[SECURITY] [DSA 1512-1] New evolution packages fix arbitrary code execution
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1512-1 [EMAIL PROTECTED] http://www.debian.org/security/ Thijs Kinkhorst March 05, 2008http://www.debian.org/security/faq - Package: evolution Vulnerability : format string attack Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-0072 Ulf Härnhammar discovered that Evolution, the e-mail and groupware suite, had a format string vulnerability in the parsing of encrypted mail messages. If the user opened a specially crafted email message, code execution was possible. For the stable distribution (etch), this problem has been fixed in version 2.6.3-6etch2. For the old stable distribution (sarge), this problem has been fixed in version 2.0.4-2sarge3. Some architectures have not yet completed building the updated package for sarge at this time, they will be added as they come available. For the unstable distribution (sid), this problem has been fixed in version 2.12.3-1.1. We recommend that you upgrade your evolution package. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - Source archives: http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge3.diff.gz Size/MD5 checksum: 294256 892634ed1c28416dea721a0ee1374d84 http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge3.dsc Size/MD5 checksum: 1459 e4a9b6f334108cae7550c9a0953e8e2b http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4.orig.tar.gz Size/MD5 checksum: 20968383 d555a0b1d56f0f0b9c33c35b057f73e6 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge3_amd64.deb Size/MD5 checksum: 160454 b6f68df817e14a3c52422e4f0e810bd3 http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge3_amd64.deb Size/MD5 checksum: 10447584 94e37843d38106635045906d58bd9386 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge3_hppa.deb Size/MD5 checksum: 160482 947be2b50da1219d1cbcf9dab63b2280 http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge3_hppa.deb Size/MD5 checksum: 10596054 be4f110f1d50077b53e013d2824cc1d4 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge3_i386.deb Size/MD5 checksum: 160482 5b6f5d955d309e47fea09e97b24d7d58 http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge3_i386.deb Size/MD5 checksum: 10228974 6c38e3e691756beccd1ccfdba259d2a8 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge3_ia64.deb Size/MD5 checksum: 11419604 c99bb84c7a074900400e59de2b10dcce http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge3_ia64.deb Size/MD5 checksum: 160440 8887e35cc887febad15f9b6cf08694fe powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge3_powerpc.deb Size/MD5 checksum: 160488 6c9a8ba39a6bab1a47dd1da8e99a5205 http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge3_powerpc.deb Size/MD5 checksum: 10286504 7f5d4b747a51e9c72d1114f9bcf6a209 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/e/evolution/evolution-dev_2.0.4-2sarge3_s390.deb Size/MD5 checksum: 160438 a6e0c9b90c90b6815fd607899aeb7583 http://security.debian.org/pool/updates/main/e/evolution/evolution_2.0.4-2sarge3_s390.deb Size/MD5 checksum: 10638988 f10525a9b20cc799c0e000c3e81738ab Debian GNU/Linux 4.0 alias etch - --- Source archives: http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3.orig.tar.gz Size/MD5 checksum: 17176288 7af880364d53b18ba72b1f85f3813c81 http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch2.dsc Size/MD5 checksum: 2269 25a2e18e12a838535c3fd74525696fa0 http://security.debian.org/pool/updates/main/e/evolution/evolution_2.6.3-6etch2.diff.gz Size/MD5 checksum:37993 5f7815f2c6a24f3a0c940d773cca8fb1 Architecture independent packages:
Firewire Attack on Windows Vista
Hello, In the light of recent discussions about firewire / DMA hacks, we would like to throw in some of the results of our past research on this topic (done mainly by Peter Panholzer) in the form of a short whitepaper. In this paper, we demonstrate that the firewire unlock attack (as implemented in Adam Boileau´s winlockpwn) can be used against Windows Vista. The paper is available at: http://www.sec-consult.com/fileadmin/Whitepapers/Vista_Physical_Attacks.pdf Best regards, Bernhard -- _ Bernhard Mueller Security Consultant SEC Consult Unternehmensberatung GmbH www.sec-consult.com A-1190 Vienna, Mooslackengasse 17 phone +43 1 8903043 34 fax +43 1 8903043 15 mobile+43 676 840301 718 email [EMAIL PROTECTED] Firmenbuch Wiener Neustadt: 227896t, UID: ATU56165223 Firmensitz: Prof. Dr. Stephan Korenstraße 10, A-2700 Wiener Neustadt Advisor for your information security.
