06 Sep 2009 | Por necromicon | Claves: 9 04, canonical, jackalope, jaunty, librerías, Linux, operativos, sistemas, ubuntu | # Enlace permanente
Como lo hace habitualmente y con frecuencia semanal Canonical dio a conocer las últimas actualizaciones relativas a las librerías de Ubuntu 9.04 Jaunty Jackalope relacionadas con la seguridad del sistema.
This package contains the dnsmasq executable and documentation, but not the infrastructure required to run it as a system daemon. For that, install the dnsmasq package.
Versione 2.47-3ubuntu0.1:
* fix remote buffer overflow in tftp server
- src/tftp.c: specify the correct number of bytes to strncat()
- http://www.thekelleys.org.uk/dnsmasq/dnsmasq.security.patch
- CVE-2009-2957
* fix remote denial of service from malicious tftp client
- src/tftp.c: fix logic error which caused strcasecmp() to be called on
a NULL string
- http://www.thekelleys.org.uk/dnsmasq/dnsmasq.security.patch
- CVE-2009-2958
This package contains the Mono Cairo library version 2.0.
Versione 2.0.1-4ubuntu0.1:
* SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
authentication bypass (LP: #409920)
- debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
match XMLDSIG erratum and add stricter checks.
- CVE-2009-0217
31 Ago 2009 | Por necromicon | Claves: actualizaciones, kernel, librerías, Linux, ubuntu | # Enlace permanente
Algunas de las actualizaciones del kernel y de las librerías de Ubuntu son las siguientes:
Versione 2.4.2-6ubuntu0.1:
* SECURITY UPDATE: fix improper handling of ‘\0′ in Common Name (CN) and
Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
– debian/patches/26_CVE-2009-2730.diff: verify length of CN and SAN
are what we expect and error out if either contains an embedded \0
– CVE-2009-2730
Versione 2.4.2-6ubuntu0.1:
* SECURITY UPDATE: fix improper handling of ‘\0′ in Common Name (CN) and
Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
– debian/patches/26_CVE-2009-2730.diff: verify length of CN and SAN
are what we expect and error out if either contains an embedded \0
– CVE-2009-2730
Versione 1:2.5.5-1ubuntu8.4:
* SECURITY UPDATE: arbitrary code execution via crafted MSNSLP packet
(LP: #415863)
– debian/patches/78_security_CVE-2009-2694.patch: properly destroy
slpmsg in libpurple/protocols/{msn,msnp9}/slplink.c.
– CVE-2009-2694
This package contains the utilities not included in the main libpurple0 package. Currently included are: purple-remote, purple-send, purple-send-async, and purple-url-handler
Versione 1:2.5.5-1ubuntu8.4:
* SECURITY UPDATE: arbitrary code execution via crafted MSNSLP packet
(LP: #415863)
– debian/patches/78_security_CVE-2009-2694.patch: properly destroy
slpmsg in libpurple/protocols/{msn,msnp9}/slplink.c.
– CVE-2009-2694
Some extra packages are suggested to use increased functionality:
* tcl8.4, tk8.4:
* Support for writing plugins with Tcl/Tk
Versione 2.6.28.15.20:
[Stefan Bader]
* Bump ABI to 15 for proposed kernel
Versione 2.6.28.15.20:
[Stefan Bader]
* Bump ABI to 15 for proposed kernel
This package will always depend on the latest complete generic Linux kernel available.
Versione 2.6.28-15.49:
[ Upstream Kernel Changes ]
* Make sock_sendpage() use kernel_sendpage()
– CVE-2009-2692
Versione 2.6.28-15.48:
[ Andy Whitcroft ]
* SAUCE: pnp: add PNP resource range checking function
– LP: #349314
* SAUCE: i915: enable MCHBAR if needed
– LP: #349314
[ Brad Figg ]
* SAUCE: Add information to recognize Toshiba Satellite Pro M10 Alps
Touchpad
– LP: #330885
[ Colin Ian King ]
* Input: atkbd – add forced release keys quirk for Samsung Q45
– LP: #347623
[ Manoj Iyer ]
* SAUCE: Added quirk to enable the installer to recognize NetXen NIC.
