These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
USN-1887-1: OpenStack Swift vulnerabilities - 19th June 2013
Sebastian Krahmer discovered that Swift used the loads function in the pickle Python module when it was configured to use memcached. A remote attacker on the same network as memcached could exploit this to execute arbitrary code. This update adds a new memcache_serialization_support option to support secure json serialization. For ...
USN-1886-1: Puppet vulnerability - 18th June 2013
It was discovered that Puppet incorrectly handled YAML payloads. An attacker on an untrusted client could use this issue to execute arbitrary code on the master.
USN-1885-1: libKDcraw vulnerability - 18th June 2013
It was discovered that libKDcraw incorrectly handled broken full-color images. If a user or automated system were tricked into processing a specially crafted raw image, applications linked against libKDcraw could be made to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1884-1: LibRaw vulnerability - 18th June 2013
It was discovered that LibRaw incorrectly handled broken full-color images. If a user or automated system were tricked into processing a specially crafted raw image, applications linked against LibRaw could be made to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1883-1: Linux kernel (OMAP4) vulnerabilities - 14th June 2013
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. (CVE-2013-2850) An information leak was discovered in the Linux kernel's crypto API. A local user could exploit this ...
CVE-2013-2850 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3234 CVE-2013-3235
USN-1882-1: Linux kernel (OMAP4) vulnerabilities - 14th June 2013
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. (CVE-2013-2850) An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx ...
CVE-2013-0160 CVE-2013-2141 CVE-2013-2146 CVE-2013-2850 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3230 CVE-2013-3231 CVE-2013-3232 CVE-2013-3233 CVE-2013-3234 CVE-2013-3235
USN-1881-1: Linux kernel vulnerabilities - 14th June 2013
An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. (CVE-2013-0160) An information leak was discovered in the Linux kernel's tkill and tgkill ...
CVE-2013-0160 CVE-2013-2141 CVE-2013-2146 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3230 CVE-2013-3231 CVE-2013-3232 CVE-2013-3233 CVE-2013-3234 CVE-2013-3235
USN-1880-1: Linux kernel (Quantal HWE) vulnerabilities - 14th June 2013
An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. (CVE-2013-0160) An information leak was discovered in the Linux kernel's tkill and tgkill ...
CVE-2013-0160 CVE-2013-2141 CVE-2013-2146 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3230 CVE-2013-3231 CVE-2013-3232 CVE-2013-3233 CVE-2013-3234 CVE-2013-3235
USN-1879-1: Linux kernel (OMAP4) vulnerabilities - 14th June 2013
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. (CVE-2013-2850) An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx ...
CVE-2013-0160 CVE-2013-2146 CVE-2013-2850 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3232 CVE-2013-3234 CVE-2013-3235
USN-1878-1: Linux kernel vulnerabilities - 14th June 2013
An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. (CVE-2013-0160) A flaw was discovered in the Linux kernel's perf events subsystem for ...
CVE-2013-0160 CVE-2013-2146 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3232 CVE-2013-3234 CVE-2013-3235
USN-1877-1: Linux kernel (EC2) vulnerabilities - 14th June 2013
Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). (CVE-2013-1798) An information leak was discovered in the Linux kernel's rcvmsg path for ATM ...
CVE-2013-1798 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3232 CVE-2013-3234 CVE-2013-3235
USN-1876-1: Linux kernel vulnerabilities - 14th June 2013
Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). (CVE-2013-1798) An information leak was discovered in the Linux kernel's rcvmsg path for ATM ...
CVE-2013-1798 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3232 CVE-2013-3234 CVE-2013-3235
USN-1875-1: OpenStack Keystone vulnerabilities - 13th June 2013
Eoghan Glynn and Alex Meade discovered that Keystone did not properly perform expiry checks for the PKI tokens used in Keystone. If Keystone were setup to use PKI tokens, a previously authenticated user could continue to use a PKI token for longer than intended. This issue only affected Ubuntu 12.10 ...
USN-1874-1: DBus vulnerability - 13th June 2013
Alexandru Cornea discovered that DBus incorrectly handled certain messages. A local attacker could use this issue to cause system services to crash, resulting in a denial of service.
USN-1873-1: telepathy-gabble vulnerabilities - 12th June 2013
Maksim Otstavnov discovered that telepathy-gabble incorrectly handled TLS when connecting to legacy jabber servers. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. (CVE-2013-1431) It was discovered that telepathy-gabble incorrectly handled certain messages. A remote attacker could use this ...
USN-1872-1: PHP vulnerability - 11th June 2013
It was discovered that PHP incorrectly handled the quoted_printable_encode function. An attacker could use this flaw to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code.
USN-1871-1: xserver-xorg-video-openchrome vulnerability - 10th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1859-1: libxi vulnerabilities - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
CVE-2013-1984 CVE-2013-1995 CVE-2013-1998
USN-1870-1: libxxf86vm vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1869-1: libxxf86dga vulnerabilities - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1868-1: libxvmc vulnerabilities - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1867-1: libxv vulnerabilities - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1866-1: libxtst vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1865-1: libxt vulnerabilities - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1864-1: libxres vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1863-1: libxrender vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1862-1: libxrandr vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1861-1: libxp vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1860-1: libxinerama vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1858-1: libxfixes vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1857-1: libxext vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1856-1: libxcursor vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1855-1: libxcb vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1854-1: libx11 vulnerabilities - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
CVE-2013-1981 CVE-2013-1997 CVE-2013-2004
USN-1853-1: libfs vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1852-1: libdmx vulnerability - 5th June 2013
Ilja van Sprundel discovered multiple security issues in various X.org libraries and components. An attacker could use these issues to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1851-1: python-keystoneclient vulnerability - 3rd June 2013
Eoghan Glynn and Alex Meade discovered that python-keystoneclient did not properly perform expiry checks for the PKI tokens used in Keystone. If Keystone were setup to use PKI tokens (the default in Ubuntu 13.04), a previously authenticated user could continue to use a PKI token for longer than intended.
USN-1849-1: Linux kernel (Raring HWE) vulnerability - 30th May 2013
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges. (CVE-2013-2850) An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw ...
CVE-2013-2094 CVE-2013-2141 CVE-2013-2146 CVE-2013-2850 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3226 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3230 CVE-2013-3231 CVE-2013-3232 CVE-2013-3233 CVE-2013-3234 CVE-2013-3235
USN-1847-1: Linux kernel vulnerability - 30th May 2013
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges.
USN-1846-1: Linux kernel vulnerability - 30th May 2013
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges.
USN-1845-1: Linux kernel (Quantal HWE) vulnerability - 30th May 2013
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges.
USN-1844-1: Linux kernel vulnerability - 30th May 2013
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service (system crash) or potentially gain administrative privileges.
USN-1838-1: Linux kernel (OMAP4) vulnerabilities - 30th May 2013
An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. (CVE-2013-2094) A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a ...
CVE-2013-1929 CVE-2013-2094 CVE-2013-3301
USN-1843-1: GnuTLS vulnerability - 29th May 2013
It was discovered that GnuTLS incorrectly handled certain padding bytes. A remote attacker could use this flaw to cause an application using GnuTLS to crash, leading to a denial of service.
USN-1842-1: KDE-Libs vulnerability - 29th May 2013
It was discovered that KIO would sometimes display web authentication credentials under certain error conditions. If a user were tricked into opening a specially crafted web page, an attacker could potentially exploit this to expose confidential information.
USN-1831-2: OpenStack Nova regression - 28th May 2013
USN-1831-1 fixed a vulnerability in OpenStack Nova. The upstream fix introduced a regression where instances using uncached QCOW2 images would fail to start. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Loganathan Parthipan discovered that Nova did not verify the size of QCOW2 instance storage. ...
USN-1841-1: Tomcat vulnerabilities - 28th May 2013
It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A remote attacker could use this flaw to cause the Tomcat server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-3544) It was discovered ...
CVE-2012-3544 CVE-2013-2067 CVE-2013-2071
USN-1839-1: Linux kernel (OMAP4) vulnerabilities - 28th May 2013
An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. (CVE-2013-2094) Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. (CVE-2013-1979) ...
CVE-2013-1929 CVE-2013-1979 CVE-2013-2094 CVE-2013-2141 CVE-2013-3301
USN-1837-1: Linux kernel vulnerabilities - 24th May 2013
An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141) A flaw was discovered in the Linux kernel's perf events subsystem for Intel Sandy Bridge and Ivy ...
CVE-2013-2141 CVE-2013-2146 CVE-2013-3076 CVE-2013-3222 CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3226 CVE-2013-3227 CVE-2013-3228 CVE-2013-3229 CVE-2013-3230 CVE-2013-3231 CVE-2013-3232 CVE-2013-3233 CVE-2013-3234 CVE-2013-3235
USN-1836-1: Linux kernel (OMAP4) vulnerabilities - 24th May 2013
An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. (CVE-2013-2094) A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a ...
CVE-2013-1929 CVE-2013-2094 CVE-2013-3301