Re: Firewire Attack on Windows Vista
Dear All, That said the original work on this from metlstorm is in the news [1] and can be found here : http://storm.net.nz/projects/16 [1] http://it.slashdot.org/article.pl?sid=08/03/04/1258210from=rss -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
Multiple vulnerabilities in Perforce Server 2007.3/143793
### Luigi Auriemma Application: Perforce Server http://www.perforce.com Versions: = 2007.3/143793 Platforms:Windows, Unix, Linux and Mac Bugs: NULL pointers, invalid memory access and endless loop Exploitation: remote Date: 05 Mar 2008 Author: Luigi Auriemma e-mail: [EMAIL PROTECTED] web:aluigi.org ### 1) Introduction 2) Bugs 3) The Code 4) Fix ### === 1) Introduction === From vendor's website: Perforce SCM (Software Configuration Management) versions and manages source code and digital assets for enterprises large and small. ### === 2) Bugs === The Perforce server is affected by multiple vulnerabilities which allow any unauthenticated attacker to crash the server or consuming all its resources. The first type of vulnerabilities includes the NULL pointers generated by the absence of some parameters in the client's request and the lack of checks on the pointers returned by the functions which get these values from the packets. The commands affected by these NULL pointer vulnerabilities are the following: dm-FaultFile, dm-LazyCheck, dm-ResolvedFile, dm-OpenFile, crypto and possibly others. A secondary type of vulnerabilities is exploitable through the server-DiffFile and server-ReleaseFile commands, in this case the problem is caused by the 32 bit number provided by the client which is used as amount of elements in the initialization of an array. Another problem is then exploitable again with a malformed server-DiffFile command and allows to force the server in an endless loop which will cause its termination after having consumed all the memory and the resources of the system. ### === 3) The Code === http://aluigi.org/poc/perforces.zip ### == 4) Fix == No fix ### --- Luigi Auriemma http://aluigi.org
[ GLSA 200803-10 ] lighttpd: Multiple vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: lighttpd: Multiple vulnerabilities Date: March 05, 2008 Bugs: #211230, #211956 ID: 200803-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Multiple vulnerabilities have been discovered in lighttpd. Background == lighttpd is a lightweight high-performance web server. Affected packages = --- Package / Vulnerable / Unaffected --- 1 www-servers/lighttpd 1.4.18-r2= 1.4.18-r2 Description === lighttpd contains a calculation error when allocating the global file descriptor array (CVE-2008-0983). Furthermore, it sends the source of a CGI script instead of returning a 500 error (Internal Server Error) when the fork() system call fails (CVE-2008-). Impact == A remote attacker could exploit these vulnerabilities to cause a Denial of Service or gain the source of a CGI script. Workaround == There is no known workaround at this time. Resolution == All lighttpd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =www-servers/lighttpd-1.4.18-r2 References == [ 1 ] CVE-2008-0983 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983 [ 2 ] CVE-2008- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008- Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200803-10.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHzxPMuhJ+ozIKI5gRAungAJwINfZC2FZ4iEIxlamiBUjwmlflUgCfXXCM LORr9FwlLB0pZuIR6aJJFGE= =uoUo -END PGP SIGNATURE-
ERRATA: [ GLSA 200801-09 ] X.Org X server and Xfont library: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory [ERRATA UPDATE]GLSA 200801-09:03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: X.Org X server and Xfont library: Multiple vulnerabilities Date: January 20, 2008 Updated: March 05, 2008 Bugs: #204362, #208343 ID: 200801-09:03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Errata == The previous version of the X.Org X server (1.3.0.0-r4) did not properly address the integer overflow vulnerability in the MIT-SHM extension (CVE-2007-6429). It failed to check on Pixmaps of certain bit depths. All users of the X.Org X server package should upgrade to x11-base/xorg-server-1.3.0.0-r5. The corrected sections appear below. Affected packages = --- Package / Vulnerable / Unaffected --- 1 x11-base/xorg-server 1.3.0.0-r5 = 1.3.0.0-r5 2 x11-libs/libXfont 1.3.1-r1 = 1.3.1-r1 --- 2 affected packages on all of their supported architectures. --- Resolution == All X.Org X server users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =x11-base/xorg-server-1.3.0.0-r5 All X.Org Xfont library users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =x11-libs/libXfont-1.3.1-r1 References == [ 1 ] CVE-2007-5760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 [ 2 ] CVE-2007-5958 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 [ 3 ] CVE-2007-6427 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 [ 4 ] CVE-2007-6428 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 [ 5 ] CVE-2007-6429 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 [ 6 ] CVE-2008-0006 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 [ 7 ] X.Org security advisory http://lists.freedesktop.org/archives/xorg/2008-January/031918.html Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200801-09.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: This is a digitally signed message part.
[ MDVSA-2008:059 ] - Updated tcl packages fix vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:059 http://www.mandriva.com/security/ ___ Package : tcl Date: March 5, 2008 Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0 ___ Problem Description: A flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server's Tcl regular expression engine. This flaw can result in an infinite loop when processing certain regular expressions. The updated packages have been patched to correct these issues. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 ___ Updated Packages: Mandriva Linux 2007.0: bde7e57d9dc7d568c0390ba3db4b5a3c 2007.0/i586/libtcl8.4-8.4.13-1.1mdv2007.0.i586.rpm d5a61fcda52e37a15c19e7d5c068656e 2007.0/i586/libtcl8.4-devel-8.4.13-1.1mdv2007.0.i586.rpm b243426d0d7f8d0a10ba70651feaef03 2007.0/i586/tcl-8.4.13-1.1mdv2007.0.i586.rpm 4f287e93256eaf7c84a0448ef2008020 2007.0/SRPMS/tcl-8.4.13-1.1mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: fa6beda37d3eaf2200e3b30af08751e9 2007.0/x86_64/lib64tcl8.4-8.4.13-1.1mdv2007.0.x86_64.rpm 46aa8b711feb915543ae2191da82bd01 2007.0/x86_64/lib64tcl8.4-devel-8.4.13-1.1mdv2007.0.x86_64.rpm 105fc5f39986cc6db6b4adb068baf425 2007.0/x86_64/tcl-8.4.13-1.1mdv2007.0.x86_64.rpm 4f287e93256eaf7c84a0448ef2008020 2007.0/SRPMS/tcl-8.4.13-1.1mdv2007.0.src.rpm Mandriva Linux 2007.1: 5d5648b2bb457b157e1c30329f9891c7 2007.1/i586/libtcl8.4-8.4.14-1.1mdv2007.1.i586.rpm a98f64c60b59d32e54baf01275c85cbf 2007.1/i586/libtcl8.4-devel-8.4.14-1.1mdv2007.1.i586.rpm 62b8899728974799108afe5a5c39b34a 2007.1/i586/tcl-8.4.14-1.1mdv2007.1.i586.rpm 569e9de9c684040893255a5800b49037 2007.1/SRPMS/tcl-8.4.14-1.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: 817d49b898cc17e360141894c922e6cd 2007.1/x86_64/lib64tcl8.4-8.4.14-1.1mdv2007.1.x86_64.rpm 4b277a29b3c41b37010e7c10f9644f7f 2007.1/x86_64/lib64tcl8.4-devel-8.4.14-1.1mdv2007.1.x86_64.rpm 70bbb7e664ec0fd8636faf6734e205a3 2007.1/x86_64/tcl-8.4.14-1.1mdv2007.1.x86_64.rpm 569e9de9c684040893255a5800b49037 2007.1/SRPMS/tcl-8.4.14-1.1mdv2007.1.src.rpm Mandriva Linux 2008.0: b474df935ae9405261886dc3983876e7 2008.0/i586/libtcl-devel-8.5a6-4.1mdv2008.0.i586.rpm 6e675eb728a9e61b139b1084fd451298 2008.0/i586/libtcl8.5-8.5a6-4.1mdv2008.0.i586.rpm 50111e483a4d70a7522038532f583e7d 2008.0/i586/tcl-8.5a6-4.1mdv2008.0.i586.rpm 42741c6d8cd19fb3907ceb97d934a6f6 2008.0/SRPMS/tcl-8.5a6-4.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 72982af24a4ed7c44ec46f8f4b593dee 2008.0/x86_64/lib64tcl-devel-8.5a6-4.1mdv2008.0.x86_64.rpm 3acb0a9ebc9aab51b6ff23d316721518 2008.0/x86_64/lib64tcl8.5-8.5a6-4.1mdv2008.0.x86_64.rpm 35a0827df193416c3ea6400309b4ae30 2008.0/x86_64/tcl-8.5a6-4.1mdv2008.0.x86_64.rpm 42741c6d8cd19fb3907ceb97d934a6f6 2008.0/SRPMS/tcl-8.5a6-4.1mdv2008.0.src.rpm Corporate 3.0: 45c8fbd95bebbad1b23f8bb2b15abe31 corporate/3.0/i586/expect-8.4.5-3.3.C30mdk.i586.rpm a45706ad62f18aa9a9ee532ece27349f corporate/3.0/i586/itcl-8.4.5-3.3.C30mdk.i586.rpm f448c6df20f64d967bf51cfc89139c61 corporate/3.0/i586/tcl-8.4.5-3.3.C30mdk.i586.rpm 508f120b23e7de9f91e68b6416360c57 corporate/3.0/i586/tcllib-8.4.5-3.3.C30mdk.i586.rpm 78a9d355932b0584734f927bf0bd21cb corporate/3.0/i586/tclx-8.4.5-3.3.C30mdk.i586.rpm dc15072dc76732f54e7effc67aa506e9 corporate/3.0/i586/tix-8.4.5-3.3.C30mdk.i586.rpm 1ad401d437998a447f8767eac0ed3f64 corporate/3.0/i586/tk-8.4.5-3.3.C30mdk.i586.rpm aca59d9916edfbf607b42a089c4e51f5 corporate/3.0/SRPMS/tcltk-8.4.5-3.3.C30mdk.src.rpm Corporate 3.0/X86_64: ab9dcf95b516f63779a48fa5da217e2c corporate/3.0/x86_64/expect-8.4.5-3.3.C30mdk.x86_64.rpm ccf0b17e73baed1a5597698501d4e16c corporate/3.0/x86_64/itcl-8.4.5-3.3.C30mdk.x86_64.rpm 7004fe82ceadb690a1c537dfffa8a602 corporate/3.0/x86_64/tcl-8.4.5-3.3.C30mdk.x86_64.rpm 8082288dd36eefe4f59f288636d86f52 corporate/3.0/x86_64/tcllib-8.4.5-3.3.C30mdk.x86_64.rpm 0d535ba37b8521ba2aed9ef62597b91f corporate/3.0/x86_64/tclx-8.4.5-3.3.C30mdk.x86_64.rpm 8eb5591457bdac01a6ebd5946bedbae2 corporate/3.0/x86_64/tix-8.4.5-3.3.C30mdk.x86_64.rpm 73d05959408f8daba243008033d1214c corporate/3.0/x86_64/tk-8.4.5-3.3.C30mdk.x86_64.rpm aca59d9916edfbf607b42a089c4e51f5 corporate/3.0/SRPMS/tcltk-8.4.5-3.3.C30mdk.src.rpm Corporate 4.0: 5a24c2fa2c3ef75bf5a6a9c8e8d9fde4 corporate/4.0/i586/expect-8.4.11-1.3.20060mlcs4.i586.rpm 2f76f932af5019692972d3fe8cbe942b corporate/4.0/i586/itcl-8.4.11-1.3.20060mlcs4.i586.rpm
RE: Firewire Attack on Windows Vista
As somewhat indicated in the paper itself, these types of physical DMA attacks are possible against any PC-based OS, not just Windows. If that's true, why is the paper titled around Windows Vista? I guess it makes headlines faster. But isn't as important, if not more important, to say all PC-based systems have the same underlying problem? That it's a broader problem needing a broader solution, instead of picking on one OS vendor to get headlines? [Disclaimer: I'm a full-time Microsoft employee.] Roger * *Roger A. Grimes, InfoWorld, Security Columnist *CPA, CISSP, CISA, MCSE: Security (2000/2003), CEH, yada...yada... *email: [EMAIL PROTECTED] or [EMAIL PROTECTED] *Author of Windows Vista Security: Securing Vista Against Malicious Attacks (Wiley) *http://www.amazon.com/Windows-Vista-Security-Securing-Malicious/dp/0470101555 * -Original Message- From: Bernhard Mueller [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 05, 2008 10:54 AM To: Full Disclosure; Bugtraq Subject: Firewire Attack on Windows Vista Hello, In the light of recent discussions about firewire / DMA hacks, we would like to throw in some of the results of our past research on this topic (done mainly by Peter Panholzer) in the form of a short whitepaper. In this paper, we demonstrate that the firewire unlock attack (as implemented in Adam