Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 69   Next >
Show: All  

USN-3021-2: Linux kernel (OMAP4) vulnerabilities - 27th June 2016

Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3951) Kangjie Lu discovered ...

CVE-2016-3951 CVE-2016-4482 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4805 CVE-2016-4913

USN-3021-1: Linux kernel vulnerabilities - 27th June 2016

Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service (system crash). (CVE-2016-3951) Kangjie Lu discovered ...

CVE-2016-3951 CVE-2016-4482 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4805 CVE-2016-4913

USN-3020-1: Linux kernel (Vivid HWE) vulnerabilities - 27th June 2016

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997) ...

CVE-2016-4482 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998

USN-3019-1: Linux kernel (Utopic HWE) vulnerabilities - 27th June 2016

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997) ...

CVE-2016-4482 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4997 CVE-2016-4998

USN-3018-2: Linux kernel (Trusty HWE) vulnerabilities - 27th June 2016

USN-3018-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling ...

CVE-2016-4482 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4997 CVE-2016-4998

USN-3018-1: Linux kernel vulnerabilities - 27th June 2016

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997) ...

CVE-2016-4482 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4997 CVE-2016-4998

USN-3016-4: Linux kernel (Xenial HWE) vulnerabilities - 27th June 2016

USN-3016-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling ...

CVE-2016-4482 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998

USN-3017-3: Linux kernel (Wily HWE) vulnerabilities - 27th June 2016

USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit ...

CVE-2016-4482 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998

USN-3017-2: Linux kernel (Raspberry Pi 2) vulnerabilities - 27th June 2016

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997) ...

CVE-2016-4482 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998

USN-3017-1: Linux kernel vulnerabilities - 27th June 2016

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997) ...

CVE-2016-4482 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998

USN-3016-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 27th June 2016

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997) ...

CVE-2016-4482 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998

USN-3016-2: Linux kernel (Raspberry Pi 2) vulnerabilities - 27th June 2016

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997) ...

CVE-2016-4482 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998

USN-3016-1: Linux kernel vulnerabilities - 27th June 2016

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. (CVE-2016-4997) ...

CVE-2016-4482 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998

USN-3014-1: Spice vulnerabilities - 21st June 2016

Jing Zhao discovered that the Spice smartcard support incorrectly handled memory. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 15.10 and Ubuntu 16.04 LTS. (CVE-2016-0749) Frediano Ziglio discovered that ...

CVE-2016-0749 CVE-2016-2150

USN-3013-1: XML-RPC for C and C++ vulnerabilities - 20th June 2016

It was discovered that the Expat code in XML-RPC for C and C++ unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. (CVE-2012-6702) It was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled seeding the random number generator. A remote ...

CVE-2012-6702 CVE-2015-1283 CVE-2016-0718 CVE-2016-4472 CVE-2016-5300

USN-3010-1: Expat vulnerabilities - 20th June 2016

It was discovered that Expat unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. (CVE-2012-6702) It was discovered that Expat incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-5300)

CVE-2012-6702 CVE-2016-5300

USN-3012-1: Wget vulnerability - 20th June 2016

Dawid Golunski discovered that Wget incorrectly handled filenames when being redirected from an HTTP to an FTP URL. A malicious server could possibly use this issue to overwrite local files.

CVE-2016-4971

USN-3011-1: HAProxy vulnerability - 20th June 2016

Falco Schmutz discovered that HAProxy incorrectly handled the reqdeny filter. A remote attacker could use this issue to cause HAProxy to crash, resulting in a denial of service.

CVE-2016-5360

USN-3009-1: Dnsmasq vulnerability - 20th June 2016

Edwin Török discovered that Dnsmasq incorrectly handled certain CNAME responses. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service.

CVE-2015-8899

USN-3008-1: Linux kernel (Qualcomm Snapdragon) vulnerability - 10th June 2016

Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

CVE-2016-1583

USN-3007-1: Linux kernel (Raspberry Pi 2) vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-8839 CVE-2016-1583 CVE-2016-2117 CVE-2016-2187 CVE-2016-3961 CVE-2016-4485 CVE-2016-4486 CVE-2016-4558 CVE-2016-4565 CVE-2016-4581

USN-3006-1: Linux kernel vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-8839 CVE-2016-1583 CVE-2016-2117 CVE-2016-2187 CVE-2016-3961 CVE-2016-4485 CVE-2016-4486 CVE-2016-4558 CVE-2016-4565 CVE-2016-4581

