==========================================================Ubuntu Security Notice USN-938-1               May 13, 2010
kdenetwork vulnerability
CVE-2010-1000
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
  kget                            4:4.2.2-0ubuntu2.3

Ubuntu 9.10:
  kget                            4:4.3.2-0ubuntu4.1

Ubuntu 10.04 LTS:
  kget                            4:4.4.2-0ubuntu4.1

After a standard system update you need to restart your session to make
all the necessary changes.

Details follow:

It was discovered that KGet did not properly perform input validation when
processing metalink files. If a user were tricked into opening a crafted
metalink file, a remote attacker could overwrite files via directory
traversal, which could eventually lead to arbitrary code execution.


Updated packages for Ubuntu 9.04:

  Source archives:

          Size/MD5:    36775 6a8af519ab911b42c02c83c28512df42
          Size/MD5:     2167 217f5efe918c9406671b3f68714f27bd
          Size/MD5:  7998863 12e63f41947eab454f579f8f456f79d5

  Architecture independent packages:

          Size/MD5:    26164 8aad393a8c6f9b45560629bb65eccd95
          Size/MD5:    25930 c1431376f8d13b6e08624df67d966614

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    61004 d71fa2cdb6f43998a348d6b21a2bbe38
          Size/MD5: 55996270 7864bdf750ea7a72558d24dc3ced5271
          Size/MD5:   187616 e67f975a80469376ebb5af26d045db82
          Size/MD5:   635376 9bf591a889d6e127ccf83e95300074e9
          Size/MD5:  1346462 021c5f4e5db6286a103057d74c0b3281
          Size/MD5:  7344300 f0f99bf525d766702e7e674a299771f4
          Size/MD5:   708854 ae532936a89bfa3f8075de2cb36ff807
          Size/MD5:   398284 bdbfcf7f042a9939d4232499f491a513
          Size/MD5:   466328 15cdb669bff2fba3079939f8076e4db9

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    56162 24890ffe7e250bb0bb3ea10f26242f46
          Size/MD5: 55359476 dcb01239813d7c3b1129cced371de00c
          Size/MD5:   180506 cfc9e3dc5a7caf2267e01f45d00e8095
          Size/MD5:   609408 63d5687455ab22147fa5b0642707cb54
          Size/MD5:  1311050 cbbe6c7b16430d152f3f340a588a723e
          Size/MD5:  7005996 d92734b3d44c914b81121d4d2c4f40ef
          Size/MD5:   689604 7c10cdc5212543c0177f2abe1a82cafa
          Size/MD5:   388860 cae692d52760290721be35b680c2e236
          Size/MD5:   460736 d69ab19ba5b8206344f76ed7629c0672

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:    56434 dd826aa96020ade7b1ae669c9d0bee12
          Size/MD5: 55424634 4b484c7106d9ae834f8d7589e6dd9bf4
          Size/MD5:   180308 7682a74871408f8f516effbe16b3a131
          Size/MD5:   624058 4f00e180aa09d6f1963341d3440d7892
          Size/MD5:  1320932 418cdd5dc552eda619ab95c070fc79f9
          Size/MD5:  7048542 e8e80aba783e99ed94ac11bb48a8f443
          Size/MD5:   695420 e58d3c6307a00ac81670448f05112e54
          Size/MD5:   391594 58d0f6833dad3fc5e1cff266ef8a963b
          Size/MD5:   462204 d838455fe3616defec605385a87739ae

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    61934 4440ab0efce1523ab2e222478eb323e5
          Size/MD5: 58841478 fc8aa37d150be45d14c0d4084f32b08c
          Size/MD5:   191220 8e82e2b3c085669bf563f85c78944c41
          Size/MD5:   656476 defd14428fb678a3a9aaf22c0fd836a5
          Size/MD5:  1390460 e102452663bfac562e7108a8a710b6b1
          Size/MD5:  7410846 f0137d96a4ae4e5eeb81fec49b0ec395
          Size/MD5:   706054 a2ff5a18db7df9caadd7c13785cd2e21
          Size/MD5:   397886 2c04d87997f72b97a5c6bb4f0a9b477a
          Size/MD5:   466632 2af258554b6bae4e0a3a5a644bd11fa8

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    55116 e725014d071958b67bdc53b14a964ce7
          Size/MD5: 55121252 76bd2b02862ec39c5b3e71b13bda0cf1
          Size/MD5:   179814 e0cf2dfbc426329f124caddb50ec76c6
          Size/MD5:   650470 ab9461f0d98b42da5f07706f933317d2
          Size/MD5:  1330122 33a0d874942ea6e64f0e96334702b7ed
          Size/MD5:  7139808 2e39f3523ba3676d5dcc18eae0f4248a
          Size/MD5:   707380 a506a81af1e81deded12d9176109f147
          Size/MD5:   402042 260dad081331362ae089d336745e0563
          Size/MD5:   467340 0df8690fdee706f926d169eb7b9d72d7

