A new heartbeat vulnerability update is available for Ubuntu Linux. Here the announcement:
Ubuntu Security Notice USN-326-1 July 27, 2006
heartbeat vulnerability
CVE-2006-3815
==========================
==========================
=========
A security issue affects the following Ubuntu releases:
Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.04:
heartbeat 1.2.3-3ubuntu1.2
Ubuntu 5.10:
heartbeat 1.2.3-12ubuntu0.1
Ubuntu 6.06 LTS:
heartbeat 1.2.4-2ubuntu0.1
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Yan Rong Ge discovered that heartbeat did not set proper permissions
for an allocated shared memory segment. A local attacker could exploit
this to render the heartbeat service unavailable (Denial of
Service).
Updated packages for Ubuntu 5.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-3ubuntu1.2.diff.gz
Size/MD5: 246093 3ec140cdfd4b1366ebc80949929a1e53
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-3ubuntu1.2.dsc
Size/MD5: 847 756f89385ad79532421877d21f2dc5ab
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
.orig.tar.gz
Size/MD5: 1772513 9fd126e5dff51cc8c1eee223c252a4af
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/ldirectord_=
1.2.3-3ubuntu1.2_all.deb
Size/MD5: 44696 a30cdadd183ab0648dac48a3a12e55aa
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.3-3ubuntu1.2_amd64.deb
Size/MD5: 125424 12f22ff5c4bbe7a8d430fd7f1c0eb061
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-3ubuntu1.2_amd64.deb
Size/MD5: 533132 26e72b2a4f97b7e2e103be2aff53e1a0
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.3-3ubuntu1.2_amd64.deb
Size/MD5: 61124 ab240db5ab465c9d4c1b05b22ac67b90
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-=
3ubuntu1.2_amd64.deb
Size/MD5: 51812 4da42c1ca980eb62d2aa7905bab30227
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.3-3ubuntu1.2_amd64.deb
Size/MD5: 29280 68a090e862161255bf30b5564839dcf0
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.3-3ubuntu1.2_amd64.deb
Size/MD5: 79580 13581bf67cc41797f6209c7e9ac8522f
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.3-3ubuntu1.2_amd64.deb
Size/MD5: 30306 d6c71a534f3d90724a1e9aa2bf878d19
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.3-3ubuntu1.2_i386.deb
Size/MD5: 114864 2450cddfab1fb927ebaa058d79f672d4
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-3ubuntu1.2_i386.deb
Size/MD5: 489662 e01b9cd2f15f109a7827fa7fcc95def2
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.3-3ubuntu1.2_i386.deb
Size/MD5: 57264 e2e160e1afd3192ed1b02dc02d8bb423
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-=
3ubuntu1.2_i386.deb
Size/MD5: 46772 1f9b32a6694da698c5b7dd471ae8e611
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.3-3ubuntu1.2_i386.deb
Size/MD5: 28866 61a9b5a8e7a05a269627f2fd996c36da
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.3-3ubuntu1.2_i386.deb
Size/MD5: 69270 1c92e784e1be5912a0b3fc11a4cf3517
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.3-3ubuntu1.2_i386.deb
Size/MD5: 29704 1f5ad3c81122f0b93dac7552f889d953
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.3-3ubuntu1.2_powerpc.deb
Size/MD5: 126936 d80eca2b83b8c4b4b5a5af854d1a6824
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-3ubuntu1.2_powerpc.deb
Size/MD5: 557100 5170ed8f4bad84fc13baba34cf925f78
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.3-3ubuntu1.2_powerpc.deb
Size/MD5: 61186 bac65215be030e0181fb51aaf673b27c
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-=
3ubuntu1.2_powerpc.deb
Size/MD5: 52820 8af7fd485f7a546aa266a83f14022a89
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.3-3ubuntu1.2_powerpc.deb
Size/MD5: 29450 b0264aea8ccf20b743d6ef4291f35b78
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.3-3ubuntu1.2_powerpc.deb
Size/MD5: 89042 3767a41ededab5060daa5c924b33bd4e
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.3-3ubuntu1.2_powerpc.deb
Size/MD5: 32596 b2498312ac51b20d5e7bd2e787b92063
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-12ubuntu0.1.diff.gz
Size/MD5: 273014 c65e3cab025db4cf380f6306aed2c6b1
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-12ubuntu0.1.dsc
