what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 425-1

Ubuntu Security Notice 425-1
Posted Feb 24, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 425-1 - A flaw was discovered in the permission checking code of slocate. When reporting matching files, locate would not correctly respect the parent directory's "read" bits. This could result in filenames being displayed when the file owner had expected them to remain hidden from other system users.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2007-0227
SHA-256 | 41c46478402143500bbce4296f3dce61208093c8929a01e4320377193fad7b16

Ubuntu Security Notice 425-1

Change Mirror Download
=========================================================== 
Ubuntu Security Notice USN-425-1 February 22, 2007
slocate vulnerability
CVE-2007-0227
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
slocate 3.0.beta.r3-1ubuntu0.1

Ubuntu 6.10:
slocate 3.1-1ubuntu0.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A flaw was discovered in the permission checking code of slocate. When
reporting matching files, locate would not correctly respect the parent
directory's "read" bits. This could result in filenames being displayed
when the file owner had expected them to remain hidden from other system
users.


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.0.beta.r3-1ubuntu0.1.diff.gz
Size/MD5: 8063 7eecd20fe954bbecc7024601c0ce1260
http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.0.beta.r3-1ubuntu0.1.dsc
Size/MD5: 684 d21f5d570fa7c79b1d335d35d7e6a5c7
http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.0.beta.r3.orig.tar.gz
Size/MD5: 29590 25e8bf6732a801f0470301fa84ef959e

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.0.beta.r3-1ubuntu0.1_amd64.deb
Size/MD5: 32262 9be75b99ab8009aa9692d1b793c41f68

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.0.beta.r3-1ubuntu0.1_i386.deb
Size/MD5: 30352 75625a80073abc76faf0afa539b30c25

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.0.beta.r3-1ubuntu0.1_powerpc.deb
Size/MD5: 31614 2d176a9806e41b00430cdcad7b9c244b

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.0.beta.r3-1ubuntu0.1_sparc.deb
Size/MD5: 30574 de584d717f3c389c1a5759a7f003bb3b

Updated packages for Ubuntu 6.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.1-1ubuntu0.1.diff.gz
Size/MD5: 8201 e2cac07776d27e0917fb2aa78b8f6d3f
http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.1-1ubuntu0.1.dsc
Size/MD5: 660 8b06c09cc529037c75aff55035e8a90c
http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.1.orig.tar.gz
Size/MD5: 30051 69b45865ebce0cbfeb430381f0eb8b51

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.1-1ubuntu0.1_amd64.deb
Size/MD5: 32384 d3ea172c7266defbebcdfb59d514b1de

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.1-1ubuntu0.1_i386.deb
Size/MD5: 31136 d1dde1cef1183781bda25b962ab466ec

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.1-1ubuntu0.1_powerpc.deb
Size/MD5: 31922 12a84a8029dbeb33bb65ff1a71785767

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/s/slocate/slocate_3.1-1ubuntu0.1_sparc.deb
Size/MD5: 31062 827164a9dee3431fe353bb04c061de97

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close