These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
USN-1832-1: LibTIFF vulnerabilities - 21st May 2013
Emmanuel Bouillon discovered that LibTIFF incorrectly handled certain malformed images when using the tiff2pdf tool. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user ...
USN-1829-1: Linux kernel (EC2) vulnerabilities - 16th May 2013
Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6549) Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could ...
CVE-2012-6549 CVE-2013-1826 CVE-2013-1860 CVE-2013-1928 CVE-2013-2634
USN-1824-1: Linux kernel vulnerabilities - 15th May 2013
Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. (CVE-2012-6549) Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could ...
CVE-2012-6549 CVE-2013-1826 CVE-2013-1860 CVE-2013-1928 CVE-2013-2634
USN-1819-1: OpenJDK 6 vulnerabilities - 7th May 2013
Ben Murphy discovered a vulnerability in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to execute arbitrary code. (CVE-2013-0401) James Forshaw discovered a vulnerability in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit this to execute ...
CVE-2013-0401 CVE-2013-1488 CVE-2013-1518 CVE-2013-1537 CVE-2013-1557 CVE-2013-1558 CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2415 CVE-2013-2417 CVE-2013-2419 CVE-2013-2420 CVE-2013-2421 CVE-2013-2422 CVE-2013-2424 CVE-2013-2426 CVE-2013-2429 CVE-2013-2430 CVE-2013-2431
USN-1816-1: ClamAV vulnerabilities - 3rd May 2013
It was discovered that ClamAV would incorrectly parse a UPX-packed executable, leading to possible inappropriate heap reads. An attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-2020) It was discovered that ClamAV would incorrectly parse a PDF ...
USN-1808-1: Linux kernel (EC2) vulnerabilities - 25th April 2013
Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. (CVE-2012-6542) Mathias Krause discovered information leaks in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol ...
CVE-2012-6542 CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6548 CVE-2013-0228 CVE-2013-0349 CVE-2013-1774 CVE-2013-1796
USN-1807-1: MySQL vulnerabilities - 24th April 2013
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.69 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.31. In addition to security fixes, the ...
CVE-2012-0553 CVE-2013-1492 CVE-2013-1502 CVE-2013-1506 CVE-2013-1511 CVE-2013-1512 CVE-2013-1521 CVE-2013-1523 CVE-2013-1526 CVE-2013-1532 CVE-2013-1544 CVE-2013-1552 CVE-2013-1555 CVE-2013-1623 CVE-2013-2375 CVE-2013-2376 CVE-2013-2378 CVE-2013-2389 CVE-2013-2391 CVE-2013-2392
USN-1805-1: Linux kernel vulnerabilities - 19th April 2013
Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. (CVE-2012-6542) Mathias Krause discovered information leaks in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol ...
CVE-2012-6542 CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6548 CVE-2013-0228 CVE-2013-0349 CVE-2013-1774 CVE-2013-1796
USN-1804-1: IcedTea-Web vulnerabilities - 18th April 2013
Jiri Vanek discovered that IcedTea-Web would use the same classloader for applets from different domains. A remote attacker could exploit this to expose sensitive information or potentially manipulate applets from other domains. (CVE-2013-1926) It was discovered that IcedTea-Web did not properly verify JAR files and was susceptible to the GIFAR ...
USN-1803-1: X.Org X server vulnerability - 17th April 2013
It was discovered that the X.Org X server did not properly clear input events in certain circumstances. A local attacker with physical access could use this flaw to capture keystrokes.
USN-1801-1: curl vulnerability - 15th April 2013
YAMADA Yasuharu discovered that libcurl was vulnerable to a cookie leak when doing requests across domains with matching tails. curl did not properly restrict cookies to domains and subdomains. If a user or automated system were tricked into processing a specially crafted URL, an attacker could read cookie values stored ...
USN-1798-1: Linux kernel (EC2) vulnerabilities - 8th April 2013
Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537) Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack ...
CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2013-0914 CVE-2013-1767 CVE-2013-1792
USN-1792-1: Linux kernel vulnerabilities - 8th April 2013
Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537) Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack ...
CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2013-0914 CVE-2013-1767 CVE-2013-1792
USN-1791-1: Thunderbird vulnerabilities - 8th April 2013
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic and Joe Drew discovered multiple memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or ...
CVE-2013-0788 CVE-2013-0791 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 LP: 1162043
USN-1786-1: Firefox vulnerabilities - 4th April 2013
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic, Joe Drew, Andrew McCreight, Randell Jesup, Gary Kwong and Mats Palmgren discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of ...
CVE-2013-0788 CVE-2013-0789 CVE-2013-0791 CVE-2013-0792 CVE-2013-0793 CVE-2013-0794 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 LP: 1161422
USN-1789-1: PostgreSQL vulnerabilities - 4th April 2013
Mitsumasa Kondo and Kyotaro Horiguchi discovered that PostgreSQL incorrectly handled certain connection requests containing database names starting with a dash. A remote attacker could use this flaw to damage or destroy files within a server's data directory. This issue only applied to Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. ...
CVE-2013-1899 CVE-2013-1900 CVE-2013-1901
USN-1788-1: Linux kernel (Oneiric backport) vulnerabilities - 3rd April 2013
Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to bypass ASLR (Address Space Layout Randomization). A local user could use this flaw to bypass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). ...
CVE-2013-0914 CVE-2013-1767 CVE-2013-1792
USN-1785-1: poppler vulnerabilities - 2nd April 2013
It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program.
CVE-2013-1788 CVE-2013-1789 CVE-2013-1790
USN-1784-1: libxslt vulnerability - 2nd April 2013
Nicholas Gregoire discovered that libxslt incorrectly handled certain empty values. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service.
USN-1783-1: Bind vulnerability - 29th March 2013
Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. A remote attacker could use this flaw to cause Bind to consume an excessive amount of memory, possibly resulting in a denial of service. This issue was corrected by disabling RDATA regular expression syntax checking.
USN-1782-1: libxml2 vulnerability - 28th March 2013
It was discovered that libxml2 incorrectly handled XML entity expansion. An attacker could use this flaw to cause libxml2 to consume large amounts of resources, resulting in a denial of service.
USN-1780-1: Ruby vulnerability - 25th March 2013
Ben Murphy discovered that the Ruby REXML library incorrectly handled XML entity expansion. An attacker could use this flaw to cause Ruby to consume large amounts of memory, resulting in a denial of service.
USN-1776-1: Linux kernel (EC2) vulnerabilities - 22nd March 2013
A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268) A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when ...
CVE-2013-0268 CVE-2013-0309 CVE-2013-1773
USN-1775-1: Linux kernel vulnerabilities - 22nd March 2013
A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268) A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when ...
CVE-2013-0268 CVE-2013-0309 CVE-2013-1773
USN-1773-1: ClamAV vulnerabilities - 21st March 2013
Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind discovered multiple security issues with ClamAV. An attacker could use these issues to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-1770-1: Perl vulnerability - 19th March 2013
Yves Orton discovered that Perl incorrectly handled hashing when using user-provided hash keys. An attacker could use this flaw to perform a denial of service attack against software written in Perl.
USN-1765-1: Apache HTTP Server vulnerabilities - 18th March 2013
Niels Heinen discovered that multiple modules incorrectly sanitized certain strings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to ...
CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1048
USN-1763-2: NSPR update - 14th March 2013
USN-1763-1 fixed a vulnerability in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker ...
USN-1763-1: NSS vulnerability - 14th March 2013
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.
USN-1761-1: PHP vulnerability - 13th March 2013
It was discovered that PHP incorrectly handled XML external entities in SOAP WSDL files. A remote attacker could use this flaw to read arbitrary files off the server.
USN-1758-2: Thunderbird vulnerability - 12th March 2013
USN-1758-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Thunderbird. Original advisory details: It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary ...
USN-1760-1: Linux kernel (Oneiric backport) vulnerabilities - 12th March 2013
A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. (CVE-2013-0216) A memory leak was discovered in the Linux kernel's ...
CVE-2013-0216 CVE-2013-0217 CVE-2013-0228 CVE-2013-0268 CVE-2013-0311 CVE-2013-0349 CVE-2013-1773
USN-1758-1: Firefox vulnerability - 8th March 2013
It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.
USN-1757-1: Django vulnerabilities - 7th March 2013
James Kettle discovered that Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users. Although this issue had been previously addressed in USN-1632-1, this update adds additional hardening measures to host header validation. This ...
CVE-2012-4520 CVE-2013-0305 CVE-2013-0306 CVE-2013-1664 CVE-2013-1665
USN-1755-1: OpenJDK 6 vulnerabilities - 5th March 2013
It was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash. (CVE-2013-0809) It was discovered that OpenJDK did not properly check return values when performing color conversion for images. If a user were tricked into opening a ...
USN-1754-1: Sudo vulnerability - 28th February 2013
Marco Schoepl discovered that Sudo incorrectly handled time stamp files when the system clock is set to epoch. A local attacker could use this issue to run Sudo commands without a password prompt.
USN-1753-1: DBus-GLib vulnerability - 27th February 2013
Sebastian Krahmer and Bastien Nocera discovered that DBus-GLib did not properly validate the message sender when the "NameOwnerChanged" signal was received. A local attacker could possibly use this issue to escalate their privileges.
USN-1752-1: GnuTLS vulnerability - 27th February 2013
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.
USN-1748-1: Thunderbird vulnerabilities - 25th February 2013
Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges ...
CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782 CVE-2013-0783 CVE-2013-0784 LP: 1131110
USN-1746-1: Pidgin vulnerabilities - 25th February 2013
Chris Wysopal discovered that Pidgin incorrectly handled file transfers in the MXit protocol handler. A remote attacker could use this issue to create or overwrite arbitrary files. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2013-0271) It was discovered that Pidgin incorrectly handled long HTTP headers ...
CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274
USN-1738-1: Linux kernel (Oneiric backport) vulnerability - 21st February 2013
Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.
USN-1737-1: Linux kernel (EC2) vulnerability - 21st February 2013
Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.
USN-1736-1: Linux kernel vulnerability - 21st February 2013
Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.
USN-1735-1: OpenJDK vulnerabilities - 21st February 2013
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenJDK was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. (CVE-2013-0169) A vulnerability was discovered in the ...
CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487
USN-1732-1: OpenSSL vulnerabilities - 21st February 2013
Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2012-2686) Stephen Henson discovered ...
CVE-2012-2686 CVE-2013-0166 CVE-2013-0169
USN-1729-1: Firefox vulnerabilities - 19th February 2013
Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an ...
CVE-2013-0765 CVE-2013-0772 CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782 CVE-2013-0783 CVE-2013-0784 LP: 1128883
USN-1728-1: Linux kernel (EC2) vulnerability - 18th February 2013
Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.
USN-1725-1: Linux kernel vulnerability - 14th February 2013
Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.
USN-1724-1: OpenJDK vulnerabilities - 14th February 2013
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2012-1541, CVE-2012-3342, CVE-2013-0351, CVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0441, CVE-2013-0442, CVE-2013-0445, CVE-2013-0450, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480) Vulnerabilities were discovered in ...
CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0445 CVE-2013-0446 CVE-2013-0448 CVE-2013-0449 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481
USN-1723-1: Qt vulnerabilities - 14th February 2013
Richard J. Moore and Peter Hartmann discovered that Qt allowed redirecting requests from http to file schemes. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. (CVE-2012-5624) Stephen ...
CVE-2012-5624 CVE-2012-6093 CVE-2013-0254