Canonical Fixes Telepathy-idle Exploit in Ubuntu 13.04

Users will have to update and restart the operating system

  Ubuntu 13.04 desktop
On May 10, in a security notice Canonical published details about a telepathy-idle vulnerability for its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.

On May 10, in a security notice Canonical published details about a telepathy-idle vulnerability for its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.

According to Canonical, telepathy-idle could have been made to expose sensitive information over the network.

It was discovered that telepathy-idle did not perform any server certificate validation when using SSL connections.

If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be
exploited to alter or compromise confidential information.

The security flaws can be fixed if you upgrade your system(s) to the latest telepathy-idle package, specific to the distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. After the system update, you need to reboot your computer to make all the necessary changes.

Comments

By    11 May 2013, 13:53 GMT