=========================================================== Ubuntu Security Notice USN-292-1 June 09, 2006 binutils vulnerability CVE-2006-2362 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: binutils 2.15-5ubuntu2.3 binutils-dev 2.15-5ubuntu2.3 Ubuntu 5.10: binutils 2.16.1-2ubuntu6.1 binutils-dev 2.16.1-2ubuntu6.1 Ubuntu 6.06 LTS: binutils 2.16.1cvs20060117-1ubuntu2.1 binutils-dev 2.16.1cvs20060117-1ubuntu2.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: CVE-2006-2362 Jesus Olmos Gonzalez discovered a buffer overflow in the Tektronix Hex Format (TekHex) backend of the BFD library, such as used by the 'strings' utility. By tricking an user or automated system into processing a specially crafted file with 'strings' or a vulnerable third-party application using the BFD library, this could be exploited to crash the application, or possibly even execute arbitrary code with the privileges of the user. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.15-5ubuntu2.3.diff.gz Size/MD5: 42485 80c80af3cabf28f2d94c8050141c1799 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.15-5ubuntu2.3.dsc Size/MD5: 781 3193a91375ca923cd096d67e1baf5f70 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.15.orig.tar.gz Size/MD5: 15134701 ea140e23ae50a61a79902aa67da5214e Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-doc_2.15-5ubuntu2.3_all.deb Size/MD5: 434164 afd17f5f5fda5ac8bfb51e5f28d2aabe amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.15-5ubuntu2.3_amd64.deb Size/MD5: 2839664 45f59cff5b54b4bc490a5d1a19c6edfb http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.15-5ubuntu2.3_amd64.deb Size/MD5: 8021638 5cff900484834c17832a5e4153d52bea http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.15-5ubuntu2.3_amd64.deb Size/MD5: 1368978 5181ad2ba9bc81d3425a40ddd5b7c8b3 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.15-5ubuntu2.3_i386.deb Size/MD5: 2795808 58a177d7b22d4cac79f4aa0e6fce19d8 http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.15-5ubuntu2.3_i386.deb Size/MD5: 7868360 0421358316d31dd7eed8e6501b513b1f http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.15-5ubuntu2.3_i386.deb Size/MD5: 1323786 d0b38cac43404b4ab990cb8c91297a31 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.15-5ubuntu2.3_powerpc.deb Size/MD5: 3470818 22a23835d8c87e5138f049a1366f8d72 http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.15-5ubuntu2.3_powerpc.deb Size/MD5: 9385376 bc2b248edc473e43e5f6e79c07f16f2b http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.15-5ubuntu2.3_powerpc.deb Size/MD5: 1464932 4555df0ac5ec08900a699561b18af0ef Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1-2ubuntu6.1.diff.gz Size/MD5: 40719 cc66e2e40734ba885e2ba5aa2fdfefe8 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1-2ubuntu6.1.dsc Size/MD5: 892 cab651309c26e9d0836244566c3b531a http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1.orig.tar.gz Size/MD5: 16378360 818bd33cc45bfe3d5b4b2ddf288ecdea Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-doc_2.16.1-2ubuntu6.1_all.deb Size/MD5: 459696 5ee7d462a7ceb5556696786d77bc35c3 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.16.1-2ubuntu6.1_amd64.deb Size/MD5: 2359248 228b915e78af33a0a55a22d9bc5c0d97 http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.16.1-2ubuntu6.1_amd64.deb Size/MD5: 7202130 40b75a560600b1875856d4fd0269d7a7 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static-udeb_2.16.1-2ubuntu6.1_amd64.udeb Size/MD5: 605800 e8f46421823b202b41d28fa04689faea http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static_2.16.1-2ubuntu6.1_amd64.deb Size/MD5: 631796 1d81a54c83f2c36a808ab2bbf76847db http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1-2ubuntu6.1_amd64.deb Size/MD5: 1553476 e33280cc3782d5c49b8e791b853798f7 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.16.1-2ubuntu6.1_i386.deb Size/MD5: 2219870 4583274706b566f0b793437b0911c38a http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.16.1-2ubuntu6.1_i386.deb Size/MD5: 