USN-391-1: libgsf vulnerability

4 December 2006

libgsf vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 6.10
  • Ubuntu 6.06 LTS
  • Ubuntu 5.10

Software Description


A heap overflow was discovered in the OLE processing code in libgsf. If a user were tricked into opening a specially crafted OLE document, an attacker could execute arbitrary code with the user’s privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 6.10
libgsf-1-114 - 1.14.1-2ubuntu1.1
Ubuntu 6.06 LTS
libgsf-1-113 - 1.13.99-0ubuntu2.1
Ubuntu 5.10
libgsf-1 - 1.12.3-3ubuntu3.1

To update your system, please follow these instructions:

After a standard system upgrade you need to restart your desktop session to effect the necessary changes.