Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 2 of 59   Next >
Show: All  

USN-2579-1: autofs vulnerability - 27th April 2015

It was discovered that autofs incorrectly filtered environment variables when using program maps. When program maps were configured, a local user could use this issue to escalate privileges. This update changes the default behaviour by adding a prefix to environment variables. Sites using program maps will need to adapt to ...

CVE-2014-8169

USN-2578-1: LibreOffice vulnerabilities - 27th April 2015

Alexander Cherepanov discovered that LibreOffice incorrectly handled certain RTF files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. (CVE-2014-9093) It was discovered that LibreOffice incorrectly handled certain HWP files. If a user were ...

CVE-2014-9093 CVE-2015-1774

USN-2571-1: Firefox vulnerability - 24th April 2015

Robert Kaiser discovered a use-after-free during plugin initialization in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. ...

CVE-2015-2706

USN-2577-1: wpa_supplicant vulnerability - 23rd April 2015

It was discovered that wpa_supplicant incorrectly handled SSID information when creating or updating P2P peer entries. A remote attacker could use this issue to cause wpa_supplicant to crash, resulting in a denial of service, expose memory contents, or possibly execute arbitrary code.

CVE-2015-1863

USN-2576-2: usb-creator vulnerability - 23rd April 2015

USN-2576-1 fixed a vulnerability in usb-creator. This update provides the corresponding fix for Ubuntu 15.04. Original advisory details: Tavis Ormandy discovered that usb-creator was missing an authentication check. A local attacker could use this issue to gain elevated privileges.

LP: 1447396

USN-2576-1: usb-creator vulnerability - 23rd April 2015

Tavis Ormandy discovered that usb-creator was missing an authentication check. A local attacker could use this issue to gain elevated privileges.

LP: 1447396

USN-2575-1: MySQL vulnerabilities - 21st April 2015

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.43. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: ...

CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573

USN-2574-1: OpenJDK 7 vulnerabilities - 21st April 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-0460, CVE-2015-0469) Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect ...

CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488

USN-2573-1: OpenJDK 6 vulnerabilities - 21st April 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-0460, CVE-2015-0469) Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect ...

CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488

USN-2572-1: PHP vulnerabilities - 20th April 2015

It was discovered that PHP incorrectly handled cleanup when used with Apache 2.4. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-3330) It was discovered that PHP incorrectly handled opening tar, zip or phar archives ...

CVE-2015-2305 CVE-2015-2348 CVE-2015-2783 CVE-2015-2787 CVE-2015-3329 CVE-2015-3330

USN-2569-2: Apport vulnerability - 16th April 2015

USN-2569-1 fixed a vulnerability in Apport. Tavis Ormandy discovered that the fixed packages were still vulnerable to a privilege escalation attack. This update completely disables crash report handling for containers until a more complete solution is available. Original advisory details: Stéphane Graber and Tavis Ormandy independently discovered that Apport incorrectly ...

LP: 1444518

USN-2569-1: Apport vulnerability - 14th April 2015

Stéphane Graber and Tavis Ormandy independently discovered that Apport incorrectly handled the crash reporting feature. A local attacker could use this issue to gain elevated privileges.

CVE-2015-1318

USN-2568-1: libx11, libxrender vulnerability - 13th April 2015

Abhishek Arya discovered that libX11 incorrectly handled memory in the MakeBigReq macro. A remote attacker could use this issue to cause applications to crash, resulting in a denial of service, or possibly execute arbitrary code. In addition, following the macro fix in libx11, a number of other packages have also ...

CVE-2013-7439

USN-2567-1: NTP vulnerabilities - 13th April 2015

Miroslav Lichvar discovered that NTP incorrectly validated MAC fields. A remote attacker could possibly use this issue to bypass authentication and spoof packets. (CVE-2015-1798) Miroslav Lichvar discovered that NTP incorrectly handled certain invalid packets. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2015-1799) Juergen ...

CVE-2015-1798 CVE-2015-1799

USN-2566-1: dpkg vulnerability - 9th April 2015

Jann Horn discovered that dpkg incorrectly validated signatures when extracting local source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could bypass signature verification checks.

CVE-2015-0840

USN-2565-1: Linux kernel vulnerabilities - 9th April 2015

An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. (CVE-2015-1593) An information leak was discovered in the Linux Kernel's handling of userspace configuration of ...

CVE-2015-1593 CVE-2015-2041 CVE-2015-2042

USN-2564-1: Linux kernel (Utopic HWE) vulnerabilities - 9th April 2015

An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. (CVE-2015-1593) An information leak was discovered in the Linux Kernel's handling of userspace configuration of ...

CVE-2015-1593 CVE-2015-2041 CVE-2015-2042

USN-2563-1: Linux kernel vulnerabilities - 8th April 2015

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP (Stream Control Transmission Protocol) subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges on the system. (CVE-2015-1421) Marcelo Leitner discovered a flaw ...

CVE-2015-1421 CVE-2015-1465 CVE-2015-1593 CVE-2015-2041 CVE-2015-2042

USN-2562-1: Linux kernel (Trusty HWE) vulnerabilities - 8th April 2015

Sun Baoliang discovered a use after free flaw in the Linux kernel's SCTP (Stream Control Transmission Protocol) subsystem during INIT collisions. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges on the system. (CVE-2015-1421) Marcelo Leitner discovered a flaw ...

CVE-2015-1421 CVE-2015-1465 CVE-2015-1593 CVE-2015-2041 CVE-2015-2042

USN-2561-1: Linux kernel (OMAP4) vulnerabilities - 8th April 2015

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges. (CVE-2014-8159) An integer overflow was discovered in ...

CVE-2014-8159 CVE-2015-1593 CVE-2015-2041 CVE-2015-2042

USN-2560-1: Linux kernel vulnerabilities - 8th April 2015

An integer overflow was discovered in the stack randomization feature of the Linux kernel on 64 bit platforms. A local attacker could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. (CVE-2015-1593) An information leak was discovered in the Linux Kernel's handling of userspace configuration of ...

CVE-2015-1593 CVE-2015-2041 CVE-2015-2042

USN-2559-1: Libtasn1 vulnerability - 8th April 2015

Hanno Böck discovered that Libtasn1 incorrectly handled certain ASN.1 data. A remote attacker could possibly exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2015-2806

USN-2558-1: Mailman vulnerability - 7th April 2015

It was discovered that Mailman incorrectly handled special characters in list names. A local attacker could use this issue to perform a path traversal attack and execute arbitrary code as the Mailman user.

CVE-2015-2775

USN-2556-1: Oxide vulnerabilities - 7th April 2015

It was discovered that Chromium did not properly handle the interaction of IPC, the gamepad API and V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1233) ...

CVE-2015-1233 CVE-2015-1234 CVE-2015-1317 LP: 1431484

USN-2557-1: Firefox vulnerability - 7th April 2015

Muneaki Nishimura discovered a flaw in Mozilla's HTTP Alternative Services implementation which meant SSL certificate verification could be bypassed in some circumstances. A remote attacker could potentially exploit this to conduct a man in the middle attack. (CVE-2015-0799)

CVE-2015-0799

USN-2552-1: Thunderbird vulnerabilities - 2nd April 2015

Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to bypass same-origin policy restrictions. (CVE-2015-0801) Christoph Kerschbaumer discovered that CORS requests from navigator.sendBeacon() followed ...

CVE-2015-0801 CVE-2015-0807 CVE-2015-0813 CVE-2015-0815 CVE-2015-0816

USN-2553-2: LibTIFF regression - 1st April 2015

USN-2553-1 fixed vulnerabilities in LibTIFF. One of the security fixes caused a regression when saving certain TIFF files with a Predictor tag. The problematic patch has been temporarily backed out until a more complete fix is available. We apologize for the inconvenience. Original advisory details: William Robinet discovered that LibTIFF ...

LP: 1439186

USN-2550-1: Firefox vulnerabilities - 1st April 2015

Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin policy restrictions. (CVE-2015-0801) Bobby Holley discovered that windows created to hold privileged UI content retained ...

CVE-2015-0801 CVE-2015-0802 CVE-2015-0803 CVE-2015-0804 CVE-2015-0805 CVE-2015-0806 CVE-2015-0807 CVE-2015-0808 CVE-2015-0811 CVE-2015-0812 CVE-2015-0813 CVE-2015-0814 CVE-2015-0815 CVE-2015-0816

USN-2555-1: Libgcrypt vulnerabilities - 1st April 2015

Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer discovered that Libgcrypt was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. (CVE-2014-3591) Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an attack via ...

CVE-2014-3591 CVE-2015-0837

USN-2554-1: GnuPG vulnerabilities - 1st April 2015

Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer discovered that GnuPG was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. (CVE-2014-3591) Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an attack via ...

CVE-2014-3591 CVE-2014-5270 CVE-2015-0837 CVE-2015-1606 CVE-2015-1607

USN-2553-1: LibTIFF vulnerabilities - 31st March 2015

William Robinet discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130) Paris ...

CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2014-9655

USN-2551-1: Apache Standard Taglibs vulnerability - 30th March 2015

David Jorm discovered that the Apache Standard Taglibs incorrectly handled external XML entities. A remote attacker could possibly use this issue to execute arbitrary code or perform other external XML entity attacks.

CVE-2015-0254

USN-2549-1: libarchive vulnerabilities - 25th March 2015

It was discovered that the libarchive bsdcpio utility extracted absolute paths by default without using the --insecure flag, contrary to expectations. If a user or automated system were tricked into extracting cpio archives containing absolute paths, a remote attacker may be able to write to arbitrary files. (CVE-2015-2304) Fabian Yamaguchi ...

CVE-2013-0211 CVE-2015-2304

USN-2548-1: Batik vulnerability - 25th March 2015

Nicolas Gregoire and Kevin Schaller discovered that Batik would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files or cause resource consumption.

CVE-2015-0250

USN-2547-1: Mono vulnerabilities - 24th March 2015

It was discovered that the Mono TLS implementation was vulnerable to the SKIP-TLS vulnerability. A remote attacker could possibly use this issue to perform client impersonation attacks. (CVE-2015-2318) It was discovered that the Mono TLS implementation was vulnerable to the FREAK vulnerability. A remote attacker or a man in the ...

CVE-2011-0992 CVE-2012-3543 CVE-2015-2318 CVE-2015-2319 CVE-2015-2320

USN-2546-1: Linux kernel vulnerabilities - 24th March 2015

A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. (CVE-2013-7421) A flaw was discovered in the crypto ...

CVE-2013-7421 CVE-2014-9644 CVE-2015-1421 CVE-2015-1465

USN-2545-1: Linux kernel (Utopic HWE) vulnerabilities - 24th March 2015

A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. (CVE-2013-7421) A flaw was discovered in the crypto ...

CVE-2013-7421 CVE-2014-9644 CVE-2015-1421 CVE-2015-1465

USN-2544-1: Linux kernel vulnerabilities - 24th March 2015

Eric Windisch discovered flaw in how the Linux kernel's XFS file system replaces remote attributes. A local access with access to an XFS file system could exploit this flaw to escalate their privileges. (CVE-2015-0274) A flaw was discovered in the automatic loading of modules in the crypto subsystem of the ...

CVE-2013-7421 CVE-2014-7822 CVE-2014-9644 CVE-2015-0274

USN-2543-1: Linux kernel (Trusty HWE) vulnerabilities - 24th March 2015

Eric Windisch discovered flaw in how the Linux kernel's XFS file system replaces remote attributes. A local access with access to an XFS file system could exploit this flaw to escalate their privileges. (CVE-2015-0274) A flaw was discovered in the automatic loading of modules in the crypto subsystem of the ...

CVE-2013-7421 CVE-2014-7822 CVE-2014-9644 CVE-2015-0274

USN-2542-1: Linux kernel (OMAP4) vulnerabilities - 24th March 2015

The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-7822) A flaw was discovered in how Thread Local Storage (TLS) is handled by the task switching function in the Linux kernel ...

CVE-2014-7822 CVE-2014-9419 CVE-2014-9683 CVE-2015-1421

USN-2541-1: Linux kernel vulnerabilities - 24th March 2015

The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-7822) A flaw was discovered in how Thread Local Storage (TLS) is handled by the task switching function in the Linux kernel ...

CVE-2014-7822 CVE-2014-9419 CVE-2014-9683 CVE-2015-1421

USN-2540-1: GnuTLS vulnerabilities - 23rd March 2015

It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. (CVE-2014-8155) Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could possibly use this issue to downgrade to a disallowed ...

CVE-2014-8155 CVE-2015-0282 CVE-2015-0294

USN-2539-1: Django vulnerabilities - 23rd March 2015

Andrey Babak discovered that Django incorrectly handled strip_tags. A remote attacker could possibly use this issue to cause Django to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2316) Daniel Chatfield discovered that Django incorrectly handled user-supplied redirect ...

CVE-2015-2316 CVE-2015-2317

USN-2538-1: Firefox vulnerabilities - 22nd March 2015

A flaw was discovered in the implementation of typed array bounds checking in the Javascript just-in-time compilation. If a user were tricked in to opening a specially crafted website, an attacked could exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-0817) Mariusz Mlynski discovered ...

CVE-2015-0817 CVE-2015-0818

USN-2537-1: OpenSSL vulnerabilities - 19th March 2015

It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2015-0209) Stephen Henson discovered that OpenSSL incorrectly handled comparing ASN.1 boolean types. A remote attacker ...

CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293

USN-2536-1: libXfont vulnerabilities - 18th March 2015

Ilja van Sprundel, Alan Coopersmith, and William Robinet discovered that libXfont incorrectly handled malformed bdf fonts. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges.

CVE-2015-1802 CVE-2015-1803 CVE-2015-1804

USN-2535-1: PHP vulnerabilities - 18th March 2015

Thomas Jarosch discovered that PHP incorrectly limited recursion in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to consume resources or crash, resulting in a denial of service. (CVE-2014-8117) S. Paraschoudis discovered that PHP incorrectly handled memory in the enchant binding. A remote attacker ...

CVE-2014-8117 CVE-2014-9705 CVE-2015-0273 CVE-2015-2301

USN-2534-1: Libav vulnerabilities - 17th March 2015

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

CVE-2014-8542 CVE-2014-8543 CVE-2014-8544 CVE-2014-8547 CVE-2014-8548 CVE-2014-9604

USN-2532-1: cups-filters vulnerability - 16th March 2015

It was discovered that cups-browsed incorrectly filtered remote printer names and strings. A remote attacker could use this issue to possibly execute arbitrary commands.

CVE-2015-2265

USN-2533-1: Sudo vulnerability - 16th March 2015

Jakub Wilk and Stephane Chazelas discovered that Sudo incorrectly handled the TZ environment variable. An attacker with Sudo access could possibly use this issue to open arbitrary files, bypassing intended permissions.

CVE-2014-9680

< Previous   Showing page 2 of 59   Next >
Show: All