Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 2 of 16   Next >
Show: All  

USN-2214-1: libxml2 vulnerability - 15th May 2014

Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.

CVE-2014-0191

USN-2213-1: Dovecot vulnerability - 15th May 2014

It was discovered that Dovecot incorrectly handled closing inactive SSL/TLS connections. A remote attacker could use this issue to cause Dovecot to stop responding to new connections, resulting in a denial of service.

CVE-2014-3430

USN-2212-1: Django vulnerabilities - 14th May 2014

Stephen Stewart, Michael Nelson, Natalia Bidart and James Westby discovered that Django improperly removed Vary and Cache-Control headers from HTTP responses when replying to a request from an Internet Explorer or Chrome Frame client. An attacker may use this to retrieve private data or poison caches. This update removes workarounds ...

CVE-2014-1418

USN-2211-1: libXfont vulnerabilities - 14th May 2014

Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. (CVE-2014-0209) Ilja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font ...

CVE-2014-0209 CVE-2014-0210 CVE-2014-0211

USN-2205-1: LibTIFF vulnerabilities - 6th May 2014

Pedro Ribeiro discovered that LibTIFF incorrectly handled certain malformed images when using the gif2tiff tool. If a user or automated system were tricked into opening a specially crafted GIF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user ...

CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244

USN-2197-1: Linux kernel (EC2) vulnerability - 5th May 2014

A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges.

CVE-2014-0196

USN-2196-1: Linux kernel vulnerability - 5th May 2014

A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An unprivileged user could exploit this flaw to cause a denial of service (system crash) or potentially gain administrator privileges.

CVE-2014-0196

USN-2191-1: OpenJDK 6 vulnerabilities - 1st May 2014

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0461, CVE-2014-0462, CVE-2014-2397, CVE-2014-2405, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427) ...

CVE-2014-0429 CVE-2014-0446 CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458 CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-0462 CVE-2014-1876 CVE-2014-2397 CVE-2014-2398 CVE-2014-2403 CVE-2014-2405 CVE-2014-2412 CVE-2014-2414 CVE-2014-2421 CVE-2014-2423 CVE-2014-2427

USN-2183-2: dpkg vulnerability - 1st May 2014

USN-2183-1 fixed a vulnerability in dpkg. Javier Serrano Polo discovered that the fix introduced a vulnerability in releases with an older version of the patch utility. This update fixes the problem. Original advisory details: Jakub Wilk discovered that dpkg incorrectly certain paths and symlinks when unpacking source packages. If a ...

CVE-2014-0471

USN-2183-1: dpkg vulnerability - 28th April 2014

Jakub Wilk discovered that dpkg incorrectly certain paths and symlinks when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining ...

CVE-2014-0471

USN-2182-1: QEMU vulnerabilities - 28th April 2014

Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. This issue only applied to Ubuntu 13.10 and Ubuntu 14.04 LTS. (CVE-2013-4544) Michael S. Tsirkin discovered that QEMU ...

CVE-2013-4544 CVE-2014-0150 CVE-2014-2894

USN-2174-1: Linux kernel (EC2) vulnerabilities - 26th April 2014

A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101) An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a ...

CVE-2014-0101 CVE-2014-2523

USN-2173-1: Linux kernel vulnerabilities - 26th April 2014

A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101) An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a ...

CVE-2014-0101 CVE-2014-2523

USN-2172-1: CUPS vulnerability - 24th April 2014

Alex Korobkin discovered that the CUPS web interface incorrectly protected against cross-site scripting (XSS) attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data.

CVE-2014-2856

USN-2169-2: Django regression - 22nd April 2014

USN-2169-1 fixed vulnerabilities in Django. The upstream security patch for CVE-2014-0472 introduced a regression for certain applications. This update fixes the problem. Original advisory details: Benjamin Bach discovered that Django incorrectly handled dotted Python paths when using the reverse() function. An attacker could use this issue to cause Django to ...

LP: 1311433

USN-2169-1: Django vulnerabilities - 22nd April 2014

Benjamin Bach discovered that Django incorrectly handled dotted Python paths when using the reverse() function. An attacker could use this issue to cause Django to import arbitrary modules from the Python path, resulting in possible code execution. (CVE-2014-0472) Paul McMillan discovered that Django incorrectly cached certain pages that contained CSRF ...

CVE-2014-0472 CVE-2014-0473 CVE-2014-0474

USN-2168-1: Python Imaging Library vulnerabilities - 15th April 2014

Jakub Wilk discovered that the Python Imaging Library incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files, or gain access to temporary file contents. (CVE-2014-1932, CVE-2014-1933)

CVE-2014-1932 CVE-2014-1933

USN-2167-1: curl vulnerabilities - 14th April 2014

Steve Holme discovered that libcurl incorrectly reused wrong connections when using protocols other than HTTP and FTP. This could lead to the use of unintended credentials, possibly exposing sensitive information. (CVE-2014-0138) Richard Moore discovered that libcurl incorrectly validated wildcard SSL certificates that contain literal IP addresses. An attacker could possibly ...

CVE-2014-0138 CVE-2014-0139

USN-2166-1: Net-SNMP vulnerabilities - 14th April 2014

Ken Farnen discovered that Net-SNMP incorrectly handled AgentX timeouts. A remote attacker could use this issue to cause the server to crash or to hang, resulting in a denial of service. (CVE-2012-6151) It was discovered that the Net-SNMP ICMP-MIB incorrectly validated input. A remote attacker could use this issue to ...

CVE-2012-6151 CVE-2014-2284 CVE-2014-2285 CVE-2014-2310

USN-2124-2: OpenJDK 6 regression - 7th April 2014

USN-2124-1 fixed vulnerabilities in OpenJDK 6. Due to an upstream regression, memory was not properly zeroed under certain circumstances which could lead to instability. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A vulnerability was discovered in the OpenJDK JRE related to information disclosure and ...

LP: 1295987

USN-2163-1: PHP vulnerability - 7th April 2014

It was discovered that PHP's embedded libmagic library incorrectly handled PE executables. An attacker could use this issue to cause PHP to crash, resulting in a denial of service.

CVE-2014-2270

USN-2162-1: file vulnerability - 7th April 2014

It was discovered that file incorrectly handled PE executable files. An attacker could use this issue to cause file to crash, resulting in a denial of service.

CVE-2014-2270

USN-2159-1: NSS vulnerability - 2nd April 2014

It was discovered that NSS incorrectly handled wildcard certificates when used with internationalized domain names. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to spoof SSL servers.

CVE-2014-1492

USN-2156-1: Samba vulnerability - 26th March 2014

Andrew Bartlett discovered that Samba did not properly enforce the password guessing protection mechanism for all interfaces. A remote attacker could use this issue to possibly attempt to brute force user passwords.

CVE-2013-4496

USN-2155-1: OpenSSH vulnerability - 25th March 2014

Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to possibly bypass certain intended environment variable restrictions.

CVE-2014-2532

USN-2154-1: ca-certificates update - 24th March 2014

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20130906 package.

LP: 1257265

USN-2152-1: Apache HTTP Server vulnerabilities - 24th March 2014

Ning Zhang & Amin Tora discovered that the mod_dav module incorrectly handled whitespace characters in CDATA sections. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. (CVE-2013-6438) Rainer M Canavan discovered that the mod_log_config module incorrectly handled certain cookies. ...

CVE-2013-6438 CVE-2014-0098

USN-2147-1: Mutt vulnerability - 13th March 2014

Beatrice Torracca and Evgeni Golov discovered a buffer overflow in mutt while expanding addresses when parsing email headers. An attacker could specially craft an email to cause mutt to crash, resulting in a denial of service, or possibly execute arbitrary code with the privileges of the user invoking mutt.

CVE-2014-0467

USN-2146-1: Sudo vulnerabilities - 13th March 2014

Sebastien Macke discovered that Sudo incorrectly handled blacklisted environment variables when the env_reset option was disabled. A local attacker could use this issue to possibly run unintended commands by using blacklisted environment variables. In a default Ubuntu installation, the env_reset option is enabled by default. This issue only affected Ubuntu ...

CVE-2014-0106 LP: 1223297

USN-2144-1: CUPS vulnerabilities - 12th March 2014

Florian Weimer discovered that the pdftoopvp filter bundled in the CUPS package incorrectly handled memory. An attacker could possibly use this issue to execute arbitrary code with the privileges of the lp user. (CVE-2013-6474, CVE-2013-6475) Florian Weimer discovered that the pdftoopvp filter bundled in the CUPS package did not restrict ...

CVE-2013-6474 CVE-2013-6475 CVE-2013-6476

USN-2130-1: Tomcat vulnerabilities - 6th March 2014

It was discovered that Tomcat incorrectly handled certain inconsistent HTTP headers. A remote attacker could possibly use this flaw to conduct request smuggling attacks. (CVE-2013-4286) It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A remote attacker could use this flaw to cause the Tomcat ...

CVE-2013-4286 CVE-2013-4322 CVE-2014-0033 CVE-2014-0050

USN-2129-1: Linux kernel (EC2) vulnerabilities - 5th March 2014

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. (CVE-2013-0160) Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. ...

CVE-2013-0160 CVE-2013-2929 CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6382 CVE-2013-7027 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2014-1444 CVE-2014-1445 CVE-2014-1446 CVE-2014-1874

USN-2128-1: Linux kernel vulnerabilities - 5th March 2014

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. (CVE-2013-0160) Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. ...

CVE-2013-0160 CVE-2013-2929 CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6382 CVE-2013-7027 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2014-1444 CVE-2014-1445 CVE-2014-1446 CVE-2014-1874

USN-2127-1: GnuTLS vulnerability - 4th March 2014

Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly handled certificate verification functions. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited with specially crafted certificates to view sensitive information.

