TITLE:
Ubuntu update for cfengine

SECUNIA ADVISORY ID:
SA17142

VERIFY ADVISORY:
http://secunia.com/advisories/17142/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Ubuntu Linux 5.04
http://secunia.com/product/5036/
Ubuntu Linux 4.10
http://secunia.com/product/4491/

DESCRIPTION:
Ubuntu has issued an update for cfengine. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

For more information:
SA17037

SOLUTION:
Apply updated packages.

-- Ubuntu 4.10 (Warty Warthog) --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1.diff.gz
Size/MD5: 102867 ebd2d4596fe81bad3f87b69c0a1057cd
http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1.dsc
Size/MD5: 704 1cde3ab958c48f9cb64eb7005e44bfe9
http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.diff.gz
Size/MD5: 102863 0fe4462348ac5db6e48f5ae4200223ee
http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5.orig.tar.gz
Size/MD5: 880066 fc02d8d56433f32020c3030192cad66e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine-doc_1.6.5-1ubuntu0.4.10.1_all.deb
Size/MD5: 351924 ed29a178c45c8c539ef3b04afcefded0

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1_amd64.deb
Size/MD5: 353892 44c62122d59a5f0974ad033dc6e80b4a

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1_i386.deb
Size/MD5: 311784 cb66ad235cfdbe07a8f29d9d09f5e073

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.4.10.1_powerpc.deb
Size/MD5: 354564 4bdd42ce5b05c00bc314cb06df597dc3

-- Ubuntu 5.04 (Hoary Hedgehog) --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1.diff.gz
Size/MD5: 102866 335e8d60109f38507a1f869a58595564
http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1.dsc
Size/MD5: 704 a942df3e7d86a6d1f86126ddb648e6e9
http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine_1.6.5.orig.tar.gz
Size/MD5: 880066 fc02d8d56433f32020c3030192cad66e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/c/cfengine/cfengine-doc_1.6.5-1ubuntu0.5.04.1_all.deb
Size/MD5: 386022 fcac1e988bae93f33c5da1ea37014055

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1_amd64.deb
Size/MD5: 353878 073ffd567f5b5bfaa3160e878b46d9ba

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1_i386.deb
Size/MD5: 311104 23232672fe6e8eb10f25133cf59680a9

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/universe/c/cfengine/cfengine_1.6.5-1ubuntu0.5.04.1_powerpc.deb
Size/MD5: 354586 107e028030519395ee526224bdf31da5

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-198-1

OTHER REFERENCES:
SA17037:
http://secunia.com/advisories/17037/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------