=========================================================== Ubuntu Security Notice USN-210-1 October 18, 2005 netpbm-free vulnerability CAN-2005-2978 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: netpbm The problem can be corrected by upgrading the affected package to version 2:10.0-5ubuntu0.2 (for Ubuntu 4.10), 2:10.0-8ubuntu0.2 (for Ubuntu 5.04), or 2:10.0-8ubuntu1.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: A buffer overflow was found in the "pnmtopng" conversion program. By tricking an user (or automated system) to process a specially crafted PNM image with pnmtopng, this could be exploited to execute arbitrary code with the privileges of the user running pnmtopng. Updated packages for Ubuntu 4.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-5ubuntu0.2.diff.gz Size/MD5: 43800 4dc567315041ddfafb4f7c8f513bcbb8 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-5ubuntu0.2.dsc Size/MD5: 760 47b4d65a19c21dce33a8ca5b09098353 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz Size/MD5: 1926538 985e9f6d531ac0b2004f5cbebdeea87d amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-5ubuntu0.2_amd64.deb Size/MD5: 117802 503f0cf14d2195de71ce651f1e4cb213 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-5ubuntu0.2_amd64.deb Size/MD5: 68544 8944dc6ce9718967f70b5cec1b52c49d http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-5ubuntu0.2_amd64.deb Size/MD5: 118194 22baca57b70b2afeacb8e26729a61d00 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-5ubuntu0.2_amd64.deb Size/MD5: 76926 35566ec63583650875ef38f1da6ca89f http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-5ubuntu0.2_amd64.deb Size/MD5: 1276546 0ec021850356b6ced6edaacc97945cfd i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-5ubuntu0.2_i386.deb Size/MD5: 108700 27cc3f4ec7b7282b5e0379ed59b9a89e http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-5ubuntu0.2_i386.deb Size/MD5: 63416 f8c3e3eae7a756f1d2b7990bae52f045 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-5ubuntu0.2_i386.deb Size/MD5: 108838 b86e4ac8bd02fea0c0bcc6aeb70d27eb http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-5ubuntu0.2_i386.deb Size/MD5: 70510 c18691ec27cf464e85ba300ca4d9336e http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-5ubuntu0.2_i386.deb Size/MD5: 1182526 ae05b3f0bff5bc5023c06dcb20f6420d powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-5ubuntu0.2_powerpc.deb Size/MD5: 123450 14fb0a6b7f23fdbd2bfcf2a7d1b7ff81 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-5ubuntu0.2_powerpc.deb Size/MD5: 70888 183ad6e6a06931546aaf61e3a4b18a5f http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-5ubuntu0.2_powerpc.deb Size/MD5: 123804 329a5a72aebd077af324572164682f63 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-5ubuntu0.2_powerpc.deb Size/MD5: 82914 cd17b36d585b74f981cf60a114590cca http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-5ubuntu0.2_powerpc.deb Size/MD5: 1521750 2b8a7d6de621d3c6d3b8cd5c08696152 Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-8ubuntu0.2.diff.gz Size/MD5: 45618 dbc755c12a206a568cb9ae9aca66940f http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-8ubuntu0.2.dsc Size/MD5: 755 06eb537fd60b01cbb11a8880784fd60e http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz Size/MD5: 1926538 985e9f6d531ac0b2004f5cbebdeea87d amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu0.2_amd64.deb Size/MD5: 118166 0bf95304d5065d615ed018de0b9cd922 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu0.2_amd64.deb Size/MD5: 68912 ae2423d1ef5f0121bab95bc6e329f87a http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu0.2_amd64.deb Size/MD5: 118540 0648911f2721bd0c75a4d7ace1fa70a4 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu0.2_amd64.deb Size/MD5: 77258 2551bfcefd60ec8e8345d4428b6ab470 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu0.2_amd64.deb Size/MD5: 1277566 901de41c9fff67f8fcda5d145b020123 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu0.2_i386.deb Size/MD5: 109086 1d53a295fe6284fb71a4e3bd8edc588a http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu0.2_i386.deb Size/MD5: 63816 a00c3bf07303ec2e33fb65169b1e41ff http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu0.2_i386.deb Size/MD5: 109210 830c462141a5ded03b75466ab070c119 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu0.2_i386.deb Size/MD5: 70854 56139e102e3d054bfec68dfeef3f7e77 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu0.2_i386.deb Size/MD5: 1175132 e1a599e6755b8c33f0e12ed1cc13820f powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu0.2_powerpc.deb Size/MD5: 123704 cb98b033340ef2df0f7fee4985a1b354 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu0.2_powerpc.deb Size/MD5: 71282 820b73d9f97eb01ddc76efa0e9ef7075 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu0.2_powerpc.deb Size/MD5: 124060 ad9aedd0b1782c972ad1aef051dc8c71 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu0.2_powerpc.deb Size/MD5: 83474 9f76ab656a5426df156366286767e8c5 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu0.2_powerpc.deb Size/MD5: 1521478 0336c4c312eac0c1a93e3268ae6160c5 Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-8ubuntu1.1.diff.gz Size/MD5: 45620 826ac92f261cf70074c4d78d992878da http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0-8ubuntu1.1.dsc Size/MD5: 755 47a6df3dba7264b0be29a1e5b8c62ba2 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz Size/MD5: 1926538 985e9f6d531ac0b2004f5cbebdeea87d amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu1.1_amd64.deb Size/MD5: 116828 1c489ace971102d9a1af3f5217e63e64 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu1.1_amd64.deb Size/MD5: 67706 d1f4222c1f1e543c82a5e776ca577ff2 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu1.1_amd64.deb Size/MD5: 117236 42a3121b3926259f3083373eb34b1a9b http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu1.1_amd64.deb Size/MD5: 75928 4a5fdb6cac7e5f1eba63e64f3902a969 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu1.1_amd64.deb Size/MD5: 1241976 aa040939f7118af06f5c6eeeeeef3399 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu1.1_i386.deb Size/MD5: 107270 fb8872a27c2262af63c1c5cec8614fc1 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu1.1_i386.deb Size/MD5: 61480 dd46612c56651fb0477fa07bc8fcf711 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu1.1_i386.deb Size/MD5: 107466 f45507f92f3e6be48e12e02cdf5dcdd7 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu1.1_i386.deb Size/MD5: 68158 bfed171ef82483414c2ad4d815f542ea http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu1.1_i386.deb Size/MD5: 1160746 30e57da1508d126e448f69022cf1c86f powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10-dev_10.0-8ubuntu1.1_powerpc.deb Size/MD5: 118410 7002907e8975e88f87ad2183d1a8372d http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm10_10.0-8ubuntu1.1_powerpc.deb Size/MD5: 67588 70ca72b325fc88b68cf474aaf0bb648c http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9-dev_10.0-8ubuntu1.1_powerpc.deb Size/MD5: 118768 49495ad4fe3372cc9e39bf60687f180c http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/libnetpbm9_10.0-8ubuntu1.1_powerpc.deb Size/MD5: 78582 2224fe9c53dc10215cbaf961f483edc6 http://security.ubuntu.com/ubuntu/pool/main/n/netpbm-free/netpbm_10.0-8ubuntu1.1_powerpc.deb Size/MD5: 1442428 ca17b30fcc16331a918d9fb852f36d1f
Attachment:
signature.asc
Description: Digital signature