[USN-1629-1] libproxy vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBCgAGBQJQoSG9AAoJEGVp2FWnRL6TgLUQAKUF+mkDiq9AgICXfTeroXB3
zy13TYsjHhnoMH7GW2RXOJT5tmL+bXgLDqN52vY5Tn1/BQFRUCIduhuzLPmnZaUw
z1DArSD+C8slbcEF/4ZINpMiLOytiRnZlxtCoFG2tkNYD7P3jrgsbnLP85mkZkwe
baR4M0d3Lo/QjMTknoSx3iZxYgaUH3kWbrGNrYHwFTHWSrI8E6IBLOgAnrfpM7zN
EhyvIQY3IO/rFQHrThHGC5vIePc9ywKLCtLxEiu05zThEE2m21VzZnWwgLnf7aR7
RUnJrJCic0taZY3kSBKI5riJmPr6PITia97IixkMoEaTCDTD+g9G+f+IcSrxTcpP
iNHhDxcqpC+zKcwbIoMOgOh8A/2EMYgYFJVvuK2uv184TQwPe1jSRZgAYFHRp4zQ
Nx51uRNpoUoWyHwV0VpLZE3L35XCFTRLqR/6TkoL+dOK0hUUnnzVIG4tcD5l5BV7
sHVclTGMHp5xTRuGZTma7zNDQKXGtXQ3gDfuI1QRFF7jG4LuUZD838OHwcEP2W7S
DyUnPBLFmPnp18yJ4rwI3HaNumzUmXLnJqPGjG9ij06Fc+gOd3+a7YTBC8jsoRz+
Qp8FDFvevB9ZelJ1VMis74Z0JNMHjtcuSlhEB2UScd2PfmejfPz6lrlRFCr3Gw29
1omYVBM5Okam3LM4+Qr/
=s+a/
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1629-1
November 12, 2012

libproxy vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

libproxy could be made to crash or run programs if it received specially
crafted network traffic.

Software Description:
- libproxy: automatic proxy configuration management library

Details:

Tomas Mraz discovered that libproxy incorrectly handled certain PAC files.
A remote attacker could use this issue to cause libproxy to crash, or to
possibly execute arbitrary code. (CVE-2012-4504, CVE-2012-4505)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
libproxy1 0.4.7-0ubuntu4.1

Ubuntu 11.10:
libproxy0 0.3.1-2ubuntu6.1

Ubuntu 10.04 LTS:
libproxy0 0.3.1-1ubuntu1.1

After a standard system update you need to restart your session to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1629-1
CVE-2012-4504, CVE-2012-4505

Package Information:
https://launchpad.net/ubuntu/+source/libproxy/0.4.7-0ubuntu4.1
https://launchpad.net/ubuntu/+source/libproxy/0.3.1-2ubuntu6.1
https://launchpad.net/ubuntu/+source/libproxy/0.3.1-1ubuntu1.1