Ubuntu Security Notice 268-1

Ubuntu Security Notice 268-1: Posted Apr 6, 2006; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-268-1 - kaffeine vulnerability; tags | advisory; systems | linux, ubuntu; SHA-256 | 90b207e07e65f478b92888e12fe9baafe5f821182a5bb023309f6b31cc7dc209; Download | Favorite | View

Ubuntu Security Notice 268-1


--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-268-1       April 06, 2006
kaffeine vulnerability
CVE-2006-0051
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

kaffeine

The problem can be corrected by upgrading the affected package to
version 0.6-0ubuntu2.1 (for Ubuntu 5.04), or 0.7-0ubuntu4.1 (for
Ubuntu 5.10).  In general, a standard system upgrade is sufficient to
effect the necessary changes.

Details follow:

Marcus Meissner discovered a buffer overflow in the http_peek()
function. By tricking an user into opening a specially crafted
playlist URL with Kaffeine, a remote attacker could exploit this to
execute arbitrary code with the user's privileges.


Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.6-0ubuntu2.1.diff.gz
      Size/MD5:     7200 facd12265ce5deaf5a1c746bc85b2360
    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.6-0ubuntu2.1.dsc
      Size/MD5:      685 1c9b31b311550cf847ed3e9340a31485
    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.6.orig.tar.gz
      Size/MD5:  2247001 d5f32519543fa8afce5e5e0a117f6c56

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.6-0ubuntu2.1_amd64.deb
      Size/MD5:  1171346 cfd17accea063bc120523f06d667968c

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.6-0ubuntu2.1_i386.deb
      Size/MD5:  1139156 07f512ac7d609fd3dcf5fa2b7a1b0e35

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.6-0ubuntu2.1_powerpc.deb
      Size/MD5:  1126536 fc49dd3038ce7b0c5e81685f562ee1c7

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.7-0ubuntu4.1.diff.gz
      Size/MD5:    10495 81fc4e07c72f1d46f81f238ccccdf22e
    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.7-0ubuntu4.1.dsc
      Size/MD5:      849 41fd937b536732e7cd970dddc797f80e
    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.7.orig.tar.gz
      Size/MD5:  3011261 ea24dab79dbae48a90d6758857c30669

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine-gstreamer_0.7-0ubuntu4.1_amd64.deb
      Size/MD5:    81558 e343e7152dbdb0b235620a8f0cb014c6
    http://security.ubuntu.com/ubuntu/pool/universe/k/kaffeine/kaffeine-xine_0.7-0ubuntu4.1_amd64.deb
      Size/MD5:   192416 c515b32994321ae77e9bb52637e01752
    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.7-0ubuntu4.1_amd64.deb
      Size/MD5:  1529630 c0c644831b0dd8cca3c97e7ae439a6c2

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine-gstreamer_0.7-0ubuntu4.1_i386.deb
      Size/MD5:    76294 137aedd5a6cd5863c0560880fcfd5348
    http://security.ubuntu.com/ubuntu/pool/universe/k/kaffeine/kaffeine-xine_0.7-0ubuntu4.1_i386.deb
      Size/MD5:   179456 20ea251a0d39070bae0152c4c196d2f9
    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.7-0ubuntu4.1_i386.deb
      Size/MD5:  1501156 9dc4454dc44a67d0f34642030beda936

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine-gstreamer_0.7-0ubuntu4.1_powerpc.deb
      Size/MD5:    76660 18f99d0f438f9a3950be3e906c0623bf
    http://security.ubuntu.com/ubuntu/pool/universe/k/kaffeine/kaffeine-xine_0.7-0ubuntu4.1_powerpc.deb
      Size/MD5:   177802 c6913eac8e9885578cc8187b247fa91c
    http://security.ubuntu.com/ubuntu/pool/main/k/kaffeine/kaffeine_0.7-0ubuntu4.1_powerpc.deb
      Size/MD5:  1501428 43d7d7c5776be6ac8c32f01da3fec147

--HcAYCG3uE/tztfnV
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFENUhXDecnbV4Fd/IRAtovAKCJd7rA/YxZNyVe/Vn+02cgnBRYiwCfRq5K
N/NCqDfwisi44YRSktQvRh4=
=8LeB
-----END PGP SIGNATURE-----

--HcAYCG3uE/tztfnV--

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 150 files
Jay Turla 150 files
Ubuntu 64 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,119)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,136)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,775)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,828)
UNIX (9,454)
UnixWare (188)
Windows (6,766)
Other

Ubuntu Security Notice 268-1

Ubuntu Security Notice 268-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice 268-1

Share This

Ubuntu Security Notice 268-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems