=========================================================== Ubuntu Security Notice USN-391-1 December 04, 2006 libgsf vulnerability CVE-2006-4514 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: libgsf-1 1.12.3-3ubuntu3.1 Ubuntu 6.06 LTS: libgsf-1-113 1.13.99-0ubuntu2.1 Ubuntu 6.10: libgsf-1-114 1.14.1-2ubuntu1.1 After a standard system upgrade you need to restart your desktop session to effect the necessary changes. Details follow: A heap overflow was discovered in the OLE processing code in libgsf. If a user were tricked into opening a specially crafted OLE document, an attacker could execute arbitrary code with the user's privileges. Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.12.3-3ubuntu3.1.diff.gz Size/MD5: 27753 80621e2ac15a13b5287615a1be6b607c http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.12.3-3ubuntu3.1.dsc Size/MD5: 850 e4f4a30353ddd96a4b0fb9c2609f6175 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.12.3.orig.tar.gz Size/MD5: 693033 976b3563b39d22d303b912a7dd336e50 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dbg_1.12.3-3ubuntu3.1_amd64.deb Size/MD5: 93916 e3f251d2a19dd04508b3fd70118fea9b http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.12.3-3ubuntu3.1_amd64.deb Size/MD5: 224874 cf37dac4ff14f771d8a282dfeced02d9 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1_1.12.3-3ubuntu3.1_amd64.deb Size/MD5: 127156 d7c0a9ba1e3aa0ad9d0fa3cd9eb15a9b http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dbg_1.12.3-3ubuntu3.1_amd64.deb Size/MD5: 10806 ec1d092fc45eb5d0fb1253f427f38a5c http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.12.3-3ubuntu3.1_amd64.deb Size/MD5: 56998 9ead84cd7f21f16afede42b7bc5641fd http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1_1.12.3-3ubuntu3.1_amd64.deb Size/MD5: 49902 6dccb6462809ec7c3a1df450141e4999 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dbg_1.12.3-3ubuntu3.1_i386.deb Size/MD5: 86528 7ba7b433ee55244de36652d87256e2c1 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.12.3-3ubuntu3.1_i386.deb Size/MD5: 208374 76524689f50ffe03b125c504c4898ca0 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1_1.12.3-3ubuntu3.1_i386.deb Size/MD5: 119320 adeca028c0d161f4ef51861ca3f1ca4a http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dbg_1.12.3-3ubuntu3.1_i386.deb Size/MD5: 9882 0a768d6ea600c3522cce25a0a90d5928 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.12.3-3ubuntu3.1_i386.deb Size/MD5: 56072 911ec2cfba647e50a653b75e69024e04 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1_1.12.3-3ubuntu3.1_i386.deb Size/MD5: 49386 194b149dfe80139285ed17e07df361bc powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dbg_1.12.3-3ubuntu3.1_powerpc.deb Size/MD5: 96010 c6bd3befc34850dbb2c2878508af0df5 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.12.3-3ubuntu3.1_powerpc.deb Size/MD5: 230668 e65c9f0e97d2a57087367364f5dd6255 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1_1.12.3-3ubuntu3.1_powerpc.deb Size/MD5: 129918 72f74656095359513b5d4a08d488ac75 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dbg_1.12.3-3ubuntu3.1_powerpc.deb Size/MD5: 12526 84cd66738f8722663f33d2b3aed58ace http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.12.3-3ubuntu3.1_powerpc.deb Size/MD5: 57162 b05d543c92c391f0c6ddd2e100baa99c http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1_1.12.3-3ubuntu3.1_powerpc.deb Size/MD5: 51180 dd8d3a43ff9885747e4e6f524cb1c5e2 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dbg_1.12.3-3ubuntu3.1_sparc.deb Size/MD5: 90552 767d0cdc300d3c4a7f208f510abb96ab http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.12.3-3ubuntu3.1_sparc.deb Size/MD5: 217050 58be4ccddce2a59201686b95f3dd95bd http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1_1.12.3-3ubuntu3.1_sparc.deb Size/MD5: 124138 67a412538e0325c2e5281bcb72d5e773 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dbg_1.12.3-3ubuntu3.1_sparc.deb Size/MD5: 9734 105ed044c45d9fd15140f0197151b561 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.12.3-3ubuntu3.1_sparc.deb Size/MD5: 56502 dc87b8a235afa899b731dd802b258190 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1_1.12.3-3ubuntu3.1_sparc.deb Size/MD5: 49386 77bee1354c91c61874f28a059f029016 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.13.99-0ubuntu2.1.diff.gz