Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 2 of 57   Next >
Show: All  

USN-2507-1: e2fsprogs vulnerabilities - 23rd February 2015

Jose Duart discovered that e2fsprogs incorrectly handled invalid block group descriptor data. A local attacker could use this issue with a crafted filesystem image to possibly execute arbitrary code. (CVE-2015-0247, CVE-2015-1572)

CVE-2015-0247 CVE-2015-1572

USN-2504-1: NSS update - 19th February 2015

The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17.4 which includes the latest CA certificate bundle.

LP: 1423031

USN-2503-1: Bind vulnerability - 18th February 2015

Jan-Piet Mens discovered that Bind incorrectly handled Trust Anchor Management. A remote attacker could use this issue to cause bind to crash, resulting in a denial of service.

CVE-2015-1349

USN-2502-1: unzip vulnerabilities - 17th February 2015

William Robinet discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

CVE-2015-1315

USN-2501-1: PHP vulnerabilities - 17th February 2015

Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-8142, CVE-2015-0231) Brian Carpenter discovered that the PHP CGI component incorrectly handled invalid files. A local attacker could ...

CVE-2014-8142 CVE-2014-9427 CVE-2014-9652 CVE-2015-0231 CVE-2015-0232 CVE-2015-1351 CVE-2015-1352

USN-2500-1: X.Org X server vulnerabilities - 17th February 2015

Olivier Fourdan discovered that the X.Org X server incorrectly handled XkbSetGeometry requests resulting in an information leak. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly obtain sensitive information. (CVE-2015-0255) It was discovered that the X.Org X server incorrectly handled ...

CVE-2013-6424 CVE-2015-0255

USN-2488-2: ClamAV vulnerability - 12th February 2015

USN-2488-1 fixed a vulnerability in ClamAV for Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. This update provides the corresponding update for Ubuntu 10.04 LTS. Original advisory details: Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ...

CVE-2013-6497 CVE-2014-9328

USN-2499-1: PostgreSQL vulnerabilities - 11th February 2015

Stephen Frost discovered that PostgreSQL incorrectly displayed certain values in error messages. An authenticated user could gain access to seeing certain values, contrary to expected permissions. (CVE-2014-8161) Andres Freund, Peter Geoghegan and Noah Misch discovered that PostgreSQL incorrectly handled buffers in to_char functions. An authenticated attacker could possibly use this ...

CVE-2014-8161 CVE-2015-0241 CVE-2015-0243 CVE-2015-0244

USN-2498-1: Kerberos vulnerabilities - 10th February 2015

It was discovered that Kerberos incorrectly sent old keys in response to a -randkey -keepold request. An authenticated remote attacker could use this issue to forge tickets by leveraging administrative access. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-5351) It was discovered that ...

CVE-2014-5351 CVE-2014-5352 CVE-2014-5353 CVE-2014-5354 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423

USN-2495-1: Oxide vulnerabilities - 10th February 2015

A use-after-free bug was discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. ...

CVE-2015-1209 CVE-2015-1210 CVE-2015-1211 CVE-2015-1212

USN-2496-1: GNU binutils vulnerabilities - 9th February 2015

Michal Zalewski discovered that the setup_group function in libbfd in GNU binutils did not properly check group headers in ELF files. An attacker could use this to craft input that could cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2014-8485) Hanno Böck discovered that the _bfd_XXi_swap_aouthdr_in ...

CVE-2012-3509 CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738

USN-2497-1: NTP vulnerabilities - 9th February 2015

Stephen Roettger, Sebastian Krahmer, and Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. (CVE-2014-9297) Stephen Roettger discovered that NTP incorrectly ...

CVE-2014-9297 CVE-2014-9298

USN-2469-2: Django regression - 4th February 2015

USN-2469-1 fixed vulnerabilities in Django. The security fix for CVE-2015-0221 introduced a regression on Ubuntu 10.04 LTS and Ubuntu 12.04 LTS when serving static content through GZipMiddleware. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jedediah Smith discovered that Django incorrectly handled underscores in WSGI ...

LP: 1417274

USN-2494-1: file vulnerabilities - 4th February 2015

Francisco Alonso discovered that file incorrectly handled certain ELF files. An attacker could use this issue to cause file to crash, resulting in a denial of service. (CVE-2014-3710) Thomas Jarosch discovered that file incorrectly handled certain ELF files. An attacker could use this issue to cause file to hang or ...

CVE-2014-3710 CVE-2014-8116 CVE-2014-8117

USN-2493-1: Linux kernel (OMAP4) vulnerabilities - 3rd February 2015

Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information ...

CVE-2014-8133 CVE-2014-8559 CVE-2014-9420

USN-2492-1: Linux kernel vulnerabilities - 3rd February 2015

Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information ...

CVE-2014-8133 CVE-2014-8559 CVE-2014-9420

USN-2491-1: Linux kernel (EC2) vulnerabilities - 3rd February 2015

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. (CVE-2014-9322) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the ...

CVE-2014-3610 CVE-2014-3611 CVE-2014-8133 CVE-2014-9322 CVE-2014-9420

USN-2490-1: Linux kernel vulnerabilities - 3rd February 2015

Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information ...

CVE-2014-8133 CVE-2014-9420

USN-2489-1: unzip vulnerability - 3rd February 2015

Michal Zalewski discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

CVE-2014-9636

USN-2488-1: ClamAV vulnerability - 2nd February 2015

Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-9328

USN-2487-1: OpenJDK 7 vulnerabilities - 27th January 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to ...

CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0413

USN-2486-1: OpenJDK 6 vulnerabilities - 27th January 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to ...

CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412

USN-2485-1: GNU C Library vulnerability - 27th January 2015

It was discovered that a buffer overflow existed in the gethostbyname and gethostbyname2 functions in the GNU C Library. An attacker could use this issue to execute arbitrary code or cause an application crash, resulting in a denial of service.

CVE-2015-0235 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GHOST

USN-2458-3: Firefox regression - 27th January 2015

USN-2458-1 fixed vulnerabilities in Firefox. This update introduced a regression which could make websites that use CSP fail to load under some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, ...

LP: 1419934

USN-2476-1: Oxide vulnerabilities - 26th January 2015

Several memory corruption bugs were discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7923, CVE-2014-7926) A ...

CVE-2014-7923 CVE-2014-7924 CVE-2014-7925 CVE-2014-7926 CVE-2014-7927 CVE-2014-7928 CVE-2014-7929 CVE-2014-7930 CVE-2014-7931 CVE-2014-7932 CVE-2014-7933 CVE-2014-7934 CVE-2014-7937 CVE-2014-7938 CVE-2014-7940 CVE-2014-7942 CVE-2014-7943 CVE-2014-7946 CVE-2014-7948 CVE-2015-1205 CVE-2015-1346

USN-2484-1: Unbound vulnerability - 26th January 2015

Florian Maury discovered that Unbound incorrectly handled delegation. A remote attacker could possibly use this issue to cause Unbound to consume resources, resulting in a denial of service.

CVE-2014-8602

USN-2483-2: Ghostscript vulnerabilities - 26th January 2015

USN-2483-1 fixed vulnerabilities in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory details: Jose Duart discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, ...

CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158

USN-2483-1: JasPer vulnerabilities - 26th January 2015

Jose Duart discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8137) Jose Duart discovered that JasPer incorrectly ...

CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158

USN-2482-1: elfutils vulnerability - 22nd January 2015

Alexander Cherepanov discovered that libelf1 incorrectly handled certain filesystem paths while extracting ar archives. An attacker could use this flaw to perform a directory traversal attack on the root directory if the process extracting the ar archive has write access to the root directory.

CVE-2014-9447

USN-2481-1: Samba vulnerability - 22nd January 2015

Andrew Bartlett discovered that Samba incorrectly handled delegation of authority when being used as an Active Directory Domain Controller. An attacker given delegation privileges could use this issue to escalate their privileges further.

CVE-2014-8143

USN-2480-1: MySQL vulnerabilities - 22nd January 2015

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: ...

CVE-2014-6568 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0411 CVE-2015-0432

USN-2460-1: Thunderbird vulnerabilities - 19th January 2015

Christian Holler and Patrick McManus discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of ...

CVE-2014-8634 CVE-2014-8638 CVE-2014-8639

USN-2479-1: RPM vulnerabilities - 19th January 2015

Florian Weimer discovered that RPM incorrectly handled temporary files. A local attacker could use this issue to execute arbitrary code. (CVE-2013-6435) Florian Weimer discovered that RPM incorrectly handled certain CPIO headers. If a user or automated system were tricked into installing a malicious package file, a remote attacker could use ...

CVE-2013-6435 CVE-2014-8118

USN-2478-1: libssh vulnerability - 19th January 2015

It was discovered that libssh incorrectly handled certain kexinit packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service.

CVE-2014-8132

USN-2477-1: libevent vulnerability - 19th January 2015

Andrew Bartlett discovered that libevent incorrectly handled large inputs to the evbuffer API. A remote attacker could possibly use this issue with an application that uses libevent to cause a denial of service, or possibly execute arbitrary code.

CVE-2014-6272

USN-2475-1: GTK+ update - 15th January 2015

Clemens Fries discovered that GTK+ allowed bypassing certain screen locks by using the menu key. An attacker with physical access could possibly use this flaw to gain access to a locked session.

LP: 1366790

USN-2474-1: curl vulnerability - 15th January 2015

Andrey Labunets discovered that curl incorrectly handled certain URLs when using a proxy server. If a user or automated system were tricked into using a specially crafted URL, an attacker could possibly use this issue to inject arbitrary HTTP requests.

CVE-2014-8150

USN-2473-1: coreutils vulnerabilities - 14th January 2015

It was discovered that the distcheck rule in dist-check.mk in GNU coreutils allows local users to gain privileges via a symlink attack on a directory tree under /tmp. This issue only affected Ubuntu 10.04 LTS. (CVE-2009-4135) Bertrand Jacquin and Fiedler Roman discovered date and touch incorrectly handled user-supplied input. An ...

CVE-2009-4135 CVE-2014-9471

USN-2458-2: Ubufox update - 14th January 2015

USN-2458-1 fixed vulnerabilities in Firefox. This update provides the corresponding version of Ubufox. Original advisory details: Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially ...

LP: 1398174

USN-2458-1: Firefox vulnerabilities - 14th January 2015

Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application ...

CVE-2014-8634 CVE-2014-8635 CVE-2014-8636 CVE-2014-8637 CVE-2014-8638 CVE-2014-8639 CVE-2014-8640 CVE-2014-8641 CVE-2014-8642

USN-2472-1: unzip vulnerabilities - 14th January 2015

Wolfgang Ettlinger discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

CVE-2014-8139 CVE-2014-8140 CVE-2014-8141

USN-2471-1: GParted vulnerability - 14th January 2015

Wolfgang Ettlinger discovered that GParted incorrectly filtered shell metacharacters when running external commands. A local attacker could use this issue with a crafted filesystem label to run arbitrary commands as the administrator.

CVE-2014-7208

USN-2470-1: Git vulnerability - 13th January 2015

Matt Mackall and Augie Fackler discovered that Git incorrectly handled certain filesystem paths. A remote attacker could possibly use this issue to execute arbitrary code if the Git tree is stored in an HFS+ or NTFS filesystem. The remote attacker would need write access to a Git repository that the ...

CVE-2014-9390

USN-2469-1: Django vulnerabilities - 13th January 2015

Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. (CVE-2015-0219) Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. ...

CVE-2015-0219 CVE-2015-0220 CVE-2015-0221 CVE-2015-0222

USN-2468-1: Linux kernel vulnerabilities - 13th January 2015

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841) A race condition with MMIO and PIO transactions in the KVM ...

CVE-2014-7841 CVE-2014-7842 CVE-2014-7843 CVE-2014-8884

USN-2467-1: Linux kernel (Utopic HWE) vulnerabilities - 13th January 2015

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841) A race condition with MMIO and PIO transactions in the KVM ...

CVE-2014-7841 CVE-2014-7842 CVE-2014-7843 CVE-2014-8884

USN-2466-1: Linux kernel vulnerabilities - 13th January 2015

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841) A race condition with MMIO and PIO transactions in the KVM ...

CVE-2014-7841 CVE-2014-7842 CVE-2014-7843 CVE-2014-8884

USN-2465-1: Linux kernel (Trusty HWE) vulnerabilities - 13th January 2015

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service (system crash) via a malformed INIT chunk. (CVE-2014-7841) A race condition with MMIO and PIO transactions in the KVM ...

CVE-2014-7841 CVE-2014-7842 CVE-2014-7843 CVE-2014-8884

USN-2464-1: Linux kernel (OMAP4) vulnerabilities - 13th January 2015

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. (CVE-2014-9322) An information leak in the Linux kernel was discovered that could leak the high 16 ...

CVE-2014-7842 CVE-2014-8134 CVE-2014-8369 CVE-2014-9090 CVE-2014-9322

USN-2463-1: Linux kernel vulnerabilities - 13th January 2015

A race condition with MMIO and PIO transactions in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel was discovered. A guest OS user could exploit this flaw to cause a denial of service (guest OS crash) via a specially crafted application. (CVE-2014-7842) The KVM (kernel virtual machine) subsystem ...

CVE-2014-7842 CVE-2014-8369

< Previous   Showing page 2 of 57   Next >
Show: All