Updated packages for Ubuntu 9.10:

  Source archives:

          Size/MD5:    49608 d171ba8c8bf38db27cce3533b695c324
          Size/MD5:     2336 2066dd83aa643a2044c8582968ca9846
          Size/MD5:  8303321 b973ab4f9d005e8af52f42d3d3989f78

  Architecture independent packages:

          Size/MD5:    33346 2b0083fa2f492505c4d5f19a9bb3e417
          Size/MD5:    33112 796bf485ecd474bb5b15d8be7384af68

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    53786 fdc1d7697b203026d1b6431e7b5d0b76
          Size/MD5: 30547358 27daebc38b2f3239e6fd524c6f3188d8
          Size/MD5:   353054 52155ebf77af8ee0e66b7730521bb437
          Size/MD5:  1077286 330cfbf464dd3ea5c0c35cff4c4bf10f
          Size/MD5:  5383038 e127e9a4765f94bf558b0e2cbdc44644
          Size/MD5:   603802 43f8f2a54f73ddaf836fd879cedf96f7
          Size/MD5:   403704 56e633ed3be28d94afb30b29ce9b10e4
          Size/MD5:   455306 b42bec391d435408b499c8fb1134b166
          Size/MD5:   112642 61b30a923925303bd68f3138dc9688ca
          Size/MD5:   381986 38252cdf28713bf92fa485c038148b46

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    52238 e5695d1a7057fea135d350a993e4d06c
          Size/MD5: 30195210 154d7e066e3fcf99f02451fcab5461ad
          Size/MD5:   333700 2026b4db1d1a1c411d08100e93916acc
          Size/MD5:  1064034 cfed546b2e496f7714c0e0398cb5ad35
          Size/MD5:  5197500 c6136d2fd6a56267f342781291bf5382
          Size/MD5:   591336 1460e8b55335823dbe53013f8869123d
          Size/MD5:   393898 8ce0697073b5fa1f2d539006fbfdad69
          Size/MD5:   451184 13afd3ce4fc6ebaf9d2d427e3a5a0d79
          Size/MD5:   112650 21e5387ccb603c39c179453523d0da20
          Size/MD5:   364400 6e390aa840164c73a258029b7b4a5bb4

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:    52546 12fce31edd68ef33759d947365453014
          Size/MD5: 30274592 ab8db15984922077b96fd180866aafe6
          Size/MD5:   343280 1be2db10f8260b63fff6a00fe2983643
          Size/MD5:  1089894 d7f32f47a184416fbc40dcc4921a0bbc
          Size/MD5:  5284270 a4017a7c59b1ddbcf543b11ecd2d5d29
          Size/MD5:   603762 66efad6b68fbc6221e2b2ceab664ce47
          Size/MD5:   398304 b47f9f31cedb427f1e5c665e4d65cdaa
          Size/MD5:   453220 06a7f9dcfea03b8dd3ce7f70fe83d581
          Size/MD5:   112690 00073caaeb856c3aa8f4a53fd3ad610a
          Size/MD5:   372508 c565979ce1651be50608cd5aa2db219f

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    50916 b491aa86af24bbe2bc5811d723b51869
          Size/MD5: 30304690 9153d362a22b727cc204f3cf7813148f
          Size/MD5:   306004 3a4e8beec6f71354f5b7920939d58009
          Size/MD5:  1000272 4956b7033252449b144d71093a3e83ec
          Size/MD5:  4931610 d5633953620beb23f69697fee16a1237
          Size/MD5:   579726 4a959c2af6b403b069ffbc3b090553aa
          Size/MD5:   389778 67424f78c1231dc251e073c8aeb73e3d
          Size/MD5:   450156 04824dfc0c02ec1d6db1e8372424a7c7
          Size/MD5:   112676 4e9221c8212011bc1ccbe5b2f41650c4
          Size/MD5:   342864 6a5cd525e9239ab5c375d66a82fcfe7d

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    50278 9691f810d00ddae5f50426facf8ff7ca
          Size/MD5: 27742788 fe3d0621a9e9ce04ad04a4309255e547
          Size/MD5:   307852 b975d548a77a9d499e460e92d117086b
          Size/MD5:   972896 7c6d494d00e8711aa57c35c7a55f3f8a
          Size/MD5:  4871566 82e007e72cb3426f277856abc624a1b4
          Size/MD5:   584610 7b5865091beaae955e84cc636174f774
          Size/MD5:   387328 cbee8839813368202ec26cceabf16e6f
          Size/MD5:   452414 881b05085cae03e930c6af4791e5e126
          Size/MD5:   112672 020e44bd6e8a1bfe264212d5da718c93
          Size/MD5:   333616 99477110177d40a0ef1f8d74a5502764

Updated packages for Ubuntu 10.04:

  Source archives:

          Size/MD5:    45422 4b8a30759d2c0b0c1912163f0acbfaf3
          Size/MD5:     2333 c0e8dde7ff74824eda8b2cf24f3cbe39
          Size/MD5:  9372959 bc83487da6a628545339271fc09f8df7

  Architecture independent packages:

          Size/MD5:    34754 2eddeef5c1a71a0bb42e1283449dbcf9
          Size/MD5:    34528 8ee3642769cfe6531f206874c50bcf59

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    55616 aae5be91a4717aa854b7e47ffb9aefaa
          Size/MD5: 32678288 663f524a08574c1e066a0ea699b9459d
          Size/MD5:   344324 3384ab7fc8b8c81982378dbdbb2c3814
          Size/MD5:  1967714 792fcf38cac9f6e8e158957d03ebd4fd
          Size/MD5:  5351044 b8aabf6d8928a4f86d95fba3098a9d6a
          Size/MD5:   602676 5ebec67ecedce776de7e842698aab3d3
          Size/MD5:   533422 55fdf8610ba7d48347f17e168129ff13
          Size/MD5:   421562 8bf38812fd74a392754aa665333976c8
          Size/MD5:   111782 0559652d817a8e6b07b75b29e01422c1
          Size/MD5:   357260 1c53072d67be68c77cfa2521066eae50

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    54162 e270eb5432c7cb5abb1b3f19d64be1bd
          Size/MD5: 32265918 5930f4cd5b20b19503afe32f4fa3dd58
          Size/MD5:   324776 8890aef17a646a365ca9e4ef864089bf
          Size/MD5:  1964356 0cc6f025334800b187ed47ea471c0ceb
          Size/MD5:  5182098 5cf694d1ee61cb1e625a4104900a0999
          Size/MD5:   589470 9bc46a9af8eb58d33ba329d68e99c179
          Size/MD5:   524752 97b891cfc6d3d65018e01cc1508f47c6
          Size/MD5:   417420 420b30eee678cd85247a61b332643c94
          Size/MD5:   111834 7575c176d4a5fc087c68e9d05fc73681
          Size/MD5:   341310 1529be759a108971486cc9668f6a5052

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    52728 5550a9ff315932100b6813d8b9eb40d2
          Size/MD5: 32392550 78741532f465cad6ea50486fcd5edc8a
          Size/MD5:   297234 c56bb3f72d666e7dac6eda15b83df8b5
          Size/MD5:  1855154 8dd83c0e0b1ddbf767e946db9ed23f64
          Size/MD5:  4911632 e2eb14a9f78db4f8e2200b09893cc4e2
          Size/MD5:   577158 ef86ea1d453612d6f58f01a9c246178b
          Size/MD5:   519498 4370bbf37a533548574c5ede7bec0d8a
          Size/MD5:   415654 409f9d304bc1bcbca8dcb17633768a53
          Size/MD5:   111792 88427df3150f66bfb34846f803e59f41
          Size/MD5:   318476 aaeb91e9dc7d0d5e34e8b29bab2b101f

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    52396 1a856aa12c20a50cffc40ae3b51ff54f
          Size/MD5: 30124916 62be9c5d1c503f2548aabb0b89194950
          Size/MD5:   306624 eddf4b13ca63d37b334f8a3f017b521f
          Size/MD5:  1828570 0593a5acc9fac5a3dd4451d5c555cbdf
          Size/MD5:  4926090 3f6ee3cb129db4337698899fdf0a3a31
          Size/MD5:   589258 1745a2f3941afc3ac234adb287096653
          Size/MD5:   521266 c850be67b9d287156b7d7690c458f46d
          Size/MD5:   417830 e5cab5fdddb93c55cacc039dff70d331
          Size/MD5:   111800 6181786aa3bd07af5a454822de356ac4
          Size/MD5:   312510 f10337747c6cde900fe7aa5e23fb3a38

Ubuntu 938-1: KDENetwork vulnerability

May 13, 2010
It was discovered that KGet did not properly perform input validation whenprocessing metalink files

Summary

Update Instructions

References

Severity
kdenetwork vulnerability

Package Information

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved