These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
USN-1644-1: Linux kernel vulnerabilities - 30th November 2012
Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957) Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause ...
CVE-2012-0957 CVE-2012-4508 CVE-2012-4565 CVE-2012-6536 CVE-2012-6537 CVE-2012-6538 CVE-2013-0309 CVE-2013-1826 CVE-2013-1928
USN-1430-5: mozilla-devscripts update - 29th November 2012
USN-1430-3 fixed vulnerabilities in Thunderbird. This update provides an updated mozilla-devscripts which produces packaged addons compatible with the latest thunderbird packaging.
LP: 995054 http://www.ubuntu.com/usn/usn-1430-3
USN-1643-1: Perl vulnerabilities - 29th November 2012
It was discovered that the decode_xs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. (CVE-2011-2939) It was discovered that the 'new' constructor in the Digest module is vulnerable to ...
CVE-2011-2939 CVE-2011-3597 CVE-2012-5195 CVE-2012-5526
USN-1642-1: Lynx vulnerabilities - 29th November 2012
Dan Rosenberg discovered a heap-based buffer overflow in Lynx. If a user were tricked into opening a specially crafted page, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code as the user invoking the program. This issue only affected Ubuntu 10.04 LTS. ...
USN-1641-1: OpenStack Keystone vulnerabilities - 28th November 2012
Vijaya Erukala discovered that Keystone did not properly invalidate EC2-style credentials such that if credentials were removed from a tenant, an authenticated and authorized user using those credentials may still be allowed access beyond the account owner's expectations. (CVE-2012-5571) It was discovered that Keystone did not properly implement token expiration. ...
USN-1640-1: libssh vulnerabilities - 26th November 2012
Xi Wang and Florian Weimer discovered that libssh incorrectly handled memory. A remote attacker could use this to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562)
CVE-2012-4559 CVE-2012-4560 CVE-2012-4561 CVE-2012-4562
USN-1639-1: unity-firefox-extension vulnerability - 22nd November 2012
It was discovered that unity-firefox-extension incorrectly handled certain callbacks. A remote attacker could use this issue to cause unity-firefox-extension to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1638-2: ubufox update - 21st November 2012
USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory details: Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting ...
USN-1638-1: Firefox vulnerabilities - 21st November 2012
Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a ...
CVE-2012-4201 CVE-2012-4202 CVE-2012-4203 CVE-2012-4204 CVE-2012-4205 CVE-2012-4207 CVE-2012-4208 CVE-2012-4209 CVE-2012-4210 CVE-2012-4212 CVE-2012-4213 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-4217 CVE-2012-4218 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5836 CVE-2012-5837 CVE-2012-5838 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 CVE-2012-5843 LP: 1080211
USN-1636-1: Thunderbird vulnerabilities - 21st November 2012
Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to ...
CVE-2012-4201 CVE-2012-4202 CVE-2012-4204 CVE-2012-4205 CVE-2012-4207 CVE-2012-4208 CVE-2012-4209 CVE-2012-4212 CVE-2012-4213 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-4217 CVE-2012-4218 CVE-2012-5829 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-5836 CVE-2012-5838 CVE-2012-5839 CVE-2012-5840 CVE-2012-5841 CVE-2012-5842 CVE-2012-5843 LP: 1080212
USN-1637-1: Tomcat vulnerabilities - 21st November 2012
It was discovered that the Apache Tomcat HTTP NIO connector incorrectly handled header data. A remote attacker could cause a denial of service by sending requests with a large amount of header data. (CVE-2012-2733) It was discovered that Apache Tomcat incorrectly handled DIGEST authentication. A remote attacker could possibly use ...
CVE-2012-2733 CVE-2012-5885 CVE-2012-5886 CVE-2012-5887
USN-1635-1: libunity-webapps vulnerability - 21st November 2012
It was discovered that libunity-webapps improperly handled certain hash tables. A remote attacker could use this issue to cause libunity-webapps to crash, or possibly execute arbitrary code.
