星球
Lenovo的Thinkpad快遞送修回來開箱
USN-1358-1: PHP vulnerabilities
Ubuntu Security Notice USN-1358-1
9th February, 2012
php5 vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS
Summary
Multiple vulnerabilities in PHP.
Software description
- php5
- HTML-embedded scripting language interpreter
Details
It was discovered that PHP computed hash values for form parameters
without restricting the ability to trigger hash collisions predictably.
This could allow a remote attacker to cause a denial of service by
sending many crafted parameters. (CVE-2011-4885)
ATTENTION: this update changes previous PHP behavior by
limiting the number of external input variables to 1000.
This may be increased by adding a "max_input_vars"
directive to the php.ini configuration file. See
http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars
for more information.
Stefan Esser discovered that the fix to address the predictable hash
collision issue, CVE-2011-4885, did not properly handle the situation
where the limit was reached. This could allow a remote attacker to
cause a denial of service or execute arbitrary code via a request
containing a large number of variables. (CVE-2012-0830)
It was discovered that PHP did not always check the return value of
the zend_strndup function. This could allow a remote attacker to
cause a denial of service. (CVE-2011-4153)
It was discovered that PHP did not properly enforce libxslt security
settings. This could allow a remote attacker to create arbitrary
files via a crafted XSLT stylesheet that uses the libxslt output
extension. (CVE-2012-0057)
It was discovered that PHP did not properly enforce that PDORow
objects could not be serialized and not be saved in a session. A
remote attacker could use this to cause a denial of service via an
application crash. (CVE-2012-0788)
It was discovered that PHP allowed the magic_quotes_gpc setting to
be disabled remotely. This could allow a remote attacker to bypass
restrictions that could prevent an SQL injection. (CVE-2012-0831)
USN 1126-1 addressed an issue where the /etc/cron.d/php5 cron job
for PHP allowed local users to delete arbitrary files via a symlink
attack on a directory under /var/lib/php5/. Emese Revfy discovered
that the fix had not been applied to PHP for Ubuntu 10.04 LTS. This
update corrects the issue. We apologize for the error. (CVE-2011-0441)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 11.10:
php5-cli
5.3.6-13ubuntu3.5
php5-cgi
5.3.6-13ubuntu3.5
php5-common
5.3.6-13ubuntu3.5
php5-xsl
5.3.6-13ubuntu3.5
php5
5.3.6-13ubuntu3.5
libapache2-mod-php5
5.3.6-13ubuntu3.5
- Ubuntu 11.04:
php5-cli
5.3.5-1ubuntu7.6
php5-cgi
5.3.5-1ubuntu7.6
php5-common
5.3.5-1ubuntu7.6
php5-xsl
5.3.5-1ubuntu7.6
php5
5.3.5-1ubuntu7.6
libapache2-mod-php5
5.3.5-1ubuntu7.6
- Ubuntu 10.10:
php5-cli
5.3.3-1ubuntu9.9
php5-cgi
5.3.3-1ubuntu9.9
php5-common
5.3.3-1ubuntu9.9
php5-xsl
5.3.3-1ubuntu9.9
php5
5.3.3-1ubuntu9.9
libapache2-mod-php5
5.3.3-1ubuntu9.9
- Ubuntu 10.04 LTS:
php5-cli
5.3.2-1ubuntu4.13
php5-cgi
5.3.2-1ubuntu4.13
php5-common
5.3.2-1ubuntu4.13
php5-xsl
5.3.2-1ubuntu4.13
php5
5.3.2-1ubuntu4.13
libapache2-mod-php5
5.3.2-1ubuntu4.13
- Ubuntu 8.04 LTS:
php5-cli
5.2.4-2ubuntu5.22
php5-cgi
5.2.4-2ubuntu5.22
php5-common
5.2.4-2ubuntu5.22
php5-xsl
5.2.4-2ubuntu5.22
php5
5.2.4-2ubuntu5.22
libapache2-mod-php5
5.2.4-2ubuntu5.22
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
CVE-2011-0441,
CVE-2011-4153,
CVE-2011-4885,
CVE-2012-0057,
CVE-2012-0788,
CVE-2012-0830,
CVE-2012-0831
USN-1358-2: PHP regression
Ubuntu Security Notice USN-1358-2
13th February, 2012
php5 regression
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 8.04 LTS
Summary
USN 1358-1 introduced a regression in PHP.
