<<< Date Index >>>     <<< Thread Index >>>

[USN-391-1] libgsf vulnerability



=========================================================== 
Ubuntu Security Notice USN-391-1          December 04, 2006
libgsf vulnerability
CVE-2006-4514
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.10
Ubuntu 6.06 LTS
Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
  libgsf-1                                 1.12.3-3ubuntu3.1

Ubuntu 6.06 LTS:
  libgsf-1-113                             1.13.99-0ubuntu2.1

Ubuntu 6.10:
  libgsf-1-114                             1.14.1-2ubuntu1.1

After a standard system upgrade you need to restart your desktop session 
to effect the necessary changes.

Details follow:

A heap overflow was discovered in the OLE processing code in libgsf.  If 
a user were tricked into opening a specially crafted OLE document, an 
attacker could execute arbitrary code with the user's privileges.


Updated packages for Ubuntu 5.10:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.12.3-3ubuntu3.1.diff.gz
      Size/MD5:    27753 80621e2ac15a13b5287615a1be6b607c
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.12.3-3ubuntu3.1.dsc
      Size/MD5:      850 e4f4a30353ddd96a4b0fb9c2609f6175
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.12.3.orig.tar.gz
      Size/MD5:   693033 976b3563b39d22d303b912a7dd336e50

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dbg_1.12.3-3ubuntu3.1_amd64.deb
      Size/MD5:    93916 e3f251d2a19dd04508b3fd70118fea9b
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.12.3-3ubuntu3.1_amd64.deb
      Size/MD5:   224874 cf37dac4ff14f771d8a282dfeced02d9
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1_1.12.3-3ubuntu3.1_amd64.deb
      Size/MD5:   127156 d7c0a9ba1e3aa0ad9d0fa3cd9eb15a9b
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dbg_1.12.3-3ubuntu3.1_amd64.deb
      Size/MD5:    10806 ec1d092fc45eb5d0fb1253f427f38a5c
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.12.3-3ubuntu3.1_amd64.deb
      Size/MD5:    56998 9ead84cd7f21f16afede42b7bc5641fd
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1_1.12.3-3ubuntu3.1_amd64.deb
      Size/MD5:    49902 6dccb6462809ec7c3a1df450141e4999

  i386 architecture (x86 compatible Intel/AMD)

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dbg_1.12.3-3ubuntu3.1_i386.deb
      Size/MD5:    86528 7ba7b433ee55244de36652d87256e2c1
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.12.3-3ubuntu3.1_i386.deb
      Size/MD5:   208374 76524689f50ffe03b125c504c4898ca0
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1_1.12.3-3ubuntu3.1_i386.deb
      Size/MD5:   119320 adeca028c0d161f4ef51861ca3f1ca4a
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dbg_1.12.3-3ubuntu3.1_i386.deb
      Size/MD5:     9882 0a768d6ea600c3522cce25a0a90d5928
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.12.3-3ubuntu3.1_i386.deb
      Size/MD5:    56072 911ec2cfba647e50a653b75e69024e04
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1_1.12.3-3ubuntu3.1_i386.deb
      Size/MD5:    49386 194b149dfe80139285ed17e07df361bc

  powerpc architecture (Apple Macintosh G3/G4/G5)

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dbg_1.12.3-3ubuntu3.1_powerpc.deb
      Size/MD5:    96010 c6bd3befc34850dbb2c2878508af0df5
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.12.3-3ubuntu3.1_powerpc.deb
      Size/MD5:   230668 e65c9f0e97d2a57087367364f5dd6255
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1_1.12.3-3ubuntu3.1_powerpc.deb
      Size/MD5:   129918 72f74656095359513b5d4a08d488ac75
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dbg_1.12.3-3ubuntu3.1_powerpc.deb
      Size/MD5:    12526 84cd66738f8722663f33d2b3aed58ace
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.12.3-3ubuntu3.1_powerpc.deb
      Size/MD5:    57162 b05d543c92c391f0c6ddd2e100baa99c
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1_1.12.3-3ubuntu3.1_powerpc.deb
      Size/MD5:    51180 dd8d3a43ff9885747e4e6f524cb1c5e2

  sparc architecture (Sun SPARC/UltraSPARC)