USN-1632-2: Django regression - 20th November 2012
USN-1632-1 fixed a vulnerability in Django. The upstream fix introduced testsuite failures when ADMINS and/or MANAGERS were defined in settings.py. This update fixes the problem. We apologize for the inconvenience. Original advisory details: James Kettle discovered Django did not properly filter the Host HTTP header when processing certain requests. An ...
USN-1634-1: Python Keyring vulnerabilities - 20th November 2012
Dwayne Litzenberger discovered that Python Keyring's CryptedFileKeyring file format used weak cryptography. A local attacker may use this issue to brute-force CryptedFileKeyring keyring files. This issue only affected Ubuntu 11.10 and Ubuntu 12.04 LTS. (CVE-2012-4571) It was discovered that Python Keyring created keyring files with insecure permissions. A local attacker ...
USN-1632-1: Django vulnerability - 15th November 2012
James Kettle discovered Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users.
USN-1631-1: LibTIFF vulnerabilities - 15th November 2012
It was discovered that LibTIFF incorrectly handled certain malformed images using the PixarLog compression format. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user ...
USN-1630-1: Libav vulnerabilities - 12th November 2012
It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
CVE-2012-2772 CVE-2012-2775 CVE-2012-2776 CVE-2012-2777 CVE-2012-2779 CVE-2012-2784 CVE-2012-2786 CVE-2012-2787 CVE-2012-2788 CVE-2012-2789 CVE-2012-2790 CVE-2012-2793 CVE-2012-2794 CVE-2012-2796 CVE-2012-2798 CVE-2012-2800 CVE-2012-2801 CVE-2012-2802
USN-1629-1: libproxy vulnerabilities - 12th November 2012
Tomas Mraz discovered that libproxy incorrectly handled certain PAC files. A remote attacker could use this issue to cause libproxy to crash, or to possibly execute arbitrary code. (CVE-2012-4504, CVE-2012-4505)
USN-1626-2: Glance vulnerability - 9th November 2012
USN-1626-1 fixed vulnerabilities in the v1 API of Glance. This update provides the corresponding updates for the v2 API. Original advisory details: Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under ...
USN-1628-1: Qt vulnerability - 8th November 2012
Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer Security (TLS) protocol when it is used with data compression. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update disables TLS data compression in Qt by ...
USN-1627-1: Apache HTTP Server vulnerabilities - 8th November 2012
It was discovered that the mod_negotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this ...
USN-1626-1: Glance vulnerability - 8th November 2012
Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances.
USN-1625-1: Icedtea-Web vulnerability - 7th November 2012
Arthur Gerkis discovered a buffer overflow in the Icedtea-Web plugin. If a user were tricked into opening a malicious website, an attacker could cause the plugin to crash or possibly execute arbitrary code as the user invoking the program.
USN-1624-1: Remote Login Service vulnerability - 5th November 2012
It was discovered that Remote Login Service incorrectly purged account information when switching users. A local attacker could use this issue to possibly obtain sensitive information.
USN-1623-1: Mesa vulnerability - 5th November 2012
It was discovered that Mesa incorrectly handled certain arrays. An attacker could use this issue to cause Mesa to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1622-1: Munin vulnerabilities - 5th November 2012
It was discovered that the Munin qmailscan plugin incorrectly handled temporary files. A local attacker could use this issue to possibly overwrite arbitrary files. This issue only affected Ubuntu 10.04 LTS, Ubuntu 11.10, and Ubuntu 12.04 LTS. (CVE-2012-2103) It was discovered that Munin incorrectly handled plugin state file permissions. An ...
CVE-2012-2103 CVE-2012-3512 CVE-2012-3513
USN-1621-1: MySQL vulnerabilities - 5th November 2012
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.66 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.28. In addition to security fixes, the ...
CVE-2012-3144 CVE-2012-3147 CVE-2012-3149 CVE-2012-3150 CVE-2012-3156 CVE-2012-3158 CVE-2012-3160 CVE-2012-3163 CVE-2012-3166 CVE-2012-3167 CVE-2012-3173 CVE-2012-3177 CVE-2012-3180 CVE-2012-3197 LP: 1068158
USN-1620-2: Thunderbird vulnerabilities - 29th October 2012
USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web content. Original advisory details: Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to ...
CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 LP: 1072362
USN-1620-1: Firefox vulnerabilities - 26th October 2012
Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. (CVE-2012-4194, CVE-2012-4195) Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled the Location object. If a user were tricked into opening a specially crafted page, a remote attacker could ...
CVE-2012-4194 CVE-2012-4195 CVE-2012-4196
USN-1619-1: OpenJDK vulnerabilities - 26th October 2012
Several information disclosure vulnerabilities were discovered in the OpenJDK JRE. (CVE-2012-3216, CVE-2012-5069, CVE-2012-5072, CVE-2012-5075, CVE-2012-5077, CVE-2012-5085) Vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2012-4416, CVE-2012-5071) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could ...
CVE-2012-1531 CVE-2012-1532 CVE-2012-1533 CVE-2012-3143 CVE-2012-3159 CVE-2012-3216 CVE-2012-4416 CVE-2012-5067 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5083 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089
USN-1618-1: Exim vulnerability - 26th October 2012
It was discovered that Exim incorrectly handled DKIM DNS decoding. This flaw could allow a remote attacker to execute arbitrary code.
USN-1617-1: WebKit vulnerabilities - 25th October 2012
A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code ...
CVE-2011-3031 CVE-2011-3038 CVE-2011-3042 CVE-2011-3043 CVE-2011-3044 CVE-2011-3051 CVE-2011-3053 CVE-2011-3059 CVE-2011-3060 CVE-2011-3064 CVE-2011-3067 CVE-2011-3076 CVE-2011-3081 CVE-2011-3086 CVE-2011-3090 CVE-2012-1521 CVE-2012-3598 CVE-2012-3601 CVE-2012-3604 CVE-2012-3611 CVE-2012-3612 CVE-2012-3617 CVE-2012-3625 CVE-2012-3626 CVE-2012-3627 CVE-2012-3628 CVE-2012-3645 CVE-2012-3652 CVE-2012-3657 CVE-2012-3669 CVE-2012-3670 CVE-2012-3671 CVE-2012-3672 CVE-2012-3674 LP: 1058339
USN-1616-1: Python 3.1 vulnerabilities - 24th October 2012
It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. (CVE-2008-5983) It was discovered that the audioop module did not ...
CVE-2008-5983 CVE-2010-1634 CVE-2010-2089 CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2012-2135
USN-1615-1: Python 3.2 vulnerabilities - 23rd October 2012
It was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. (CVE-2011-4944) It was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause ...
CVE-2011-4944 CVE-2012-0845 CVE-2012-1150 CVE-2012-2135
USN-1603-2: Ruby vulnerabilities - 22nd October 2012
USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Original advisory details: Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. (CVE-2012-4466, CVE-2012-4481)
USN-1614-1: Ruby vulnerabilities - 22nd October 2012
Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the corresponding updates for Ubuntu 12.10. (CVE-2012-4464, CVE-2012-4466) Peter ...
CVE-2012-4464 CVE-2012-4466 CVE-2012-4522
USN-1613-2: Python 2.4 vulnerabilities - 17th October 2012
USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary ...
CVE-2008-5983 CVE-2010-1634 CVE-2010-2089 CVE-2010-3493 CVE-2011-1015 CVE-2011-1521 CVE-2011-4940 CVE-2011-4944 CVE-2012-0845 CVE-2012-0876 CVE-2012-1148
USN-1613-1: Python 2.5 vulnerabilities - 17th October 2012
It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. (CVE-2008-5983) It was discovered that the audioop module did not correctly perform input validation. If a user ...