– LP: #389603
[ Stefan Bader ]
* SAUCE: input: Blacklist digitizers from joydev.c
– LP: #300143
[ Tim Gardner ]
* Revert “SAUCE: md: wait for possible pending deletes after stopping an
array”
– LP: #334994
[ Upstream Kernel Changes ]
* bonding: Fix updating of speed/duplex changes
– LP: #371651
* net: fix sctp breakage
– LP: #371651
* ipv6: don’t use tw net when accounting for recycled tw
– LP: #371651
* ipv6: Plug sk_buff leak in ipv6_rcv (net/ipv6/ip6_input.c)
– LP: #371651
* netfilter: nf_conntrack_tcp: fix unaligned memory access in tcp_sack
– LP: #371651
* xfrm: spin_lock() should be spin_unlock() in xfrm_state.c
– LP: #371651
* bridge: bad error handling when adding invalid ether address
– LP: #371651
* bas_gigaset: correctly allocate USB interrupt transfer buffer
– LP: #371651
* USB: EHCI: add software retry for transaction errors
– LP: #371651
* USB: fix USB_STORAGE_CYPRESS_ATACB
– LP: #371651
* USB: usb-storage: increase max_sectors for tape drives
– LP: #371651
* USB: gadget: fix rndis regression
– LP: #371651
* USB: add quirk to avoid config and interface strings
– LP: #371651
* cifs: fix buffer format byte on NT Rename/hardlink
– LP: #371651
* b43: fix b43_plcp_get_bitrate_idx_ofdm return type
– LP: #371651
* Add a missing unlock_kernel() in raw_open()
– LP: #371651
* x86, PAT, PCI: Change vma prot in pci_mmap to reflect inherited prot
– LP: #371651
* security/smack: fix oops when setting a size 0 SMACK64 xattr
– LP: #371651
* x86, setup: mark %esi as clobbered in E820 BIOS call
– LP: #371651
* dock: fix dereference after kfree()
– LP: #371651
* mm: define a UNIQUE value for AS_UNEVICTABLE flag
– LP: #371651
* mm: do_xip_mapping_read: fix length calculation
– LP: #371651
* vfs: skip I_CLEAR state inodes
– LP: #371651
* net/netrom: Fix socket locking
– LP: #371651
* kprobes: Fix locking imbalance in kretprobes
– LP: #371651
* netfilter: {ip, ip6, arp}_tables: fix incorrect loop detection
– LP: #371651
* ALSA: hda – add missing comma in ad1884_slave_vols
– LP: #371651
* SCSI: libiscsi: fix iscsi pool error path
– LP: #371651
* SCSI: libiscsi: fix iscsi pool error path again
– LP: #371651
* posixtimers, sched: Fix posix clock monotonicity
– LP: #371651
* sched: do not count frozen tasks toward load
– LP: #371651
* spi: spi_write_then_read() bugfixes
– LP: #371651
* powerpc: Fix data-corrupting bug in __futex_atomic_op
– LP: #371651
* hpt366: fix HPT370 DMA timeouts
– LP: #371651
* pata_hpt37x: fix HPT370 DMA timeouts
– LP: #371651
* mm: pass correct mm when growing stack
– LP: #371651
* SCSI: sg: fix races during device removal
– LP: #371651
* SCSI: sg: fix races with ioctl(SG_IO)
– LP: #371651
* SCSI: sg: avoid blk_put_request/blk_rq_unmap_user in interrupt
– LP: #371651
* usb gadget: fix ethernet link reports to ethtool
– LP: #371651
* USB: ftdi_sio: add vendor/project id for JETI specbos 1201 spectrometer
– LP: #371651
* USB: fix oops in cdc-wdm in case of malformed descriptors
– LP: #371651
* USB: usb-storage: augment unusual_devs entry for Simple Tech/Datafab
– LP: #371651
* Input: gameport – fix attach driver code
– LP: #371651
* r8169: Reset IntrStatus after chip reset
– LP: #371651
* hugetlbfs: return negative error code for bad mount option
– LP: #371651
* block: revert part of 18ce3751ccd488c78d3827e9f6bf54e6322676fb
– LP: #371651
* anon_inodes: use fops->owner for module refcount
– LP: #371651
* KVM: x86: Reset pending/inject NMI state on CPU reset
– LP: #371651
* KVM: call kvm_arch_vcpu_reset() instead of the kvm_x86_ops callback
– LP: #371651
*
Ultimos Comentarios