=========================================================== Ubuntu Security Notice USN-948-1 June 03, 2010 gnutls12 vulnerability CVE-2006-7239 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libgnutls12 1.2.9-2ubuntu1.8 In general, a standard system update will make all the necessary changes. Details follow: It was discovered that GnuTLS did not always properly verify the hash algorithm of X.509 certificates. If an application linked against GnuTLS processed a crafted certificate, an attacker could make GnuTLS dereference a NULL pointer and cause a DoS via application crash. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/gnutls12_1.2.9-2ubuntu1.8.diff.gz Size/MD5: 558633 cfa2b4b5dca0d47cd1f99e40ec65a39a http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/gnutls12_1.2.9-2ubuntu1.8.dsc Size/MD5: 827 525c9dffc5df8c6c312af2ea6d387548 http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/gnutls12_1.2.9.orig.tar.gz Size/MD5: 3305475 4e1a2e9c22c7d6459d5eb5e6484a19c4 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/libgnutls-dev_1.2.9-2ubuntu1.8_amd64.deb Size/MD5: 492576 1e3a14750f107c78ead283ebacb76750 http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/libgnutls12_1.2.9-2ubuntu1.8_amd64.deb Size/MD5: 421484 63c7d9fe2694083aa660deb2c88f48ac http://security.ubuntu.com/ubuntu/pool/universe/g/gnutls12/gnutls-bin_1.2.9-2ubuntu1.8_amd64.deb Size/MD5: 289240 7d7f7c6a6d8eae25717ab86059f7f503 http://security.ubuntu.com/ubuntu/pool/universe/g/gnutls12/libgnutls12-dbg_1.2.9-2ubuntu1.8_amd64.deb Size/MD5: 644314 24566e8f7a17f027ac6a03e15ef9f0cc i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/libgnutls-dev_1.2.9-2ubuntu1.8_i386.deb Size/MD5: 446466 bd160ef2aa91584b1da2552092a9baf4 http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/libgnutls12_1.2.9-2ubuntu1.8_i386.deb Size/MD5: 374316 070a982b790588479d2ff20f3b74467e http://security.ubuntu.com/ubuntu/pool/universe/g/gnutls12/gnutls-bin_1.2.9-2ubuntu1.8_i386.deb Size/MD5: 273046 d5d27abcb746ec11676bc33e67054ef8 http://security.ubuntu.com/ubuntu/pool/universe/g/gnutls12/libgnutls12-dbg_1.2.9-2ubuntu1.8_i386.deb Size/MD5: 579606 022fc6f598ced60f89df44fc7e344493 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/libgnutls-dev_1.2.9-2ubuntu1.8_powerpc.deb Size/MD5: 485576 265f3737838d55b7086b4532b4782c4f http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/libgnutls12_1.2.9-2ubuntu1.8_powerpc.deb Size/MD5: 392298 c64576267ba35071e3849cb3ba0e0c61 http://security.ubuntu.com/ubuntu/pool/universe/g/gnutls12/gnutls-bin_1.2.9-2ubuntu1.8_powerpc.deb Size/MD5: 289544 03137eecbe12b3b29ffdb1324a0142a7 http://security.ubuntu.com/ubuntu/pool/universe/g/gnutls12/libgnutls12-dbg_1.2.9-2ubuntu1.8_powerpc.deb Size/MD5: 636974 5ace4beaeeb425e52dc4530b8a2767b8 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/libgnutls-dev_1.2.9-2ubuntu1.8_sparc.deb Size/MD5: 482124 fe2acbbf637d0395c89076b55d9d1a49 http://security.ubuntu.com/ubuntu/pool/main/g/gnutls12/libgnutls12_1.2.9-2ubuntu1.8_sparc.deb Size/MD5: 377674 a2b5715015b403d08c8418ee6505b341 http://security.ubuntu.com/ubuntu/pool/universe/g/gnutls12/gnutls-bin_1.2.9-2ubuntu1.8_sparc.deb Size/MD5: 274178 63e516eda8eddd462e3e441e6db8c948 http://security.ubuntu.com/ubuntu/pool/universe/g/gnutls12/libgnutls12-dbg_1.2.9-2ubuntu1.8_sparc.deb Size/MD5: 571530 b44f3b90199eca351b71bd5a20108d28