LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Ubuntu: link-grammar vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Alin Rad Pop discovered that AbiWord's Link Grammar parser did not correctly handle overly-long words. If a user were tricked into opening a specially crafted document, AbiWord, or other applications using Link Grammar, could be made to crash.
=========================================================== 
Ubuntu Security Notice USN-545-1          November 26, 2007
link-grammar vulnerability
CVE-2007-5395
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.10:
  liblink-grammar4                4.2.2-4ubuntu0.7.10.1

After a standard system upgrade you need to restart AbiWord to effect
the necessary changes.

Details follow:

Alin Rad Pop discovered that AbiWord's Link Grammar parser did not
correctly handle overly-long words.  If a user were tricked into opening
a specially crafted document, AbiWord, or other applications using Link
Grammar, could be made to crash.


Updated packages for Ubuntu 7.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1.diff.gz
      Size/MD5:     8372 9d6103a3d8b9055aeb8e9fb151c629d8
    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1.dsc
      Size/MD5:      771 3416e046bf63eefc9b8e185666e11b1e
    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/link-grammar_4.2.2.orig.tar.gz
      Size/MD5:   742163 798c165b7d7f26e60925c30515c45782

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/link-grammar-dictionaries-en_4.2.2-4ubuntu0.7.10.1_all.deb
      Size/MD5:   261630 b4b9b5e5f1a9b4a04dbf4074add17867

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4-dev_4.2.2-4ubuntu0.7.10.1_amd64.deb
      Size/MD5:   129244 0db2bc55f7c9e9f3ce1276020200d6aa
    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4_4.2.2-4ubuntu0.7.10.1_amd64.deb
      Size/MD5:    98100 de97f8c7fa03e774b6038bd326834f7a
    http://security.ubuntu.com/ubuntu/pool/universe/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1_amd64.deb
      Size/MD5:    16430 dbcd4fca4249a475abd450f7009b68de

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4-dev_4.2.2-4ubuntu0.7.10.1_i386.deb
      Size/MD5:   111178 d619bf104ae4b3026b4ac7dd7952d5ee
    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4_4.2.2-4ubuntu0.7.10.1_i386.deb
      Size/MD5:    90558 912431a563343836f56b20daf237c8e8
    http://security.ubuntu.com/ubuntu/pool/universe/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1_i386.deb
      Size/MD5:    15706 5a72b07d1b6a825a11148193e94bc5e3

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4-dev_4.2.2-4ubuntu0.7.10.1_powerpc.deb
      Size/MD5:   130238 7266fb1779805cf1416afb6349142532
    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4_4.2.2-4ubuntu0.7.10.1_powerpc.deb
      Size/MD5:    97756 c23f581e5b62c6af38f08906f1f6521e
    http://security.ubuntu.com/ubuntu/pool/universe/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1_powerpc.deb
      Size/MD5:    17052 c5005abc099c10b7687dd85123dc29a4

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4-dev_4.2.2-4ubuntu0.7.10.1_sparc.deb
      Size/MD5:   118768 d88eee3ff0a918780689a72f7e14d2fa
    http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4_4.2.2-4ubuntu0.7.10.1_sparc.deb
      Size/MD5:    91400 5a14c7a0baa9f2d9ba23f7130896c332
    http://security.ubuntu.com/ubuntu/pool/universe/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1_sparc.deb
      Size/MD5:    16126 6179e67b9eaaef830f1bd7d461fbee62


 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia
Even the most secure cloud storage may not be so secure, study finds
Targeted Attack Uses Heartbleed to Hijack VPN Sessions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.