USN-465-1: PulseAudio vulnerability
Posted on: 05/26/2007 02:40 AM

A new PulseAudio vulnerability update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-465-1 May 25, 2007
pulseaudio vulnerability
CVE-2007-1804
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects the following Ubuntu releases:

Ubuntu 7.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.04:
pulseaudio 0.9.5-5ubuntu4.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Luigi Auriemma discovered multiple flaws in pulseaudio's network
processing code. If an unauthenticated attacker sent specially crafted
requests to the pulseaudio daemon, it would crash, resulting in a denial
of service.


Updated packages for Ubuntu 7.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9=
=2E5-5ubuntu4.1.diff.gz
Size/MD5: 16615 9d9b53272d9252e4927f0e51300f4fce
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9=
=2E5-5ubuntu4.1.dsc
Size/MD5: 1265 1474ef70032d18fe70b09047637bb2ac
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9=
=2E5.orig.tar.gz
Size/MD5: 1145930 99b5d9efd4fce35cabb4ae5d0ebb230d

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-brows=
e0_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 11358 3f38fa55e3e2ec7b8476772c8046b100
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-dev_0=
=2E9.5-5ubuntu4.1_amd64.deb
Size/MD5: 181014 24bb58434084ba059fe03afee7e7c31a
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-mainl=
oop-glib0_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 11434 7182d91212fe96fe269635f1619098c3
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse0_0.9.=
5-5ubuntu4.1_amd64.deb
Size/MD5: 111078 16a55c91c20d58271a2ad0f77111874d
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio-eso=
und-compat_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 27326 aafca78e8a359714d9261806ba0c883e
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-gconf_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 12706 7d73bbce987c1f8792e96e67cd865983
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-hal_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 14738 656c160743b689e8c876180b19d85700
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-lirc_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 9102 aab1e8dc340901fc2ae6c648c56910e3
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-x11_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 15980 40d971c18451d46380b9880ac1db09e6
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-zeroconf_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 14446 87e590ceb4e0f241875eab95e42a7efa
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-utils_0.9.5-5ubuntu4.1_amd64.deb
Size/MD5: 52658 038c6d8dcad7aefc338f565349dcc7bd
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9=
=2E5-5ubuntu4.1_amd64.deb
Size/MD5: 331022 19c1f526d3c61cdee453fb3527405983

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-brows=
e0_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 10692 9d8d4fd14f7659455357d9aed48f82a4
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-dev_0=
=2E9.5-5ubuntu4.1_i386.deb
Size/MD5: 159072 be0f064914c83a102f1979a67063fb07
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-mainl=
oop-glib0_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 10862 a2aff8660f4e212552a11ee24bc67676
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse0_0.9.=
5-5ubuntu4.1_i386.deb
Size/MD5: 100038 5705deb6ebb7e61e74cad9a6e812e22d
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio-eso=
und-compat_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 25520 4f7907dd870e564bec851003009baa88
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-gconf_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 12084 10f2fe882feed2906037e0cfef22a601
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-hal_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 13602 9578081e9c654ebb4f320a10a63d56fc
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-lirc_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 8820 66e9b2747e87d22e7ec1b6d4b62ee845
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-x11_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 14790 65d8e0ad1beb85ad97cd566a2e2b6469
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-zeroconf_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 13372 e590cdddd58c61dfa579f3c2934219eb
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-utils_0.9.5-5ubuntu4.1_i386.deb
Size/MD5: 48198 80f12132afc40c6d271d41a7b215af40
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9=
=2E5-5ubuntu4.1_i386.deb
Size/MD5: 295436 17d763d32247644f522bf93a75a4fcdc

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-brows=
e0_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 13342 96d245fb4d15f25067352df991c341b8
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-dev_0=
=2E9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 188866 d035d439d4c41a2f087fad055a74477f
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-mainl=
oop-glib0_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 13648 8b8f2da9f7af64e6b5533466ad5ea3bd
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse0_0.9.=
5-5ubuntu4.1_powerpc.deb
Size/MD5: 112850 15aae1002e4c4002b148875a118e5b34
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio-eso=
und-compat_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 34182 3a7ab26dc70070912548689ab29c81fc
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-gconf_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 16620 822d476b6a2c2c26b374c637de5bfe56
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-hal_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 17640 b7f71e82e296f1f550bdf1d08a9a9ea5
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-lirc_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 11244 0b80dbc5515e09c6c37e4cd8c8f7befd
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-x11_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 21130 1e8dfeea6cee351d01608bea8293c70a
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-zeroconf_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 17198 bdd9eb3124e86cfa8fd11c042a679d1b
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-utils_0.9.5-5ubuntu4.1_powerpc.deb
Size/MD5: 64366 eada22eef9025ed3e85382e38af2b59f
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9=
=2E5-5ubuntu4.1_powerpc.deb
Size/MD5: 391522 cb83477ac20e11a83cdb127fe43dc5e7

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-brows=
e0_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 10678 1a70960c9515b631e38e59441cf5597a
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-dev_0=
=2E9.5-5ubuntu4.1_sparc.deb
Size/MD5: 172058 bb81ff554f84a64a7b78a7f91bf77158
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse-mainl=
oop-glib0_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 10782 9f6f8ead197f52fcc7250bd5ad461b40
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/libpulse0_0.9.=
5-5ubuntu4.1_sparc.deb
Size/MD5: 100766 36e81823c36a334b5a86c9aaab86b027
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio-eso=
und-compat_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 25460 8f5f3da84a662776a867037e230fa4cd
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-gconf_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 12138 20a9cdd969e4102319d6bf40878a9939
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-hal_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 13310 dee98af79f90fc0fa5108e450b8c6640
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-lirc_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 8894 d9ef082569bb88a7cc72d9ef27319866
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-x11_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 14676 72285253f6e33230665697271edf2a77
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-module-zeroconf_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 13264 5eeefb9453c7f4116d94d0697077f46c
http://security.ubuntu.com/ubuntu/pool/universe/p/pulseaudio/pulseaudio=
-utils_0.9.5-5ubuntu4.1_sparc.deb
Size/MD5: 49998 bbd6434382d0e37c185bf8efe59fb74d
http://security.ubuntu.com/ubuntu/pool/main/p/pulseaudio/pulseaudio_0.9=
=2E5-5ubuntu4.1_sparc.deb
Size/MD5: 301950 903558c0624a58899b08eca9fcd2f07c


--HcXnUX77nabWBLF4
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGV3JYH/9LqRcGPm0RAnAIAJsEPz5rvYBc9e/ECWP/b96ckZNtTQCffUUi
n3w7enfkfrXVX/v7n0jAjeY=
=g54U
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_465_1_pulseaudio_vulnerability.html)