後點選「選擇伺服器」。

2. 使用 sed 取代 mirror


2.1. 在取代前得先找出目前使用的 mirror。
jonny@oneiric:~$ cat /etc/apt/sources.list | grep main | awk '{ print $2}' | cut -d'/' -f3 | sed -n '3P' [Enter]
tw.archive.ubuntu.com

2.2. 將 tw.archive.ubuntu.com 替換成 free.nchc.org.tw。
jonny@oneiric:~$ sudo sed -i 's/tw.archive.ubuntu.com/free.nchc.org.tw/g' /etc/apt/sources.list [Enter]

使用完以上任ㄧ方法都得再次更新套件來源,切忌切記[2]

# 註1:國網中心的全名為國家實驗研究院高速網路與計算中心(NCHC)
# 註2:「切忌」指的是千万不可,而「切記」則是要牢記的意思。


延伸閱讀:
NCHC | Main / HomePage

相關連結:
大澤木小鐵 好奇 ftp://os.nchc.org.tw 滿載了,請問大家都是在哪裡更新 Ubuntu ? [已解] 國研院國網中心自由軟體

USN-1342-1: Linux kernel (Oneiric backport) vulnerability

2012/1/27 8:55:05 | Ubuntu security notices

Ubuntu Security Notice USN-1342-1


25th January, 2012


linux-lts-backport-oneiric vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 10.04 LTS





Summary


The system could be made to run programs as an administrator.





Software description





  • linux-lts-backport-oneiric
    - Linux kernel backport from Oneiric







Details


Jüri Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem
permissions. A local attacker could exploit this and gain root privileges.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 10.04 LTS:




linux-image-3.0.0-15-server

3.0.0-15.26~lucid1






linux-image-3.0.0-15-generic

3.0.0-15.26~lucid1






linux-image-3.0.0-15-virtual

3.0.0-15.26~lucid1






linux-image-3.0.0-15-generic-pae

3.0.0-15.26~lucid1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to reboot your computer to make
all the necessary changes.





References




CVE-2012-0056


USN-1348-1: ICU vulnerability

2012/1/27 8:55:05 | Ubuntu security notices

Ubuntu Security Notice USN-1348-1


26th January, 2012


icu vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 11.10


  • Ubuntu 11.04


  • Ubuntu 10.10


  • Ubuntu 10.04 LTS





Summary


ICU could be made to crash or run programs as your login if it
opened specially crafted data.





Software description





  • icu
    - International Components for Unicode library













Details


It was discovered that ICU did not properly handle invalid locale data
during Unicode conversion. If an application using ICU processed crafted
data, an attacker could cause it to crash or potentially execute arbitrary
code with the privileges of the user invoking the program.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 11.10:




libicu44

4.4.2-2ubuntu0.11.10.1





Ubuntu 11.04:




libicu44

4.4.2-2ubuntu0.11.04.1





Ubuntu 10.10:




libicu42

4.2.1-3ubuntu0.10.10.1





Ubuntu 10.04 LTS:




libicu42

4.2.1-3ubuntu0.10.04.1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2011-4599


USN-1349-1: X.Org vulnerability

2012/1/27 8:55:05 | Ubuntu security notices

Ubuntu Security Notice USN-1349-1


26th January, 2012


xorg vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 11.10


  • Ubuntu 11.04


  • Ubuntu 10.10


  • Ubuntu 10.04 LTS





Summary


X could be made to start by a user who lacked appropriate permissions.





Software description





  • xorg
    - X.Org X Window System













Details


It was discovered that the X wrapper incorrectly checked certain console
permissions when launched by unprivileged users. An attacker connected
remotely could use this flaw to start X, bypassing the console permissions
check.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 11.10:




xserver-xorg

1:7.6+7ubuntu7.1





Ubuntu 11.04:




xserver-xorg

1:7.6+4ubuntu3.2





Ubuntu 10.10:




xserver-xorg

1:7.5+6ubuntu3.1





Ubuntu 10.04 LTS:




xserver-xorg

1:7.5+5ubuntu1.1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2011-4613


USN-1263-2: OpenJDK 6 regression

2012/1/26 11:31:50 | Ubuntu security notices

Ubuntu Security Notice USN-1263-2


24th January, 2012


openjdk-6, openjdk-6b18 regression


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 11.10


  • Ubuntu 11.04


  • Ubuntu 10.10


  • Ubuntu 10.04 LTS





Summary


USN-1263-1 caused a regression when using OpenJDK 6's SSL/TLS
implementation.





Software description





  • openjdk-6
    - Open Source Java implementation











  • openjdk-6b18
    - Open Source Java implementation











Details


USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for
the chosen plaintext attack on the block-wise AES encryption algorithm
(CVE-2011-3389) introduced a regression that caused TLS/SSL connections
to fail when using certain algorithms. This update fixes the problem.



We apologize for the inconvenience.



Original advisory details:



Deepak Bhole discovered a flaw in the Same Origin Policy (SOP)
implementation in the IcedTea web browser plugin. This could allow a
remote attacker to open connections to certain hosts that should
not be permitted. (CVE-2011-3377)

Juliano Rizzo and Thai Duong discovered that the block-wise AES
encryption algorithm block-wise as used in TLS/SSL was vulnerable to
a chosen-plaintext attack. This could allow a remote attacker to view
confidential data. (CVE-2011-3389)

It was discovered that a type confusion flaw existed in the in
the Internet Inter-Orb Protocol (IIOP) deserialization code. A
remote attacker could use this to cause an untrusted application
or applet to execute arbitrary code by deserializing malicious
input. (CVE-2011-3521)

It was discovered that the Java scripting engine did not perform
SecurityManager checks. This could allow a remote attacker to cause
an untrusted application or applet to execute arbitrary code with
the full privileges of the JVM. (CVE-2011-3544)

It was discovered that the InputStream class used a global buffer to
store input bytes skipped. An attacker could possibly use this to gain
access to sensitive information. (CVE-2011-3547)

It was discovered that a vulnerability existed in the AWTKeyStroke
class. A remote attacker could cause an untrusted application or applet
to execute arbitrary code. (CVE-2011-3548)

It was discovered that an integer overflow vulnerability existed
in the TransformHelper class in the Java2D implementation. A remote
attacker could use this cause a denial of service via an application
or applet crash or possibly execute arbitrary code. (CVE-2011-3551)

It was discovered that the default number of available UDP sockets for
applications running under SecurityManager restrictions was set too
high. A remote attacker could use this with a malicious application or
applet exhaust the number of available UDP sockets to cause a denial
of service for other applets or applications running within the same
JVM. (CVE-2011-3552)

It was discovered that Java API for XML Web Services (JAX-WS) could
incorrectly expose a stack trace. A remote attacker could potentially
use this to gain access to sensitive information. (CVE-2011-3553)

It was discovered that the unpacker for pack200 JAR files did not
sufficiently check for errors. An attacker could cause a denial of
service or possibly execute arbitrary code through a specially crafted
pack200 JAR file. (CVE-2011-3554)

It was discovered that the RMI registration implementation did not
properly restrict privileges of remotely executed code. A remote
attacker could use this to execute code with elevated privileges.
(CVE-2011-3556, CVE-2011-3557)

It was discovered that the HotSpot VM could be made to crash, allowing
an attacker to cause a denial of service or possibly leak sensitive
information. (CVE-2011-3558)

It was discovered that the HttpsURLConnection class did not
properly perform SecurityManager checks in certain situations. This
could allow a remote attacker to bypass restrictions on HTTPS
connections. (CVE-2011-3560)



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 11.10:




icedtea-6-jre-cacao

6b23~pre11-0ubuntu1.11.10.1






icedtea-6-jre-jamvm

6b23~pre11-0ubuntu1.11.10.1






openjdk-6-jre

6b23~pre11-0ubuntu1.11.10.1






openjdk-6-jre-headless

6b23~pre11-0ubuntu1.11.10.1






openjdk-6-jre-zero

6b23~pre11-0ubuntu1.11.10.1






openjdk-6-jre-lib

6b23~pre11-0ubuntu1.11.10.1





Ubuntu 11.04:




icedtea-6-jre-cacao

6b22-1.10.4-0ubuntu1~11.04.2






icedtea-6-jre-jamvm

6b22-1.10.4-0ubuntu1~11.04.2






openjdk-6-jre

6b22-1.10.4-0ubuntu1~11.04.2






openjdk-6-jre-headless

6b22-1.10.4-0ubuntu1~11.04.2






openjdk-6-jre-zero

6b22-1.10.4-0ubuntu1~11.04.2






openjdk-6-jre-lib

6b22-1.10.4-0ubuntu1~11.04.2





Ubuntu 10.10:




openjdk-6-jre-headless

6b20-1.9.10-0ubuntu1~10.10.3






openjdk-6-jre-lib

6b20-1.9.10-0ubuntu1~10.10.3






icedtea-6-jre-cacao

6b20-1.9.10-0ubuntu1~10.10.3






openjdk-6-jre-zero

6b20-1.9.10-0ubuntu1~10.10.3






openjdk-6-jre

6b20-1.9.10-0ubuntu1~10.10.3





Ubuntu 10.04 LTS:




openjdk-6-jre-headless

6b20-1.9.10-0ubuntu1~10.04.3






openjdk-6-jre-lib

6b20-1.9.10-0ubuntu1~10.04.3






icedtea-6-jre-cacao

6b20-1.9.10-0ubuntu1~10.04.3






openjdk-6-jre-zero

6b20-1.9.10-0ubuntu1~10.04.3






openjdk-6-jre

6b20-1.9.10-0ubuntu1~10.04.3






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to restart any Java applications
or applets to make all the necessary changes.





References




LP: 891761


USN-1336-1: Linux kernel vulnerability

2012/1/26 11:31:50 | Ubuntu security notices

Ubuntu Security Notice USN-1336-1


23rd January, 2012


linux vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 11.10





Summary


The system could be made to run programs as an administrator.





Software description





  • linux
    - Linux kernel







Details


Jüri Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem
permissions. A local attacker could exploit this and gain root privileges.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 11.10:




linux-image-3.0.0-15-omap

3.0.0-15.26






linux-image-3.0.0-15-generic

3.0.0-15.26






linux-image-3.0.0-15-powerpc-smp

3.0.0-15.26






linux-image-3.0.0-15-server

3.0.0-15.26






linux-image-3.0.0-15-generic-pae

3.0.0-15.26






linux-image-3.0.0-15-powerpc64-smp

3.0.0-15.26






linux-image-3.0.0-15-powerpc

3.0.0-15.26






linux-image-3.0.0-15-virtual

3.0.0-15.26






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to reboot your computer to make
all the necessary changes.





References




CVE-2012-0056


USN-1337-1: Linux kernel (Natty backport) vulnerabilities

2012/1/26 11:31:50 | Ubuntu security notices

Ubuntu Security Notice USN-1337-1


23rd January, 2012


linux-lts-backport-natty vulnerabilities


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 10.04 LTS





Summary


Several security issues were fixed in the kernel.





Software description





  • linux-lts-backport-natty
    - Linux kernel backport from Natty







Details


Peter Huewe discovered an information leak in the handling of reading
security-related TPM data. A local, unprivileged user could read the
results of a previous TPM command. (CVE-2011-1162)



Clement Lecigne discovered a bug in the HFS filesystem. A local attacker
could exploit this to cause a kernel oops. (CVE-2011-2203)



A flaw was found in how the Linux kernel handles user-defined key types. An
unprivileged local user could exploit this to crash the system.
(CVE-2011-4110)



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 10.04 LTS:




linux-image-2.6.38-13-virtual

2.6.38-13.54~lucid1






linux-image-2.6.38-13-server

2.6.38-13.54~lucid1






linux-image-2.6.38-13-generic-pae

2.6.38-13.54~lucid1






linux-image-2.6.38-13-generic

2.6.38-13.54~lucid1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to reboot your computer to make
all the necessary changes.





References




CVE-2011-1162,

CVE-2011-2203,

CVE-2011-4110


USN-1338-1: Rsyslog vulnerability

2012/1/26 11:31:50 | Ubuntu security notices

Ubuntu Security Notice USN-1338-1


23rd January, 2012


rsyslog vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 11.04





Summary


Rsyslog could be made to crash if it processed a specially crafted log
message.





Software description





  • rsyslog
    - Enhanced syslogd







Details


Peter Eisentraut discovered that Rsyslog would not properly perform input
validation when configured to use imfile. If an attacker were able to
craft messages in a file that Rsyslog monitored, an attacker could cause a
denial of service. The imfile module is disabled by default in Ubuntu.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 11.04:




rsyslog

4.6.4-2ubuntu4.2






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2011-4623