User: Password:
|
|
Subscribe / Log in / New account

Ubuntu alert USN-83-2 (lesstif1-1)

From:  Martin Pitt <martin.pitt@canonical.com>
To:  ubuntu-security-announce@lists.ubuntu.com
Subject:  [USN-83-2] LessTif 1 vulnerabilities
Date:  Mon, 12 Sep 2005 17:37:01 +0200
Cc:  full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com

=========================================================== Ubuntu Security Notice USN-83-2 September 12, 2005 lesstif1-1 vulnerabilities CAN-2004-0914 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: lesstif1 The problem can be corrected by upgrading the affected package to version 1:0.93.94-4ubuntu1.4. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-83-1 fixed some vulnerabilities in the "lesstif2" library. The older "lesstif1" library was also affected, however, a fix was not yet available at that time. This USN fixes the flaws for lesstif1. Please note that there are no supported applications that use this library, so this only affects you if you use third-party applications which use lesstif1. For your convenience, here is the relevant part of the USN-83-1 description: Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library. If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image. Ubuntu does not contain any server applications using LessTif, so there is no possibility of privilege escalation. Source archives: http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 120384 728cea45df73cfac025aab648667ba26 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 864 f7a77c6d69d735c64e480407bc744b6b http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 4862623 9eb87b5470333ccb31425a47d24f5a96 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 342270 0c35f7bdddb569d91eb28399e266ba79 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/l/lesstif... Size/MD5: 176996 d5ad4f18af977e3e6fda8aff1f8b5942 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 919372 b15bc0f2b55e10ccf92cb0d3dd01f52d http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 662418 985665bdc0a646fa21538a2b64801271 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 1068818 48621de47a78ad4561e216d0ee20fa56 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 743454 8ea85ba224c678b5052aa8fe8535bae9 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/l/lesstif... Size/MD5: 159652 ca7bc02a28b971ad8c5aab26213bba88 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 805232 89e719ca3265064bc7bf4614766d7407 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 599756 860536eae168c35c97ef6f5a880bf002 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 934130 0ac40da1c5dc9e774df200bf51eedbf7 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 674398 44dd744e49359462acddb071c2dde808 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/l/lesstif... Size/MD5: 171920 180a779c3eb2783dfc4b882af996b8e5 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 947886 e29147ec36b74014861eeb90a85f19c6 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 627706 fa9045896ab981aaf4b71759978d9129 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 1094798 4112aa0f5cb26adc74430a8a6fe17343 http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/... Size/MD5: 706780 2fa548597283134ba0f7dd400f6c298e -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds