usn-151-4.txt

usn-151-4.txt: Posted Nov 9, 2005; Authored by Martin Pitt | Site security.ubuntu.com; Ubuntu Security Notice USN-151-4 - USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Since lsb-rpm is statically linked against the zlib library, it is also affected by these issues. The updated packages have been rebuilt against the fixed zlib.; tags | advisory, denial of service, arbitrary, code execution; systems | linux, ubuntu; SHA-256 | 1b544a04d39a8e0c1931a5d95ffca15fa1c6e2f736889f0d0e654b9062a98680; Download | Favorite | View

usn-151-4.txt

===========================================================
Ubuntu Security Notice USN-151-4    November 09, 2005
rpm vulnerability
CVE-2005-1849, CVE-2005-2096
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

lsb-rpm

The problem can be corrected by upgrading the affected package to
version 4.0.4-28ubuntu2.1 (for Ubuntu 4.10), 4.0.4-29ubuntu1.1 (for
Ubuntu 5.04), or 4.0.4-31ubuntu1.1 (for Ubuntu 5.10).  In general, a
standard system upgrade is sufficient to effect the necessary changes.

Details follow:

USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams.

Since lsb-rpm is statically linked against the zlib library, it is also
affected by these issues. The updated packagages have been rebuilt
against the fixed zlib.

Please note that lsb-rpm is not officially supported (it is in the "universe"
component of the archive).


Updated packages for Ubuntu 4.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1.diff.gz
      Size/MD5:   104152 3512e5a5982e80eec9c47097c1abcab0
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1.dsc
      Size/MD5:      743 75a216bf04376b2965fdc6f421da9117
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4.orig.tar.gz
      Size/MD5:  5865692 b0c3093d2f0d850760e59ac1db9bf152

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-28ubuntu2.1_amd64.deb
      Size/MD5:   484306 8d65173dc64656d07670eb76ef50c48c
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-28ubuntu2.1_amd64.deb
      Size/MD5:   382618 ab876104c24d65d40a42f4464b2cc2a4
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-28ubuntu2.1_amd64.deb
      Size/MD5:   879240 1e904758215537cb71185114d2d2fdce
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1_amd64.deb
      Size/MD5:   519706 be983d50f61cfd0260617aa1a5364686

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-28ubuntu2.1_i386.deb
      Size/MD5:   437176 6b366219315af863fbdaea691badc6e1
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-28ubuntu2.1_i386.deb
      Size/MD5:   359618 b395c5dc497897b59e64d389b0f06060
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-28ubuntu2.1_i386.deb
      Size/MD5:   815882 f4c442e7de8efd84c6f649debcd34200
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1_i386.deb
      Size/MD5:   516424 a16cc0c0303275537df571a683b48c61

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-28ubuntu2.1_powerpc.deb
      Size/MD5:   509710 89a59a25b06bd82d9b279ce44bff12b5
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-28ubuntu2.1_powerpc.deb
      Size/MD5:   386056 3f02d5ed65df1a5924d0b58f61966e03
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-28ubuntu2.1_powerpc.deb
      Size/MD5:   906620 b81695bb99a459690415851b704016b8
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-28ubuntu2.1_powerpc.deb
      Size/MD5:   525366 8a6775242836a0ff0f031508a9b7f1f6

Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-29ubuntu1.1.diff.gz
      Size/MD5:   104605 ded8ebf7a2e2f17f3c73eb761b2e688d
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-29ubuntu1.1.dsc
      Size/MD5:      743 6cc9d90aa7fc16b8f4b4bc0943e0999c
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4.orig.tar.gz
      Size/MD5:  5865692 b0c3093d2f0d850760e59ac1db9bf152

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-29ubuntu1.1_amd64.deb
      Size/MD5:   484510 031b93a22f11539c77bdde4c7a7fd942
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-29ubuntu1.1_amd64.deb
      Size/MD5:   382960 f3d2183092c18d4d955dc9f47b8bfd85
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-29ubuntu1.1_amd64.deb
      Size/MD5:   917666 fbed813e6386fb855bad364297231dcd
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-29ubuntu1.1_amd64.deb
      Size/MD5:   246620 0d4597422332fe23e596e6843399d5a2

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-29ubuntu1.1_i386.deb
      Size/MD5:   437506 c9d45c2c612849165cb24c4a696b2d99
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-29ubuntu1.1_i386.deb
      Size/MD5:   360084 62ff35425b9a1282faf601a8b6a42a46
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-29ubuntu1.1_i386.deb
      Size/MD5:   817326 f02954eba6d51835d4687ab8f201a94a
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-29ubuntu1.1_i386.deb
      Size/MD5:   242144 3aa62cae004a512e77e5400b4dcdad58

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-29ubuntu1.1_powerpc.deb
      Size/MD5:   510066 f1e4b85c2a191683779cc924713c6089
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-29ubuntu1.1_powerpc.deb
      Size/MD5:   386662 9ffd067e2f4909b51252fb821e18f918
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-29ubuntu1.1_powerpc.deb
      Size/MD5:   892954 d7aede34a0ed6bcc492bbfe264f23d08
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-29ubuntu1.1_powerpc.deb
      Size/MD5:   249702 0aa79e831af41fdf66149a03524ea95f

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-31ubuntu1.1.diff.gz
      Size/MD5:   105623 8e2337bba9b6c8c027bdb68eb75aafc0
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-31ubuntu1.1.dsc
      Size/MD5:      794 d33a163ca10c82c64617b746fb477317
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4.orig.tar.gz
      Size/MD5:  5865692 b0c3093d2f0d850760e59ac1db9bf152

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-31ubuntu1.1_amd64.deb
      Size/MD5:   495044 c31549b7e13a14e0893188bf6cb2f6c9
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-31ubuntu1.1_amd64.deb
      Size/MD5:   394174 c7c3a20b9e7fbb06a289db6f364fd6a6
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-31ubuntu1.1_amd64.deb
      Size/MD5:   983332 f33776b4ce3d03ef05df2ce3c0506189
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-31ubuntu1.1_amd64.deb
      Size/MD5:   246344 218b855da8afb60b9cb0b8c080593820

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-31ubuntu1.1_i386.deb
      Size/MD5:   437468 303a7fcf82954da89bd2cee396ce6ba6
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-31ubuntu1.1_i386.deb
      Size/MD5:   362410 35532ce8b4cdcdce6ae2408bda1384fa
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-31ubuntu1.1_i386.deb
      Size/MD5:   841566 88c9fa9c782451462f2d2b94d8b73431
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-31ubuntu1.1_i386.deb
      Size/MD5:   242302 a6fc5dd5819b6f76431e32e095d9e971

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm-dev_4.0.4-31ubuntu1.1_powerpc.deb
      Size/MD5:   505094 82125d87ee950a5445d123cc487513df
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/librpm4_4.0.4-31ubuntu1.1_powerpc.deb
      Size/MD5:   385584 6871ddddccc683c0e2c37aec8426850b
    http://security.ubuntu.com/ubuntu/pool/universe/r/rpm/lsb-rpm_4.0.4-31ubuntu1.1_powerpc.deb
      Size/MD5:  1015290 c34ad68589b0eebaba5b99c6f1ee95f5
    http://security.ubuntu.com/ubuntu/pool/main/r/rpm/rpm_4.0.4-31ubuntu1.1_powerpc.deb
      Size/MD5:   250512 dcea419a1d0640e65d4889d392b8353e

Top Authors In Last 30 Days

Red Hat 205 files
Ubuntu 84 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,350)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,266)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,658)
UNIX (9,425)
UnixWare (187)
Windows (6,666)
Other

usn-151-4.txt

usn-151-4.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

usn-151-4.txt

Share This

usn-151-4.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems