lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 28 Aug 2007 17:51:01 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-469-2] Enigmail regression

=========================================================== 
Ubuntu Security Notice USN-469-2            August 29, 2007
enigmail regression
https://launchpad.net/bugs/119038
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  mozilla-thunderbird-enigmail    2:0.94-0ubuntu4.5

Ubuntu 6.10:
  mozilla-thunderbird-enigmail    2:0.94-0ubuntu5.3

Ubuntu 7.04:
  mozilla-thunderbird-enigmail    2:0.94.2-0ubuntu3

After a standard system upgrade you need to restart Thunderbird to effect
the necessary changes.

Details follow:

USN-469-1 fixed vulnerabilities in the Mozilla Thunderbird email client.
The updated Thunderbird version broken compatibility with the Enigmail
plugin.  This update corrects the problem.  We apologize for the
inconvenience.


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94-0ubuntu4.5.diff.gz
      Size/MD5:    22259 dede7eae5fbd9b99ef83d7dee1157be8
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94-0ubuntu4.5.dsc
      Size/MD5:     1419 890b147047b20aa848973069b43dae21
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94.orig.tar.gz
      Size/MD5:  3126659 7e34cbe51f5a1faca2e26fa0edfd6a06

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94-0ubuntu4.5_amd64.deb
      Size/MD5:   335288 a0d71b7b53a96fd55ee9fc4f4264cb82

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94-0ubuntu4.5_i386.deb
      Size/MD5:   323042 82dab15b202afa9704bbbef4b3e58c3c

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94-0ubuntu4.5_powerpc.deb
      Size/MD5:   326480 953b8528cb5f81d4637dfd0d557950ff

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94-0ubuntu4.5_sparc.deb
      Size/MD5:   324822 d21cd61986a1beb5c8595d95e8e45565

Updated packages for Ubuntu 6.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94-0ubuntu5.3.diff.gz
      Size/MD5:    22214 8b8dec00ee85599b0714853f4eca44ef
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94-0ubuntu5.3.dsc
      Size/MD5:     1417 614d89339463c348d32f4545da4a48a9
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94.orig.tar.gz
      Size/MD5:  3126659 7e34cbe51f5a1faca2e26fa0edfd6a06

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94-0ubuntu5.3_amd64.deb
      Size/MD5:   334804 44427a6a3c6b451c947b3600260c8d73

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94-0ubuntu5.3_i386.deb
      Size/MD5:   324080 0e4d0fa43db09a744d5d17b8e64d0238

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94-0ubuntu5.3_powerpc.deb
      Size/MD5:   326938 e1d86d19aba75f8907180b906a36962d

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94-0ubuntu5.3_sparc.deb
      Size/MD5:   326262 26e69170588b72ca7facaf118240055e

Updated packages for Ubuntu 7.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94.2-0ubuntu3.diff.gz
      Size/MD5:    22954 e530af2953de787366e5e87e19b67c45
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94.2-0ubuntu3.dsc
      Size/MD5:     1419 c5d843b76734aebbf246ee86713fcee2
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94.2.orig.tar.gz
      Size/MD5:  3640996 9d4fd539b0cdfaac3083c4a9fcfd178d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94.2-0ubuntu3_amd64.deb
      Size/MD5:   336586 7f8e8d74c56ce8d41577190631490956

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94.2-0ubuntu3_i386.deb
      Size/MD5:   325348 5daea674e26c861c677d191e174832b1

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94.2-0ubuntu3_powerpc.deb
      Size/MD5:   330330 e19b3df6ab18c38f33da00b47196540d

  sparc architecture (Sun SPARC/UltraSPARC):

    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.94.2-0ubuntu3_sparc.deb
      Size/MD5:   327464 eee797b57ecea8af902daed4b58f62af


Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