CVE-2014-0092

USN-2126-1: PHP vulnerabilities - 3rd March 2014

Bernd Melchers discovered that PHP's embedded libmagic library incorrectly handled indirect offset values. An attacker could use this issue to cause PHP to consume resources or crash, resulting in a denial of service. (CVE-2014-1943) It was discovered that PHP incorrectly handled certain values when using the imagecrop function. An attacker ...

CVE-2013-7226 CVE-2013-7327 CVE-2013-7328 CVE-2014-1943 CVE-2014-2020

USN-2125-1: Python vulnerability - 3rd March 2014

Ryan Smith-Roberts discovered that Python incorrectly handled buffer sizes when using the socket.recvfrom_into() function. An attacker could possibly use this issue to cause Python to crash, resulting in denial of service, or possibly execute arbitrary code.

CVE-2014-1912

USN-2124-1: OpenJDK 6 vulnerabilities - 27th February 2014

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-0411) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to ...

CVE-2013-5878 CVE-2013-5884 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 LP: 1283828

USN-2123-1: file vulnerabilities - 26th February 2014

It was discovered that file incorrectly handled Composite Document files. An attacker could use this issue to cause file to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-1571) Bernd Melchers discovered that file incorrectly handled indirect offset values. An ...

CVE-2012-1571 CVE-2014-1943

USN-2122-1: FreeRADIUS vulnerabilities - 26th February 2014

It was discovered that FreeRADIUS incorrectly handled unix authentication. A remote user could successfully authenticate with an expired password. (CVE-2011-4966) Pierre Carrier discovered that FreeRADIUS incorrectly handled rlm_pap hash processing. An authenticated user could use this issue to cause FreeRADIUS to crash, resulting in a denial of service, or possibly ...

CVE-2011-4966 CVE-2014-2015

USN-2120-1: PostgreSQL vulnerabilities - 24th February 2014

Noah Misch and Jonas Sundman discovered that PostgreSQL did not correctly enforce ADMIN OPTION restrictions. An authenticated attacker could use this issue to possibly revoke access from others, contrary to expected permissions. (CVE-2014-0060) Andres Freund discovered that PostgreSQL incorrectly handled validator functions. An authenticated attacker could possibly use this issue ...

CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066

USN-2108-1: Linux kernel (EC2) vulnerabilities - 18th February 2014

A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383) mpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in ...

CVE-2013-6383 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7281

USN-2107-1: Linux kernel vulnerabilities - 18th February 2014

A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383) mpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in ...

CVE-2013-6383 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7281

USN-2099-1: Perl vulnerability - 5th February 2014

It was discovered that Perl's Locale::Maketext module incorrectly handled backslashes and fully qualified method names. An attacker could possibly use this flaw to execute arbitrary code when an application used untrusted templates.

CVE-2012-6329

USN-2097-1: curl vulnerability - 3rd February 2014

Paras Sethia and Yehezkel Horowitz discovered that libcurl incorrectly reused connections when NTLM authentication was being used. This could lead to the use of unintended credentials, possibly exposing sensitive information.

CVE-2014-0015

USN-2088-1: NSS vulnerability - 23rd January 2014

Brian Smith discovered that NSS incorrectly handled the TLS False Start feature. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to spoof SSL servers.

CVE-2013-1740

USN-2087-1: NSPR vulnerability - 23rd January 2014

It was discovered that NSPR incorrectly handled certain malformed X.509 certificates. A remote attacker could use a crafted X.509 certificate to cause NSPR to crash, leading to a denial of service, or possibly execute arbitrary code.

CVE-2013-5607

USN-2086-1: MySQL vulnerabilities - 21st January 2014

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.73 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.10 have been updated to MySQL 5.5.35. In addition to security fixes, the updated ...

CVE-2013-5891 CVE-2013-5908 CVE-2014-0386 CVE-2014-0393 CVE-2014-0401 CVE-2014-0402 CVE-2014-0412 CVE-2014-0420 CVE-2014-0437

USN-2085-1: HPLIP vulnerabilities - 21st January 2014

It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and higher, this should be prevented by the Yama link restrictions. (CVE-2013-6402) It was discovered that HPLIP contained ...

CVE-2013-6402 CVE-2013-6427

USN-2084-1: devscripts vulnerability - 21st January 2014

It was discovered that the uscan tool incorrectly repacked archive files. If a user or automated system were tricked into processing specially crafted files, a remote attacker could possibly execute arbitrary code.

CVE-2013-6888

USN-2083-1: Graphviz vulnerabilities - 16th January 2014

It was discovered that Graphviz incorrectly handled memory in the yyerror function. If a user were tricked into opening a specially crafted dot file, an attacker could cause Graphviz to crash, or possibly execute arbitrary code. (CVE-2014-0978, CVE-2014-1235) It was discovered that Graphviz incorrectly handled memory in the chkNum function. ...

CVE-2014-0978 CVE-2014-1235 CVE-2014-1236

< Previous   Showing page 2 of 16   Next >
Show: All