Ubuntu 890-6: CMake vulnerabilities

    Date15 Apr 2010
    CategoryUbuntu
    72
    Posted ByLinuxSecurity Advisories
    USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for CMake.
    ===========================================================
    Ubuntu Security Notice USN-890-6             April 15, 2010
    cmake vulnerabilities
    CVE-2009-3560, CVE-2009-3720
    ===========================================================
    
    A security issue affects the following Ubuntu releases:
    
    Ubuntu 8.04 LTS
    Ubuntu 8.10
    Ubuntu 9.04
    
    This advisory also applies to the corresponding versions of
    Kubuntu, Edubuntu, and Xubuntu.
    
    The problem can be corrected by upgrading your system to the
    following package versions:
    
    Ubuntu 8.04 LTS:
      cmake                           2.4.7-1ubuntu0.1
    
    Ubuntu 8.10:
      cmake                           2.6.0-4ubuntu2.1
    
    Ubuntu 9.04:
      cmake                           2.6.2-1ubuntu1.1
    
    In general, a standard system upgrade is sufficient to effect the
    necessary changes.
    
    Details follow:
    
    USN-890-1 fixed vulnerabilities in Expat. This update provides the
    corresponding updates for CMake.
    
    Original advisory details:
    
     Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did
     not properly process malformed XML. If a user or application linked against
     Expat were tricked into opening a crafted XML file, an attacker could cause
     a denial of service via application crash. (CVE-2009-2625, CVE-2009-3720)
     
     It was discovered that Expat did not properly process malformed UTF-8
     sequences. If a user or application linked against Expat were tricked into
     opening a crafted XML file, an attacker could cause a denial of service via
     application crash. (CVE-2009-3560)
    
    
    Updated packages for Ubuntu 8.04 LTS:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1.diff.gz
          Size/MD5:    19304 4847577a13e831bf4c9362c095c57469
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1.dsc
          Size/MD5:      754 2c34c737d1e386a07a5c76a7dd13a944
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7.orig.tar.gz
          Size/MD5:  2600960 4476c423b8f74266136964e42ea88028
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_amd64.deb
          Size/MD5:  4898346 b9e4db27145fa5221400abf495d3a13e
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_i386.deb
          Size/MD5:  4807750 f19cd2ee80eb82fb0ae8bf141052b412
    
      lpia architecture (Low Power Intel Architecture):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_lpia.deb
          Size/MD5:  4932126 400097697c5d46f1495598be78ada933
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_powerpc.deb
          Size/MD5:  5022506 447f8cda06dc9951cc16dbac30936bf9
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_sparc.deb
          Size/MD5:  5218650 55ff806b82d2388df3cbbbe42aac6773
    
    Updated packages for Ubuntu 8.10:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1.diff.gz
          Size/MD5:   154440 0ecd99b1f92f8074a00b35f724285c60
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1.dsc
          Size/MD5:     1209 a588561c8c0c8b452502684165f10cb4
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0.orig.tar.gz
          Size/MD5:  3460096 e95ae003672dfc6c8151a1ee49a0d4a6
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_amd64.deb
          Size/MD5:  7620672 8f60ccfa287b26094722152989cbf68d
        http://security.ubuntu.com/ubuntu/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_amd64.deb
          Size/MD5:  1772702 8e12e02b3614acc99bdb53feb1b746e1
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_i386.deb
          Size/MD5:  7501566 dc6ea30046469b047921ac7c390fdaf5
        http://security.ubuntu.com/ubuntu/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_i386.deb
          Size/MD5:  1742578 207d27cfebb112d24bdbf65437c11a34
    
      lpia architecture (Low Power Intel Architecture):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_lpia.deb
          Size/MD5:  7620894 3c4841d74f829b790d68facb4289d124
        http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_lpia.deb
          Size/MD5:  1770858 22a3eeef881a72ebb5e28463df324bc2
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_powerpc.deb
          Size/MD5:  7694198 3f6a00a9deae3edda8c19c2c645be864
        http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_powerpc.deb
          Size/MD5:  1792360 60da0c6cdc7fc11dfac10ef4b00aa588
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_sparc.deb
          Size/MD5:  7696576 7725dd1c71b483b6d57b6ff9e2e16655
        http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_sparc.deb
          Size/MD5:  1789250 7dace86e239c8e71290eca7e4c29126a
    
    Updated packages for Ubuntu 9.04:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1.diff.gz
          Size/MD5:    28215 1aa2652fdd0711a9c58614fcf13b73c5
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1.dsc
          Size/MD5:     1241 a001577d3d45df9bd41d6fb80307561f
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2.orig.tar.gz
          Size/MD5:  3543548 9e82aa3beb991aa8e5797cf330618d42
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_amd64.deb
          Size/MD5:  8007590 9c2ac087a4ac56485388575feb92fdf6
        http://security.ubuntu.com/ubuntu/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_amd64.deb
          Size/MD5:  1822586 f70ed4aa0602d577d2715cbe0080fe30
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_i386.deb
          Size/MD5:  7881542 cb66a414801daf0b4f470cdd1b086954
        http://security.ubuntu.com/ubuntu/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_i386.deb
          Size/MD5:  1790112 50a29ca0d173992162b348b24ef45f5c
    
      lpia architecture (Low Power Intel Architecture):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_lpia.deb
          Size/MD5:  8004730 246213701cf12b36577a6e9076e0d219
        http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_lpia.deb
          Size/MD5:  1819698 1cf8173dbc8f14e17f2a63510a29f7da
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_powerpc.deb
          Size/MD5:  8077794 e5bf93fad8f4335ba748a6f7244ffb70
        http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_powerpc.deb
          Size/MD5:  1840362 ef93012a5d74ae00b323396db61e1d98
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_sparc.deb
          Size/MD5:  8066556 61e07c3d66649dd2f56a81a1a9d5b4a2
        http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_sparc.deb
          Size/MD5:  1834274 889b932bc20c732ffb887fc88eb1a215
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"38","type":"x","order":"1","pct":52.05,"resources":[]},{"id":"88","title":"Should be more technical","votes":"10","type":"x","order":"2","pct":13.7,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"25","type":"x","order":"3","pct":34.25,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.