Size/MD5: 9363 b1c523b8d8d38c7304441f4911a45358 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.13.99-0ubuntu2.1.dsc Size/MD5: 893 40e98355919e234ae2d344b35033b6c5 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.13.99.orig.tar.gz Size/MD5: 740978 dfd0c75b75066c4f30d484c79c045a62 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-common_1.13.99-0ubuntu2.1_all.deb Size/MD5: 44520 1e5736725ef753e9ce8ae592d8d6d77e amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-1-113-dbg_1.13.99-0ubuntu2.1_amd64.deb Size/MD5: 100194 1c1f61eb471bdacebb9b560ab6de14c2 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-113_1.13.99-0ubuntu2.1_amd64.deb Size/MD5: 129670 6d6e52bde88de0d68949c1fbba6c3165 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.13.99-0ubuntu2.1_amd64.deb Size/MD5: 240642 b6e5163afb458255e6672bb91363ea93 http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.13.99-0ubuntu2.1_amd64.deb Size/MD5: 51230 804d35ba7f4878b06ae14c01b2d21fea http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-gnome-1-113-dbg_1.13.99-0ubuntu2.1_amd64.deb Size/MD5: 10744 82daa38d026b93f917e312199c018b08 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-113_1.13.99-0ubuntu2.1_amd64.deb Size/MD5: 52686 701b5d256a00525c6d4b40fba6841e20 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.13.99-0ubuntu2.1_amd64.deb Size/MD5: 60278 68d31197c6ae7124ae04f711b15ba5b4 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-1-113-dbg_1.13.99-0ubuntu2.1_i386.deb Size/MD5: 92654 bcb9d24b9016e846f894edda0fcfd876 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-113_1.13.99-0ubuntu2.1_i386.deb Size/MD5: 121370 2fe82e4c0194aa74dd63c24d0b594872 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.13.99-0ubuntu2.1_i386.deb Size/MD5: 222942 46e3a01f6c482e1915ab0189490a9ce9 http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.13.99-0ubuntu2.1_i386.deb Size/MD5: 51108 3e5126f0dac4a1dd275ba0226c0cd9bb http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-gnome-1-113-dbg_1.13.99-0ubuntu2.1_i386.deb Size/MD5: 9812 770fa769202ea9f386ed8e80e95e23f7 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-113_1.13.99-0ubuntu2.1_i386.deb Size/MD5: 52160 16bf0d5d03d01dc71c3a55fed9e5e036 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.13.99-0ubuntu2.1_i386.deb Size/MD5: 59356 ac80966bdca86c14889eb1695a156472 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-1-113-dbg_1.13.99-0ubuntu2.1_powerpc.deb Size/MD5: 101980 53744f68ed423a7fe66d503915a10e24 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-113_1.13.99-0ubuntu2.1_powerpc.deb Size/MD5: 130764 291a79c8ef5da7d71014b8e4c4aa3ae1 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.13.99-0ubuntu2.1_powerpc.deb Size/MD5: 247112 9ae3b0a2cacdc9434ab69b002a51ba1d http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.13.99-0ubuntu2.1_powerpc.deb Size/MD5: 52914 6e2cffd5f173e5d607c9848642ee6131 http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-gnome-1-113-dbg_1.13.99-0ubuntu2.1_powerpc.deb Size/MD5: 12420 ca70e82767500f48de7f322b160a706b http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-113_1.13.99-0ubuntu2.1_powerpc.deb Size/MD5: 53986 37edad0daf13f5735c02aa19865e9558 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.13.99-0ubuntu2.1_powerpc.deb Size/MD5: 60458 f0807524a5015359301e881e2bd60db0 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-1-113-dbg_1.13.99-0ubuntu2.1_sparc.deb Size/MD5: 96218 be46011a498d119d834e286f43b77278 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-113_1.13.99-0ubuntu2.1_sparc.deb Size/MD5: 125986 85ea3ce9588a52019a8e5e2f8be298bd http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.13.99-0ubuntu2.1_sparc.deb Size/MD5: 231860 6820fff8de91dd44e6bbaa4cbb01b165 http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.13.99-0ubuntu2.1_sparc.deb Size/MD5: 51246 f31f57b09a465c1bdf250b55ac6a5a5d http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-gnome-1-113-dbg_1.13.99-0ubuntu2.1_sparc.deb Size/MD5: 9652 ed2eba00c8360233cdb9574d878aea37 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-113_1.13.99-0ubuntu2.1_sparc.deb Size/MD5: 52142 78de48d6c9602c35e0ce831895310462 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.13.99-0ubuntu2.1_sparc.deb Size/MD5: 59762 8e0f17ca33004cf4061d01217a6f631e Updated packages for Ubuntu 6.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.14.1-2ubuntu1.1.diff.gz Size/MD5: 9276 bb8529ca4bbca6befd63abf9d5ee6bd3 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.14.1-2ubuntu1.1.dsc Size/MD5: 886 8a360c2db8e5f18d3ff10150a678bf66 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.14.1.orig.tar.gz Size/MD5: 736910 bf918b450a946a365719f78a957700bf Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-common_1.14.1-2ubuntu1.1_all.deb Size/MD5: 45716 1cf2b68bb59e6c99406718d95e85b51b amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114-dbg_1.14.1-2ubuntu1.1_amd64.deb Size/MD5: 101202 2fc4818219dd2eec12be797f9694e2d1 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114_1.14.1-2ubuntu1.1_amd64.deb Size/MD5: 132190 4919dee1959bd79ef9b9e687e05faccb http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.14.1-2ubuntu1.1_amd64.deb Size/MD5: 241188 254fef90bced7a4c7af377534b3abbf0 http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.14.1-2ubuntu1.1_amd64.deb Size/MD5: 53160 07c590ffa9b4678b415dd2f43705f5c9 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114-dbg_1.14.1-2ubuntu1.1_amd64.deb Size/MD5: 10768 5fbf90f0eecda7b4b5ff445aeecd41f0 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114_1.14.1-2ubuntu1.1_amd64.deb Size/MD5: 54292 d2278a4d4e1b3adfae427c40416c038d http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.14.1-2ubuntu1.1_amd64.deb Size/MD5: 61232 ead489a5ea7dd59be1958e5ad9b9dce1 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114-dbg_1.14.1-2ubuntu1.1_i386.deb Size/MD5: 97614 a581f24e84734643739425a131e16b35 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114_1.14.1-2ubuntu1.1_i386.deb Size/MD5: 127752 48371720e8b5a76b30be2a57cbb6e3fc http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.14.1-2ubuntu1.1_i386.deb Size/MD5: 226382 b74f367c699e81dca2cbfa83d90cf2d5 http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.14.1-2ubuntu1.1_i386.deb Size/MD5: 52754 1baf5e199555747eeeb9059c443ace50 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114-dbg_1.14.1-2ubuntu1.1_i386.deb Size/MD5: 10158 3d73aa4297945362a562b3b24b345c95 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114_1.14.1-2ubuntu1.1_i386.deb Size/MD5: 53642 161a02edd48a803d3d088a6bb592e0e4 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.14.1-2ubuntu1.1_i386.deb Size/MD5: 60252 05fb5a2706802e46a7fed8639537d377 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114-dbg_1.14.1-2ubuntu1.1_powerpc.deb Size/MD5: 103532 bf47b7789302ef795e12d7539b89f561 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114_1.14.1-2ubuntu1.1_powerpc.deb Size/MD5: 133352 6b66a2247fb20df145507c05fb68f12c http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.14.1-2ubuntu1.1_powerpc.deb Size/MD5: 247112 7215b6cfc282fbc2b6f87c44ee10629b http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.14.1-2ubuntu1.1_powerpc.deb Size/MD5: 54614 7ae855105d1039b60a396d5279bbb37f http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114-dbg_1.14.1-2ubuntu1.1_powerpc.deb Size/MD5: 12586 9d6fd3c99baae16902b57be2e0f55b66 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114_1.14.1-2ubuntu1.1_powerpc.deb Size/MD5: 55228 fe64dd66a2dbfd43ddb2ca8d5ec59388 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.14.1-2ubuntu1.1_powerpc.deb Size/MD5: 61102 5afa1603f0189763620b0d50b1a114eb sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114-dbg_1.14.1-2ubuntu1.1_sparc.deb Size/MD5: 97862 deeb1a4f46bf418ef9d21942d433102c http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114_1.14.1-2ubuntu1.1_sparc.deb Size/MD5: 128736 f243a563faa9be216fdd8715137ef7b0 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.14.1-2ubuntu1.1_sparc.deb Size/MD5: 232330 0a425b8e18460919255522d84238a4f2 http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.14.1-2ubuntu1.1_sparc.deb Size/MD5: 52886 ba50b41aa260d9a8fe163d1a6cfeddda http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114-dbg_1.14.1-2ubuntu1.1_sparc.deb Size/MD5: 9702 f96c8d050d8d50e32f5e75906c902ae3 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114_1.14.1-2ubuntu1.1_sparc.deb Size/MD5: 53318 6cdd39d0eaf62737cb0818c2d8deca05 http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.14.1-2ubuntu1.1_sparc.deb Size/MD5: 60388 2368454dd6d4020d95871f8abd5c7a0a