Boileau´s winlockpwn) can be used against Windows Vista. The paper is available at: http://www.sec-consult.com/fileadmin/Whitepapers/Vista_Physical_Attacks.pdf Best regards, Bernhard -- _ Bernhard Mueller Security Consultant SEC Consult Unternehmensberatung GmbH www.sec-consult.com A-1190 Vienna, Mooslackengasse 17 phone +43 1 8903043 34 fax +43 1 8903043 15 mobile+43 676 840301 718 email [EMAIL PROTECTED] Firmenbuch Wiener Neustadt: 227896t, UID: ATU56165223 Firmensitz: Prof. Dr. Stephan Korenstraße 10, A-2700 Wiener Neustadt Advisor for your information security.
[ MDVSA-2008:058 ] - Updated openldap packages fix multiple vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:058 http://www.mandriva.com/security/ ___ Package : openldap Date: March 5, 2008 Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0 ___ Problem Description: A vulnerability was found in slapo-pcache in slapd of OpenLDAP prior to 2.3.39 when running as a proxy-caching server. It would allocate memory using a malloc variant rather than calloc, which prevented an array from being properly initialized and could possibly allow attackers to cause a denial of service (CVE-2007-5708). Two vulnerabilities were found in how slapd handled modify (prior to 2.3.26) and modrdn (prior to 2.3.29) requests with NOOP control on objects stored in the BDB backend. An authenticated user with permission to perform modify (CVE-2007-6698) or modrdn (CVE-2008-0658) operations could cause slapd to crash. The updated packages have been patched to correct these issues. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5708 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6698 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0658 ___ Updated Packages: Mandriva Linux 2007.0: d4427f6f960dceb0a54887395688b02d 2007.0/i586/libldap2.3_0-2.3.27-2.2mdv2007.0.i586.rpm fb96499f3a33a20274b95ae1fe986938 2007.0/i586/libldap2.3_0-devel-2.3.27-2.2mdv2007.0.i586.rpm 0fe0f9a22d5a3d2b8d07170f7e02c360 2007.0/i586/libldap2.3_0-static-devel-2.3.27-2.2mdv2007.0.i586.rpm 248f3a65f570e22b7d1ec67e95a0249e 2007.0/i586/openldap-2.3.27-2.2mdv2007.0.i586.rpm 0ecb5d940de1ec31b1191110d3b40e4e 2007.0/i586/openldap-clients-2.3.27-2.2mdv2007.0.i586.rpm 43170f54bac53b30c6129b07253ab7f6 2007.0/i586/openldap-doc-2.3.27-2.2mdv2007.0.i586.rpm 16a103849faddc8b9e300bd7738b5bde 2007.0/i586/openldap-servers-2.3.27-2.2mdv2007.0.i586.rpm 53476478b042c2e59edf5a2ff330 2007.0/SRPMS/openldap-2.3.27-2.2mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: eb36e1526f2b3a3a03271edf66d2cca4 2007.0/x86_64/lib64ldap2.3_0-2.3.27-2.2mdv2007.0.x86_64.rpm 6b37c2ee41eb94cb65ec40d551538022 2007.0/x86_64/lib64ldap2.3_0-devel-2.3.27-2.2mdv2007.0.x86_64.rpm 6f009e31ac35621ffa9247501d583ed1 2007.0/x86_64/lib64ldap2.3_0-static-devel-2.3.27-2.2mdv2007.0.x86_64.rpm 445fb7aeb7818f0358659c91fb8ada70 