Wed, 18 Jun 2008 14:22:13 -0700

Description:

=========================================================== Ubuntu Security Notice USN-612-11 June 18, 2008 openssl-blacklist update http://www.ubuntu.com/usn/usn-612-1 http://www.ubuntu.com/usn/usn-612-3 http://www.ubuntu.com/usn/usn-612-8 http://www.ubuntu.com/usn/usn-612-9 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: openssl-blacklist 0.3.3+0.4-0ubuntu0.6.06.2 openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.6.06.2 Ubuntu 7.04: openssl-blacklist 0.3.3+0.4-0ubuntu0.7.04.2 openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.7.04.2 Ubuntu 7.10: openssl-blacklist 0.3.3+0.4-0ubuntu0.7.10.2 openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.7.10.2 Ubuntu 8.04 LTS: openssl-blacklist 0.3.3+0.4-0ubuntu0.8.04.3 openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.8.04.3 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-612-3 addressed a weakness in OpenSSL certificate and key generation and introduced openssl-blacklist to aid in detecting vulnerable certificates and keys. This update adds RSA-4096 blacklists to the openssl-blacklist-extra package and adjusts openssl-vulnkey to properly handle RSA-4096 and higher moduli. Original advisory details: A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates.

USN-617-1: Samba vulnerabilities

Tue, 17 Jun 2008 16:21:52 -0700

Referenced CVEs:

CVE-2007-4572, CVE-2008-1105

Description:

=========================================================== Ubuntu Security Notice USN-617-1 June 17, 2008 samba vulnerabilities CVE-2007-4572, CVE-2008-1105 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libsmbclient 3.0.22-1ubuntu3.7 samba 3.0.22-1ubuntu3.7 Ubuntu 7.04: libsmbclient 3.0.24-2ubuntu1.6 samba 3.0.24-2ubuntu1.6 Ubuntu 7.10: libsmbclient 3.0.26a-1ubuntu2.4 samba 3.0.26a-1ubuntu2.4 Ubuntu 8.04 LTS: libsmbclient 3.0.28a-1ubuntu4.2 samba 3.0.28a-1ubuntu4.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572) Alin Rad Pop of Secunia Research discovered that Samba did not properly perform bounds checking when parsing SMB replies. A remote attacker could send crafted SMB packets and execute arbitrary code. (CVE-2008-1105)

USN-616-1: X.org vulnerabilities

Fri, 13 Jun 2008 00:22:47 -0700

Referenced CVEs:

CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362

Description:

=========================================================== Ubuntu Security Notice USN-616-1 June 13, 2008 xorg-server vulnerabilities CVE-2008-1377, CVE-2008-1379, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: xserver-xorg-core 1:1.0.2-0ubuntu10.13 Ubuntu 7.04: xserver-xorg-core 2:1.2.0-3ubuntu8.4 Ubuntu 7.10: xserver-xorg-core 2:1.3.0.0.dfsg-12ubuntu8.4 Ubuntu 8.04 LTS: xserver-xorg-core 2:1.4.1~git20080131-1ubuntu9.2 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: Multiple flaws were found in the RENDER, RECORD, and Security extensions of X.org which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges or crash X. (CVE-2008-1377, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362) It was discovered that the MIT-SHM extension of X.org did not correctly validate the location of memory during an image copy. An authenticated attacker could exploit this to read arbitrary memory locations within X, exposing sensitive information. (CVE-2008-1379)

USN-612-9: openssl-blacklist update

Thu, 12 Jun 2008 18:23:41 -0700

Description:

=========================================================== Ubuntu Security Notice USN-612-9 June 12, 2008 openssl-blacklist update http://www.ubuntu.com/usn/usn-612-1 http://www.ubuntu.com/usn/usn-612-3 http://www.ubuntu.com/usn/usn-612-8 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: openssl-blacklist 0.3.3+0.4-0ubuntu0.6.06.1 openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.6.06.1 Ubuntu 7.04: openssl-blacklist 0.3.3+0.4-0ubuntu0.7.04.1 openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.7.04.1 Ubuntu 7.10: openssl-blacklist 0.3.3+0.4-0ubuntu0.7.10.1 openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.7.10.1 Ubuntu 8.04 LTS: openssl-blacklist 0.3.3+0.4-0ubuntu0.8.04.1 openssl-blacklist-extra 0.3.3+0.4-0ubuntu0.8.04.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys. This update enhances the openssl-vulnkey tool to check Certificate Signing Requests, accept input from STDIN, and check moduli without a certificate. It was also discovered that additional moduli are vulnerable if generated with OpenSSL 0.9.8g or higher. While it is believed that there are few of these vulnerable moduli in use, this update includes updated RSA-1024 and RSA-2048 blacklists. RSA-512 blacklists are also included in the new openssl-blacklist-extra package. You can check for weak SSL/TLS certificates by installing openssl-blacklist via your package manager, and using the openssl-vulnkey command. $ openssl-vulnkey /path/to/certificate_or_key $ cat /path/to/certificate_or_key | openssl-vulnkey - You can also check if a modulus is vulnerable by specifying the modulus and number of bits. $ openssl-vulnkey -b bits -m modulus These commands can be used on public certificates, requests, and private keys for any X.509 certificate, CSR, or RSA key, including ones for web servers, mail servers, OpenVPN, and others. If in doubt, destroy the certificate and key and generate new ones. Please consult the documentation for your software when recreating SSL/TLS certificates. Also, if certificates have been generated for use on other systems, they must be found and replaced as well. Original advisory details: A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates.

USN-612-10: OpenVPN regression

Thu, 12 Jun 2008 18:23:41 -0700

Description:

=========================================================== Ubuntu Security Notice USN-612-10 June 12, 2008 openvpn regression https://launchpad.net/bugs/230197 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.04: openvpn 2.0.9-5ubuntu0.3 Ubuntu 7.10: openvpn 2.0.9-8ubuntu0.3 Ubuntu 8.04 LTS: openvpn 2.1~rc7-1ubuntu3.3 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN. A regression was introduced in OpenVPN when using TLS with password protected certificates which caused OpenVPN to not start when used with applications such as NetworkManager. Original advisory details: A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates.

USN-615-1: Evolution vulnerabilities

Fri, 06 Jun 2008 14:02:56 -0700

Referenced CVEs:

CVE-2008-1108, CVE-2008-1109

Description:

=========================================================== Ubuntu Security Notice USN-615-1 June 06, 2008 evolution vulnerabilities CVE-2008-1108, CVE-2008-1109 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: evolution 2.6.1-0ubuntu7.4 Ubuntu 7.04: evolution 2.10.1-0ubuntu2.4 Ubuntu 7.10: evolution 2.12.1-0ubuntu1.3 Ubuntu 8.04 LTS: evolution 2.22.2-0ubuntu1.2 After a standard system upgrade you need to restart Evolution to effect the necessary changes. Details follow: Alin Rad Pop of Secunia Research discovered that Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the ITip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service or possibly execute code with user privileges. Note that the ITip Formatter plugin is enabled by default in Ubuntu. (CVE-2008-1108) Alin Rad Pop of Secunia Research discovered that Evolution did not properly validate the DESCRIPTION field when processing iCalendar attachments. If a user were tricked into accepting a crafted iCalendar attachment and replied to it from the calendar window, an attacker code cause a denial of service or execute code with user privileges. (CVE-2008-1109) Matej Cepl discovered that Evolution did not properly validate date fields when processing iCalendar attachments. If a user disabled the ITip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service. Note that the ITip Formatter plugin is enabled by default in Ubuntu.

USN-614-1: Linux kernel vulnerabilities

Tue, 03 Jun 2008 13:45:16 -0700

Referenced CVEs:

CVE-2007-6694, CVE-2008-1375, CVE-2008-1669, CVE-2008-1675

Description:

=========================================================== Ubuntu Security Notice USN-614-1 June 03, 2008 linux vulnerabilities CVE-2007-6694, CVE-2008-1375, CVE-2008-1669, CVE-2008-1675 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: linux-image-2.6.24-18-386 2.6.24-18.32 linux-image-2.6.24-18-generic 2.6.24-18.32 linux-image-2.6.24-18-hppa32 2.6.24-18.32 linux-image-2.6.24-18-hppa64 2.6.24-18.32 linux-image-2.6.24-18-itanium 2.6.24-18.32 linux-image-2.6.24-18-lpia 2.6.24-18.32 linux-image-2.6.24-18-lpiacompat 2.6.24-18.32 linux-image-2.6.24-18-mckinley 2.6.24-18.32 linux-image-2.6.24-18-openvz 2.6.24-18.32 linux-image-2.6.24-18-powerpc 2.6.24-18.32 linux-image-2.6.24-18-powerpc-smp 2.6.24-18.32 linux-image-2.6.24-18-powerpc64-smp 2.6.24-18.32 linux-image-2.6.24-18-rt 2.6.24-18.32 linux-image-2.6.24-18-server 2.6.24-18.32 linux-image-2.6.24-18-sparc64 2.6.24-18.32 linux-image-2.6.24-18-sparc64-smp 2.6.24-18.32 linux-image-2.6.24-18-virtual 2.6.24-18.32 linux-image-2.6.24-18-xen 2.6.24-18.32 After a standard system upgrade you need to reboot your computer to effect the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-386, linux-powerpc, linux-amd64-generic), a standard system upgrade will automatically perform this as well. Details follow: It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. (CVE-2007-6694) A race condition was discovered between dnotify fcntl() and close() in the kernel. If a local attacker performed malicious dnotify requests, they could cause memory consumption leading to a denial of service, or possibly send arbitrary signals to any process. (CVE-2008-1375) On SMP systems, a race condition existed in fcntl(). Local attackers could perform malicious locks, causing system crashes and leading to a denial of service. (CVE-2008-1669) The tehuti network driver did not correctly handle certain IO functions. A local attacker could perform malicious requests to the driver, potentially accessing kernel memory, leading to privilege escalation or access to private system information. (CVE-2008-1675)