A new xscreensaver vulnerability update is available for Ubuntu Linux. Here the announcement:
Ubuntu Security Notice USN-474-1 June 12, 2007
xscreensaver vulnerability
CVE-2007-1859
==========================
==========================
=========
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
xscreensaver 4.23-4ubuntu8.1
Ubuntu 6.10:
xscreensaver 4.24-4ubuntu2.1
Ubuntu 7.04:
xscreensaver 4.24-5ubuntu2.1
After a standard system upgrade you need to restart your session to
effect the necessary changes.
Details follow:
It was discovered that xscreensaver did not correctly validate the
return values from network authentication systems such as LDAP or NIS.
A local attacker could bypass a locked screen if they were able to
interrupt network connectivity.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.23-4ubuntu8.1.diff.gz
Size/MD5: 134632 8481d5e90771f8457d9aba033d5ca005
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.23-4ubuntu8.1.dsc
Size/MD5: 1137 4945fe2551184eba924db9931f545814
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.23.orig.tar.gz
Size/MD5: 4939070 27491d117a8f7ae57d1fdf5f15d61ac6
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.23-4ubuntu8.1_amd64.deb
Size/MD5: 3154668 d5588bfb2ea95e4ccfaae11ed5523cb5
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.23-4ubuntu8.1_amd64.deb
Size/MD5: 450108 9ff1f49e0080ec94ab7a536c71e07204
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.23-4ubuntu8.1_amd64.deb
Size/MD5: 1870478 a99cfd717ac1c1697e58e16be8aa5036
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.23-4ubuntu8.1_amd64.deb
Size/MD5: 1765440 e3de8c3fad6fd2f79b46f88615b16d0b
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.23-4ubuntu8.1_amd64.deb
Size/MD5: 291970 8d255b61956d293fe6ee236dfca94f68
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.23-4ubuntu8.1_i386.deb
Size/MD5: 2700432 97394772928693483008cd0ac6c7a111
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.23-4ubuntu8.1_i386.deb
Size/MD5: 383712 55b696ecfb2e79a106bc78e5b82747f9
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.23-4ubuntu8.1_i386.deb
Size/MD5: 1727298 5e9c73dc75f0631bfe6d518f6e209708
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.23-4ubuntu8.1_i386.deb
Size/MD5: 1578310 14bfe53892544797fecbfe1e896f2ade
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.23-4ubuntu8.1_i386.deb
Size/MD5: 276842 e825b87f705b790bd5653ce921a748e2
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.23-4ubuntu8.1_powerpc.deb
Size/MD5: 3351462 b966821dd75ad0695c2dfbf330634ede
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.23-4ubuntu8.1_powerpc.deb
Size/MD5: 474390 02ee60c27f941a90dae0b6cb3a93fc64
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.23-4ubuntu8.1_powerpc.deb
Size/MD5: 1924010 d8ad2ba7aba10e52f1970b2e87210554
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.23-4ubuntu8.1_powerpc.deb
Size/MD5: 1804516 5d206d43e41215a7a0469e7169f16170
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.23-4ubuntu8.1_powerpc.deb
Size/MD5: 287952 f9d93805ad6d52ddd45ed1b101b2bccb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.23-4ubuntu8.1_sparc.deb
Size/MD5: 2890300 8c6a8458dd36cab029519bf4e22464ec
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.23-4ubuntu8.1_sparc.deb
Size/MD5: 415134 6ce7efcf9cb1d82f4feaf472ea48ea7a
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.23-4ubuntu8.1_sparc.deb
Size/MD5: 1799904 4b0ed2d3942f8d8f1d1b84d580511c6e
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.23-4ubuntu8.1_sparc.deb
Size/MD5: 1657370 ce274d549d9e3d6c87b073677a911d3f
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.23-4ubuntu8.1_sparc.deb
Size/MD5: 276980 f90a638d9764976fa605c822a6ce14e7
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-4ubuntu2.1.diff.gz
Size/MD5: 1769117 44917db2258cea78e0d9cc95b4adf0ef
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-4ubuntu2.1.dsc
Size/MD5: 1138 32d5e20fa80106c883bed19bc0e39730
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24.orig.tar.gz
Size/MD5: 4936993 174b6a7cebd892c1a6c2d56bf5ac5af6
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.24-4ubuntu2.1_amd64.deb
Size/MD5: 3165732 adfc3c5c8be751e4ac84814d5f9ee048
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.24-4ubuntu2.1_amd64.deb
Size/MD5: 452946 787ff5cd134d793bc6468309f6c012f4
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.24-4ubuntu2.1_amd64.deb
Size/MD5: 1880528 1fc6f3f9892e0cdb8ac22faf3b1bf946
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.24-4ubuntu2.1_amd64.deb
Size/MD5: 1777676 690bf82414ec5cae66e71768d05ec984
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-4ubuntu2.1_amd64.deb
Size/MD5: 293542 7e89154333892d7fc65e009975069a97
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.24-4ubuntu2.1_i386.deb
Size/MD5: 2810820 7b956e5fc89bae4d2630cbf976dbb6e2
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.24-4ubuntu2.1_i386.deb
Size/MD5: 396086 fe722976f650133c1dd9578173d99c61
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.24-4ubuntu2.1_i386.deb
Size/MD5: 1767670 2f00ac7650a86695164f81b8609450ba
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.24-4ubuntu2.1_i386.deb
Size/MD5: 1636586 89e9935fcb7c6ac2982a4fcf366d2db1
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-4ubuntu2.1_i386.deb
Size/MD5: 282648 4f5c4eebd648115a312e6f66a5c0331d
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.24-4ubuntu2.1_powerpc.deb
Size/MD5: 3388600 746368cafc4455f842d834a07c9414c4
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.24-4ubuntu2.1_powerpc.deb
Size/MD5: 478502 bf2c14c0dc85bbc2ae689b30a5ebc094
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.24-4ubuntu2.1_powerpc.deb
Size/MD5: 1938696 0df2e7c01e6b396725ff72032762fb2e
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.24-4ubuntu2.1_powerpc.deb
Size/MD5: 1822634 561b093325b9f46a478932ece9833159
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-4ubuntu2.1_powerpc.deb
Size/MD5: 291754 bc7787b915346654a287d3a8de9cc57f
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.24-4ubuntu2.1_sparc.deb
Size/MD5: 2913546 ee91f377aa979c9cc85bd0ddfff627e0
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.24-4ubuntu2.1_sparc.deb
Size/MD5: 418652 763c6fb22f4751a7a8843195056b4d3a
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.24-4ubuntu2.1_sparc.deb
Size/MD5: 1812006 897021cdaf4e13286fd91bdac7b5dbf1
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.24-4ubuntu2.1_sparc.deb
Size/MD5: 1672888 8b7da0f95f26dafa163c2b8ed200be69
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-4ubuntu2.1_sparc.deb
Size/MD5: 278558 2b57e62b427ba9bf21acb86d729ffa2f
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-5ubuntu2.1.diff.gz
Size/MD5: 1773062 37286827c310ad14b7b3fc7493d481de
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-5ubuntu2.1.dsc
Size/MD5: 1222 65c8e4bfafc2333c4629bd596c8ee5fd
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24.orig.tar.gz
Size/MD5: 4936993 174b6a7cebd892c1a6c2d56bf5ac5af6
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.24-5ubuntu2.1_amd64.deb
Size/MD5: 3176658 e150bbd928729f8a46610be70954b233
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.24-5ubuntu2.1_amd64.deb
Size/MD5: 454596 d48992c1a859586768b5ac46c4948ef2
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.24-5ubuntu2.1_amd64.deb
Size/MD5: 1881806 51ed2f5e5bae4aec9efd2706698db455
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.24-5ubuntu2.1_amd64.deb
Size/MD5: 1780960 27a63ecad8c5306e2175b9f709a5463d
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-5ubuntu2.1_amd64.deb
Size/MD5: 294664 9a02516eceece4ac9cd2e2ba2ba613c2
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.24-5ubuntu2.1_i386.deb
Size/MD5: 2820482 eb81e358ac6b8da4a3146651274baf18
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.24-5ubuntu2.1_i386.deb
Size/MD5: 397730 f2b2e4d543a06d0ca582c0d7489be7b5
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.24-5ubuntu2.1_i386.deb
Size/MD5: 1767936 3e88bdbb4dbb8671bcd673a40bdfbfde
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.24-5ubuntu2.1_i386.deb
Size/MD5: 1636914 99f977285edc3b6d443676e79c4d932f
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-5ubuntu2.1_i386.deb
Size/MD5: 283638 3fde0ca9de9b4801d538ceffbca2289a
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.24-5ubuntu2.1_powerpc.deb
Size/MD5: 3637692 2d5d88671b622b48d702730a765a6142
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.24-5ubuntu2.1_powerpc.deb
Size/MD5: 513852 6f8ffed7224554954a0d19c50ed8b536
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.24-5ubuntu2.1_powerpc.deb
Size/MD5: 2029204 e2a5b29e775f2e58b5b79596d65f9ecb
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.24-5ubuntu2.1_powerpc.deb
Size/MD5: 1929494 93af3457e407f5f8fc69da2656634e27
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-5ubuntu2.1_powerpc.deb
Size/MD5: 303112 80fbf962100b01793f90acc7cdb89404
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-data-extra_4.24-5ubuntu2.1_sparc.deb
Size/MD5: 3005450 cd6ac222c2ad70462abce070435aea93
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-data_4.24-5ubuntu2.1_sparc.deb
Size/MD5: 432816 561c8e56448528d33837df1e533004c2
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreens=
aver-gl-extra_4.24-5ubuntu2.1_sparc.deb
Size/MD5: 1842314 46398856b666e9facc8ee0f57cac175c
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
-gl_4.24-5ubuntu2.1_sparc.deb
Size/MD5: 1712846 3afe79f637b9dc25e577bdecbfda666f
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver=
_4.24-5ubuntu2.1_sparc.deb
Size/MD5: 284024 d884be55be2f049ac9b50516b2b96171
--72pTQ1Q5L511SwPT
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGby1lH/9LqRcGPm0RAqWdAJ9/BkRLIJkcSzv8BTTsLSMZ5agtAACfYnt5
9PLbbXWttOquc8fMDGJbL54=
=MSMJ
-----END PGP SIGNATURE-----