USN-3005-1: Linux kernel (Xenial HWE) vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-8839 CVE-2016-1583 CVE-2016-2117 CVE-2016-2187 CVE-2016-3961 CVE-2016-4485 CVE-2016-4486 CVE-2016-4558 CVE-2016-4565 CVE-2016-4581

USN-3004-1: Linux kernel (Raspberry Pi 2) vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-4004 CVE-2016-1583 CVE-2016-2117 CVE-2016-2187 CVE-2016-3672 CVE-2016-3951 CVE-2016-3955 CVE-2016-3961 CVE-2016-4485 CVE-2016-4486 CVE-2016-4565 CVE-2016-4581

USN-3003-1: Linux kernel vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-4004 CVE-2016-1583 CVE-2016-2117 CVE-2016-2187 CVE-2016-3672 CVE-2016-3951 CVE-2016-3955 CVE-2016-3961 CVE-2016-4485 CVE-2016-4486 CVE-2016-4565 CVE-2016-4581

USN-3002-1: Linux kernel (Wily HWE) vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-4004 CVE-2016-1583 CVE-2016-2117 CVE-2016-2187 CVE-2016-3672 CVE-2016-3951 CVE-2016-3955 CVE-2016-3961 CVE-2016-4485 CVE-2016-4486 CVE-2016-4565 CVE-2016-4581

USN-3001-1: Linux kernel (Vivid HWE) vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-4004 CVE-2016-1583 CVE-2016-2117 CVE-2016-2187 CVE-2016-3672 CVE-2016-3951 CVE-2016-3955 CVE-2016-3961 CVE-2016-4485 CVE-2016-4486 CVE-2016-4565 CVE-2016-4581

USN-3000-1: Linux kernel (Utopic HWE) vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-4004 CVE-2016-1583 CVE-2016-2117 CVE-2016-2187 CVE-2016-3136 CVE-2016-3137 CVE-2016-3140 CVE-2016-3672 CVE-2016-3689 CVE-2016-3951 CVE-2016-3955 CVE-2016-4485 CVE-2016-4486 CVE-2016-4581

USN-2999-1: Linux kernel vulnerability - 10th June 2016

Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

CVE-2016-1583

USN-2998-1: Linux kernel (Trusty HWE) vulnerabilities - 10th June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did ...

CVE-2015-4004 CVE-2016-1583 CVE-2016-2069 CVE-2016-2117 CVE-2016-2187 CVE-2016-3672 CVE-2016-3951 CVE-2016-3955 CVE-2016-4485 CVE-2016-4486 CVE-2016-4581

USN-2997-1: Linux kernel (OMAP4) vulnerabilities - 10th June 2016

Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. ...

CVE-2016-1583 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2187 CVE-2016-2188 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3156 CVE-2016-3157 CVE-2016-3672 CVE-2016-3955 CVE-2016-4485 CVE-2016-4486

USN-2996-1: Linux kernel vulnerabilities - 9th June 2016

Jann Horn discovered that eCryptfs improperly attempted to use the mmap() handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. ...

CVE-2016-1583 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2187 CVE-2016-2188 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3156 CVE-2016-3157 CVE-2016-3672 CVE-2016-3955 CVE-2016-4485 CVE-2016-4486

USN-2995-1: Squid vulnerabilities - 9th June 2016

Yuriy M. Kaminskiy discovered that the Squid pinger utility incorrectly handled certain ICMPv6 packets. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly cause Squid to leak information into log files. (CVE-2016-3947) Yuriy M. Kaminskiy discovered that the Squid ...

CVE-2016-3947 CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 CVE-2016-4553 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556

USN-2993-1: Firefox vulnerabilities - 9th June 2016

Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an ...

CVE-2016-2815 CVE-2016-2818 CVE-2016-2819 CVE-2016-2821 CVE-2016-2822 CVE-2016-2825 CVE-2016-2828 CVE-2016-2829 CVE-2016-2831 CVE-2016-2832 CVE-2016-2833 CVE-2016-2834

USN-2994-1: libxml2 vulnerabilities - 6th June 2016

It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-8806, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447) It was discovered that libxml2 incorrectly handled ...

CVE-2015-8806 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4449 CVE-2016-4483

USN-2992-1: Oxide vulnerabilities - 6th June 2016

An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1673) An issue was discovered with Document reattachment in Blink in some circumstances. If a user were tricked in to ...

