lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20061011164002.GE12290@outflux.net>
Date: Wed, 11 Oct 2006 09:40:02 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-363-1] libmusicbrainz vulnerability

=========================================================== 
Ubuntu Security Notice USN-363-1           October 11, 2006
libmusicbrainz-2.0, libmusicbrainz-2.1 vulnerability
CVE-2006-4197
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
  libmusicbrainz2                          2.0.2-10ubuntu1.1
  libmusicbrainz4                          2.1.1-3ubuntu1.1

Ubuntu 5.10:
  libmusicbrainz2c2                        2.0.2-10ubuntu2.1
  libmusicbrainz4c2                        2.1.1-3ubuntu3.1

Ubuntu 6.06 LTS:
  libmusicbrainz4c2a                       2.1.2-2ubuntu3.1

After a standard system upgrade you need to restart your session to 
effect the necessary changes.

Details follow:

Luigi Auriemma discovered multiple buffer overflows in libmusicbrainz. 
When a user made queries to MusicBrainz servers, it was possible for 
malicious servers, or man-in-the-middle systems posing as servers, to 
send a crafted reply to the client request and remotely gain access to 
the user's system with the user's privileges.


Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz-2.0_2.0.2-10ubuntu1.1.diff.gz
      Size/MD5:   168870 b39d7c7a1912a6e3619da89175ad8056
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz-2.0_2.0.2-10ubuntu1.1.dsc
      Size/MD5:      773 ff16d05dd42cd50e801637eb9de65146
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz-2.0_2.0.2.orig.tar.gz
      Size/MD5:   583123 28226090a5bf5bc844634e1d4faf6334
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.1-3ubuntu1.1.diff.gz
      Size/MD5:     4538 2ddbf3ddd61228d37f4d3f240085ae31
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.1-3ubuntu1.1.dsc
      Size/MD5:      665 0735e7ca6fc54820abdd6811c64f116c
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.1.orig.tar.gz
      Size/MD5:   528162 4f753d93a85cf413e00f1394b8cbd269

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/libmusicbrainz2-dev_2.0.2-10ubuntu1.1_amd64.deb
      Size/MD5:   151662 11a3cc0c08f3b603589016fcf74183cd
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz2_2.0.2-10ubuntu1.1_amd64.deb
      Size/MD5:   106520 8551ca098d9d24759805d7e4ef817600
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.1-3ubuntu1.1_amd64.deb
      Size/MD5:   116038 7f005799f60ce18c4174e06266330094
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4_2.1.1-3ubuntu1.1_amd64.deb
      Size/MD5:    80294 b93244958f39ebd190726ce07071c616
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python-musicbrainz_2.0.2-10ubuntu1.1_amd64.deb
      Size/MD5:     4968 efc242400b66eb329a7c35d00f75b6bd
    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/python2.3-musicbrainz_2.0.2-10ubuntu1.1_amd64.deb
      Size/MD5:    23832 473051ed63ea5e977f3c96657bd69d7e
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python2.4-musicbrainz_2.0.2-10ubuntu1.1_amd64.deb
      Size/MD5:    23832 e9ea4ed17012d0a55955e6804005c700

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/libmusicbrainz2-dev_2.0.2-10ubuntu1.1_i386.deb
      Size/MD5:   144048 b3954219a2a25e12081bf701c9c7d262
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz2_2.0.2-10ubuntu1.1_i386.deb
      Size/MD5:   107440 979e2695515ebff93ca8651f66c0b97d
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.1-3ubuntu1.1_i386.deb
      Size/MD5:   109176 471c3ab6d33af47f641c70bdde8b7367
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4_2.1.1-3ubuntu1.1_i386.deb
      Size/MD5:    81894 4fcf7b5e1cbfb6b22114ba2da84aba8f
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python-musicbrainz_2.0.2-10ubuntu1.1_i386.deb
      Size/MD5:     4966 3522899dea68ef3f32aab0af0487bf68
    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/python2.3-musicbrainz_2.0.2-10ubuntu1.1_i386.deb
      Size/MD5:    22534 82336abec98bfaf2ed8baa7ea354d7cf
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python2.4-musicbrainz_2.0.2-10ubuntu1.1_i386.deb
      Size/MD5:    22534 f10158279f2840c5d06c17eaee3e63cb