CVE-2008-5983 CVE-2010-1634 CVE-2010-2089 CVE-2010-3493 CVE-2011-1015 CVE-2011-1521 CVE-2011-4940 CVE-2011-4944 CVE-2012-0845 CVE-2012-0876 CVE-2012-1148
USN-1612-1: libgssglue vulnerability - 15th October 2012
It was discovered that libgssglue incorrectly handled the GSSAPI_MECH_CONF environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges. (CVE-2011-2709)
USN-1611-1: Thunderbird vulnerabilities - 12th October 2012
Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code ...
CVE-2012-3982 CVE-2012-3983 CVE-2012-3984 CVE-2012-3985 CVE-2012-3986 CVE-2012-3988 CVE-2012-3989 CVE-2012-3990 CVE-2012-3991 CVE-2012-3992 CVE-2012-3993 CVE-2012-3994 CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 CVE-2012-4184 CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 CVE-2012-4191 CVE-2012-4192 CVE-2012-4193 LP: 1062587 LP: 1065292
USN-1610-1: Linux kernel vulnerability - 12th October 2012
Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. (CVE-2012-3520) Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user ...
CVE-2012-3520 CVE-2012-6539 CVE-2012-6540 CVE-2012-6541 CVE-2012-6542 CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2013-1827
USN-1609-1: Linux kernel (OMAP4) vulnerability - 12th October 2012
A flaw was found in how the Linux kernel's KVM (Kernel-based Virtual Machine) subsystem handled MSI (Message Signaled Interrupts). A local unprivileged user could exploit this flaw to cause a denial of service or potentially elevate privileges. (CVE-2012-2137) Mathias Krause discover an error in Linux kernel's Datagram Congestion Control Protocol ...
USN-1608-1: Firefox vulnerabilities - 11th October 2012
It was discovered that the browser engine used in Firefox contained a memory corruption flaw. If a user were tricked into opening a specially crafted web page, a remote attacker could cause Firefox to crash or potentially execute arbitrary code as the user invoking the program. (CVE-2012-4191) It was discovered ...
CVE-2012-4191 CVE-2012-4192 LP: 1065285
USN-1607-1: Linux kernel vulnerabilities - 11th October 2012
Vadim Ponomarev discovered a flaw in the Linux kernel causing a reference leak when PID namespaces are used. A remote attacker could exploit this flaw causing a denial of service. (CVE-2012-2127) A flaw was found in how the Linux kernel's KVM (Kernel-based Virtual Machine) subsystem handled MSI (Message Signaled Interrupts). ...
CVE-2012-2127 CVE-2012-2137 CVE-2013-1827
USN-1606-1: Linux kernel vulnerabilities - 11th October 2012
A flaw was found in how the Linux kernel's KVM (Kernel-based Virtual Machine) subsystem handled MSI (Message Signaled Interrupts). A local unprivileged user could exploit this flaw to cause a denial of service or potentially elevate privileges. (CVE-2012-2137) A flaw was found in how the Linux kernel passed the replacement ...
USN-1605-1: Quagga vulnerability - 11th October 2012
It was discovered that Quagga incorrectly handled certain malformed messages. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.
USN-1604-1: MoinMoin vulnerabilities - 11th October 2012
It was discovered that MoinMoin did not properly sanitize certain input, resulting in a cross-site scripting (XSS) vulnerability. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, ...
USN-1603-1: Ruby vulnerabilities - 10th October 2012
Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. (CVE-2012-4466, CVE-2012-4481)
USN-1602-1: Ruby vulnerabilities - 10th October 2012
Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. (CVE-2012-4464, CVE-2012-4466)
USN-1601-1: Bind vulnerability - 10th October 2012
Jake Montgomery discovered that Bind incorrectly handled certain specific combinations of RDATA. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.