≡ Menu

xubuntu

An unpatched security hole in Ubuntu Linux 8.04 LTS operating system could be used by attackers to send a crafted packet and cause a denial of service via application crash in applications linked against OpenSSL to take control of vulnerable servers. Also ruby package can be used to run a malicious script - an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. It is recommended that you immediately update your system. Affected systems:
OpenSSL Vulnerability - Ubuntu Linux LTS 8.04 and corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
Ruby Vulnerability - Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS and corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

How do I fix this issue

Simply type the following two commands:
$ sudo apt-get update
$ sudo apt-get upgrade

After a standard system upgrade you need to reboot your computer to effect the necessary change:
$ sudo reboot

Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash, leading to a denial of service.

A security issue affects the following Ubuntu releases for CVE-2008-2371:

=> Ubuntu 6.06 LTS
=> Ubuntu 7.04
=> Ubuntu 7.10
=> Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

How do I fix this issue?

Type the following two commands, enter:
$ sudo apt-get update
$ sudo apt-get upgrade

A security issue affects the following Ubuntu releases:

=> Ubuntu 6.06 LTS
=> Ubuntu 7.04
=> Ubuntu 7.10
=> Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller,
a remote attacker could send malicious logon requests and possibly cause a denial of service. (CVE-2007-4572)

Alin Rad Pop of Secunia Research discovered that Samba did not properly perform bounds checking when parsing SMB replies. A remote attacker could send crafted SMB packets and execute arbitrary code. (CVE-2008-1105)

How do I fix this issue?

Login as root and type the following two commands:
$ sudo apt-get update
$ sudo apt-get upgrade