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dbg_1.12.3-3ubuntu3.1_sparc.deb
      Size/MD5:    90552 767d0cdc300d3c4a7f208f510abb96ab
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.12.3-3ubuntu3.1_sparc.deb
      Size/MD5:   217050 58be4ccddce2a59201686b95f3dd95bd
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1_1.12.3-3ubuntu3.1_sparc.deb
      Size/MD5:   124138 67a412538e0325c2e5281bcb72d5e773
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dbg_1.12.3-3ubuntu3.1_sparc.deb
      Size/MD5:     9734 105ed044c45d9fd15140f0197151b561
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.12.3-3ubuntu3.1_sparc.deb
      Size/MD5:    56502 dc87b8a235afa899b731dd802b258190
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1_1.12.3-3ubuntu3.1_sparc.deb
      Size/MD5:    49386 77bee1354c91c61874f28a059f029016

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.13.99-0ubuntu2.1.diff.gz
      Size/MD5:     9363 b1c523b8d8d38c7304441f4911a45358
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.13.99-0ubuntu2.1.dsc
      Size/MD5:      893 40e98355919e234ae2d344b35033b6c5
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.13.99.orig.tar.gz
      Size/MD5:   740978 dfd0c75b75066c4f30d484c79c045a62

  Architecture independent packages:

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-common_1.13.99-0ubuntu2.1_all.deb
      Size/MD5:    44520 1e5736725ef753e9ce8ae592d8d6d77e

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-1-113-dbg_1.13.99-0ubuntu2.1_amd64.deb
      Size/MD5:   100194 1c1f61eb471bdacebb9b560ab6de14c2
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-113_1.13.99-0ubuntu2.1_amd64.deb
      Size/MD5:   129670 6d6e52bde88de0d68949c1fbba6c3165
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.13.99-0ubuntu2.1_amd64.deb
      Size/MD5:   240642 b6e5163afb458255e6672bb91363ea93
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.13.99-0ubuntu2.1_amd64.deb
      Size/MD5:    51230 804d35ba7f4878b06ae14c01b2d21fea
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-gnome-1-113-dbg_1.13.99-0ubuntu2.1_amd64.deb
      Size/MD5:    10744 82daa38d026b93f917e312199c018b08
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-113_1.13.99-0ubuntu2.1_amd64.deb
      Size/MD5:    52686 701b5d256a00525c6d4b40fba6841e20
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.13.99-0ubuntu2.1_amd64.deb
      Size/MD5:    60278 68d31197c6ae7124ae04f711b15ba5b4

  i386 architecture (x86 compatible Intel/AMD)

    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-1-113-dbg_1.13.99-0ubuntu2.1_i386.deb
      Size/MD5:    92654 bcb9d24b9016e846f894edda0fcfd876
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-113_1.13.99-0ubuntu2.1_i386.deb
      Size/MD5:   121370 2fe82e4c0194aa74dd63c24d0b594872
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.13.99-0ubuntu2.1_i386.deb
      Size/MD5:   222942 46e3a01f6c482e1915ab0189490a9ce9
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.13.99-0ubuntu2.1_i386.deb
      Size/MD5:    51108 3e5126f0dac4a1dd275ba0226c0cd9bb
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-gnome-1-113-dbg_1.13.99-0ubuntu2.1_i386.deb
      Size/MD5:     9812 770fa769202ea9f386ed8e80e95e23f7
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-113_1.13.99-0ubuntu2.1_i386.deb
      Size/MD5:    52160 16bf0d5d03d01dc71c3a55fed9e5e036
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.13.99-0ubuntu2.1_i386.deb
      Size/MD5:    59356 ac80966bdca86c14889eb1695a156472

  powerpc architecture (Apple Macintosh G3/G4/G5)

    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-1-113-dbg_1.13.99-0ubuntu2.1_powerpc.deb
      Size/MD5:   101980 53744f68ed423a7fe66d503915a10e24
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-113_1.13.99-0ubuntu2.1_powerpc.deb
      Size/MD5:   130764 291a79c8ef5da7d71014b8e4c4aa3ae1
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.13.99-0ubuntu2.1_powerpc.deb
      Size/MD5:   247112 9ae3b0a2cacdc9434ab69b002a51ba1d
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.13.99-0ubuntu2.1_powerpc.deb
      Size/MD5:    52914 6e2cffd5f173e5d607c9848642ee6131
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-gnome-1-113-dbg_1.13.99-0ubuntu2.1_powerpc.deb
      Size/MD5:    12420 ca70e82767500f48de7f322b160a706b
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-113_1.13.99-0ubuntu2.1_powerpc.deb
      Size/MD5:    53986 37edad0daf13f5735c02aa19865e9558
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.13.99-0ubuntu2.1_powerpc.deb
      Size/MD5:    60458 f0807524a5015359301e881e2bd60db0

  sparc architecture (Sun SPARC/UltraSPARC)

    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-1-113-dbg_1.13.99-0ubuntu2.1_sparc.deb
      Size/MD5:    96218 be46011a498d119d834e286f43b77278
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-113_1.13.99-0ubuntu2.1_sparc.deb
      Size/MD5:   125986 85ea3ce9588a52019a8e5e2f8be298bd
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.13.99-0ubuntu2.1_sparc.deb
      Size/MD5:   231860 6820fff8de91dd44e6bbaa4cbb01b165
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.13.99-0ubuntu2.1_sparc.deb
      Size/MD5:    51246 f31f57b09a465c1bdf250b55ac6a5a5d
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-gnome-1-113-dbg_1.13.99-0ubuntu2.1_sparc.deb
      Size/MD5:     9652 ed2eba00c8360233cdb9574d878aea37
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-113_1.13.99-0ubuntu2.1_sparc.deb
      Size/MD5:    52142 78de48d6c9602c35e0ce831895310462
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.13.99-0ubuntu2.1_sparc.deb
      Size/MD5:    59762 8e0f17ca33004cf4061d01217a6f631e

Updated packages for Ubuntu 6.10:

  Source archives:

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.14.1-2ubuntu1.1.diff.gz
      Size/MD5:     9276 bb8529ca4bbca6befd63abf9d5ee6bd3
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.14.1-2ubuntu1.1.dsc
      Size/MD5:      886 8a360c2db8e5f18d3ff10150a678bf66
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf_1.14.1.orig.tar.gz
      Size/MD5:   736910 bf918b450a946a365719f78a957700bf

  Architecture independent packages:

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-common_1.14.1-2ubuntu1.1_all.deb
      Size/MD5:    45716 1cf2b68bb59e6c99406718d95e85b51b

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114-dbg_1.14.1-2ubuntu1.1_amd64.deb
      Size/MD5:   101202 2fc4818219dd2eec12be797f9694e2d1
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114_1.14.1-2ubuntu1.1_amd64.deb
      Size/MD5:   132190 4919dee1959bd79ef9b9e687e05faccb
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.14.1-2ubuntu1.1_amd64.deb
      Size/MD5:   241188 254fef90bced7a4c7af377534b3abbf0
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.14.1-2ubuntu1.1_amd64.deb
      Size/MD5:    53160 07c590ffa9b4678b415dd2f43705f5c9
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114-dbg_1.14.1-2ubuntu1.1_amd64.deb
      Size/MD5:    10768 5fbf90f0eecda7b4b5ff445aeecd41f0
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114_1.14.1-2ubuntu1.1_amd64.deb
      Size/MD5:    54292 d2278a4d4e1b3adfae427c40416c038d
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.14.1-2ubuntu1.1_amd64.deb
      Size/MD5:    61232 ead489a5ea7dd59be1958e5ad9b9dce1

  i386 architecture (x86 compatible Intel/AMD)

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114-dbg_1.14.1-2ubuntu1.1_i386.deb
      Size/MD5:    97614 a581f24e84734643739425a131e16b35
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114_1.14.1-2ubuntu1.1_i386.deb
      Size/MD5:   127752 48371720e8b5a76b30be2a57cbb6e3fc
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.14.1-2ubuntu1.1_i386.deb
      Size/MD5:   226382 b74f367c699e81dca2cbfa83d90cf2d5
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.14.1-2ubuntu1.1_i386.deb
      Size/MD5:    52754 1baf5e199555747eeeb9059c443ace50
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114-dbg_1.14.1-2ubuntu1.1_i386.deb
      Size/MD5:    10158 3d73aa4297945362a562b3b24b345c95
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114_1.14.1-2ubuntu1.1_i386.deb
      Size/MD5:    53642 161a02edd48a803d3d088a6bb592e0e4
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.14.1-2ubuntu1.1_i386.deb
      Size/MD5:    60252 05fb5a2706802e46a7fed8639537d377

  powerpc architecture (Apple Macintosh G3/G4/G5)

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114-dbg_1.14.1-2ubuntu1.1_powerpc.deb
      Size/MD5:   103532 bf47b7789302ef795e12d7539b89f561
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114_1.14.1-2ubuntu1.1_powerpc.deb
      Size/MD5:   133352 6b66a2247fb20df145507c05fb68f12c
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.14.1-2ubuntu1.1_powerpc.deb
      Size/MD5:   247112 7215b6cfc282fbc2b6f87c44ee10629b
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.14.1-2ubuntu1.1_powerpc.deb
      Size/MD5:    54614 7ae855105d1039b60a396d5279bbb37f
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114-dbg_1.14.1-2ubuntu1.1_powerpc.deb
      Size/MD5:    12586 9d6fd3c99baae16902b57be2e0f55b66
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114_1.14.1-2ubuntu1.1_powerpc.deb
      Size/MD5:    55228 fe64dd66a2dbfd43ddb2ca8d5ec59388
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.14.1-2ubuntu1.1_powerpc.deb
      Size/MD5:    61102 5afa1603f0189763620b0d50b1a114eb

  sparc architecture (Sun SPARC/UltraSPARC)

    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114-dbg_1.14.1-2ubuntu1.1_sparc.deb
      Size/MD5:    97862 deeb1a4f46bf418ef9d21942d433102c
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-114_1.14.1-2ubuntu1.1_sparc.deb
      Size/MD5:   128736 f243a563faa9be216fdd8715137ef7b0
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-1-dev_1.14.1-2ubuntu1.1_sparc.deb
      Size/MD5:   232330 0a425b8e18460919255522d84238a4f2
    
http://security.ubuntu.com/ubuntu/pool/universe/libg/libgsf/libgsf-bin_1.14.1-2ubuntu1.1_sparc.deb
      Size/MD5:    52886 ba50b41aa260d9a8fe163d1a6cfeddda
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114-dbg_1.14.1-2ubuntu1.1_sparc.deb
      Size/MD5:     9702 f96c8d050d8d50e32f5e75906c902ae3
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-114_1.14.1-2ubuntu1.1_sparc.deb
      Size/MD5:    53318 6cdd39d0eaf62737cb0818c2d8deca05
    
http://security.ubuntu.com/ubuntu/pool/main/libg/libgsf/libgsf-gnome-1-dev_1.14.1-2ubuntu1.1_sparc.deb
      Size/MD5:    60388 2368454dd6d4020d95871f8abd5c7a0a

Attachment: signature.asc
Description: Digital signature