Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: libgsf vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu A heap overflow was discovered in the OLE processing code in libgsf. If a user were tricked into opening a specially crafted OLE document, an attacker could execute arbitrary code with the user's privileges.
Ubuntu Security Notice USN-391-1          December 04, 2006
libgsf vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 5.10
Ubuntu 6.06 LTS
Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
  libgsf-1                                 1.12.3-3ubuntu3.1

Ubuntu 6.06 LTS:
  libgsf-1-113                             1.13.99-0ubuntu2.1

Ubuntu 6.10:
  libgsf-1-114                             1.14.1-2ubuntu1.1

After a standard system upgrade you need to restart your desktop session 
to effect the necessary changes.

Details follow:

A heap overflow was discovered in the OLE processing code in libgsf.  If 
a user were tricked into opening a specially crafted OLE document, an 
attacker could execute arbitrary code with the user's privileges.

Updated packages for Ubuntu 5.10:

  Source archives:
      Size/MD5:    27753 80621e2ac15a13b5287615a1be6b607c
      Size/MD5:      850 e4f4a30353ddd96a4b0fb9c2609f6175
      Size/MD5:   693033 976b3563b39d22d303b912a7dd336e50

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:    93916 e3f251d2a19dd04508b3fd70118fea9b
      Size/MD5:   224874 cf37dac4ff14f771d8a282dfeced02d9
      Size/MD5:   127156 d7c0a9ba1e3aa0ad9d0fa3cd9eb15a9b
      Size/MD5:    10806 ec1d092fc45eb5d0fb1253f427f38a5c
      Size/MD5:    56998 9ead84cd7f21f16afede42b7bc5641fd
      Size/MD5:    49902 6dccb6462809ec7c3a1df450141e4999

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:    86528 7ba7b433ee55244de36652d87256e2c1
      Size/MD5:   208374 76524689f50ffe03b125c504c4898ca0
      Size/MD5:   119320 adeca028c0d161f4ef51861ca3f1ca4a
      Size/MD5:     9882 0a768d6ea600c3522cce25a0a90d5928
      Size/MD5:    56072 911ec2cfba647e50a653b75e69024e04
      Size/MD5:    49386 194b149dfe80139285ed17e07df361bc

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:    96010 c6bd3befc34850dbb2c2878508af0df5
      Size/MD5:   230668 e65c9f0e97d2a57087367364f5dd6255
      Size/MD5:   129918 72f74656095359513b5d4a08d488ac75
      Size/MD5:    12526 84cd66738f8722663f33d2b3aed58ace
      Size/MD5:    57162 b05d543c92c391f0c6ddd2e100baa99c
      Size/MD5:    51180 dd8d3a43ff9885747e4e6f524cb1c5e2

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:    90552 767d0cdc300d3c4a7f208f510abb96ab
      Size/MD5:   217050 58be4ccddce2a59201686b95f3dd95bd
      Size/MD5:   124138 67a412538e0325c2e5281bcb72d5e773
      Size/MD5:     9734 105ed044c45d9fd15140f0197151b561
      Size/MD5:    56502 dc87b8a235afa899b731dd802b258190
      Size/MD5:    49386 77bee1354c91c61874f28a059f029016

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:     9363 b1c523b8d8d38c7304441f4911a45358
      Size/MD5:      893 40e98355919e234ae2d344b35033b6c5
      Size/MD5:   740978 dfd0c75b75066c4f30d484c79c045a62

  Architecture independent packages:
      Size/MD5:    44520 1e5736725ef753e9ce8ae592d8d6d77e

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   100194 1c1f61eb471bdacebb9b560ab6de14c2
      Size/MD5:   129670 6d6e52bde88de0d68949c1fbba6c3165
      Size/MD5:   240642 b6e5163afb458255e6672bb91363ea93
      Size/MD5:    51230 804d35ba7f4878b06ae14c01b2d21fea
      Size/MD5:    10744 82daa38d026b93f917e312199c018b08
      Size/MD5:    52686 701b5d256a00525c6d4b40fba6841e20
      Size/MD5:    60278 68d31197c6ae7124ae04f711b15ba5b4

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:    92654 bcb9d24b9016e846f894edda0fcfd876
      Size/MD5:   121370 2fe82e4c0194aa74dd63c24d0b594872
      Size/MD5:   222942 46e3a01f6c482e1915ab0189490a9ce9
      Size/MD5:    51108 3e5126f0dac4a1dd275ba0226c0cd9bb
      Size/MD5:     9812 770fa769202ea9f386ed8e80e95e23f7
      Size/MD5:    52160 16bf0d5d03d01dc71c3a55fed9e5e036
      Size/MD5:    59356 ac80966bdca86c14889eb1695a156472

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   101980 53744f68ed423a7fe66d503915a10e24
      Size/MD5:   130764 291a79c8ef5da7d71014b8e4c4aa3ae1
      Size/MD5:   247112 9ae3b0a2cacdc9434ab69b002a51ba1d
      Size/MD5:    52914 6e2cffd5f173e5d607c9848642ee6131
      Size/MD5:    12420 ca70e82767500f48de7f322b160a706b
      Size/MD5:    53986 37edad0daf13f5735c02aa19865e9558
      Size/MD5:    60458 f0807524a5015359301e881e2bd60db0

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:    96218 be46011a498d119d834e286f43b77278
      Size/MD5:   125986 85ea3ce9588a52019a8e5e2f8be298bd
      Size/MD5:   231860 6820fff8de91dd44e6bbaa4cbb01b165
      Size/MD5:    51246 f31f57b09a465c1bdf250b55ac6a5a5d
      Size/MD5:     9652 ed2eba00c8360233cdb9574d878aea37
      Size/MD5:    52142 78de48d6c9602c35e0ce831895310462
      Size/MD5:    59762 8e0f17ca33004cf4061d01217a6f631e

Updated packages for Ubuntu 6.10:

  Source archives:
      Size/MD5:     9276 bb8529ca4bbca6befd63abf9d5ee6bd3
      Size/MD5:      886 8a360c2db8e5f18d3ff10150a678bf66
      Size/MD5:   736910 bf918b450a946a365719f78a957700bf

  Architecture independent packages:
      Size/MD5:    45716 1cf2b68bb59e6c99406718d95e85b51b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)
      Size/MD5:   101202 2fc4818219dd2eec12be797f9694e2d1
      Size/MD5:   132190 4919dee1959bd79ef9b9e687e05faccb
      Size/MD5:   241188 254fef90bced7a4c7af377534b3abbf0
      Size/MD5:    53160 07c590ffa9b4678b415dd2f43705f5c9
      Size/MD5:    10768 5fbf90f0eecda7b4b5ff445aeecd41f0
      Size/MD5:    54292 d2278a4d4e1b3adfae427c40416c038d
      Size/MD5:    61232 ead489a5ea7dd59be1958e5ad9b9dce1

  i386 architecture (x86 compatible Intel/AMD)
      Size/MD5:    97614 a581f24e84734643739425a131e16b35
      Size/MD5:   127752 48371720e8b5a76b30be2a57cbb6e3fc
      Size/MD5:   226382 b74f367c699e81dca2cbfa83d90cf2d5
      Size/MD5:    52754 1baf5e199555747eeeb9059c443ace50
      Size/MD5:    10158 3d73aa4297945362a562b3b24b345c95
      Size/MD5:    53642 161a02edd48a803d3d088a6bb592e0e4
      Size/MD5:    60252 05fb5a2706802e46a7fed8639537d377

  powerpc architecture (Apple Macintosh G3/G4/G5)
      Size/MD5:   103532 bf47b7789302ef795e12d7539b89f561
      Size/MD5:   133352 6b66a2247fb20df145507c05fb68f12c
      Size/MD5:   247112 7215b6cfc282fbc2b6f87c44ee10629b
      Size/MD5:    54614 7ae855105d1039b60a396d5279bbb37f
      Size/MD5:    12586 9d6fd3c99baae16902b57be2e0f55b66
      Size/MD5:    55228 fe64dd66a2dbfd43ddb2ca8d5ec59388
      Size/MD5:    61102 5afa1603f0189763620b0d50b1a114eb

  sparc architecture (Sun SPARC/UltraSPARC)
      Size/MD5:    97862 deeb1a4f46bf418ef9d21942d433102c
      Size/MD5:   128736 f243a563faa9be216fdd8715137ef7b0
      Size/MD5:   232330 0a425b8e18460919255522d84238a4f2
      Size/MD5:    52886 ba50b41aa260d9a8fe163d1a6cfeddda
      Size/MD5:     9702 f96c8d050d8d50e32f5e75906c902ae3
      Size/MD5:    53318 6cdd39d0eaf62737cb0818c2d8deca05
      Size/MD5:    60388 2368454dd6d4020d95871f8abd5c7a0a

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.