Size/MD5: 889 e50b28e2b00e87d5dc6e54c88c2b2345
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
.orig.tar.gz
Size/MD5: 1772513 9fd126e5dff51cc8c1eee223c252a4af
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/ldirectord_=
1.2.3-12ubuntu0.1_all.deb
Size/MD5: 45772 d554cab515194937acad979e41fb3e00
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.3-12ubuntu0.1_amd64.deb
Size/MD5: 127682 8dc69a6762cb48be2b5e6366af018b48
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-12ubuntu0.1_amd64.deb
Size/MD5: 541822 115dc7a939843936ec0b8c73bc06672c
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.3-12ubuntu0.1_amd64.deb
Size/MD5: 62224 2c8bcec90512fc43b7973b6d06025af7
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-=
12ubuntu0.1_amd64.deb
Size/MD5: 52526 cfbe3cc3422e6d33074a3888dc726b1b
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.3-12ubuntu0.1_amd64.deb
Size/MD5: 30522 7070a5d33227dc39ec5e512d932925b0
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.3-12ubuntu0.1_amd64.deb
Size/MD5: 87916 e6bb4daa22c97ee4ea399dd582b06bc3
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.3-12ubuntu0.1_amd64.deb
Size/MD5: 37504 a87d7c6b6835467f59e34a13cbbdf124
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.3-12ubuntu0.1_i386.deb
Size/MD5: 116578 726e65679cea2f55f28895996f19164e
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-12ubuntu0.1_i386.deb
Size/MD5: 497364 cab2e724884a20f6e00f346ffdd2494c
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.3-12ubuntu0.1_i386.deb
Size/MD5: 57788 759223e25b80d242ddca949df0c60715
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-=
12ubuntu0.1_i386.deb
Size/MD5: 46762 d6b8011d20e20f436f33aeeaa23906db
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.3-12ubuntu0.1_i386.deb
Size/MD5: 29998 42792925fa3dfb70c0691acf1f09fce4
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.3-12ubuntu0.1_i386.deb
Size/MD5: 77016 f747dfd39e5a2df0e503fb520024344c
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.3-12ubuntu0.1_i386.deb
Size/MD5: 36954 38a16fef630f412b3e6ad730a055a852
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.3-12ubuntu0.1_powerpc.deb
Size/MD5: 129358 ad40c2dc589c1a2d25c376f7f06a5029
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-12ubuntu0.1_powerpc.deb
Size/MD5: 566184 d07c9f581b20cee0661046d31a446d32
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.3-12ubuntu0.1_powerpc.deb
Size/MD5: 62126 4568199f1406886eeb7b2576adedbc96
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-=
12ubuntu0.1_powerpc.deb
Size/MD5: 53430 5412d45b0ce452a8f59cd7b4e27b6815
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.3-12ubuntu0.1_powerpc.deb
Size/MD5: 30594 bc3f6213db5c1908e51103ce4b4dc0e0
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.3-12ubuntu0.1_powerpc.deb
Size/MD5: 99256 7ca21104e73e73aaf075d13241bc9e48
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.3-12ubuntu0.1_powerpc.deb
Size/MD5: 40092 3fe23aee398e72f92487be720439fdd7
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.3-12ubuntu0.1_sparc.deb
Size/MD5: 122150 232b62a1003b1428734fca457933372c
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.3=
-12ubuntu0.1_sparc.deb
Size/MD5: 511344 63afdbf2af5514c08ca0963cd6538f7b
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.3-12ubuntu0.1_sparc.deb
Size/MD5: 63094 2192f22f5ff55baf5e60dbc9d1b24101
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.3-=
12ubuntu0.1_sparc.deb
Size/MD5: 49654 4becd99debbe382a011fff148bcd4d26
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.3-12ubuntu0.1_sparc.deb
Size/MD5: 30288 93f63efa3f6bfa53a5aaea4593c01c3e
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.3-12ubuntu0.1_sparc.deb
Size/MD5: 81024 0e6e1fcc2d173f3bfc69b5e3fd81ee63
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.3-12ubuntu0.1_sparc.deb
Size/MD5: 37158 6af0fe1a5b28fb346f8ef0fd81c107be
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4=
-2ubuntu0.1.diff.gz
Size/MD5: 2666 664d3f99835d21e988996cb0ce6cdc78
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4=
-2ubuntu0.1.dsc
Size/MD5: 912 4264a651ca795f97b145b365f4edd8c3
