TITLE: Ubuntu update for tuxpaint SECUNIA ADVISORY ID: SA18474 VERIFY ADVISORY: http://secunia.com/advisories/18474/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Ubuntu Linux 5.10 http://secunia.com/product/6606/ DESCRIPTION: Ubuntu has issued an update for tuxpaint. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. For more information: SA18475 SOLUTION: Apply updated packages. -- Ubuntu 5.10 (Breezy Badger) -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/tuxpaint/tuxpaint_0.9.14-2ubuntu0.1.diff.gz Size/MD5: 6127 109a598848fcaa2fd23f4b32f5478d79 http://security.ubuntu.com/ubuntu/pool/main/t/tuxpaint/tuxpaint_0.9.14-2ubuntu0.1.dsc Size/MD5: 755 1b27685235065548832add6c65f6d638 http://security.ubuntu.com/ubuntu/pool/main/t/tuxpaint/tuxpaint_0.9.14.orig.tar.gz Size/MD5: 3208894 0b7522c1b3672d5c233f7bbc772c8dec Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/t/tuxpaint/tuxpaint-data_0.9.14-2ubuntu0.1_all.deb Size/MD5: 1004980 ebc69ca71f5d5cd7fc5f9983d17656d6 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/t/tuxpaint/tuxpaint_0.9.14-2ubuntu0.1_amd64.deb Size/MD5: 98728 7211b8041bdadb65e5c15c9f8f7e377d i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/t/tuxpaint/tuxpaint_0.9.14-2ubuntu0.1_i386.deb Size/MD5: 91672 63ec1209cf7f89213a29fbbb5ab7b570 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/t/tuxpaint/tuxpaint_0.9.14-2ubuntu0.1_powerpc.deb Size/MD5: 100306 eb0d05c193c4f40ddb54c1dc03f7d451 ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-243-1 OTHER REFERENCES: SA18475: http://secunia.com/advisories/18475/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------