These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
USN-1447-1: libxml2 vulnerability - 21st May 2012
Juri Aedla discovered that libxml2 contained an off by one error in its XPointer functionality. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the ...
USN-1445-1: Linux kernel vulnerabilities - 17th May 2012
A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. (CVE-2011-4086) A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user ...
CVE-2011-4086 CVE-2012-1601 CVE-2012-2123
USN-1444-1: BackupPC vulnerability - 17th May 2012
It was discovered that BackupPC did not properly sanitize its input when processing RestoreFile error messages, resulting in a cross-site scripting (XSS) vulnerability. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the ...
USN-1442-1: Sudo vulnerability - 16th May 2012
It was discovered that sudo incorrectly handled network masks when using Host and Host_List. A local user who is listed in sudoers may be allowed to run commands on unintended hosts when IPv4 network masks are used to grant access. A local attacker could exploit this to bypass intended access ...
USN-1441-1: Quagga vulnerabilities - 15th May 2012
It was discovered that Quagga incorrectly handled Link State Update messages with invalid lengths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. (CVE-2012-0249, CVE-2012-0250) It was discovered that Quagga incorrectly handled messages with a malformed Four-octet AS Number Capability. A ...
CVE-2012-0249 CVE-2012-0250 CVE-2012-0255
USN-1440-1: Linux kernel (Natty backport) vulnerabilities - 8th May 2012
A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. (CVE-2011-4086) Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the ...
CVE-2011-4086 CVE-2011-4347 CVE-2012-0045 CVE-2012-1090 CVE-2012-1097 CVE-2012-1146 CVE-2012-2100
USN-1437-1: PHP vulnerability - 4th May 2012
It was discovered that PHP, when used as a stand alone CGI processor for the Apache Web Server, did not properly parse and filter query strings. This could allow a remote attacker to execute arbitrary code running with the privilege of the web server. Configurations using mod_php5 and FastCGI were ...
USN-1430-3: Thunderbird vulnerabilities - 4th May 2012
USN-1430-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory details: Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening ...
CVE-2011-1187 CVE-2011-3062 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0473 CVE-2012-0474 CVE-2012-0475 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 LP: 987305
USN-1436-1: Libtasn1 vulnerability - 2nd May 2012
Matthew Hall discovered that Libtasn1 incorrectly handled certain large values. An attacker could exploit this with a specially crafted ASN.1 structure and cause a denial of service, or possibly execute arbitrary code.
USN-1435-1: ImageMagick vulnerabilities - 1st May 2012
Joonas Kuorilehto and Aleksis Kauppinen discovered that ImageMagick incorrectly handled certain ResolutionUnit tags. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user ...
CVE-2012-0247 CVE-2012-0248 CVE-2012-0259 CVE-2012-1185 CVE-2012-1186 CVE-2012-1610 CVE-2012-1798
USN-1434-1: Samba vulnerability - 1st May 2012
Ivano Cristofolini discovered that Samba incorrectly handled some Local Security Authority (LSA) remote procedure calls (RPC). A remote, authenticated attacker could exploit this to grant administrative privileges to arbitrary users. The administrative privileges could be used to bypass permission checks performed by the Samba server.
USN-1433-1: Linux kernel (Oneiric backport) vulnerabilities - 1st May 2012
A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. (CVE-2011-4086) Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the ...
CVE-2011-4086 CVE-2011-4347 CVE-2012-0045 CVE-2012-1090 CVE-2012-1097 CVE-2012-1146 CVE-2012-1179
USN-1430-2: ubufox update - 27th April 2012
USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory details: Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the ...
USN-1430-1: Firefox vulnerabilities - 27th April 2012
Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via ...
CVE-2011-1187 CVE-2011-3062 CVE-2012-0467 CVE-2012-0468 CVE-2012-0469 CVE-2012-0470 CVE-2012-0471 CVE-2012-0473 CVE-2012-0474 CVE-2012-0475 CVE-2012-0477 CVE-2012-0478 CVE-2012-0479 LP: 987262
USN-1429-1: Jetty vulnerability - 26th April 2012
It was discovered that Jetty computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters.
USN-1428-1: OpenSSL vulnerability - 24th April 2012
It was discovered that the fix for CVE-2012-2110 was incomplete for OpenSSL 0.9.8. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. Ubuntu 11.10 was not affected by this issue. (CVE-2012-2131) The original ...
USN-1427-1: MySQL vulnerabilities - 24th April 2012
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.62 in Ubuntu 10.04 LTS, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.96. In addition to security fixes, the updated ...
USN-1426-1: Linux kernel (EC2) vulnerabilities - 24th April 2012
Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. (CVE-2011-4347) Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual machine) subsystem ...
CVE-2011-4347 CVE-2012-0045 CVE-2012-1090 CVE-2012-1097
USN-1425-1: Linux kernel vulnerabilities - 24th April 2012
Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. (CVE-2011-4347) Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual machine) subsystem ...
CVE-2011-4347 CVE-2012-0045 CVE-2012-1090 CVE-2012-1097
USN-1424-1: OpenSSL vulnerabilities - 19th April 2012
It was discovered that OpenSSL could be made to dereference a NULL pointer when processing S/MIME messages. A remote attacker could use this to cause a denial of service. These issues did not affect Ubuntu 8.04 LTS. (CVE-2006-7250, CVE-2012-1165) Tavis Ormandy discovered that OpenSSL did not properly perform bounds checking ...
CVE-2006-7250 CVE-2012-1165 CVE-2012-2110
USN-1423-1: Samba vulnerability - 12th April 2012
Brian Gorenc discovered that Samba incorrectly calculated array bounds when handling remote procedure calls (RPC) over the network. A remote, unauthenticated attacker could exploit this to execute arbitrary code as the root user. (CVE-2012-1182)
USN-1421-1: Linux kernel (Maverick backport) vulnerabilities - 12th April 2012
Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. (CVE-2011-4347) Stephan Bärwolf discovered a flaw in the KVM (kernel-based virtual machine) subsystem ...
CVE-2011-4347 CVE-2012-0045 CVE-2012-1097 CVE-2012-1146
USN-1420-1: NVIDIA graphics drivers vulnerability - 11th April 2012
It was discovered that the NVIDIA graphics drivers could be reconfigured to gain access to arbitrary system memory. A local attacker could use this issue to possibly gain root privileges.
USN-1419-1: Puppet vulnerabilities - 11th April 2012
It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. (CVE-2012-1906) It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this to read arbitrary files. (CVE-2012-1986) It was ...
CVE-2012-1906 CVE-2012-1986 CVE-2012-1987 CVE-2012-1988 CVE-2012-1989
USN-1418-1: GnuTLS vulnerabilities - 5th April 2012
Alban Crequy discovered that the GnuTLS library incorrectly checked array bounds when copying TLS session data. A remote attacker could crash a client application, leading to a denial of service, as the client application prepared for TLS session resumption. (CVE-2011-4128) Matthew Hall discovered that the GnuTLS library incorrectly handled TLS ...
USN-1417-1: libpng vulnerability - 5th April 2012
It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program.
USN-1416-1: tiff vulnerabilities - 4th April 2012
Alexander Gavrun discovered that the TIFF library incorrectly allocated space for a tile. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. (CVE-2012-1173) It ...
USN-1197-7: ca-certificates-java vulnerability - 27th March 2012
USN-1197-5 addressed an issue in ca-certificates pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides the corresponding update for ca-certificates-java. Original advisory details: It was discovered that Dutch Certificate Authority DigiNotar had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man ...
USN-1409-1: Linux kernel (Oneiric backport) vulnerabilities - 27th March 2012
Somnath Kotur discovered an error in the Linux kernel's VLAN (virtual lan) and be2net drivers. An attacker on the local network could exploit this flaw to cause a denial of service. (CVE-2011-3347)
USN-1411-1: Linux kernel vulnerability - 27th March 2012
Louis Rilling discovered a flaw in Linux kernel's clone command when CLONE_IO is specified. An unprivileged local user could exploit this to cause a denial of service.
USN-1410-1: Linux kernel (EC2) vulnerability - 27th March 2012
Louis Rilling discovered a flaw in Linux kernel's clone command when CLONE_IO is specified. An unprivileged local user could exploit this to cause a denial of service.
USN-1408-1: Linux kernel (FSL-IMX51) vulnerability - 27th March 2012
Louis Rilling discovered a flaw in Linux kernel's clone command when CLONE_IO is specified. An unprivileged local user could exploit this to cause a denial of service.
USN-1401-2: Thunderbird vulnerabilities - 23rd March 2012
USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the corresponding fixes for Thunderbird. Original advisory details: It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into ...
CVE-2011-3658 CVE-2012-0455 CVE-2012-0456 CVE-2012-0457 CVE-2012-0458 CVE-2012-0461 CVE-2012-0464 LP: 953720
USN-1403-1: FreeType vulnerabilities - 22nd March 2012
Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash. (CVE-2012-1126) Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If ...
CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144
USN-1402-1: libpng vulnerability - 22nd March 2012
It was discovered that libpng did not properly process compressed chunks. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking the program.
USN-1401-1: Xulrunner vulnerabilities - 19th March 2012
It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service ...
CVE-2011-3658 CVE-2012-0455 CVE-2012-0456 CVE-2012-0457 CVE-2012-0458 CVE-2012-0461 CVE-2012-0464 LP: 953736
USN-1400-2: ubufox update - 16th March 2012
USN-1400-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory details: Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the ...
USN-1400-1: Firefox vulnerabilities - 16th March 2012
Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents or steal confidential data. (CVE-2012-0455) Atte Kettunen discovered a use-after-free vulnerability in Firefox's handling of SVG animations. An attacker could ...
CVE-2012-0451 CVE-2012-0455 CVE-2012-0457 CVE-2012-0458 CVE-2012-0459 CVE-2012-0460 CVE-2012-0461 CVE-2012-0462 CVE-2012-0464 LP: 951250
USN-1399-1: gdm-guest-session vulnerability - 13th March 2012
Ryan Lortie discovered that gdm-guest-session improperly cleaned out certain guest session files. A local attacker could use this issue to delete arbitrary files.
USN-1397-1: MySQL vulnerabilities - 12th March 2012
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95. In addition to security fixes, ...
CVE-2007-5925 CVE-2008-3963 CVE-2008-4098 CVE-2008-4456 CVE-2008-7247 CVE-2009-2446 CVE-2009-4019 CVE-2009-4030 CVE-2009-4484 CVE-2010-1621 CVE-2010-1626 CVE-2010-1848 CVE-2010-1849 CVE-2010-1850 CVE-2010-2008 CVE-2010-3677 CVE-2010-3678 CVE-2010-3679 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3683 CVE-2010-3833 CVE-2010-3834 CVE-2010-3835 CVE-2010-3836 CVE-2010-3837 CVE-2010-3838 CVE-2010-3839 CVE-2010-3840 CVE-2011-2262 CVE-2012-0075 CVE-2012-0087 CVE-2012-0101 CVE-2012-0102 CVE-2012-0112 CVE-2012-0113 CVE-2012-0114 CVE-2012-0115 CVE-2012-0116 CVE-2012-0117 CVE-2012-0118 CVE-2012-0119 CVE-2012-0120 CVE-2012-0484 CVE-2012-0485 CVE-2012-0486 CVE-2012-0487 CVE-2012-0488 CVE-2012-0489 CVE-2012-0490 CVE-2012-0491 CVE-2012-0492 CVE-2012-0493 CVE-2012-0494 CVE-2012-0495 CVE-2012-0496
USN-1396-1: GNU C Library vulnerabilities - 9th March 2012
It was discovered that the GNU C Library did not properly handle integer overflows in the timezone handling code. An attacker could use this to possibly execute arbitrary code by convincing an application to load a maliciously constructed tzfile. (CVE-2009-5029) It was discovered that the GNU C Library did not ...
CVE-2009-5029 CVE-2010-0015 CVE-2011-1071 CVE-2011-1089 CVE-2011-1095 CVE-2011-1658 CVE-2011-1659 CVE-2011-2702 CVE-2011-4609 CVE-2012-0864
USN-1395-1: PyPAM vulnerability - 8th March 2012
Markus Vervier discovered that PyPAM incorrectly handled passwords containing NULL bytes. An attacker could exploit this to cause applications using PyPAM to crash, or possibly execute arbitrary code.
USN-1392-1: Linux kernel (FSL-IMX51) vulnerability - 7th March 2012
Ben Hutchings reported a flaw in the kernel's handling of corrupt LDM partitions. A local user could exploit this to cause a denial of service or escalate privileges.
USN-1389-1: Linux kernel vulnerabilities - 6th March 2012
Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. (CVE-2011-4127) A flaw was found in KVM's Programmable Interval Timer ...
CVE-2011-4127 CVE-2011-4622 CVE-2012-0038 CVE-2012-2100
USN-1388-1: Linux kernel (EC2) vulnerabilities - 6th March 2012
Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. (CVE-2011-4127) A flaw was found in KVM's Programmable Interval Timer ...
CVE-2011-4127 CVE-2011-4622 CVE-2012-0038 CVE-2012-2100
USN-1387-1: Linux kernel (Maverick backport) vulnerabilities - 6th March 2012
Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. (CVE-2011-1927) A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet Group Management Protocol) packets. An unprivileged local ...
CVE-2011-0716 CVE-2011-1927 CVE-2011-3353 CVE-2011-3619 CVE-2011-4622 CVE-2012-0038 CVE-2012-0044
USN-1386-1: Linux kernel (Natty backport) vulnerabilities - 6th March 2012
The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. (CVE-2011-2498) A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged ...
CVE-2011-2498 CVE-2011-2518 CVE-2011-3353 CVE-2011-4097 CVE-2011-4622 CVE-2012-0038 CVE-2012-0044 CVE-2012-0207
USN-1384-1: Linux kernel (Oneiric backport) vulnerabilities - 6th March 2012
A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. (CVE-2011-4097) ...
CVE-2011-4097 CVE-2011-4127 CVE-2011-4622 CVE-2012-0038 CVE-2012-0055 CVE-2012-0207
USN-1373-2: OpenJDK 6 (ARM) vulnerabilities - 1st March 2012
USN 1373-1 fixed vulnerabilities in OpenJDK 6 in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04 for all architectures except for ARM (armel). This provides the corresponding OpenJDK 6 update for use with the ARM (armel) architecture in Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Original advisory details: It ...
CVE-2011-3563 CVE-2011-5035 CVE-2012-0497 CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505 CVE-2012-0506 CVE-2012-0507
USN-1378-1: PostgreSQL vulnerabilities - 28th February 2012
It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. (CVE-2012-0866) It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly ...
CVE-2012-0866 CVE-2012-0867 CVE-2012-0868