=========================================================== 
Ubuntu Security Notice USN-573-1           January 31, 2008
pulseaudio vulnerability
CVE-2008-0008
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.04:
  pulseaudio                      0.9.5-5ubuntu4.2

Ubuntu 7.10:
  pulseaudio                      0.9.6-1ubuntu2.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that PulseAudio did not properly drop privileges
when running as a daemon. Local users may be able to exploit this
and gain privileges. The default Ubuntu configuration is not
affected.


Updated packages for Ubuntu 7.04:

  Source archives:

          Size/MD5:    17449 6b56fc19d1df82cfdced55206ef64679
          Size/MD5:     1265 a82ede30ebdafce09d266b6dd1cfe5b7
          Size/MD5:  1145930 99b5d9efd4fce35cabb4ae5d0ebb230d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    11500 ce80e767d1e30f8de6fd2ee6a2ed548c
          Size/MD5:   181184 e3bda5b5754b975f7578462f7100de29
          Size/MD5:    11570 da9e293b1f61b6cf225ba70b07efdeb1
          Size/MD5:   111218 e8631760459aadaeed2d0f9c42890f80
          Size/MD5:    27466 d4f6159b05f56e0a6d51a9f3f2af711e
          Size/MD5:   331220 d15cdd578190859a61588cfd69107e27
          Size/MD5:    12856 9cba1bcd4c384a8ef902a82c005613cf
          Size/MD5:    14880 8b4edc9db568a25a347d8e0acce0276d
          Size/MD5:     9246 b20f4744d8b6b53286af6feac8bb3cbd
          Size/MD5:    16188 c8dd2744ec424684f20959940b263a83
          Size/MD5:    14592 5e20ed3a3ee9bc8d2e12db5066eb8bca
          Size/MD5:    52792 ce4718ea982640fc8a953231d3f564ec

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    10830 24ae5b0dc91be5dfc3791ac9ba6acfdc
          Size/MD5:   159190 4dc619974dcb7cdeb87969859d7e27df
          Size/MD5:    10996 5c1bb793bc86ddfbbc8480d22e9428f6
          Size/MD5:   100172 fd40e44f9345de1492cb1efa4ff68c77
          Size/MD5:    25660 630da63c98812f52ba98f15f285f3226
          Size/MD5:   295640 df569af31b96c7d658921c05c2bbe880
          Size/MD5:    12230 da658350c189df71ca7337ba48f8a5a8
          Size/MD5:    13746 9928dc07ff1782d509eccfb7d10bd342
          Size/MD5:     8966 47a67f5466a39f7c371948fc0cca7621
          Size/MD5:    14940 7a6c04d7f357187b2a9ed024750bf4f7
          Size/MD5:    13520 756f6c81f2c18ec1cbb76b88be613701
          Size/MD5:    48348 261d9390c75e2aeac769b7a54ad1d517

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    13486 7b3ce45db469675fd29a8fc89524130d
          Size/MD5:   188998 1c42731ddf4cd5a0166f75dde1b61736
          Size/MD5:    13798 39749c569b65714649f4de42ff086546
          Size/MD5:   113000 a909bec96322c854b8e6ec3a92aebf43
          Size/MD5:    34318 6834cc3507f8361a15af5c0d9119b997
          Size/MD5:   391740 b420d192820c8bb34af759124f13caa4
          Size/MD5:    16776 94bd7ff6b489bddd226f9711a10d13df
          Size/MD5:    17858 480c53e43f7eb12893891e717f388a56
          Size/MD5:    11382 af54cc0798896712cb0cdc51f8ca06f1
          Size/MD5:    21286 14750676b774ba677cda10475b110adc
          Size/MD5:    17350 e1e9ab00ecdfd62dd145e15d491d271f
          Size/MD5:    64510 e17eef4afe7a008eede77932b0911bb7

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    10832 fb46f365ce41fa3c08deabe4efc4c1bc
          Size/MD5:   172218 a554731ef0b0c5b0940b48c2d0101b65
          Size/MD5:    10926 25219a37e60f6e2370e2492ad32cd81d
          Size/MD5:   100914 28e9e9fcb364ef520bbe9b50da7a33b3
          Size/MD5:    25608 2c85d7cc39d6d2990677fede70c26fd7
          Size/MD5:   302166 3da7a6db2daadeb83c92a8ad58858d26
          Size/MD5:    12294 80aac679c8b20732444d4651342db4c2
          Size/MD5:    13468 426ec2c39e66d8f413dee6e44eaf2f3e
          Size/MD5:     9046 ccd554ce837bcd7027fec89712beb70e
          Size/MD5:    14838 2644eb4d789d810064e0e201029f2dd9
          Size/MD5:    13418 5d4a1930173baf24edf60aef4e26aad2
          Size/MD5:    50152 6c117193eb1da82660fc59dd0bc2bf8c

