Wednesday, June 5, 2013

[USN-1864-1] libxres vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRr4OMAAoJEGVp2FWnRL6Tts0P/jfwXxF3iEBF5fDAqOQltJhb
OaUXmJHJOnkQGFYV/w0gjvboWIhx1IQRTotiC7/4J06gOjx8Iaspv/ow87R6XHjj
DgXaxsu8aRnLSZI95snNxYvlGWithFT2hARaFnSJfizdYaC1pahw3xxkrl8y4gyG
2WYCgFXYWHui+5jCQ8QDfnAjAixB0mPEDZfhQ9P0M6uH5BJ0CBxPaYL/OVWyOmOx
3ygz4DDDF9WpnPDKINPvbv4KuIFPargUxjypP+F/zC4UEIk9dKYQyvWOU0eDnN1I
J5u6eNsnJQqxiu8PBtXw4DC5b2Z06VDjTtPSS82xcizxLWah6iPJBuW6t5DP1Qoc
dCcE/XrSOmtgZKyMgZ/Dq4WVG+D7DuiHj7m6YfAcV1MzWJcAbZu4kQVuqWivpr6t
1/NH04ZLH3D69adlGT49sHShpD8+7peArIV8YcepW7TE07E4Roy4DKpngV0SamrE
y8BuhuX/vs/beZAMt6v4ozEOqEmEqd0W+0scyH4IjWLoR9HNa1stlNghW2UhfEWK
LtmZ5oJG/6D29R58i4Pl32n2UCCLx6DoPj7cvj2rxUvBzuFSDwKJNOeL5xtfqUd5
lR8iINXMoiA5SFnVQXmqnbSjHzkLUVhWciYs7ytb5yrTxFghUi7YoxllhNmSOGmt
bkTG8MsBhqih7JPfYW1c
=kJyK
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1864-1
June 05, 2013

libxres vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in libxres.

Software Description:
- libxres: X11 Resource extension library

Details:

Ilja van Sprundel discovered multiple security issues in various X.org
libraries and components. An attacker could use these issues to cause
applications to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libxres1 2:1.0.6-1ubuntu0.13.04.1

Ubuntu 12.10:
libxres1 2:1.0.6-1ubuntu0.12.10.1

Ubuntu 12.04 LTS:
libxres1 2:1.0.5-1ubuntu0.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1864-1
CVE-2013-1988

Package Information:
https://launchpad.net/ubuntu/+source/libxres/2:1.0.6-1ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/libxres/2:1.0.6-1ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/libxres/2:1.0.5-1ubuntu0.1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)