==========================================================Ubuntu Security Notice USN-968-1            August 05, 2010
base-files vulnerability
CVE-2010-0834
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  base-files                      5.0.0ubuntu7.1

Ubuntu 10.04 LTS:
  base-files                      5.0.0ubuntu20.10.04.2

In general, a standard system update will make all the necessary changes.

Details follow:

It was discovered that the Ubuntu image shipped on some Dell Latitude
2110 systems was accidentally configured to allow unauthenticated package
installations. A remote attacker intercepting network communications or
a malicious archive mirror server could exploit this to trick the user
into installing unsigned packages, resulting in arbitrary code execution
with root privileges.


Updated packages for Ubuntu 9.10:

  Source archives:

          Size/MD5:      853 a699f7de48cd09591785129b4840ef56
          Size/MD5:    74901 d802a9135ce2e49e065926b69e16e646

  Architecture independent packages:

          Size/MD5:      788 558c290ae2250679a3836da80fa3ebc0

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    68358 67faf1b12530db1c708ba12994d88f60

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    68354 ec91c2c47ba30e2a3f2c5ee3ef73d812

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:    68360 1feaa5345fd288eca0fdd180ee12e140

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    68364 4543aabd986eced6a2dadd78ab93daf9

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    68366 2ccfbeddb349e6999d93d2505ed40a10

Updated packages for Ubuntu 10.04:

  Source archives:

          Size/MD5:      876 9afddf09156582a48e57c76fab0cf4fa
          Size/MD5:    76356 d57362eab34a8e9f6cf27b595143c332

  Architecture independent packages:

          Size/MD5:      788 3e937b94118602fc84aab4adbe3f9e97

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    70240 2ecf9c810ef2f2315f63881068d8b839

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    70236 d780378cf42209eeb90ed2f68940b837

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    70230 3a5889ee074ddf43e7be7e6cbbc81c16

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    70236 c1fdeedbea2bcb8423ea745406ec3a05

Ubuntu 968-1: Dell Latitude 2110 vulnerability

August 5, 2010
It was discovered that the Ubuntu image shipped on some Dell Latitude2110 systems was accidentally configured to allow unauthenticated packageinstallations

Summary

Update Instructions

References

Severity
base-files vulnerability

Package Information

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved