exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 970-1

Ubuntu Security Notice 970-1
Posted Aug 13, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 970-1 - It was discovered that GPGSM in GnuPG2 did not correctly handle certificates with a large number of Subject Alternate Names. If a user or automated system were tricked into processing a specially crafted certificate, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-2547
SHA-256 | d7bcec645912901061545ca9bcf57c0e030208a29b948c2923a6ce3ec1c00633

Ubuntu Security Notice 970-1

Change Mirror Download
===========================================================
Ubuntu Security Notice USN-970-1 August 11, 2010
gnupg2 vulnerability
CVE-2010-2547
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 9.04
Ubuntu 9.10
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
gpgsm 2.0.7-1ubuntu0.1

Ubuntu 9.04:
gpgsm 2.0.9-3.1ubuntu0.1

Ubuntu 9.10:
gpgsm 2.0.12-0ubuntu2.1

Ubuntu 10.04 LTS:
gpgsm 2.0.14-1ubuntu1.2

In general, a standard system update will make all the necessary changes.

Details follow:

It was discovered that GPGSM in GnuPG2 did not correctly handle
certificates with a large number of Subject Alternate Names. If a user or
automated system were tricked into processing a specially crafted
certificate, an attacker could cause a denial of service or execute
arbitrary code with privileges of the user invoking the program.


Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.7-1ubuntu0.1.diff.gz
Size/MD5: 38357 9f9b19967950818429e79181c0a8e009
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.7-1ubuntu0.1.dsc
Size/MD5: 1049 959706cf178e4f2284f9514ad2195813
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.7.orig.tar.gz
Size/MD5: 5035162 edac843901373c9a3bb33c5c134a60c9

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg-agent_2.0.7-1ubuntu0.1_amd64.deb
Size/MD5: 285546 481108f98f893d984b2bbbee47ea6e42
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gpgsm_2.0.7-1ubuntu0.1_amd64.deb
Size/MD5: 441412 acc2db528cf2719e6566accae9d289bf
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg2/gnupg2_2.0.7-1ubuntu0.1_amd64.deb
Size/MD5: 1140788 48b83a17ef51b15c9a002101d935e6a9

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg-agent_2.0.7-1ubuntu0.1_i386.deb
Size/MD5: 258500 c22829f163ac0f7aac143e050ea85169
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gpgsm_2.0.7-1ubuntu0.1_i386.deb
Size/MD5: 404416 537aaf300aefd33bf210fc031391d1b6
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg2/gnupg2_2.0.7-1ubuntu0.1_i386.deb
Size/MD5: 1076900 48e8b3be56b1f4bb4adc757d90c57ee5

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.7-1ubuntu0.1_lpia.deb
Size/MD5: 258120 44b69a516104e6ec001e7d3f4a7ba6f7
http://ports.ubuntu.com/pool/main/g/gnupg2/gpgsm_2.0.7-1ubuntu0.1_lpia.deb
Size/MD5: 404568 b39494268d8404271e34e4666892e2d3
http://ports.ubuntu.com/pool/universe/g/gnupg2/gnupg2_2.0.7-1ubuntu0.1_lpia.deb
Size/MD5: 1079478 2a78aa1f9261e69477449f660ae0d747

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.7-1ubuntu0.1_powerpc.deb
Size/MD5: 292912 d727881145b5086fd96cf548c2123cbf
http://ports.ubuntu.com/pool/main/g/gnupg2/gpgsm_2.0.7-1ubuntu0.1_powerpc.deb
Size/MD5: 444646 cea2f618e615e9ff26fb69d3bd1f24fd
http://ports.ubuntu.com/pool/universe/g/gnupg2/gnupg2_2.0.7-1ubuntu0.1_powerpc.deb
Size/MD5: 1156208 7dfa97127ae3281819dc270729cc6aa9

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.7-1ubuntu0.1_sparc.deb
Size/MD5: 256654 b09ba94083d721ad93f173ecd9d3126b
http://ports.ubuntu.com/pool/main/g/gnupg2/gpgsm_2.0.7-1ubuntu0.1_sparc.deb
Size/MD5: 398312 797ac0ee6888972787680368102c6aa8
http://ports.ubuntu.com/pool/universe/g/gnupg2/gnupg2_2.0.7-1ubuntu0.1_sparc.deb
Size/MD5: 1073772 f7f2db367693c941ae7017a538b4d736

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.9-3.1ubuntu0.1.diff.gz
Size/MD5: 40713 f7056736ec90ad76e433ee893b4dbd97
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.9-3.1ubuntu0.1.dsc
Size/MD5: 1483 37594fcfbe809d40002ee10cbea09c3e
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.9.orig.tar.gz
Size/MD5: 5198703 3b6b1742509f396d51528e0cd4c76a13

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg-agent_2.0.9-3.1ubuntu0.1_amd64.deb
Size/MD5: 318512 4ff8b15741e71ca1e3c638363b84aeae
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.9-3.1ubuntu0.1_amd64.deb
Size/MD5: 1234036 9e4b30bb8d89098395eed5e9b513bbc4
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg2/gpgsm_2.0.9-3.1ubuntu0.1_amd64.deb
Size/MD5: 465838 5435b39d54406c4343580fb2f809fc5d

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg-agent_2.0.9-3.1ubuntu0.1_i386.deb
Size/MD5: 289274 c428747d01cd120b40a3dedd44c31f16
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.9-3.1ubuntu0.1_i386.deb
Size/MD5: 1169762 ac02e769b48cd2893ece7eac3255d690
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg2/gpgsm_2.0.9-3.1ubuntu0.1_i386.deb
Size/MD5: 428896 c64a8863384d1dc158235715f406e6a5

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.9-3.1ubuntu0.1_lpia.deb
Size/MD5: 287360 2d3766c5c6e202814dba2d8112b81356
http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg2_2.0.9-3.1ubuntu0.1_lpia.deb
Size/MD5: 1168018 01c76668fc8f19adc3aa781f9f4b1b17
http://ports.ubuntu.com/pool/universe/g/gnupg2/gpgsm_2.0.9-3.1ubuntu0.1_lpia.deb
Size/MD5: 425984 c0cf75eb2f9d329df75d657d31c6f3fc

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.9-3.1ubuntu0.1_powerpc.deb
Size/MD5: 319038 3a8849451868d3f8130fe672be42795b
http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg2_2.0.9-3.1ubuntu0.1_powerpc.deb
Size/MD5: 1233954 3bbd99735490dec55b767fa1cb726319
http://ports.ubuntu.com/pool/universe/g/gnupg2/gpgsm_2.0.9-3.1ubuntu0.1_powerpc.deb
Size/MD5: 460092 80a46ecf08a5f01f9f5cb151c67c5733

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.9-3.1ubuntu0.1_sparc.deb
Size/MD5: 284242 c2ee3e14263c458bceef40caffecf807
http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg2_2.0.9-3.1ubuntu0.1_sparc.deb
Size/MD5: 1156416 fced6a8224a39c0d55394e91774009fa
http://ports.ubuntu.com/pool/universe/g/gnupg2/gpgsm_2.0.9-3.1ubuntu0.1_sparc.deb
Size/MD5: 417652 5c122b6e9d4299715ac29d3d7d483ddf

Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.12-0ubuntu2.1.diff.gz
Size/MD5: 45252 1256d26ad9afa14e3288fd1e8e8cbc05
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.12-0ubuntu2.1.dsc
Size/MD5: 1483 98ba32796b4984691f2104888a2cd2e8
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.12.orig.tar.gz
Size/MD5: 5391317 411b693bff73ed5461d1b07db2508349

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg-agent_2.0.12-0ubuntu2.1_amd64.deb
Size/MD5: 334704 037f7ca90b434879f8fbefbbdf36378a
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.12-0ubuntu2.1_amd64.deb
Size/MD5: 1246990 072e0ea6bb59fa3bbce4aff7b228a439
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg2/gpgsm_2.0.12-0ubuntu2.1_amd64.deb
Size/MD5: 524584 e62719dafbd7c2c5f99dbff4337a2d95

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg-agent_2.0.12-0ubuntu2.1_i386.deb
Size/MD5: 303270 c0e4aa5fcc89e00797b8c60d9b035290
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.12-0ubuntu2.1_i386.deb
Size/MD5: 1173948 fa77a48b18a4db35d6f28b576374d241
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg2/gpgsm_2.0.12-0ubuntu2.1_i386.deb
Size/MD5: 480382 9bb7f9b289720ed9938b07a9f7376825

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.12-0ubuntu2.1_lpia.deb
Size/MD5: 301810 ae46a0b80b14b8ab626019e6f097c588
http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg2_2.0.12-0ubuntu2.1_lpia.deb
Size/MD5: 1177912 d26646f1fff53447dda0e5b29464ff77
http://ports.ubuntu.com/pool/universe/g/gnupg2/gpgsm_2.0.12-0ubuntu2.1_lpia.deb
Size/MD5: 478874 0771937dc12c25738c5395357f75f0d3

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.12-0ubuntu2.1_powerpc.deb
Size/MD5: 326554 02d61154b7f1a5d7c38a00b79356f3fd
http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg2_2.0.12-0ubuntu2.1_powerpc.deb
Size/MD5: 1231128 e08169b0356a24c0d445275044ae8cb4
http://ports.ubuntu.com/pool/universe/g/gnupg2/gpgsm_2.0.12-0ubuntu2.1_powerpc.deb
Size/MD5: 509388 14bc48733e68c3d81b2c023740c1e749

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.12-0ubuntu2.1_sparc.deb
Size/MD5: 297952 8f11786784ff3a97571179469308f809
http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg2_2.0.12-0ubuntu2.1_sparc.deb
Size/MD5: 1171980 7345b4b22127438996a37bca1c54a742
http://ports.ubuntu.com/pool/universe/g/gnupg2/gpgsm_2.0.12-0ubuntu2.1_sparc.deb
Size/MD5: 466618 167455d92f7460df840e538792349f33

Updated packages for Ubuntu 10.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.14-1ubuntu1.2.debian.tar.bz2
Size/MD5: 40744 9c03e96c6ecce9d40cea797553f87c5c
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.14-1ubuntu1.2.dsc
Size/MD5: 1515 cccd0c5394961ac8bcaa423ee356e473
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.14.orig.tar.bz2
Size/MD5: 3982080 54732a0a76d59646b7e0b682fb357c22

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg-agent_2.0.14-1ubuntu1.2_amd64.deb
Size/MD5: 328348 82f297f0a7bd001a778800919389431c
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.14-1ubuntu1.2_amd64.deb
Size/MD5: 1305582 eae9b9b47dc4560130407ac58eeb6d65
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg2/gpgsm_2.0.14-1ubuntu1.2_amd64.deb
Size/MD5: 522872 94f2aed0e1e80cae50c3e28f46f0c9b8

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg-agent_2.0.14-1ubuntu1.2_i386.deb
Size/MD5: 295938 c75aea5948dd4798dc75153c3d6ed24b
http://security.ubuntu.com/ubuntu/pool/main/g/gnupg2/gnupg2_2.0.14-1ubuntu1.2_i386.deb
Size/MD5: 1228066 24a6a91b9ac8360c7ee5f6d3487248d5
http://security.ubuntu.com/ubuntu/pool/universe/g/gnupg2/gpgsm_2.0.14-1ubuntu1.2_i386.deb
Size/MD5: 478024 4713ca65fa253846edb89e3650ba65cb

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.14-1ubuntu1.2_powerpc.deb
Size/MD5: 320314 bb07ee6c242de814bba3694594649e44
http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg2_2.0.14-1ubuntu1.2_powerpc.deb
Size/MD5: 1288430 7acd42de75cf7cf217034045df7f7100
http://ports.ubuntu.com/pool/universe/g/gnupg2/gpgsm_2.0.14-1ubuntu1.2_powerpc.deb
Size/MD5: 509500 03536d3309f849b078fc9825139f2998

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg-agent_2.0.14-1ubuntu1.2_sparc.deb
Size/MD5: 300336 d166d23c8fd65533290d65ee8759a072
http://ports.ubuntu.com/pool/main/g/gnupg2/gnupg2_2.0.14-1ubuntu1.2_sparc.deb
Size/MD5: 1247550 c586ab10d264eceb9539ca95737d7f44
http://ports.ubuntu.com/pool/universe/g/gnupg2/gpgsm_2.0.14-1ubuntu1.2_sparc.deb
Size/MD5: 479072 5035985afcd16f0a08fa896fe5b14cc7



Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close