These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
USN-1786-1: Firefox vulnerabilities - 4th April 2013
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic, Joe Drew, Andrew McCreight, Randell Jesup, Gary Kwong and Mats Palmgren discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of ...
CVE-2013-0788 CVE-2013-0789 CVE-2013-0791 CVE-2013-0792 CVE-2013-0793 CVE-2013-0794 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 LP: 1161422
USN-1789-1: PostgreSQL vulnerabilities - 4th April 2013
Mitsumasa Kondo and Kyotaro Horiguchi discovered that PostgreSQL incorrectly handled certain connection requests containing database names starting with a dash. A remote attacker could use this flaw to damage or destroy files within a server's data directory. This issue only applied to Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. ...
CVE-2013-1899 CVE-2013-1900 CVE-2013-1901
USN-1788-1: Linux kernel (Oneiric backport) vulnerabilities - 3rd April 2013
Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to bypass ASLR (Address Space Layout Randomization). A local user could use this flaw to bypass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). ...
CVE-2013-0914 CVE-2013-1767 CVE-2013-1792
USN-1787-1: Linux kernel vulnerabilities - 2nd April 2013
Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped ...
CVE-2013-0914 CVE-2013-1767 CVE-2013-1792
USN-1785-1: poppler vulnerabilities - 2nd April 2013
It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program.
CVE-2013-1788 CVE-2013-1789 CVE-2013-1790
USN-1784-1: libxslt vulnerability - 2nd April 2013
Nicholas Gregoire discovered that libxslt incorrectly handled certain empty values. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service.
USN-1783-1: Bind vulnerability - 29th March 2013
Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. A remote attacker could use this flaw to cause Bind to consume an excessive amount of memory, possibly resulting in a denial of service. This issue was corrected by disabling RDATA regular expression syntax checking.
USN-1782-1: libxml2 vulnerability - 28th March 2013
It was discovered that libxml2 incorrectly handled XML entity expansion. An attacker could use this flaw to cause libxml2 to consume large amounts of resources, resulting in a denial of service.
USN-1781-1: Linux kernel (OMAP4) vulnerabilities - 26th March 2013
Andrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. (CVE-2013-0228) A flaw was reported in the ...
CVE-2013-0228 CVE-2013-0268 CVE-2013-0311 CVE-2013-0313 CVE-2013-0349 CVE-2013-1772 CVE-2013-1774
USN-1780-1: Ruby vulnerability - 25th March 2013
Ben Murphy discovered that the Ruby REXML library incorrectly handled XML entity expansion. An attacker could use this flaw to cause Ruby to consume large amounts of memory, resulting in a denial of service.
USN-1779-1: GNOME Online Accounts vulnerability - 25th March 2013
It was discovered that GNOME Online Accounts did not properly check SSL certificates when configuring online accounts. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise credentials and confidential information.
USN-1732-3: OpenSSL vulnerability - 25th March 2013
USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and CVE-2012-2686 was reverted in USN-1732-2 because of a regression. This update restores the security fix, and includes an extra fix from upstream to address the AES-NI regression. We apologize for the inconvenience. Original advisory details: Adam Langley and Wolfgang Ettlingers ...
USN-1778-1: Linux kernel (OMAP4) vulnerabilities - 22nd March 2013
Andrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. (CVE-2013-0228) A flaw was reported in the ...
CVE-2013-0228 CVE-2013-0268 CVE-2013-0311 CVE-2013-0349 CVE-2013-1773
USN-1776-1: Linux kernel (EC2) vulnerabilities - 22nd March 2013
A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268) A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when ...
CVE-2013-0268 CVE-2013-0309 CVE-2013-1773
USN-1775-1: Linux kernel vulnerabilities - 22nd March 2013
A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268) A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when ...
CVE-2013-0268 CVE-2013-0309 CVE-2013-1773
USN-1774-1: Linux kernel (OMAP4) vulnerabilities - 21st March 2013
Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190) A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user ...
CVE-2013-0190 CVE-2013-0216 CVE-2013-0217 CVE-2013-0231 CVE-2013-0268 CVE-2013-0290 CVE-2013-0311 CVE-2013-0313 CVE-2013-0349
USN-1773-1: ClamAV vulnerabilities - 21st March 2013
Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind discovered multiple security issues with ClamAV. An attacker could use these issues to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1772-1: OpenStack Keystone vulnerability - 20th March 2013
Guang Yee discovered that Keystone would not always perform all verification checks when configured to use PKI. If the keystone server was configured to use PKI and services or users requested online verification, an attacker could potentially exploit this to bypass revocation checks. Keystone uses UUID tokens by default in ...
USN-1771-1: OpenStack Nova vulnerabilities - 20th March 2013
Loganathan Parthipan discovered that Nova did not properly validate VNC tokens after an instance was deleted. An authenticated attacker could exploit this to access other virtual machines under certain circumstances. This issue did not affect Ubuntu 11.10. (CVE-2013-0335) Vish Ishaya discovered that Nova did not always enforce quotas on fixed ...
USN-1770-1: Perl vulnerability - 19th March 2013
Yves Orton discovered that Perl incorrectly handled hashing when using user-provided hash keys. An attacker could use this flaw to perform a denial of service attack against software written in Perl.
USN-1769-1: Linux kernel vulnerabilities - 18th March 2013
Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190) A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user ...
CVE-2013-0190 CVE-2013-0216 CVE-2013-0217 CVE-2013-0231 CVE-2013-0268 CVE-2013-0290 CVE-2013-0311 CVE-2013-0313 CVE-2013-0349
USN-1768-1: Linux kernel (Quantal HWE) vulnerabilities - 18th March 2013
Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190) A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user ...
CVE-2013-0190 CVE-2013-0216 CVE-2013-0217 CVE-2013-0231 CVE-2013-0268 CVE-2013-0290 CVE-2013-0311 CVE-2013-0313 CVE-2013-0349
USN-1767-1: Linux kernel vulnerabilities - 18th March 2013
Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. (CVE-2013-0190) A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user ...
CVE-2013-0190 CVE-2013-0216 CVE-2013-0217 CVE-2013-0228 CVE-2013-0231 CVE-2013-0268 CVE-2013-0311 CVE-2013-0313 CVE-2013-0349 CVE-2013-1772 CVE-2013-1774
USN-1766-1: pam-xdg-support vulnerability - 18th March 2013
Zbigniew Tenerowicz and Sebastian Krzyszkowiak discovered that pam-xdg-support incorrectly handled the PATH environment variable. A local attacker could use this issue in combination with sudo to possibly escalate privileges.
USN-1765-1: Apache HTTP Server vulnerabilities - 18th March 2013
Niels Heinen discovered that multiple modules incorrectly sanitized certain strings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to ...
CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1048
USN-1764-1: OpenStack Glance vulnerability - 14th March 2013
Stuart McLaren discovered an issue with Glance v1 API requests. An authenticated attacker could exploit this to expose the Glance operator's Swift and/or S3 credentials via the response headers when requesting a cached image.
USN-1763-2: NSPR update - 14th March 2013
USN-1763-1 fixed a vulnerability in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker ...
USN-1763-1: NSS vulnerability - 14th March 2013
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.
USN-1762-1: APT vulnerability - 14th March 2013
Ansgar Burchardt discovered that APT incorrectly handled InRelease files. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. This update corrects the issue by disabling InRelease file support completely. Please note that this update breaks third-party repositories that ...
USN-1761-1: PHP vulnerability - 13th March 2013
It was discovered that PHP incorrectly handled XML external entities in SOAP WSDL files. A remote attacker could use this flaw to read arbitrary files off the server.
USN-1758-2: Thunderbird vulnerability - 12th March 2013
USN-1758-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Thunderbird. Original advisory details: It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary ...
USN-1760-1: Linux kernel (Oneiric backport) vulnerabilities - 12th March 2013
A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. (CVE-2013-0216) A memory leak was discovered in the Linux kernel's ...
CVE-2013-0216 CVE-2013-0217 CVE-2013-0228 CVE-2013-0268 CVE-2013-0311 CVE-2013-0349 CVE-2013-1773
USN-1759-1: Puppet vulnerabilities - 12th March 2013
It was discovered that Puppet agents incorrectly handled certain kick connections in a non-default configuration. An attacker on an authenticated client could use this issue to possibly execute arbitrary code. (CVE-2013-1653) It was discovered that Puppet incorrectly handled certain catalog requests. An attacker on an authenticated client could use this ...
CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 CVE-2013-1655 CVE-2013-2275
USN-1758-1: Firefox vulnerability - 8th March 2013
It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.
USN-1757-1: Django vulnerabilities - 7th March 2013
James Kettle discovered that Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users. Although this issue had been previously addressed in USN-1632-1, this update adds additional hardening measures to host header validation. This ...
CVE-2012-4520 CVE-2013-0305 CVE-2013-0306 CVE-2013-1664 CVE-2013-1665
USN-1755-2: OpenJDK 7 vulnerabilities - 7th March 2013
USN-1755-1 fixed vulnerabilities in OpenJDK 6. This update provides the corresponding updates for OpenJDK 7. Original advisory details: It was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash. (CVE-2013-0809) It was discovered that OpenJDK did not ...
USN-1756-1: Linux kernel vulnerabilities - 6th March 2013
A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. (CVE-2013-0216) A memory leak was discovered in the Linux kernel's ...
CVE-2013-0216 CVE-2013-0217 CVE-2013-0228 CVE-2013-0268 CVE-2013-0311 CVE-2013-0349 CVE-2013-1773
USN-1755-1: OpenJDK 6 vulnerabilities - 5th March 2013
It was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash. (CVE-2013-0809) It was discovered that OpenJDK did not properly check return values when performing color conversion for images. If a user were tricked into opening a ...
USN-1729-2: Firefox regression - 28th February 2013
USN-1729-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in freezes and crashes when using multiple tabs with images displayed. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne ...
USN-1732-2: OpenSSL regression - 28th February 2013
USN-1732-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2013-0169 and CVE-2012-2686 introduced a regression causing decryption failures on hardware supporting AES-NI. This update temporarily reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain ...
USN-1754-1: Sudo vulnerability - 28th February 2013
Marco Schoepl discovered that Sudo incorrectly handled time stamp files when the system clock is set to epoch. A local attacker could use this issue to run Sudo commands without a password prompt.
USN-1753-1: DBus-GLib vulnerability - 27th February 2013
Sebastian Krahmer and Bastien Nocera discovered that DBus-GLib did not properly validate the message sender when the "NameOwnerChanged" signal was received. A local attacker could possibly use this issue to escalate their privileges.
USN-1752-1: GnuTLS vulnerability - 27th February 2013
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.
USN-1751-1: Linux kernel (OMAP4) vulnerability - 26th February 2013
Mathias Krause discovered a bounds checking error for netlink messages requesting SOCK_DIAG_BY_FAMILY. An unprivileged local user could exploit this flaw to crash the system or run programs as an administrator.
USN-1750-1: Linux kernel vulnerabilities - 26th February 2013
Mathias Krause discovered a bounds checking error for netlink messages requesting SOCK_DIAG_BY_FAMILY. An unprivileged local user could exploit this flaw to crash the system or run programs as an administrator.
USN-1749-1: Linux kernel (Quantal HWE) vulnerability - 26th February 2013
Mathias Krause discovered a bounds checking error for netlink messages requesting SOCK_DIAG_BY_FAMILY. An unprivileged local user could exploit this flaw to crash the system or run programs as an administrator.
USN-1748-1: Thunderbird vulnerabilities - 25th February 2013
Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges ...
CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782 CVE-2013-0783 CVE-2013-0784 LP: 1131110
USN-1747-1: Transmission vulnerability - 25th February 2013
It was discovered that Transmission incorrectly handled certain micro transport protocol packets. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
USN-1746-1: Pidgin vulnerabilities - 25th February 2013
Chris Wysopal discovered that Pidgin incorrectly handled file transfers in the MXit protocol handler. A remote attacker could use this issue to create or overwrite arbitrary files. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2013-0271) It was discovered that Pidgin incorrectly handled long HTTP headers ...
CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274
USN-1745-1: Linux kernel (OMAP4) vulnerability - 21st February 2013
Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator. (CVE-2013-0871) A flaw was discovered in the Edgeort USB serial converter driver when the device is disconnected ...