User: Password:
|
|
Subscribe / Log in / New account

Ubuntu alert USN-318-1 (libtunepimp)

From:  Martin Pitt <martin.pitt@canonical.com>
To:  ubuntu-security-announce@lists.ubuntu.com
Subject:  [USN-318-1] libtunepimp vulnerability
Date:  Thu, 13 Jul 2006 14:37:03 +0200
Cc:  full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com

=========================================================== Ubuntu Security Notice USN-318-1 July 13, 2006 libtunepimp vulnerability http://bugs.musicbrainz.org/ticket/1764 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libtunepimp2 0.3.0-2ubuntu5.1 Ubuntu 5.10: libtunepimp2c2 0.3.0-2ubuntu7.1 Ubuntu 6.06 LTS: libtunepimp2c2a 0.3.0-9.1ubuntu3.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Kevin Kofler discovered several buffer overflows in the tag parser. By tricking a user into opening a specially crafted tagged multimedia file (such as .ogg or .mp3 music) with an application that uses libtunepimp, this could be exploited to execute arbitrary code with the user's privileges. This particularly affects the KDE applications 'Amarok' and 'Juk'. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 6871 816d083ad0010b6ba3f4c2c027ffe4c8 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 1016 0bb89c217e868b97c8ecece58d70d521 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 524889 f1f506914150c4917ec730f847ad4709 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 24124 2bafeba28a4e75afc24b9d84ca89e4a4 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 65002 f6d69554dc0d49e9b43a8a86d3ad1595 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 307302 524eec25e6670177cef5f3923ca13bcb http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 166714 65cc3f239ff8a2e4b71d9681c7a399d4 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 7620 8efc67adb855d09ee6163296d2a5dcc8 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 35906 fabd759fc946dc8da916ac4aea98344c http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 35906 ad81916e88a3041a29aa1d0b0381f807 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 22554 3796f87627d72b6e9459242d51275418 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 64308 b05b230b572574f70c70ac2c4b78ab47 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 288084 861c09351e62091f262d0672398bfca3 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 168370 1e4ec2f407fa1a2798b8e65f2779318b http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 7604 8b3fd4594225291e6104fc6ae7648308 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 32092 dcce42ec71c9b3b5fba324e7ad8bc064 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 32096 0244dc6403cc8f581d010cc049cc9772 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 25668 d1b3b88f7ea94faa390ac8a818a5b40a http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 65456 de067b822941a684b151eacd1627800a http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 310288 ee373226566ebdd026d85339c6194f68 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 161658 e57125bd48dc6fb43a729f42024d9acf http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 7604 856cad80b516aadfcc6b4dfce84f7c37 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 35024 b2fe0b4fab5f8f26885830d1230c08e9 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 35022 6aceed97903c5e9d58089be96034969b Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 57217 e84fada632684c764157925a6f28af58 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 1042 79047ac001cd966d40c7c7041057ce70 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 524889 f1f506914150c4917ec730f847ad4709 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 22900 8fa8c15ad391abaa865bd32aaf357696 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 65060 c3f3a5f8fe97e8b1116e8b4a404f030b http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 423156 b3bcfc2292f7d34a4e83e80dac4a5a45 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 194818 3d8bb66aa14ec742b44c886c4b9e73c0 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 7326 0b52f772ba148170a9aeee326510d662 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 35766 eef8807c1221c87468ce3446292029a5 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 35760 ff1030fefa9d205303cfe935df177106 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 21832 39979e0f98a247ad115d7df4973a9e33 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 63588 c967addd0a999e243981908ea982ba32 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 377446 c2c567712c0d84b9840d2afbbf591894 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 183424 d43689ace27a3cd6188a58e5f32221ee http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 7722 144d696e193d3084a8a33fa301e2673c http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 31896 9aa6b90c84df7e88bfd749d62c73e32d http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 31888 5fcde4b28b41d8dd6bc08a2ade8ca053 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 25168 f3a910c5c2eac9af7c464b0de6b52d66 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 66636 2ca63be064b364f34d364ec066d64cb7 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 381948 6b5b4645103599a7f0eb4b57ca893610 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 179634 d34c9466b6d956fe7ac940c866920f29 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 7726 02de2d03f2cc418978855ac672e86e55 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 34982 9b5ce65ec98c254a7f42dd420f175072 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 34980 1a770caef6f7eef04687a92d0742e7bf sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 21896 eeb801a35abca46bbf42bee69b360cfd http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 65508 3fe0fee3f317b65a723a7aafe0b5061f http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 353488 a4daad9f4ccf01f4b643c10ac038ecb5 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 170798 e1b4278a1b3db42c8c47c79f9d733508 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 7756 05381e3502cd0e317c1f8b5786dcd3fa http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 33196 dd7540323f010e4cb6a989b7b9637e08 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 33186 749e8c2e4a6aa94b62e9f7815b9ee7cf Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 167027 5cbf88064d3c601b1e21d655bf6f2a9f http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 940 7e3e4061956ba7d494b1656545af86f3 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 524889 f1f506914150c4917ec730f847ad4709 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 23790 d8c7ef4dd653db7cfb107d80280b17dd http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 66182 d8daee5233892c809dcfad35f68fb099 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 343194 610c0e719156390e292ff6e096be46df http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 167296 9d4ac860ec681f3e19b93acd6e51b9c6 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 8302 51c14894544828c1941aec878c6926a1 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 36750 63a8a32a3e984e3d15e765418e53f9d3 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 22684 43aa7607a31a3a5459ea92401bfdfc91 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 64694 a6652cd749d8fdf1e565a61276ae4f37 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 323862 0bfff7363b6e4b6228856a965a0cb865 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 164644 50037044badb6c1a67304f0cb733f77c http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 8716 0b4d9fb3aa25383bdc96022d633b3c3f http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 32796 9f138782b4ce65cb45f7b8a5dcd30adc powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 25984 548a14de1f722edf6e50466ce31028a8 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 67776 ffcadfbb8fa0218ef9d5fa8bb4762a9f http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 343108 fc51b87e482ec0b97b324fcb984dce6c http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 163486 59cc8425cc6b0f46c963da0c8d06d051 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 8714 599b6fe1626b8cb09ef13c29c2340db4 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 35948 f839586e4e6fbd4a559da1a2769ce7e1 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 22728 a8f14d0d59cdb75d7ec19bf7c0fd40c0 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 66668 6d21d148627ae79a8e69f08e49864ae8 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 316962 3e246a51f0e8aab396c2237092d60ca4 http://security.ubuntu.com/ubuntu/pool/main/libt/libtunep... Size/MD5: 153124 cbf70ade10c1303f8a5267e13c6cc4e1 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 8756 2525d4058def16a35a8f2d8d2465bbe5 http://security.ubuntu.com/ubuntu/pool/universe/libt/libt... Size/MD5: 34136 6aff67f8c972b99bb650db85f5b06012 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds