TITLE: Ubuntu update for cfengine SECUNIA ADVISORY ID: SA17142 VERIFY ADVISORY: http://secunia.com/advisories/17142/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Ubuntu Linux 5.04 http://secunia.com/product/5036/ Ubuntu Linux 4.10 http://secunia.com/product/4491/ DESCRIPTION: Ubuntu has issued an update for cfengine. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. For more information: SA17037 SOLUTION: Apply updated packages. -- Ubuntu 4.10 (Warty Warthog) -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1.diff.gz Size/MD5: 102867 ebd2d4596fe81bad3f87b69c0a1057cd http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1.dsc Size/MD5: 704 1cde3ab958c48f9cb64eb7005e44bfe9 http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.diff.gz Size/MD5: 102863 0fe4462348ac5db6e48f5ae4200223ee http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5.orig.tar.gz Size/MD5: 880066 fc02d8d56433f32020c3030192cad66e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine-doc_1.6.5-1ubuntu0.4.10.1_all.deb Size/MD5: 351924 ed29a178c45c8c539ef3b04afcefded0 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1_amd64.deb Size/MD5: 353892 44c62122d59a5f0974ad033dc6e80b4a i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1_i386.deb Size/MD5: 311784 cb66ad235cfdbe07a8f29d9d09f5e073 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1_powerpc.deb Size/MD5: 354564 4bdd42ce5b05c00bc314cb06df597dc3 -- Ubuntu 5.04 (Hoary Hedgehog) -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1.diff.gz Size/MD5: 102866 335e8d60109f38507a1f869a58595564 http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1.dsc Size/MD5: 704 a942df3e7d86a6d1f86126ddb648e6e9 http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5.orig.tar.gz Size/MD5: 880066 fc02d8d56433f32020c3030192cad66e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine-doc_1.6.5-1ubuntu0.5.04.1_all.deb Size/MD5: 386022 fcac1e988bae93f33c5da1ea37014055 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1_amd64.deb Size/MD5: 353878 073ffd567f5b5bfaa3160e878b46d9ba i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1_i386.deb Size/MD5: 311104 23232672fe6e8eb10f25133cf59680a9 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1_powerpc.deb Size/MD5: 354586 107e028030519395ee526224bdf31da5 ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-198-1 OTHER REFERENCES: SA17037: http://secunia.com/advisories/17037/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------