[USN-545-1] link-grammar vulnerability
Kees Cook
kees at ubuntu.com
Tue Nov 27 00:47:48 UTC 2007
===========================================================
Ubuntu Security Notice USN-545-1 November 26, 2007
link-grammar vulnerability
CVE-2007-5395
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 7.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 7.10:
liblink-grammar4 4.2.2-4ubuntu0.7.10.1
After a standard system upgrade you need to restart AbiWord to effect
the necessary changes.
Details follow:
Alin Rad Pop discovered that AbiWord's Link Grammar parser did not
correctly handle overly-long words. If a user were tricked into opening
a specially crafted document, AbiWord, or other applications using Link
Grammar, could be made to crash.
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1.diff.gz
Size/MD5: 8372 9d6103a3d8b9055aeb8e9fb151c629d8
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1.dsc
Size/MD5: 771 3416e046bf63eefc9b8e185666e11b1e
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/link-grammar_4.2.2.orig.tar.gz
Size/MD5: 742163 798c165b7d7f26e60925c30515c45782
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/link-grammar-dictionaries-en_4.2.2-4ubuntu0.7.10.1_all.deb
Size/MD5: 261630 b4b9b5e5f1a9b4a04dbf4074add17867
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4-dev_4.2.2-4ubuntu0.7.10.1_amd64.deb
Size/MD5: 129244 0db2bc55f7c9e9f3ce1276020200d6aa
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4_4.2.2-4ubuntu0.7.10.1_amd64.deb
Size/MD5: 98100 de97f8c7fa03e774b6038bd326834f7a
http://security.ubuntu.com/ubuntu/pool/universe/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1_amd64.deb
Size/MD5: 16430 dbcd4fca4249a475abd450f7009b68de
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4-dev_4.2.2-4ubuntu0.7.10.1_i386.deb
Size/MD5: 111178 d619bf104ae4b3026b4ac7dd7952d5ee
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4_4.2.2-4ubuntu0.7.10.1_i386.deb
Size/MD5: 90558 912431a563343836f56b20daf237c8e8
http://security.ubuntu.com/ubuntu/pool/universe/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1_i386.deb
Size/MD5: 15706 5a72b07d1b6a825a11148193e94bc5e3
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4-dev_4.2.2-4ubuntu0.7.10.1_powerpc.deb
Size/MD5: 130238 7266fb1779805cf1416afb6349142532
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4_4.2.2-4ubuntu0.7.10.1_powerpc.deb
Size/MD5: 97756 c23f581e5b62c6af38f08906f1f6521e
http://security.ubuntu.com/ubuntu/pool/universe/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1_powerpc.deb
Size/MD5: 17052 c5005abc099c10b7687dd85123dc29a4
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4-dev_4.2.2-4ubuntu0.7.10.1_sparc.deb
Size/MD5: 118768 d88eee3ff0a918780689a72f7e14d2fa
http://security.ubuntu.com/ubuntu/pool/main/l/link-grammar/liblink-grammar4_4.2.2-4ubuntu0.7.10.1_sparc.deb
Size/MD5: 91400 5a14c7a0baa9f2d9ba23f7130896c332
http://security.ubuntu.com/ubuntu/pool/universe/l/link-grammar/link-grammar_4.2.2-4ubuntu0.7.10.1_sparc.deb
Size/MD5: 16126 6179e67b9eaaef830f1bd7d461fbee62
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20071126/04be1cc7/attachment.sig>
More information about the ubuntu-security-announce
mailing list