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/libmusicbrainz2-dev_2.0.2-10ubuntu1.1_powerpc.deb
      Size/MD5:   158040 51bdd73d1e8fb0b9c228b6d4bdfd010e
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz2_2.0.2-10ubuntu1.1_powerpc.deb
      Size/MD5:   109394 2e132b1255942fbe39483d1a2aee94fc
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.1-3ubuntu1.1_powerpc.deb
      Size/MD5:   119924 cb7ac6b85efc94c069f67169b456b62a
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4_2.1.1-3ubuntu1.1_powerpc.deb
      Size/MD5:    82274 a3e711a3288ab7dd0ebd03e0da193ca5
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python-musicbrainz_2.0.2-10ubuntu1.1_powerpc.deb
      Size/MD5:     4974 6ab5ccd52d78f91a7694bc109f4ffe23
    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/python2.3-musicbrainz_2.0.2-10ubuntu1.1_powerpc.deb
      Size/MD5:    24240 a388e8a87c30c69d3a4342ee5eee0725
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python2.4-musicbrainz_2.0.2-10ubuntu1.1_powerpc.deb
      Size/MD5:    24244 a05936e73dff9d55191c3fb24822174a

Updated packages for Ubuntu 5.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz-2.0_2.0.2-10ubuntu2.1.diff.gz
      Size/MD5:   168947 301e4cfa379ea66dba7ad75256f20889
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz-2.0_2.0.2-10ubuntu2.1.dsc
      Size/MD5:      775 07607b028e9a30e78dacad8ba622ee2b
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz-2.0_2.0.2.orig.tar.gz
      Size/MD5:   583123 28226090a5bf5bc844634e1d4faf6334
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.1-3ubuntu3.1.diff.gz
      Size/MD5:     4853 2cefa371c36bb82d865e931f8e0d4777
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.1-3ubuntu3.1.dsc
      Size/MD5:      667 e92b8c31891b4c304a6e7eb08e107459
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.1.orig.tar.gz
      Size/MD5:   528162 4f753d93a85cf413e00f1394b8cbd269

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/libmusicbrainz2-dev_2.0.2-10ubuntu2.1_amd64.deb
      Size/MD5:   192246 b4dfd9372f0883cc3bae32724ee96057
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz2c2_2.0.2-10ubuntu2.1_amd64.deb
      Size/MD5:   120796 b78832f039c5b7b78d3b713c5698eef2
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.1-3ubuntu3.1_amd64.deb
      Size/MD5:   152844 f48f3b6462fc0b3255072a02238bc780
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4c2_2.1.1-3ubuntu3.1_amd64.deb
      Size/MD5:    93126 5613b343111dc3b258659ff17d15a9ad
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python-musicbrainz_2.0.2-10ubuntu2.1_amd64.deb
      Size/MD5:     5016 8ca87e8500e99dbdee59130eb11541f7
    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/python2.3-musicbrainz_2.0.2-10ubuntu2.1_amd64.deb
      Size/MD5:    23874 1464ad12a7554aafbad3bce22409b610
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python2.4-musicbrainz_2.0.2-10ubuntu2.1_amd64.deb
      Size/MD5:    23882 e03e5970e6bb965504c3729bdd57674c

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/libmusicbrainz2-dev_2.0.2-10ubuntu2.1_i386.deb
      Size/MD5:   169122 8acd0cd0cc8f1a6d611a115c8e04ca70
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz2c2_2.0.2-10ubuntu2.1_i386.deb
      Size/MD5:   113114 d57228b6da6623ebd35377d23218dbe7
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.1-3ubuntu3.1_i386.deb
      Size/MD5:   132278 388dacaabf2aa2222ef7c08c9ed9b3af
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4c2_2.1.1-3ubuntu3.1_i386.deb
      Size/MD5:    86676 04f176ea8fa687f19591e8fcbf376d89
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python-musicbrainz_2.0.2-10ubuntu2.1_i386.deb
      Size/MD5:     5014 6b920aa49b6d6b8d8c771122f1ac2b26
    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/python2.3-musicbrainz_2.0.2-10ubuntu2.1_i386.deb
      Size/MD5:    22084 f8415cb058689f4ff24fffaa680688fb
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python2.4-musicbrainz_2.0.2-10ubuntu2.1_i386.deb
      Size/MD5:    22082 6e516c82a755b72c59510ea34e02e4d9

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/libmusicbrainz2-dev_2.0.2-10ubuntu2.1_powerpc.deb
      Size/MD5:   180764 e03c7f8e114935a8fac7a33661c0b372
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz2c2_2.0.2-10ubuntu2.1_powerpc.deb
      Size/MD5:   117868 b0302b5f2558b3c616e591ad06ad57c8
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.1-3ubuntu3.1_powerpc.deb
      Size/MD5:   142316 e321a117c60b47c03f5287ada70f118f
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4c2_2.1.1-3ubuntu3.1_powerpc.deb
      Size/MD5:    89666 98ebc39b9d19ed549d71af64aced626b
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python-musicbrainz_2.0.2-10ubuntu2.1_powerpc.deb
      Size/MD5:     5018 18ab8ea4435f05279ce876067e5acb63
    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/python2.3-musicbrainz_2.0.2-10ubuntu2.1_powerpc.deb
      Size/MD5:    24152 0f5f0daef10ce86cf6fa396ea7c13ae6
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python2.4-musicbrainz_2.0.2-10ubuntu2.1_powerpc.deb
      Size/MD5:    24152 7145c52167a4a48178b0d5f67d8f5bd4

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/libmusicbrainz2-dev_2.0.2-10ubuntu2.1_sparc.deb
      Size/MD5:   166434 98b9dd0c1202bca21bcdfd3e60b35677
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/libmusicbrainz2c2_2.0.2-10ubuntu2.1_sparc.deb
      Size/MD5:   109348 cec623045b25b16d6dd0eea7e13a1855
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.1-3ubuntu3.1_sparc.deb
      Size/MD5:   127836 ac1d658976791c435caa55c4348a204c
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4c2_2.1.1-3ubuntu3.1_sparc.deb
      Size/MD5:    82154 5f8a5e03173e84876aa4bf3f82792a23
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python-musicbrainz_2.0.2-10ubuntu2.1_sparc.deb
      Size/MD5:     5018 98a0dd92524409b675b0d83df6ccfc77
    http://security.ubuntu.com/ubuntu/pool/universe/libm/libmusicbrainz-2.0/python2.3-musicbrainz_2.0.2-10ubuntu2.1_sparc.deb
      Size/MD5:    22030 4404e3655dd3bcf36faf50876f8d2626
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.0/python2.4-musicbrainz_2.0.2-10ubuntu2.1_sparc.deb
      Size/MD5:    22030 822c4fdc6d61210a6fa5521c79ba72c1

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.2-2ubuntu3.1.diff.gz
      Size/MD5:   124892 882c932b9256f64665b1d3235ef9478a
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.2-2ubuntu3.1.dsc
      Size/MD5:      673 1c48d04024553e1465ba29b473805d94
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz-2.1_2.1.2.orig.tar.gz
      Size/MD5:   481243 fb0ee09c74381fe9403277854bbc5cef

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.2-2ubuntu3.1_amd64.deb
      Size/MD5:   124778 e56776aa602a8604cf9719b81cc4fd1b
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4c2a_2.1.2-2ubuntu3.1_amd64.deb
      Size/MD5:    89400 25409403b244c8d42e1d5870f2d4ffe0

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.2-2ubuntu3.1_i386.deb
      Size/MD5:   113336 58e35258895c157e9e4041d364c8cd18
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4c2a_2.1.2-2ubuntu3.1_i386.deb
      Size/MD5:    85798 ad6b8f6af72f2b25e6f793e02d125598

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.2-2ubuntu3.1_powerpc.deb
      Size/MD5:   126426 661e5a16c4584bc6b44acd2600be4f47
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4c2a_2.1.2-2ubuntu3.1_powerpc.deb
      Size/MD5:    89094 82e2cf74de961de6749fcacca8fd5684

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4-dev_2.1.2-2ubuntu3.1_sparc.deb
      Size/MD5:   115240 6d83140bab78a81bc792e0c34f1a5f7a
    http://security.ubuntu.com/ubuntu/pool/main/libm/libmusicbrainz-2.1/libmusicbrainz4c2a_2.1.2-2ubuntu3.1_sparc.deb
      Size/MD5:    81790 8e9104c8d33b135fe87fb0770443258b



Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