CVE-2016-1673 CVE-2016-1675 CVE-2016-1677 CVE-2016-1678 CVE-2016-1679 CVE-2016-1680 CVE-2016-1682 CVE-2016-1683 CVE-2016-1684 CVE-2016-1688 CVE-2016-1689 CVE-2016-1691 CVE-2016-1692 CVE-2016-1695 CVE-2016-1697 CVE-2016-1699 CVE-2016-1702 CVE-2016-1703

USN-2991-1: nginx vulnerability - 2nd June 2016

It was discovered that nginx incorrectly handled saving client request bodies to temporary files. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service.

CVE-2016-4450

USN-2990-1: ImageMagick vulnerabilities - 2nd June 2016

Nikolay Ermishkin and Stewie discovered that ImageMagick incorrectly sanitized untrusted input. A remote attacker could use these issues to execute arbitrary code. These issues are known as "ImageTragick". This update disables problematic coders via the /etc/ImageMagick-6/policy.xml configuration file. In certain environments the coders may need to be manually re-enabled after ...

CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 CVE-2016-5118

USN-2989-1: Linux kernel vulnerabilities - 1st June 2016

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-2117) Jason A. Donenfeld discovered multiple out-of-bounds reads in the OZMO USB over wifi device drivers in the Linux ...

CVE-2015-4004 CVE-2016-2069 CVE-2016-2117 CVE-2016-2187 CVE-2016-3672 CVE-2016-3951 CVE-2016-3955 CVE-2016-4485 CVE-2016-4486 CVE-2016-4581

USN-2988-1: LXD vulnerabilities - 31st May 2016

Robie Basak discovered that LXD incorrectly set permissions when setting up a loop based ZFS pool. A local attacker could use this issue to copy and read the data of any LXD container. (CVE-2016-1581) Robie Basak discovered that LXD incorrectly set permissions when switching an unprivileged container into privileged mode. ...

CVE-2016-1581 CVE-2016-1582

USN-2987-1: GD library vulnerabilities - 31st May 2016

It was discovered that the GD library incorrectly handled certain color tables in XPM images. If a user or automated system were tricked into processing a specially crafted XPM image, an attacker could cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-2497) ...

CVE-2014-2497 CVE-2014-9709 CVE-2015-8874 CVE-2015-8877 CVE-2016-3074

USN-2986-1: dosfstools vulnerabilities - 31st May 2016

Hanno Böck discovered that dosfstools incorrectly handled certain malformed filesystems. A local attacker could use this issue to cause dosfstools to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2015-8872 CVE-2016-4804

USN-2985-2: GNU C Library regression - 26th May 2016

USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to address this issue. We ...

LP: 1585614

USN-2985-1: GNU C Library vulnerabilities - 25th May 2016

Martin Carpenter discovered that pt_chown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. (CVE-2013-2207, CVE-2016-2856) Robin Hack discovered that the Name Service Switch (NSS) implementation in the GNU C Library did ...

CVE-2013-2207 CVE-2014-8121 CVE-2014-9761 CVE-2015-1781 CVE-2015-5277 CVE-2015-8776 CVE-2015-8777 CVE-2015-8778 CVE-2015-8779 CVE-2016-2856 CVE-2016-3075

USN-2950-5: Samba regression - 25th May 2016

USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a ...

LP: 1578576

USN-2984-1: PHP vulnerabilities - 24th May 2016

It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8865) Hans Jerry Illikainen discovered that the PHP ...

CVE-2015-8865 CVE-2016-3078 CVE-2016-3132 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 CVE-2016-4342 CVE-2016-4343 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544

USN-2936-3: Firefox regression - 18th May 2016

USN-2936-1 fixed vulnerabilities in Firefox. The update caused an issue where a device update POST request was sent every time about:preferences#sync was shown. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman, Mats Palmgren, Carsten Book, ...

LP: 1583389

USN-2973-1: Thunderbird vulnerabilities - 18th May 2016

Christian Holler, Tyson Smith, and Phil Ringalda discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-2805, CVE-2016-2807) Hanno Böck discovered ...

CVE-2016-1938 CVE-2016-1978 CVE-2016-1979 CVE-2016-2805 CVE-2016-2807

USN-2960-1: Oxide vulnerabilities - 18th May 2016

An out of bounds write was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code. (CVE-2016-1660) It was discovered that Blink assumes that a frame ...

CVE-2016-1660 CVE-2016-1661 CVE-2016-1663 CVE-2016-1665 CVE-2016-1666 CVE-2016-1667 CVE-2016-1668 CVE-2016-1669 CVE-2016-1670

USN-2950-4: Samba regressions - 18th May 2016

USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". We apologize for the inconvenience. Original advisory details: Jouni Knuutinen ...

LP: 1574403 LP: 1576109

Showing page 1 of 69   Next >
Show: All