Home / mailings [USN-1068-1] Aptdaemon vulnerability
Posted on 22 February 2011
Ubuntu Security==========================
==========================
=========
Ubuntu Security Notice USN-1068-1 February 22, 2011
aptdaemon vulnerability
CVE-2011-0725
==========================
==========================
=========
A security issue affects the following Ubuntu releases:
Ubuntu 10.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.10:
python-aptdaemon 0.31+bzr506-0ubuntu6.1
In general, a standard system update will make all the necessary changes.
Details follow:
Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain
arguments when using its D-Bus interface. A local attacker could use this
flaw to bypass security restrictions and view sensitive information by
reading arbitrary files.
Updated packages for Ubuntu 10.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/a/aptdaemon/aptdaemon_0.31+=
bzr506-0ubuntu6.1.debian.tar.gz
Size/MD5: 528226 b4bab52268bb2d5265519c41b507f465
http://security.ubuntu.com/ubuntu/pool/main/a/aptdaemon/aptdaemon_0.31+=
bzr506-0ubuntu6.1.dsc
Size/MD5: 2121 dfe8afa421c97dae75ef5401240bfcbd
http://security.ubuntu.com/ubuntu/pool/main/a/aptdaemon/aptdaemon_0.31+=
bzr506.orig.tar.gz
Size/MD5: 441337 272889c346728f050dd439b48f1041a7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/a/aptdaemon/aptdaemon_0.31+=
bzr506-0ubuntu6.1_all.deb
Size/MD5: 35990 318e9d8d17fc010ba43840b06bb31e8b
http://security.ubuntu.com/ubuntu/pool/main/a/aptdaemon/python-aptdaemo=
n-gtk_0.31+bzr506-0ubuntu6.1_all.deb
Size/MD5: 197602 a052006f8f9addc05244a2a9f7ba8143
http://security.ubuntu.com/ubuntu/pool/main/a/aptdaemon/python-aptdaemo=
n_0.31+bzr506-0ubuntu6.1_all.deb
Size/MD5: 64802 b8a33f9e2e8c53679a2b6bfe9768bab2