Updated packages for Ubuntu 7.10:

  Source archives:

          Size/MD5:    12003 f56974ff4eb38fc4bb4c321a3e9e309a
          Size/MD5:     1290 4fbfe8762fb2430d176068859bf0ed71
          Size/MD5:  1157647 669d52a70fb9a7a83c2507005bfa2a6f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    12274 55bcd7261c7479d469adfefb1cf4e445
          Size/MD5:   187860 27cbf00c54a9ec92f192df265dea7f80
          Size/MD5:    12342 e104ebac121bcd11e15cd3d5773a95e6
          Size/MD5:   116130 d5f65e0084a433c95cd512b8c63c0c61
          Size/MD5:    28070 7ccdd82bb502b52db1135372145e4908
          Size/MD5:   337164 e1457f0caef9f416ef984f8150a3e2c3
          Size/MD5:    13672 0ddf408e2ecd2b715a4843b17119724a
          Size/MD5:    15704 9cf5c1de5864da5b0c2cfd93167559b3
          Size/MD5:    10000 cc99b1a0fd9c5ab9155363d6f0d3b311
          Size/MD5:    16968 16fc7592a90564732ed39ac3cf769709
          Size/MD5:    15352 bd49f64871199357e09e1f97bfe61a33
          Size/MD5:    54420 55e53c56cde725a9c635e6f4ac8e5295

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    11558 132cf612fe86c0743988701255007aa2
          Size/MD5:   164818 a3870f446cd691b0ac20303586c6beaa
          Size/MD5:    11730 df2b61301fbd86c2a81b7fee8a8fd83c
          Size/MD5:   104324 08d636c188bad3ea1ee685b7240d8e76
          Size/MD5:    26138 03f942e48ccefad14600fdc297f5d0bb
          Size/MD5:   300856 dd2a3901853cfe83e3fd42dfe9e3ad7c
          Size/MD5:    13048 b88aee9d9a789413c4782f51aec18698
          Size/MD5:    14522 c77c0fdfa5eec80b6889caf9fa281aa8
          Size/MD5:     9712 cd4d0229b2d47c33e1d30bf7ed274770
          Size/MD5:    15612 b908d5e9e0ba93796f46d6834429b48e
          Size/MD5:    14212 41624d8baf04c47895988eadc0d4d51c
          Size/MD5:    49526 a62a04e4cf75661a9c3a05feafcdd20e

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    11628 f660843d761c4d7b646c62d289192c01
          Size/MD5:   178296 c5b5763e884cb9a21adb025e71cd3945
          Size/MD5:    11742 51bee53e72aeb84a0cd922f22e8235a5
          Size/MD5:   105936 0a2271818127d25f14845c8b14b047c6
          Size/MD5:    26116 b9ba5cc6520198d62326a3109f6a1ec9
          Size/MD5:   309176 113df051b5e9812b50d8cfbdfd3acc03
          Size/MD5:    13106 8bd5d1a8c7a924bbc82b21faa8378657
          Size/MD5:    14320 77e7f9585543d87ca13d8fcee26311bd
          Size/MD5:     9806 3c380df1825896d750671eed198c0d74
          Size/MD5:    15630 16fa7b13446b9cf4485098f4dcb2f7fc
          Size/MD5:    14192 4578e54a443cf1db1b9e0d2c0a6bb2fc
          Size/MD5:    51656 ab6065a553e3db1d4626692acac9f25d



--g7w8+K/95kPelPD2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHokquW0JvuRdL8BoRAlZyAJ9ISizS1itaa3z6Jyzuu58RUXm9/gCdGOAG
XtIPZ9jQSB09P6blHuKlNjg{07
-----END PGP SIGNATURE-------g7w8+K/95kPelPD2--

--==============I10911365683639538=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--==============I10911365683639538==--

Ubuntu: PulseAudio vulnerability

January 31, 2008
It was discovered that PulseAudio did not properly drop privileges when running as a daemon

Summary

Update Instructions

References

Severity
Ubuntu Security Notice USN-573-1 January 31, 2008

Package Information

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved