News

=========================================================== Ubuntu Security Notice USN-151-3 October 28, 2005 aide vulnerabilities CVE-2005-1849, CVE-2005-2096 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger) The following packages are affected: aide The problem can be corrected by upgrading the affected package to version 0.10-3ubuntu0.1 (for Ubuntu 4.10), 0.10-4ubuntu0.1 (for Ubuntu 5.04), or 0.10-6.1ubuntu0.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Since aide is statically linked against the zlib library, it is also affected by these issues. The updated packagages have been rebuilt against the fixed zlib.