Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: GnuTLS vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Multiple flaws were discovered in the connection handling of GnuTLS. A remote attacker could exploit this to crash applications linked against GnuTLS, or possibly execute arbitrary code with permissions of the application's user.
Ubuntu Security Notice USN-613-1               May 21, 2008
gnutls12, gnutls13 vulnerabilities
CVE-2008-1948, CVE-2008-1949, CVE-2008-1950

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libgnutls12                     1.2.9-2ubuntu1.2

Ubuntu 7.04:
  libgnutls13                     1.4.4-3ubuntu0.1

Ubuntu 7.10:
  libgnutls13                     1.6.3-1ubuntu0.1

Ubuntu 8.04 LTS:
  libgnutls13                     2.0.4-1ubuntu2.1

After a standard system upgrade you need to reboot your computer to
effect the necessary changes.

Details follow:

Multiple flaws were discovered in the connection handling of GnuTLS.
A remote attacker could exploit this to crash applications linked
against GnuTLS, or possibly execute arbitrary code with permissions of
the application's user.

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:   557563 d4a7ed44e30292434380ed775ee7cee2
      Size/MD5:      818 d46f4919e3988219afc3c80035113f28
      Size/MD5:  3305475 4e1a2e9c22c7d6459d5eb5e6484a19c4

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   491268 3f1429fa95d972c51f48503d5595f268
      Size/MD5:   420252 3092516052888efd60451e865f729426
      Size/MD5:   288160 76016ded0ab79a6aa017aebe328e39be
      Size/MD5:   642376 013235b59022b6a231976f29f60c90f6

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   445066 1c333142fc9c0c1cc603f05fb8e10e04
      Size/MD5:   372978 1c4022f8f8b61029fc28722861a7c88f
      Size/MD5:   271984 ce0d0c0374b5b989d5757798a779623e
      Size/MD5:   578016 d9986a566aea73078d41ff9dbd3a6154

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   484130 98bb92742c5ebac7b22bb01bff8a1bda
      Size/MD5:   390752 41c3c6175c55b99f62e7a28a1d28aa74
      Size/MD5:   288398 f62de58a80a67a5dff81abc77e896777
      Size/MD5:   635166 125724549d9a528281ee78d0b4029d4c

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   480438 b5802b82ddb4070da70870cde4c0056f
      Size/MD5:   376204 7f8da2b38f6874e1c2845703a70b932a
      Size/MD5:   273124 90963120c7d1b8ae3596d4fab4110da1
      Size/MD5:   570222 83f37a221499cdc6b44eebc891d6d023

Updated packages for Ubuntu 7.04:

  Source archives:
      Size/MD5:    19295 7ede58c7bbcd6215beb11547965ecc15
      Size/MD5:     1049 f27e68df974f39781754f63d306b0639
      Size/MD5:  4752009 c06ada020e2b69caa51833175d59f8b2

  Architecture independent packages:
      Size/MD5:  2307388 ca811f6556d307e6cf93b14786d51f75

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   393370 c1e6fb2c19a59df693d8292723767cd2
      Size/MD5:   544788 5c4040ce92955476d9a4839fa7723691
      Size/MD5:   324090 9582e129d9e7d8b8883e1fc58c676df0
      Size/MD5:   185440 3e4f85cb58ff46e6047859c9e40eae3b

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   358054 3df1d27b5056aabe2d3e2633b7d9a422
      Size/MD5:   527888 05b3b005330fcc3db7ad0347c2c8cff8
      Size/MD5:   289762 b523eca841531907ea5d5efed425263e
      Size/MD5:   172700 1ca9e38c4410ee606c75b16be88a8326

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   394926 fc26cab41ec334bfc1ebebaa387fa594
      Size/MD5:   541752 78addd1a470b8e9321357a62fb7a052a
      Size/MD5:   309276 d6e6a8e3d05c3fdab87fc9f58ad88d4f
      Size/MD5:   200272 ab06358a1f996cd32d9a4220659af73b

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   383170 5e0dbd0ae23158190f77da174462e555
      Size/MD5:   495058 3f068d4fef0a3f700744195ac42265c6
      Size/MD5:   279794 dae2786e8ea02904b7b3edfc696b45dc
      Size/MD5:   175844 78e930a0041adc3f88da1e3cb475de79

Updated packages for Ubuntu 7.10:

  Source archives:
      Size/MD5:    19000 3f8d96094c8661848bab6126ca5c95e3
      Size/MD5:     1067 4576864997e6d4a18816d3836c7f22b1
      Size/MD5:  5071704 3c71020126ac827319183268c97336fe

  Architecture independent packages:
      Size/MD5:  2405598 1afd1b3300d9c94cd2809d6a7f8eb3ae

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   437310 eac97e36c5f87d9d47068224126ce142
      Size/MD5:   791796 a95cb94ffb27ccbc82f8f831a2696319
      Size/MD5:   346308 97982fae446f511a52c8435c40a02722
      Size/MD5:   104558 7c27e8051d52090073a92c5d14b437c5
      Size/MD5:   212032 9bc11aa6c5c254fb42fb3084582a87e4

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   399832 f563e359ee1f44e7a642f47b6b6bcb76
      Size/MD5:   764122 14983188783b81b0fb4d89f37c1777cd
      Size/MD5:   314338 d4241906f687259f4331bf0b204089aa
      Size/MD5:   105266 1394d69817ee438dcb67c576b7b16513
      Size/MD5:   198408 250926d17291a45ad7d317f9fd23e546

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   392398 1d822d99b4630d6fab5ace9637e9ac36
      Size/MD5:   777340 768e33d726889b6537b1070fcde37e55
      Size/MD5:   308630 e16925d7042539c06a5c2a38ebb830a6
      Size/MD5:   104704 f6b04712b96b59cd9a599dca9d17ba54
      Size/MD5:   199098 007bc39b60ca73fba703c5338d9f272f

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   438872 8bb78c2713235382714e0920faa63b12
      Size/MD5:   791520 a638665d0b2fb57604485296edc3d6e6
      Size/MD5:   336164 5300c4c742285fcc735750b25240fce5
      Size/MD5:   104884 c1cdd29d2da2c41c21bb9b4572d6ca2a
      Size/MD5:   230704 a78a003c50f7706f686391bfeb19beb4

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   424566 82e7830039d630e2aa7bcf860941f49e
      Size/MD5:   715502 e43a1d75532c74e49c70e9546052118e
      Size/MD5:   304352 c49470588be5ae95b24bab1a637d38f9
      Size/MD5:   103276 961ce89ff41717ad809d7f6b0b5925d3
      Size/MD5:   202072 f91e80c948cdbd5f92fbd865ce0189dd

Updated packages for Ubuntu 8.04 LTS:

  Source archives:
      Size/MD5:    24271 52bcb7cd9df708d88e72bcb1b66e9930
      Size/MD5:     1074 0ffbdd72dcf0aefc00c3cdbc013534ce
      Size/MD5:  5906571 bd783a052b892620534ecfbc4a9bfede

  Architecture independent packages:
      Size/MD5:  2506366 157efc628e6a17dc4ff814eb2d7f1718

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   384388 8b98efe0646c7b11db3f4e6b4a1b6562
      Size/MD5:   743526 31826ecc14af6c6ad6d42d31e710420e
      Size/MD5:   343430 0667362f9f364001299939eb58797e89
      Size/MD5:    30768 47a27b0e7dc33c2768d8a9f7ca74f7d8
      Size/MD5:   140234 ff537941a89f1c9d799a10deb9430011

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   344760 12b47348304ff5368017a412c10c19db
      Size/MD5:   709748 c5dcfcf5e3302d26dd9ca121cde6d4e7
      Size/MD5:   306494 5b0997b658ac5a2da3a1e487d37cc8e4
      Size/MD5:    31376 8c39034713c7e0f8e0de5a873dfa63d2
      Size/MD5:   126506 0b627efa3c5353c5df22069915a337f1

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   335788 298679594694c02b9716c8d14e28ba7d
      Size/MD5:   724042 57a32c1e5570025337defe3efd11482c
      Size/MD5:   300674 5a79308f0bc4ba0830301bf77be279d0
      Size/MD5:    30798 a8c2caa502b38a7facb79bacd984cd74
      Size/MD5:   127138 65c6cadd4ebef92e1cdc2fe4c851fedf

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   383354 a86484729ce85d142f787e3b9667b658
      Size/MD5:   735644 53a01314db40c90619c7c64bf777c0d8
      Size/MD5:   324618 5cf33680e8fb34ee15f050825b796e3e
      Size/MD5:    30980 88e0cc1619f94d198e40ce5a596c60c3
      Size/MD5:   159484 0205b31b42607fc30ae89a76f03ee1aa

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   370242 9af51ec5b21acab76d3e51ffd1033ba4
      Size/MD5:   659758 2bf757bc460527d35cae6c56e4d196e5
      Size/MD5:   294234 09858134b071cb04190db2e5f88beabe
      Size/MD5:    29460 3e5dbc73fbb4b7b30ef5bab36d61e627
      Size/MD5:   129508 6e7e52108fc9b02428d79b784f9b5f23

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.