what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 560-1

Ubuntu Security Notice 560-1
Posted Jan 8, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 560-1 - Jan Oravec discovered that Tomboy did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2005-4790
SHA-256 | 232ac33c0b1ecabcabbfb7e07d463a43483a52bf13d409297c7a475feb425000

Ubuntu Security Notice 560-1

Change Mirror Download
=========================================================== 
Ubuntu Security Notice USN-560-1 January 07, 2008
tomboy vulnerability
CVE-2005-4790
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
tomboy 0.3.5-1ubuntu3.1

Ubuntu 6.10:
tomboy 0.4.1-0ubuntu3.1

Ubuntu 7.04:
tomboy 0.6.3-0ubuntu1.1

Ubuntu 7.10:
tomboy 0.8.0-1ubuntu0.1

After a standard system upgrade you need to restart Tomboy to effect
the necessary changes.

Details follow:

Jan Oravec discovered that Tomboy did not properly setup the
LD_LIBRARY_PATH environment variable. A local attacker could
exploit this to execute arbitrary code as the user invoking
the program.


Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.3.5-1ubuntu3.1.diff.gz
Size/MD5: 23933 6c9f715503954349ea56aeb86da98da6
http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.3.5-1ubuntu3.1.dsc
Size/MD5: 887 67368aeea634e7ea85404c08c7203752
http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.3.5.orig.tar.gz
Size/MD5: 665911 63da1e4c752fa8802b40eb5b4726ff35

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.3.5-1ubuntu3.1_amd64.deb
Size/MD5: 151414 66f0431f00f2b408d36142573e0ae81a

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.3.5-1ubuntu3.1_i386.deb
Size/MD5: 148058 20c1fad5297117a6b7a42ce22c542c09

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.3.5-1ubuntu3.1_powerpc.deb
Size/MD5: 149712 314fdc7e7c09989828f867076f3a9916

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.3.5-1ubuntu3.1_sparc.deb
Size/MD5: 148738 b966585a564a3a8485195ebc445c8811

Updated packages for Ubuntu 6.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.4.1-0ubuntu3.1.diff.gz
Size/MD5: 7320 9ee233ef334cd4df7ed06ca10f66a29f
http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.4.1-0ubuntu3.1.dsc
Size/MD5: 921 663cff08a633aea0a39432269e702bb5
http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.4.1.orig.tar.gz
Size/MD5: 937041 7e9ab15b8c799d265676173f8a8de7ce

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.4.1-0ubuntu3.1_amd64.deb
Size/MD5: 425900 4e7c700e7997cd0ea9c125d907765b47

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.4.1-0ubuntu3.1_i386.deb
Size/MD5: 423536 2233018b7964415d4d92f2226cceacae

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.4.1-0ubuntu3.1_powerpc.deb
Size/MD5: 424412 0658a6b6650b43cca494c6c54bc36a7c

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.4.1-0ubuntu3.1_sparc.deb
Size/MD5: 422726 279345713a6a1a2aad6f94ba95926a0e

Updated packages for Ubuntu 7.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.6.3-0ubuntu1.1.diff.gz
Size/MD5: 14285 c99ec66159af23c7c8bf0b34034c010a
http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.6.3-0ubuntu1.1.dsc
Size/MD5: 1142 f7be2cce138282dcadee5df308b756ae
http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.6.3.orig.tar.gz
Size/MD5: 1878094 566af33c4956e05512a57ae7a63c849f

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.6.3-0ubuntu1.1_amd64.deb
Size/MD5: 1198448 78c9f1957ebe8496234fb583ed577909

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.6.3-0ubuntu1.1_i386.deb
Size/MD5: 1196104 542d2466b008e9e258dc1cb4375a06f4

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.6.3-0ubuntu1.1_powerpc.deb
Size/MD5: 1200260 58b6d75c2db39bb929f5e1566bee9462

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.6.3-0ubuntu1.1_sparc.deb
Size/MD5: 1195606 8b2cce4383671a94d02f81f3492cf9f4

Updated packages for Ubuntu 7.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.8.0-1ubuntu0.1.diff.gz
Size/MD5: 12763 2c560717c1a85b755c88a868a9ae541c
http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.8.0-1ubuntu0.1.dsc
Size/MD5: 1070 4c87625903828c6a5405f75e1a9f4501
http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.8.0.orig.tar.gz
Size/MD5: 2535671 28cf74d74090c7479c5716d8cbe6ed6a

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.8.0-1ubuntu0.1_amd64.deb
Size/MD5: 2392716 7f03c42d8f7f06c413ea1e265582e446

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.8.0-1ubuntu0.1_i386.deb
Size/MD5: 2389672 09bb10c6e415f3d5310f4966b7871478

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.8.0-1ubuntu0.1_powerpc.deb
Size/MD5: 2396612 f3be6029861078af5aabb0c39760cbe2

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/t/tomboy/tomboy_0.8.0-1ubuntu0.1_sparc.deb
Size/MD5: 2388798 0aacedaf7c9a2b32ffa59562651df420

Login or Register to add favorites

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close