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4=
.orig.tar.gz
Size/MD5: 2102978 7e3f752af06c25f7141c4b67a538e718
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/ldirectord_=
1.2.4-2ubuntu0.1_all.deb
Size/MD5: 48700 33ba0f82c379f104a1368b5709de588f
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.4-2ubuntu0.1_amd64.deb
Size/MD5: 133014 2eb4bab4ceecf7f7c630e8f846ab04fb
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4=
-2ubuntu0.1_amd64.deb
Size/MD5: 526350 225a3bdab37c5ef648579c72c8b79080
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.4-2ubuntu0.1_amd64.deb
Size/MD5: 64276 0322dd63e7f9589324b18b329622b71b
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.4-=
2ubuntu0.1_amd64.deb
Size/MD5: 54388 7055ae330f7aae45c4d6b3dfc662996e
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.4-2ubuntu0.1_amd64.deb
Size/MD5: 32436 64a59bef66175e1c0c1c31512392775d
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.4-2ubuntu0.1_amd64.deb
Size/MD5: 104082 7f51861edaa1725fee9bf8d55bc9789a
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.4-2ubuntu0.1_amd64.deb
Size/MD5: 39412 0895ab777ff900ded13b34751a7a2fde
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.4-2ubuntu0.1_i386.deb
Size/MD5: 121110 892f32a795959a8ae6bffe42179f01cf
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4=
-2ubuntu0.1_i386.deb
Size/MD5: 486874 356786a173c01fe00fa7e0efe3c6f187
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.4-2ubuntu0.1_i386.deb
Size/MD5: 59760 4bc84e563bfe788e50d14feb064a0cbf
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.4-=
2ubuntu0.1_i386.deb
Size/MD5: 48510 a9be42a6712c61b02f0ed49a48358b90
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.4-2ubuntu0.1_i386.deb
Size/MD5: 31960 824535043028fc15e5a44c3ef17d8c2a
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.4-2ubuntu0.1_i386.deb
Size/MD5: 90966 885872ae7fef376f4935bcfe4fee21c9
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.4-2ubuntu0.1_i386.deb
Size/MD5: 38862 d15f602bf298bc932a09dc48aae4c498
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.4-2ubuntu0.1_powerpc.deb
Size/MD5: 134802 633a967537877349aa64dee4bad16f8f
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4=
-2ubuntu0.1_powerpc.deb
Size/MD5: 551384 c64828980eaa68cb55037f469d88219b
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.4-2ubuntu0.1_powerpc.deb
Size/MD5: 64176 f042ed21f99e747df5cac680067d6e77
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.4-=
2ubuntu0.1_powerpc.deb
Size/MD5: 55240 aec0c2f0d9a3ef0b48d924221b236df4
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.4-2ubuntu0.1_powerpc.deb
Size/MD5: 32540 af58be35eff472b96d5eab7a8d67bb9f
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.4-2ubuntu0.1_powerpc.deb
Size/MD5: 117376 811853abf5e12d478ef28ee41d5adb9f
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.4-2ubuntu0.1_powerpc.deb
Size/MD5: 41920 84445ee4f5f3d66787e65a8d9b556196
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat-dev_1=
.2.4-2ubuntu0.1_sparc.deb
Size/MD5: 126608 8ec315f5602a077bbc8eb014b30039ee
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/heartbeat_1.2.4=
-2ubuntu0.1_sparc.deb
Size/MD5: 498026 3e52ce1e67933fe01c802364ffe73132
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils-dev_1.2=
.4-2ubuntu0.1_sparc.deb
Size/MD5: 65134 1caaf2801011f09037067f1879e9e385
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libpils0_1.2.4-=
2ubuntu0.1_sparc.deb
Size/MD5: 51530 0ed83d229d539c3ea8a505bf07518c12
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith-dev_=
1.2.4-2ubuntu0.1_sparc.deb
Size/MD5: 32184 d7bfa220ece5a38857147dc347fe2876
http://security.ubuntu.com/ubuntu/pool/main/h/heartbeat/libstonith0_1.2=
.4-2ubuntu0.1_sparc.deb
Size/MD5: 95780 70848e504b76b540c2b2e6add1c89cc7
http://security.ubuntu.com/ubuntu/pool/universe/h/heartbeat/stonith_1.2=
.4-2ubuntu0.1_sparc.deb
Size/MD5: 39016 f7b7798b16cb54bcd3f821503de07a0b
--6K2R/cS9K4qvcBNq
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEyNtXDecnbV4Fd/IRAmaIAJ9BpW89XPAMhONgkFiMPJUNPGqw1QCdHZCc
To7Hkg8o7huf117CCB9ZPM4=
=gu2U
-----END PGP SIGNATURE-----