English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Ubuntu update for rpm


Secunia ID

SA51865

CVE-ID

CVE-2011-3378, CVE-2012-0060, CVE-2012-0061, CVE-2012-0815

Release Date

18 Jan 2013

Criticality

Less Critical

Solution Status

Vendor Patch

Where

From remote

Impact
System access

This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

Description

Ubuntu has issued an update for rpm. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

For more information:
SA46096
SA48651

Solution

Apply updated packages.

-- Ubuntu 12.04 LTS --
https://launchpad.net/ubuntu/+source/rpm/4.9.1.1-1ubuntu0.1

-- Ubuntu 11.10 --
https://launchpad.net/ubuntu/+source/rpm/4.9.0-7ubuntu0.1

-- Ubuntu 10.04 LTS --
https://launchpad.net/ubuntu/+source/rpm/4.7.2-1lubuntu0.1

Original Advisory

USN-1695-1:
http://www.ubuntu.com/usn/usn-1695-1/