Software description
- php5
- HTML-embedded scripting language interpreter
Details
USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for
CVE-2012-0831 introduced a regression where the state of the
magic_quotes_gpc setting was not correctly reflected when calling
the ini_get() function.
We apologize for the inconvenience.
Original advisory details:
It was discovered that PHP computed hash values for form parameters
without restricting the ability to trigger hash collisions predictably.
This could allow a remote attacker to cause a denial of service by
sending many crafted parameters. (CVE-2011-4885)
ATTENTION: this update changes previous PHP behavior by
limiting the number of external input variables to 1000.
This may be increased by adding a "max_input_vars"
directive to the php.ini configuration file. See
http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars
for more information.
Stefan Esser discovered that the fix to address the predictable hash
collision issue, CVE-2011-4885, did not properly handle the situation
where the limit was reached. This could allow a remote attacker to
cause a denial of service or execute arbitrary code via a request
containing a large number of variables. (CVE-2012-0830)
It was discovered that PHP did not always check the return value of
the zend_strndup function. This could allow a remote attacker to
cause a denial of service. (CVE-2011-4153)
It was discovered that PHP did not properly enforce libxslt security
settings. This could allow a remote attacker to create arbitrary
files via a crafted XSLT stylesheet that uses the libxslt output
extension. (CVE-2012-0057)
It was discovered that PHP did not properly enforce that PDORow
objects could not be serialized and not be saved in a session. A
remote attacker could use this to cause a denial of service via an
application crash. (CVE-2012-0788)
It was discovered that PHP allowed the magic_quotes_gpc setting to
be disabled remotely. This could allow a remote attacker to bypass
restrictions that could prevent an SQL injection. (CVE-2012-0831)
USN 1126-1 addressed an issue where the /etc/cron.d/php5 cron job
for PHP allowed local users to delete arbitrary files via a symlink
attack on a directory under /var/lib/php5/. Emese Revfy discovered
that the fix had not been applied to PHP for Ubuntu 10.04 LTS. This
update corrects the issue. We apologize for the error. (CVE-2011-0441)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 11.10:
php5-cli
5.3.6-13ubuntu3.6
php5
5.3.6-13ubuntu3.6
libapache2-mod-php5
5.3.6-13ubuntu3.6
php5-cgi
5.3.6-13ubuntu3.6
- Ubuntu 11.04:
php5-cli
5.3.5-1ubuntu7.7
php5
5.3.5-1ubuntu7.7
libapache2-mod-php5
5.3.5-1ubuntu7.7
php5-cgi
5.3.5-1ubuntu7.7
- Ubuntu 10.10:
php5-cli
5.3.3-1ubuntu9.10
php5
5.3.3-1ubuntu9.10
libapache2-mod-php5
5.3.3-1ubuntu9.10
php5-cgi
5.3.3-1ubuntu9.10
- Ubuntu 10.04 LTS:
php5-cli
5.3.2-1ubuntu4.14
php5
5.3.2-1ubuntu4.14
libapache2-mod-php5
5.3.2-1ubuntu4.14
php5-cgi
5.3.2-1ubuntu4.14
- Ubuntu 8.04 LTS:
php5-cli
5.2.4-2ubuntu5.23
php5
5.2.4-2ubuntu5.23
libapache2-mod-php5
5.2.4-2ubuntu5.23
php5-cgi
5.2.4-2ubuntu5.23
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
USN-1359-1: Tomcat vulnerabilities
Ubuntu Security Notice USN-1359-1
13th February, 2012
tomcat6 vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary
Tomcat could be made to crash or expose sensitive information if it
received specially crafted network traffic.
Software description
- tomcat6
- Servlet and JSP engine
Details
It was discovered that Tomcat incorrectly performed certain caching and
recycling operations. A remote attacker could use this flaw to obtain read
access to IP address and HTTP header information in certain cases. This
issue only applied to Ubuntu 11.10. (CVE-2011-3375)
It was discovered that Tomcat computed hash values for form parameters
without restricting the ability to trigger hash collisions predictably.
A remote attacker could cause a denial of service by sending many crafted
parameters. (CVE-2011-4858)
It was discovered that Tomcat incorrectly handled parameters. A remote
attacker could cause a denial of service by sending requests with a large
number of parameters and values. (CVE-2012-0022)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 11.10:
libtomcat6-java
6.0.32-5ubuntu1.2
- Ubuntu 11.04:
libtomcat6-java
6.0.28-10ubuntu2.3
- Ubuntu 10.10:
libtomcat6-java
6.0.28-2ubuntu1.6
- Ubuntu 10.04 LTS:
libtomcat6-java
6.0.24-2ubuntu1.10
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
USN-1360-1: Firefox vulnerability
Ubuntu Security Notice USN-1360-1
13th February, 2012
firefox vulnerability
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary
A security vulnerability has been fixed in Firefox.
Software description
- firefox
- Mozilla Open Source web browser
Details
Andrew McCreight and Olli Pettay discovered a use-after-free vulnerability
in the XBL bindings. An attacker could exploit this to cause a denial of
service via application crash, or potentially execute code with the
privileges of the user invoking Firefox. (CVE-2012-0452)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 11.10:
firefox
10.0.1+build1-0ubuntu0.11.10.1
- Ubuntu 11.04:
firefox
10.0.1+build1-0ubuntu0.11.04.1
- Ubuntu 10.10:
firefox
10.0.1+build1-0ubuntu0.10.10.1
- Ubuntu 10.04 LTS:
firefox
10.0.1+build1-0ubuntu0.10.04.1
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart Firefox to make all the
necessary changes.
References
USN-1361-1: Linux kernel vulnerabilities
Ubuntu Security Notice USN-1361-1
13th February, 2012
linux vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 10.10
Summary
Several security issues were fixed in the kernel.
Software description
- linux
- Linux kernel
Details
Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user
who can mount a FUSE file system could cause a denial of service.
(CVE-2011-3353)
A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual
interrupt control is not available a local user could use this to cause a
denial of service by starting a timer. (CVE-2011-4622)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Chen Haogang discovered an integer overflow that could result in memory
corruption. A local unprivileged user could use this to crash the system.
(CVE-2012-0044)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 10.10:
linux-image-2.6.35-32-powerpc64-smp
2.6.35-32.65
linux-image-2.6.35-32-generic-pae
2.6.35-32.65
linux-image-2.6.35-32-versatile
2.6.35-32.65
linux-image-2.6.35-32-generic
2.6.35-32.65
linux-image-2.6.35-32-virtual
2.6.35-32.65
linux-image-2.6.35-32-powerpc-smp
2.6.35-32.65
linux-image-2.6.35-32-powerpc
2.6.35-32.65
linux-image-2.6.35-32-server
2.6.35-32.65
linux-image-2.6.35-32-omap
2.6.35-32.65
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
USN-1362-1: Linux kernel vulnerabilities
Ubuntu Security Notice USN-1362-1
13th February, 2012
linux vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 11.04
Summary
Several security issues were fixed in the kernel.
Software description
- linux
- Linux kernel
Details
Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user
who can mount a FUSE file system could cause a denial of service.
(CVE-2011-3353)
A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual
interrupt control is not available a local user could use this to cause a
denial of service by starting a timer. (CVE-2011-4622)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Chen Haogang discovered an integer overflow that could result in memory
corruption. A local unprivileged user could use this to crash the system.
(CVE-2012-0044)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 11.04:
linux-image-2.6.38-13-powerpc
2.6.38-13.55
linux-image-2.6.38-13-powerpc64-smp
2.6.38-13.55
linux-image-2.6.38-13-generic-pae
2.6.38-13.55
linux-image-2.6.38-13-versatile
2.6.38-13.55
linux-image-2.6.38-13-generic
2.6.38-13.55
linux-image-2.6.38-13-virtual
2.6.38-13.55
linux-image-2.6.38-13-server
2.6.38-13.55
linux-image-2.6.38-13-omap
2.6.38-13.55
linux-image-2.6.38-13-powerpc-smp
2.6.38-13.55
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
USN-1363-1: Linux kernel vulnerabilities
Ubuntu Security Notice USN-1363-1
13th February, 2012
linux vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 11.10
Summary
Several security issues were fixed in the kernel.
Software description
- linux
- Linux kernel
Details
A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual
interrupt control is not available a local user could use this to cause a
denial of service by starting a timer. (CVE-2011-4622)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the
extended permission checks needed by cgroups and Linux Security Modules
(LSMs). A local user could exploit this to by-pass security policy and
access files that should not be accessible. (CVE-2012-0055)
A flaw was found in the linux kernels IPv4 IGMP query processing. A remote
attacker could exploit this to cause a denial of service. (CVE-2012-0207)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 11.10:
linux-image-3.0.0-16-server
3.0.0-16.28
linux-image-3.0.0-16-powerpc-smp
3.0.0-16.28
linux-image-3.0.0-16-virtual
3.0.0-16.28
linux-image-3.0.0-16-powerpc64-smp
3.0.0-16.28
linux-image-3.0.0-16-powerpc
3.0.0-16.28
linux-image-3.0.0-16-generic-pae
3.0.0-16.28
linux-image-3.0.0-16-omap
3.0.0-16.28
linux-image-3.0.0-16-generic
3.0.0-16.28
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.
References
USN-1364-1: Linux kernel (OMAP4) vulnerabilities
Ubuntu Security Notice USN-1364-1
13th February, 2012
linux-ti-omap4 vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 11.10
Summary
Several security issues were fixed in the kernel.
Software description
- linux-ti-omap4
- Linux kernel for OMAP4
Details
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the
extended permission checks needed by cgroups and Linux Security Modules
(LSMs). A local user could exploit this to by-pass security policy and
access files that should not be accessible. (CVE-2012-0055)
Jüri Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem
permissions. A local attacker could exploit this and gain root privileges.
(CVE-2012-0056)
A flaw was found in the linux kernels IPv4 IGMP query processing. A remote
attacker could exploit this to cause a denial of service. (CVE-2012-0207)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 11.10:
linux-image-3.0.0-1207-omap4
3.0.0-1207.16
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.
References
USN-1350-1: Thunderbird vulnerabilities
Ubuntu Security Notice USN-1350-1
8th February, 2012
thunderbird vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary
Several security issues were fixed in Thunderbird.
Software description
- thunderbird
- Mozilla Open Source mail and newsgroup client
Details
Jesse Ruderman and Bob Clary discovered memory safety issues affecting
Thunderbird. If the user were tricked into opening a specially crafted
page, an attacker could exploit these to cause a denial of service via
application crash, or potentially execute code with the privileges of the
user invoking Thunderbird. (CVE-2012-0442)
It was discovered that Thunderbird did not properly handle node removal in
the DOM. If the user were tricked into opening a specially crafted page, an
attacker could exploit this to cause a denial of service via application
crash, or potentially execute code with the privileges of the user invoking
Thunderbird. (CVE-2011-3659)
It was discovered that memory corruption could occur during the decoding of
Ogg Vorbis files. If the user were tricked into opening a specially crafted
file, an attacker could exploit this to cause a denial of service via
application crash, or potentially execute code with the privileges of the
user invoking Thunderbird. (CVE-2012-0444)
Nicolas Gregoire and Aki Helin discovered that when processing a malformed
embedded XSLT stylesheet, Thunderbird can crash due to memory corruption.
If the user were tricked into opening a specially crafted page, an attacker
could exploit this to cause a denial of service via application crash, or
potentially execute code with the privileges of the user invoking
Thunderbird. (CVE-2012-0449)
Gregory Fleischer discovered that requests using IPv6 hostname syntax
through certain proxies might generate errors. An attacker might be able to
use this to read sensitive data from the error messages. (CVE-2011-3670)
Update instructions
The problem can be corrected by updating your system to the following
package version:
- Ubuntu 11.04:
thunderbird
3.1.18+build2+nobinonly-0ubuntu0.11.04.1
- Ubuntu 10.10:
thunderbird
3.1.18+build2+nobinonly-0ubuntu0.10.10.1
- Ubuntu 10.04 LTS:
thunderbird
3.1.18+build2+nobinonly-0ubuntu0.10.04.1
To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart Thunderbird to make
all the necessary changes.
References
CVE-2011-3659,
CVE-2011-3670,
CVE-2012-0442,
CVE-2012-0444,
CVE-2012-0449