---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: Ubuntu update for curl SECUNIA ADVISORY ID: SA26108 VERIFY ADVISORY: http://secunia.com/advisories/26108/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From remote OPERATING SYSTEM: Ubuntu Linux 6.06 http://secunia.com/product/10611/ Ubuntu Linux 6.10 http://secunia.com/product/12470/ Ubuntu Linux 7.04 http://secunia.com/product/14068/ DESCRIPTION: Ubuntu has issued an update for curl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA26104 SOLUTION: Apply updated packages. -- Ubuntu 6.06 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1.diff.gz Size/MD5: 1832253495d3c1b7b0f9812ff978832c31d8f9 http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1.dsc Size/MD5: 93853a58f1db4d0112f1260c78d275c0aab http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1.orig.tar=2Egz Size/MD5: 176999263be206109486d4653c73823aa2b34fa Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dev_7.15.1-1ubuntu2.1_all.deb Size/MD5: 30978acb278121d48167cb0f3e9db406008b5 amd64 architecture (Athlon64, Opteron, EM64TXeon) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1_amd64.deb Size/MD5: 1692708fd332bf91134007ceaf24da11708ccf http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu2.1_amd64.deb Size/MD5: 5401605673d9d6fcf82116353c6852a8416f90 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu2.1_amd64.deb Size/MD5: 716182ec0bda4317f51ad725862516675eed6e http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E1-1ubuntu2.1_amd64.deb Size/MD5: 1674325876792ccc569ddcbc436113dd611beb http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu2.1_amd64.deb Size/MD5: 72308821274f88ab48e9821fc33985abbb07f7 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu2.1_amd64.deb Size/MD5: 172480e43c732e1e6d540f7b43218c5b86e9c9 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1_i386.deb Size/MD5: 16813469ac42a25f62527aa840944cc901bc10 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu2.1_i386.deb Size/MD5: 50633676d27984aaa318f56d9067a0d19fa5c1 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu2.1_i386.deb Size/MD5: 6997345e49df506a1adcff171f01fb8d434c9f http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E1-1ubuntu2.1_i386.deb Size/MD5: 1600523b0c0cb10c664372254f40549a166d02 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu2.1_i386.deb Size/MD5: 7040148fcd4f08a3e43688955a83bafc3ff3f7 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu2.1_i386.deb Size/MD5: 164924616bf253b7a11307a2286011a506ce35 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1_powerpc.deb Size/MD5: 17180067ec27bc7cbed2aa5008f6a352911d3c http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu2.1_powerpc.deb Size/MD5: 54129423e8698d68d7f6552b4e14be50621a06 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu2.1_powerpc.deb Size/MD5: 722380e3e939692fc21f1c84b7d8bb47cbfefd http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E1-1ubuntu2.1_powerpc.deb Size/MD5: 169640b9e35693d65476da2c171c38a1705781 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu2.1_powerpc.deb Size/MD5: 728238ccba1d1a54f1e655b404c3ab554d355f http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu2.1_powerpc.deb Size/MD5: 17428430c380963c37ccff4635b46e431f0c40 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu2=2E1_sparc.deb Size/MD5: 16895211e523b5ea0a6a8ed122022938f2d1e3 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu2.1_sparc.deb Size/MD5: 509942656036d90a8029426d9dd5fa80f517c6 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu2.1_sparc.deb Size/MD5: 709192de1d0d8efeccde3a6b52bf2bd3e514cf http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E1-1ubuntu2.1_sparc.deb Size/MD5: 1626025e14a206a09a7ddc3595289c1a35c1b8 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu2.1_sparc.deb Size/MD5: 713824ceeb282e90f8c6b80d89bc3e9327c783 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu2.1_sparc.deb Size/MD5: 166782da0a4c662e98a1f6259da2938b9f8eef -- Ubuntu 6.10 -- http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2.diff.gz Size/MD5: 19451625518d2bbd325db46f7ad4b8debb602 http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2.dsc Size/MD5: 942cb3054669cfaa0c51fd757c7a44a3fc7 http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4.orig.tar=2Egz Size/MD5: 1870439345f407f85bcb36075bc298afe1de953 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dev_7.15.4-1ubuntu2.2_all.deb Size/MD5: 211362b95b5bbaa86a48b91c8d87a705524f2 amd64 architecture (Athlon64, Opteron, EM64TXeon) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2_amd64.deb Size/MD5: 16242611806b9335aafa82394377a74f3d65ea http://security.ubuntu.com/ubuntu/pool/main/c/curl /libcurl3-dbg_7.15.4-1ubuntu2.2_amd64.deb Size/MD5: 823074c11ddf6ce511e4809288377ca4aa86a7 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.4-1ubuntu2.2_amd64.deb Size/MD5: 75491604724c0ed915bcbde748bfacf10a67f8 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E4-1ubuntu2.2_amd64.deb Size/MD5: 1631323785598197c9679a1d91fe8837a060d3 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.4-1ubuntu2.2_amd64.deb Size/MD5: 762206966aa201d7b17f6a87203f653eb4129d http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.4-1ubuntu2.2_amd64.deb Size/MD5: 1687764a6f82f361c1d22dce1f0f9b0de40470 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2_i386.deb Size/MD5: 162164c07e1caeed913625260853ffdfbb8292 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.4-1ubuntu2.2_i386.deb Size/MD5: 79376045fafcd13f0811bd18d60ab88d36cd84 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.4-1ubuntu2.2_i386.deb Size/MD5: 7403920586b53f280bd090412b2eedd2d05c93 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E4-1ubuntu2.2_i386.deb Size/MD5: 1603587cf3f3ec250428f231e4f7e51bb995b2 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.4-1ubuntu2.2_i386.deb Size/MD5: 7468862660f92e5102ba65063641684c4f9974 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.4-1ubuntu2.2_i386.deb Size/MD5: 165236ff76d9c64e8dd24a459b36db41676d45 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2_powerpc.deb Size/MD5: 16510257061fd7b192ceea122997ee2bf27213 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.4-1ubuntu2.2_powerpc.deb Size/MD5: 834210efd1b06827be6eab2561865a3408ff0c http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.4-1ubuntu2.2_powerpc.deb Size/MD5: 762694d352501e7b5c265e0ce6c85c2719f1a5 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E4-1ubuntu2.2_powerpc.deb Size/MD5: 167004c7cd2b73b3f64c882a0715de14ed2450 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.4-1ubuntu2.2_powerpc.deb Size/MD5: 768164093a76af0add856e798c6daa08264bbe http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.4-1ubuntu2.2_powerpc.deb Size/MD5: 1718107776d430c0a5dbedd07e9a1ce551600f sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.4-1ubuntu2=2E2_sparc.deb Size/MD5: 162060918b2cadf93b5db7325316ccd335e937 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.4-1ubuntu2.2_sparc.deb Size/MD5: 782900bf43ee4867468402d58554cfc2dce35f http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.4-1ubuntu2.2_sparc.deb Size/MD5: 746044c9e6206f8bd3856c27a43953f98ae08b http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E4-1ubuntu2.2_sparc.deb Size/MD5: 158508d0bda91940feb11e3d5193b3ab5c11ee http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.4-1ubuntu2.2_sparc.deb Size/MD5: 752404723a03cc344739a4a76ac93aa54c7413 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.4-1ubuntu2.2_sparc.deb Size/MD5: 163744f3bb65fc94b8421eae7c0980f76b7cec -- Ubuntu 7.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1.diff.gz Size/MD5: 1995974448240e99df445a95c3dfc9a5fedfa http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1.dsc Size/MD5: 1017e5ac62cfcd246daa79c8ea31fe1873d0 http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5.orig.tar=2Egz Size/MD5: 189797361997c0d852d38c3a85b445f4fc02892 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dev_7.15.5-1ubuntu2.1_all.deb Size/MD5: 2308666ff60f3a9606bfcbd9161555ba98ffd amd64 architecture (Athlon64, Opteron, EM64TXeon) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1_amd64.deb Size/MD5: 164778a60ca725ef39a67311e1cf625182dd70 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.5-1ubuntu2.1_amd64.deb Size/MD5: 8333623b2afe676373e1590e739d51e1a2effa http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.5-1ubuntu2.1_amd64.deb Size/MD5: 76930246e4ce27971b0085e4e9b8621ac78325 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E5-1ubuntu2.1_amd64.deb Size/MD5: 16657247c34f6db4f6ac2e279f431dfa43f919 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.5-1ubuntu2.1_amd64.deb Size/MD5: 774430724da4b31b2af0e494587ea67e627c05 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.5-1ubuntu2.1_amd64.deb Size/MD5: 1719223740c0419c27f58699ad0cbf1f62bc9d i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1_i386.deb Size/MD5: 1636249b363c065850cdc5de4c0c2c8d577c8e http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.5-1ubuntu2.1_i386.deb Size/MD5: 80341461aebe04fe304b8071dc3e3c6d599f54 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.5-1ubuntu2.1_i386.deb Size/MD5: 75498246d39efe3b3cf381fa9768b206907561 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E5-1ubuntu2.1_i386.deb Size/MD5: 1636889aa531b89e7a91c7dd423f61b6d1e9ea http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.5-1ubuntu2.1_i386.deb Size/MD5: 7616267ca1a3498af64e00a0b14d475c318cf6 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.5-1ubuntu2.1_i386.deb Size/MD5: 168614c8847b248ea0a07c2880a39e8c273b24 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1_powerpc.deb Size/MD5: 168188fba30c479bb726600efbbe247dacdfcc http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.5-1ubuntu2.1_powerpc.deb Size/MD5: 8462240e24e1e334bb9a9c2307a5dc06a4ea73 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.5-1ubuntu2.1_powerpc.deb Size/MD5: 774878f608fffc2d89b530081ea487edc4f023 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E5-1ubuntu2.1_powerpc.deb Size/MD5: 173086c88e11092d9204a6a80e23100a9e02d3 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.5-1ubuntu2.1_powerpc.deb Size/MD5: 78307290e2eadef1e4e2073dd5db9b4a1b0bfb http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.5-1ubuntu2.1_powerpc.deb Size/MD5: 178630089d0eda4d96a7049a019e381d098ab3 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.5-1ubuntu2=2E1_sparc.deb Size/MD5: 16432412f65aeaeb95a0b15e68b2f98694cf94 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.5-1ubuntu2.1_sparc.deb Size/MD5: 795758a20f9a4bbc35483e8e54f278759f1015 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.5-1ubuntu2.1_sparc.deb Size/MD5: 76078633ae03fb796e3048bb092b54fbad9814 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15=2E5-1ubuntu2.1_sparc.deb Size/MD5: 161990ca9d9ddf030b10d33cf71bd9bacde2cf http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.5-1ubuntu2.1_sparc.deb Size/MD5: 767010f20906df0712ffe167ac6dffb14137f5 http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.5-1ubuntu2.1_sparc.deb Size/MD5: 167104fcef10350591f8799ccc2ff9f77b9035 ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-484-1 OTHER REFERENCES: SA26104: http://secunia.com/advisories/26104/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------