2007.0/x86_64/openldap-2.3.27-2.2mdv2007.0.x86_64.rpm 3cc4725e66a377e07e908f48ee149acb 2007.0/x86_64/openldap-clients-2.3.27-2.2mdv2007.0.x86_64.rpm c5ba86642d7c9e6f3fe51d1201f9596c 2007.0/x86_64/openldap-doc-2.3.27-2.2mdv2007.0.x86_64.rpm 13f4514be8c8f989cc4a1537ec8f8177 2007.0/x86_64/openldap-servers-2.3.27-2.2mdv2007.0.x86_64.rpm 53476478b042c2e59edf5a2ff330 2007.0/SRPMS/openldap-2.3.27-2.2mdv2007.0.src.rpm Mandriva Linux 2007.1: 7cc3081ddcfd3db452d2e90036e3a628 2007.1/i586/libldap2.3_0-2.3.34-5.2mdv2007.1.i586.rpm fbc6f5333b7ca7796d95e8a3718f164a 2007.1/i586/libldap2.3_0-devel-2.3.34-5.2mdv2007.1.i586.rpm e7d258fa40a2a5c52314c856b3bc4fc1 2007.1/i586/libldap2.3_0-static-devel-2.3.34-5.2mdv2007.1.i586.rpm 589ef40a1af243f7664965fe090f7de2 2007.1/i586/openldap-2.3.34-5.2mdv2007.1.i586.rpm ce64d22f74a555746a408d86ab5c24cb 2007.1/i586/openldap-clients-2.3.34-5.2mdv2007.1.i586.rpm 35e5939274493799d93f2eca1388420a 2007.1/i586/openldap-doc-2.3.34-5.2mdv2007.1.i586.rpm 4dd84314508659366aaf95027f37896d 2007.1/i586/openldap-servers-2.3.34-5.2mdv2007.1.i586.rpm 1117b03409884c7799a1f7fd4ac29725 2007.1/i586/openldap-testprogs-2.3.34-5.2mdv2007.1.i586.rpm 67f80a1770d45f7e7e294bd8ec92846e 2007.1/i586/openldap-tests-2.3.34-5.2mdv2007.1.i586.rpm a686ce5b015b7accd63d327a0f898d84 2007.1/SRPMS/openldap-2.3.34-5.2mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: d47695976ba1bb63169509da41e57e07 2007.1/x86_64/lib64ldap2.3_0-2.3.34-5.2mdv2007.1.x86_64.rpm e6223017fb3b35792e680db1203aca6c 2007.1/x86_64/lib64ldap2.3_0-devel-2.3.34-5.2mdv2007.1.x86_64.rpm 320f8173708590828f70b4995d8ef2a8 2007.1/x86_64/lib64ldap2.3_0-static-devel-2.3.34-5.2mdv2007.1.x86_64.rpm 3b008b7ed26ea10234a13289e84f9388 2007.1/x86_64/openldap-2.3.34-5.2mdv2007.1.x86_64.rpm c158c817b74e2c1e678e8d34fef24a0e 2007.1/x86_64/openldap-clients-2.3.34-5.2mdv2007.1.x86_64.rpm 7b457f83f95361b82e3340cdbc5dcff1 2007.1/x86_64/openldap-doc-2.3.34-5.2mdv2007.1.x86_64.rpm fde2e695d34441ae77714de0fb42d1ba 2007.1/x86_64/openldap-servers-2.3.34-5.2mdv2007.1.x86_64.rpm 96715702c27b99497c5ec7aa917fb586 2007.1/x86_64/openldap-testprogs-2.3.34-5.2mdv2007.1.x86_64.rpm f55189544f96a7de67af997eae52631b
[USN-583-1] Evolution vulnerability
=== Ubuntu Security Notice USN-583-1 March 05, 2008 evolution vulnerability CVE-2008-0072 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: evolution 2.6.1-0ubuntu7.2 Ubuntu 6.10: evolution 2.8.1-0ubuntu4.2 Ubuntu 7.04: evolution 2.10.1-0ubuntu2.1 Ubuntu 7.10: evolution 2.12.1-0ubuntu1.1 After a standard system upgrade you need to restart Evolution to effect the necessary changes. Details follow: Ulf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails. A remote attacker could exploit this by sending a specially crafted email, resulting in arbitrary code execution. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.6.1-0ubuntu7.2.diff.gz Size/MD5: 203646 3015e8026cd5a91df8cb673c5fc39d40 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.6.1-0ubuntu7.2.dsc Size/MD5: 1402 0a32038fe5e071cb4c12935acf639c02 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.6.1.orig.tar.gz Size/MD5: 17037346 e2ba35f5eaa324d0eb552c1c87405042 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dbg_2.6.1-0ubuntu7.2_amd64.deb Size/MD5: 6578230 ef179b357cb7b454ae8393a366021314 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.6.1-0ubuntu7.2_amd64.deb Size/MD5: 216368 2d6ed392b174e90f21163fcc2163996c http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-plugins_2.6.1-0ubuntu7.2_amd64.deb Size/MD5: 333036 9583853b8fc369d9e991f20d25a92d53 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.6.1-0ubuntu7.2_amd64.deb Size/MD5: 4956256 897c8ff77d8826f2e3c66219c093a7e2 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dbg_2.6.1-0ubuntu7.2_i386.deb Size/MD5: 5741688 8d351e2a18ffa7de3009dd954b140f61 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.6.1-0ubuntu7.2_i386.deb Size/MD5: 216404 c75bba76d46736190548a063af944501 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-plugins_2.6.1-0ubuntu7.2_i386.deb Size/MD5: 304890 3fa8a69f8fbaffed47da761c0a7ce554 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.6.1-0ubuntu7.2_i386.deb Size/MD5: 4696720 155764faf320f37775cec333b9860a0d powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dbg_2.6.1-0ubuntu7.2_powerpc.deb Size/MD5: 6513184 d710da9eb147e08928020cee44565b18 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.6.1-0ubuntu7.2_powerpc.deb Size/MD5: 216408 48c0b9b3bd11332e796a3bba406ad990 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-plugins_2.6.1-0ubuntu7.2_powerpc.deb Size/MD5: 348230 8b3f5779fd665287f97f91ed68974571 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.6.1-0ubuntu7.2_powerpc.deb Size/MD5: 4838748 e94f9f1cb37ad60da4e7a9ba71607edb sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dbg_2.6.1-0ubuntu7.2_sparc.deb Size/MD5: 5824958 a1e84f2d584e46c40885b83498bf44a3 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-dev_2.6.1-0ubuntu7.2_sparc.deb Size/MD5: 216442 431edde18d17dcea720845998d07beb8 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution-plugins_2.6.1-0ubuntu7.2_sparc.deb Size/MD5: 304852 6b5b4d337f54af40bd98a57315da5b5b http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.6.1-0ubuntu7.2_sparc.deb Size/MD5: 4781836 6868fc03608119df8aa837556756be84 Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.8.1-0ubuntu4.2.diff.gz Size/MD5: 362867 c15866200e4d0b7e0e78895cf8e6fbc0 http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.8.1-0ubuntu4.2.dsc Size/MD5: 1373 f78da23f7ff3d726376659333ed21dee http://security.ubuntu.com/ubuntu/pool/main/e/evolution/evolution_2.8.1.orig.tar.gz Size/MD5: 17782443 0ce38f1ae7992e00eec3414e62cb3a59 amd64 architecture (Athlon64, Opteron, EM64T Xeon):