ff-multiconverter, multimedia, audio, video, linux, ubuntu ubuntu kylin, china, releases, linux terminal, ubuntu, linux, comandos, shell conky, gadgets, ubuntu, linux SpeedTest-Cli, velocidad, red, consola, terminal tag foto 6 pinta, grafica, linux, ubuntu djl, juegos, yum, synaptic, paquetes ubuntu, releases, canonical psensor, ubuntu, linux, sistema, monitor

Nuevas actualizaciones de seguridad para Ubuntu 9.04 Jaunty Jackalope relativas a las librerìas Python y al server Samba

Nuevas actualizaciones de seguridad para Ubuntu 9.04 relativas a Python, Samba y otras librerìas.

Como lo hace normalmente una vez a la semana Canonical publica las actualizaciones de seguridad màs importantes para Ubuntu, aquellas que considera importantes y aquèllas que recomienda.

El detalle completo es el siguiente:
Versione 0.52.2-11.3ubuntu3.1:

  * SECURITY UPDATE: denial of service and possible code execution via
    reflowed text in text message box
    - debian/patches/900_security_CVE-2009-2905.patch: calculate using
      correct width in textbox.c.
    - CVE-2009-2905

Newt is a windowing toolkit for text mode built from the slang library. It allows color text mode applications to easily use stackable windows, push buttons, check boxes, radio buttons, lists, entry fields, labels, and displayable text. Scrollbars are supported, and forms may be nested to provide extra functionality. This package contains the shared library for programs that have been built with newt.

Versione 2:3.3.2-1ubuntu3.2:

  * SECURITY UPDATE: access control list modification when dos filemode is
    enabled
    - debian/patches/security-CVE-2009-1888.patch: fix group checking in
      acl_group_override in source/smbd/posix_acls.c.
    - CVE-2009-1888
  * SECURITY UPDATE: whole filesystem share via user with no home directory
    - debian/patches/security-CVE-2009-2813.patch: make sure home directory
      is set in source/param/loadparm.c, source/smbd/service.c.
    - CVE-2009-2813
  * SECURITY UPDATE: credentials file disclosure and unauthorized usage via
    setuid mount.cifs
    - debian/patches/security-CVE-2009-2948.patch: don't open credentials
      file if user doesn't have permission, and don't print password when
      using verbose option in source/client/mount.cifs.c.
    - CVE-2009-2948
  * SECURITY UPDATE: denial of service via unexpected oplock break
    notification reply
    - debian/patches/security-CVE-2009-2906.patch: track messages already
      processed in source/include/smb.h, source/smbd/process.c.
    - CVE-2009-2906

This package provides a shared library that enables client applications to talk to Microsoft Windows and Samba servers using the SMB/CIFS protocol.

Versione 2:3.3.2-1ubuntu3.2:

  * SECURITY UPDATE: access control list modification when dos filemode is
    enabled
    - debian/patches/security-CVE-2009-1888.patch: fix group checking in
      acl_group_override in source/smbd/posix_acls.c.
    - CVE-2009-1888
  * SECURITY UPDATE: whole filesystem share via user with no home directory
    - debian/patches/security-CVE-2009-2813.patch: make sure home directory
      is set in source/param/loadparm.c, source/smbd/service.c.
    - CVE-2009-2813
  * SECURITY UPDATE: credentials file disclosure and unauthorized usage via
    setuid mount.cifs
    - debian/patches/security-CVE-2009-2948.patch: don't open credentials
      file if user doesn't have permission, and don't print password when
      using verbose option in source/client/mount.cifs.c.
    - CVE-2009-2948
  * SECURITY UPDATE: denial of service via unexpected oplock break
    notification reply
    - debian/patches/security-CVE-2009-2906.patch: track messages already
      processed in source/include/smb.h, source/smbd/process.c.
    - CVE-2009-2906

This package provides a library for client applications that interact via the winbind pipe protocol with a Samba winbind server.

Versione 0.52.2-11.3ubuntu3.1:

  * SECURITY UPDATE: denial of service and possible code execution via
    reflowed text in text message box
    - debian/patches/900_security_CVE-2009-2905.patch: calculate using
      correct width in textbox.c.
    - CVE-2009-2905

This module allows you to built a text UI for your Python scripts using newt.

Versione 1:3.0.1-9ubuntu3.1:

  * SECURITY UPDATE: fix integer underflow via crafted Word Document
    - patches/dev300/sw.safe_tdelete_tinsert.diff: adjust sprmTDelete to
      properly validate the number of columns
    - CVE-2009-0200
  * SECURITY UPDATE: fix buffer overflow via crafted Word Document
    - patches/dev300/sw.safe_tdelete_tinsert.diff: adjust sprmTInsert to
      properly validate the number of columns
    - CVE-2009-0201
  * patches/dev300/apply: create Security section and add
    sw.safe_tdelete_tinsert.diff

The Python-UNO bridge allows use of the standard OpenOffice.org API with the Python scripting language. It additionally allows others to develop UNO components in Python, thus Python UNO components may be run within the OpenOffice.org process and can be called from C++ or the built in StarBasic scripting language.











Espero que esta publicación te haya gustado. Si tienes alguna duda, consulta o quieras complementar este post, no dudes en escribir en la zona de comentarios. También puedes visitar Facebook, Twitter, Google +, Linkedin, Instagram, Pinterest y Feedly donde encontrarás información complementaria a este blog. COMPARTE EN!

0 comentarios: