rss-bot
April 27th, 2010, 05:20 AM
Referenced CVEs:
CVE-2010-0436
Description:
================================================== ========= Ubuntu Security Notice USN-932-1 April 19, 2010 kdebase-workspace vulnerability CVE-2010-0436 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: kdm 4:4.1.4-0ubuntu1~intrepid3.2 Ubuntu 9.04: kdm 4:4.2.2-0ubuntu2.1 Ubuntu 9.10: kdm 4:4.3.2-0ubuntu7.2 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Sebastian Krahmer discovered a race condition in the KDE Display Manager (KDM). A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.
More... (http://www.ubuntu.com/usn/USN-932-1)
CVE-2010-0436
Description:
================================================== ========= Ubuntu Security Notice USN-932-1 April 19, 2010 kdebase-workspace vulnerability CVE-2010-0436 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: kdm 4:4.1.4-0ubuntu1~intrepid3.2 Ubuntu 9.04: kdm 4:4.2.2-0ubuntu2.1 Ubuntu 9.10: kdm 4:4.3.2-0ubuntu7.2 After a standard system upgrade you need to reboot your computer to effect the necessary changes. Details follow: Sebastian Krahmer discovered a race condition in the KDE Display Manager (KDM). A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.
More... (http://www.ubuntu.com/usn/USN-932-1)