Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: January 23rd, 2015
Linux Advisory Watch: January 16th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 1067-1: Telepathy Gabble vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that Gabble did not verify the from field of googlejingleinfo updates. This could allow a remote attacker to perform manin the middle attacks (MITM) on streamed media. [More...]
Ubuntu Security Notice USN-1067-1         February 17, 2011
telepathy-gabble vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  telepathy-gabble                0.8.7-1ubuntu1.1

Ubuntu 10.04 LTS:
  telepathy-gabble                0.8.12-0ubuntu1.1

Ubuntu 10.10:
  telepathy-gabble                0.10.0-1ubuntu0.1

After a standard system update you need to restart your session to make all
the necessary changes.

Details follow:

It was discovered that Gabble did not verify the from field of google
jingleinfo updates. This could allow a remote attacker to perform man
in the middle attacks (MITM) on streamed media.

Updated packages for Ubuntu 9.10:

  Source archives:
      Size/MD5:    13990 351f08742f5f0ef7f90e8a750578e4e6
      Size/MD5:     2553 6eac46deafcf04a43accfc7fb1a07b3a
      Size/MD5:  1480819 1ab5505b5410f79438a886097db7c16e

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   649224 9a4782cfa2df697de06fa11eb9151e87
      Size/MD5:   365310 3c03bc122de9118996c8c6d70f6609f7

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   628852 55d4d2714a44cf52a54b525528dbea1d
      Size/MD5:   337922 bfec94d872420b6fac30c01477497a09

  armel architecture (ARM Architecture):
      Size/MD5:   628220 a615df74072df46b513da927f31ee019
      Size/MD5:   346390 7e527b84cc82934ef364827625c0677e

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   643428 482b5341331957a169a1bf41366c840f
      Size/MD5:   328280 c04413760c8c1d0d5c522e0b80218166

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   655522 47807b94c25c2e3c294b178c05cdf847
      Size/MD5:   345494 45e6da12c8d0e66946550515d701bfd5

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   583200 96d0f25f7d139fab0ea9efcaff56d2e2
      Size/MD5:   331466 514a0c9dce3af6e618330fa221b00c4f

Updated packages for Ubuntu 10.04 LTS:

  Source archives:
      Size/MD5:    10969 bced372df48c20f3c8f19a61c5511057
      Size/MD5:     2580 7b16f1de82f1577bf264330c17d164a2
      Size/MD5:  1520808 c344165154fe1642bd176e9a38e9ecce

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   658714 7456b882950cd45d3cfd9c438aec4a31
      Size/MD5:   374550 7cc95dfcbdd3dedce37fc42559cf9bc6

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   638488 febdb1ee17671b884138e50f55e8c657
      Size/MD5:   339056 770ef642261faf4e8fc4bbc6044f5e22

  armel architecture (ARM Architecture):
      Size/MD5:   648626 19c7e520d2afc6600007778e3d548de9
      Size/MD5:   339056 12b9603a1a05349fe92d4b3b7a299924

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   662726 26cc6d6f5bf18a810fb500f578e0d90b
      Size/MD5:   349868 260b54bcadf671943f5e9561d1941483

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   596414 c47815983951bb05f2c39234e56960d3
      Size/MD5:   351046 dec1577b62b081e02ee87eb9fe824694

Updated packages for Ubuntu 10.10:

  Source archives:
      Size/MD5:    12071 931b9d3d19180d1f0fc13b1e7e1a4544
      Size/MD5:     2577 ba76f8cc9997b81bf2b63c1e6f7dbe2f
      Size/MD5:  2939986 3c34d0bf73c69a33015aab68cef5cad6

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:  1173588 6ae25fd58b8439c03fc54647443cc97f
      Size/MD5:   612642 759ce0e0ce14eef720114d2732ca9645

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:  1134694 e5bdbf43f2e09167083da335479ec933
      Size/MD5:   556366 0b0bf128fb049ce924f7c8fe6cfa8972

  armel architecture (ARM Architecture):
      Size/MD5:  1155908 6e26dd2437b2ba15fa7c6de28360472d
      Size/MD5:   571668 dbba6096e42ca724b0333f8e45f27b2f

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:  1183558 6b247e291498f6f91bf63bcab93f8162
      Size/MD5:   576834 60c969b4008225d7e18115c238415975

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.