The problem can be corrected by upgrading the affected package to
version 0.98.38-1ubuntu0.2 (for Ubuntu 4.10), or 0.98.38-1.1ubuntu0.1
(for Ubuntu 5.04). In general, a standard system upgrade is
sufficient to effect the necessary changes.
Josh Bressers discovered a buffer overflow in the ieee_putascii()
function of nasm. If an attacker tricked a user into assembling a
malicious source file, they could exploit this to execute arbitrary
code with the privileges of the user that runs nasm.