6748662 b2410965d5b12bfb90c661ade957f36c http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static-udeb_2.16.1-2ubuntu6.1_i386.udeb Size/MD5: 500856 a47952adc1115e616c9ced5f017b3b01 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static_2.16.1-2ubuntu6.1_i386.deb Size/MD5: 526550 c5e7b75387de923d1587e16f47a6c2f8 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1-2ubuntu6.1_i386.deb Size/MD5: 1469762 22f41b9c30f6b5eb5ea65bac4d7181ac powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.16.1-2ubuntu6.1_powerpc.deb Size/MD5: 2836630 d52475018822448eca341ca8e72aa2a2 http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.16.1-2ubuntu6.1_powerpc.deb Size/MD5: 8204686 fd095eff270a158450a698378748c1de http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static-udeb_2.16.1-2ubuntu6.1_powerpc.udeb Size/MD5: 619146 d28e2c16bf584aa5796182425cc2cb59 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static_2.16.1-2ubuntu6.1_powerpc.deb Size/MD5: 645000 5c7ed7ef9ce1862bcc423b0a1c8ed482 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1-2ubuntu6.1_powerpc.deb Size/MD5: 1653150 9306e61c255a357b24eb42a156072e45 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1cvs20060117-1ubuntu2.1.diff.gz Size/MD5: 109962 b95a8854158a925d13d215178af9e486 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1cvs20060117-1ubuntu2.1.dsc Size/MD5: 935 37392e8f2fe4d5d5236bc316fe23c6ff http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1cvs20060117.orig.tar.gz Size/MD5: 15861156 07e4b34aad2c87c8dd1760bf31f07d19 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-doc_2.16.1cvs20060117-1ubuntu2.1_all.deb Size/MD5: 472476 6855cfbfad68ff0d65645b496b01f47e amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.16.1cvs20060117-1ubuntu2.1_amd64.deb Size/MD5: 2526846 12fc9c07d960944cc7a84116c2935bca http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.16.1cvs20060117-1ubuntu2.1_amd64.deb Size/MD5: 7623950 a090a6a8eb5338e56a30b4f487746a5a http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static-udeb_2.16.1cvs20060117-1ubuntu2.1_amd64.udeb Size/MD5: 619416 8330c3d630ad9b92f244025d5f12e9b8 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static_2.16.1cvs20060117-1ubuntu2.1_amd64.deb Size/MD5: 646188 416a1c716fafbf927962ea1234982b29 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1cvs20060117-1ubuntu2.1_amd64.deb Size/MD5: 1563528 48102b51587abae5aa01220f03be3eae i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.16.1cvs20060117-1ubuntu2.1_i386.deb Size/MD5: 2378764 88f5684031a424e739297aeecef1339c http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.16.1cvs20060117-1ubuntu2.1_i386.deb Size/MD5: 7088902 2312578ed334da7c4b86f505cae6efba http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static-udeb_2.16.1cvs20060117-1ubuntu2.1_i386.udeb Size/MD5: 509156 4e94095ce26b880568592830603fc70c http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static_2.16.1cvs20060117-1ubuntu2.1_i386.deb Size/MD5: 536126 704f32352d39feaea0fe1634669b43c0 http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1cvs20060117-1ubuntu2.1_i386.deb Size/MD5: 1406670 4499747cec6bb1463f7b85144d59f466 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-dev_2.16.1cvs20060117-1ubuntu2.1_powerpc.deb Size/MD5: 3037336 fb0166dc0ae77d7bdd697aef77627ddf http://security.ubuntu.com/ubuntu/pool/universe/b/binutils/binutils-multiarch_2.16.1cvs20060117-1ubuntu2.1_powerpc.deb Size/MD5: 8637182 ed2cc2d8bb12a76afa57795dce320cdd http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static-udeb_2.16.1cvs20060117-1ubuntu2.1_powerpc.udeb Size/MD5: 633678 01f1fecbd32a6b6b034b8b15426b2f0b http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils-static_2.16.1cvs20060117-1ubuntu2.1_powerpc.deb Size/MD5: 660370 15875532d9a87a7c4ecf2f861d536f8b http://security.ubuntu.com/ubuntu/pool/main/b/binutils/binutils_2.16.1cvs20060117-1ubuntu2.1_powerpc.deb Size/MD5: 1599984 4d9b62d36d5de26639506e7b1f29bdb8
Attachment:
signature.asc
Description: Digital signature