Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 3 of 16   Next >
Show: All  

USN-2081-1: Bind vulnerability - 13th January 2014

Jared Mauch discovered that Bind incorrectly handled certain queries for NSEC3-signed zones. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service.

CVE-2014-0591

USN-2078-1: libXfont vulnerability - 7th January 2014

It was discovered that libXfont incorrectly handled certain malformed BDF fonts. An attacker could use a specially crafted font file to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of ...

CVE-2013-6462

USN-2065-1: Linux kernel (EC2) vulnerabilities - 3rd January 2014

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345) A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit ...

CVE-2013-4345 CVE-2013-4588 CVE-2013-6378 CVE-2013-6763

USN-2064-1: Linux kernel vulnerabilities - 3rd January 2014

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345) A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit ...

CVE-2013-4345 CVE-2013-4588 CVE-2013-6378 CVE-2013-6763

USN-2063-1: NSS vulnerability - 20th December 2013

It was discovered that an intermediate certificate was incorrectly issued by a subordinate certificate authority of a trusted CA included in NSS. This intermediate certificate could be used in a man-in-the-middle attack, and has such been marked as untrusted in this update.

LP: 1263135

USN-2060-1: libjpeg, libjpeg-turbo vulnerabilities - 19th December 2013

Michal Zalewski discovered that libjpeg and libjpeg-turbo incorrectly handled certain memory operations. An attacker could use this issue with a specially-crafted JPEG file to possibly expose sensitive information.

CVE-2013-6629 CVE-2013-6630

USN-2059-1: GnuPG vulnerability - 18th December 2013

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via acoustic emanations. A local attacker could use this attack to possibly recover private keys.

CVE-2013-4576

USN-2055-1: PHP vulnerabilities - 12th December 2013

Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-6420) It was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP ...

CVE-2013-6420 CVE-2013-6712

USN-2054-1: Samba vulnerabilities - 11th December 2013

It was discovered that Winbind incorrectly handled invalid group names with the require_membership_of parameter. If an administrator used an invalid group name by mistake, access was granted instead of having the login fail. (CVE-2012-6150) Stefan Metzmacher and Michael Adam discovered that Samba incorrectly handled DCE-RPC fragment length fields. A remote ...

CVE-2012-6150 CVE-2013-4408 CVE-2013-4475

USN-2048-2: curl regression - 6th December 2013

USN-2048-1 fixed a vulnerability in curl. The security fix uncovered a bug in the curl command line tool which resulted in the --insecure (-k) option not working as intended. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Scott Cantor discovered that libcurl incorrectly verified CN ...

LP: 1258366

USN-2048-1: curl vulnerability - 5th December 2013

Scott Cantor discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted ...

CVE-2013-4545

USN-2037-1: Linux kernel (EC2) vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux ...

CVE-2012-2121 CVE-2013-4511

USN-2036-1: Linux kernel vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux ...

CVE-2012-2121 CVE-2013-4511

USN-2033-1: OpenJDK 6 vulnerabilities - 21st November 2013

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783, CVE-2013-5804) Several vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial ...

CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851

USN-2030-1: NSS vulnerabilities - 18th November 2013

Multiple security issues were discovered in NSS. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. This update also adds TLS v1.2 support to ...

CVE-2013-1739 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606

USN-2029-1: Apache Commons FileUpload vulnerability - 13th November 2013

It was discovered that Apache Commons FileUpload incorrectly handled file names with NULL bytes in serialized instances. An attacker could use this issue to possibly write to arbitrary files.

CVE-2013-2186

USN-2028-1: Apache XML Security for Java vulnerability - 12th November 2013

James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures.

CVE-2013-2172

USN-2016-1: Linux kernel (EC2) vulnerabilities - 8th November 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. ...

CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2897 CVE-2013-4299

USN-2015-1: Linux kernel vulnerabilities - 8th November 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. ...

CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2897 CVE-2013-4299

USN-2006-1: MySQL vulnerabilities - 24th October 2013

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.72 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 and Ubuntu 13.10 have been updated to MySQL 5.5.34. In addition to security fixes, ...

CVE-2013-3839 CVE-2013-5807

USN-1991-1: GNU C Library vulnerabilities - 21st October 2013

It was discovered that the GNU C Library incorrectly handled the strcoll() function. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2012-4412, CVE-2012-4424) It was discovered that the GNU C Library incorrectly handled multibyte characters in the regular expression matcher. An ...

CVE-2012-4412 CVE-2012-4424 CVE-2013-0242 CVE-2013-1914 CVE-2013-4237 CVE-2013-4332

USN-1987-1: GnuPG vulnerabilities - 9th October 2013

Daniel Kahn Gillmor discovered that GnuPG treated keys with empty usage flags as being valid for all usages. (CVE-2013-4351) Taylor R Campbell discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or automated system were tricked into processing a specially-crafted message, GnuPG could consume resources, resulting in a ...

CVE-2013-4351 CVE-2013-4402

USN-1982-1: Python 2.6 vulnerability - 1st October 2013

Ryan Sleevi discovered that Python did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

CVE-2013-4238

USN-1981-1: HPLIP vulnerabilities - 30th September 2013

It was discovered that HPLIP incorrectly handled temporary files when using the fax capabilities. A local attacker could possibly use this issue to overwrite arbitrary files. This issue only applied to Ubuntu 10.04 LTS. (CVE-2011-2722) Tim Waugh discovered that HPLIP incorrectly handled temporary files when printing. A local attacker could ...

CVE-2011-2722 CVE-2013-0200

USN-1977-1: Linux kernel (EC2) vulnerabilities - 30th September 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2892

USN-1976-1: Linux kernel vulnerabilities - 30th September 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2892

USN-1966-1: Samba vulnerability - 24th September 2013

Jeremy Allison discovered that Samba incorrectly handled certain extended attribute lists. A remote attacker could use this issue to cause Samba to hang, resulting in a denial of service.

CVE-2013-4124

USN-1967-1: Django vulnerabilities - 24th September 2013

It was discovered that Django incorrectly handled large passwords. A remote attacker could use this issue to consume resources, resulting in a denial of service. (CVE-2013-1443) It was discovered that Django incorrectly handled ssi templates. An attacker could use this issue to read arbitrary files. (CVE-2013-4315) It was discovered that ...

CVE-2013-1443 CVE-2013-4315

USN-1965-1: pyOpenSSL vulnerability - 23rd September 2013

It was discovered that pyOpenSSL did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

CVE-2013-4314

USN-1956-1: HPLIP vulnerability - 18th September 2013

It was discovered that HPLIP was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

CVE-2013-4325

USN-1954-1: libvirt vulnerabilities - 18th September 2013

It was discovered that libvirt used the pkcheck tool in an unsafe manner. A local attacker could possibly use this flaw to bypass polkit authentication. In Ubuntu, libvirt polkit authentication is not enabled by default. (CVE-2013-4311) It was discovered that libvirt incorrectly handled certain memory stats requests. A remote attacker ...

CVE-2013-4296 CVE-2013-4311 CVE-2013-5651

USN-1953-1: polkit vulnerability - 18th September 2013

It was discovered that polkit didn't allow applications to use the pkcheck tool in a way which prevented a race condition in the UID lookup. A local attacker could use this flaw to possibly escalate privileges.

CVE-2013-4288

USN-1948-1: httplib2 vulnerability - 9th September 2013

It was discovered that httplib2 only validated SSL certificates on the first request to a connection, and didn't report validation failures on subsequent requests. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information ...

CVE-2013-2037

USN-1940-1: Linux kernel (EC2) vulnerabilities - 6th September 2013

Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. (CVE-2013-1060) Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots ...

CVE-2013-1060 CVE-2013-1943 CVE-2013-2206 CVE-2013-4162

USN-1939-1: Linux kernel vulnerabilities - 6th September 2013

Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. (CVE-2013-1060) Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory slots ...

CVE-2013-1060 CVE-2013-1943 CVE-2013-2206 CVE-2013-4162

USN-1937-1: PHP vulnerability - 5th September 2013

It was discovered that PHP did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

CVE-2013-4248

USN-1923-1: GnuPG, Libgcrypt vulnerability - 31st July 2013

Yuval Yarom and Katrina Falkner discovered a timing-based information leak, known as Flush+Reload, that could be used to trace execution in programs. GnuPG and Libgcrypt followed different execution paths based on key-related data, which could be used to expose the contents of private keys.

CVE-2013-4242

USN-1913-1: Linux kernel (EC2) vulnerabilities - 29th July 2013

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164) A flaw was discovered in the Linux kernel when an IPv6 socket is used to connect to ...

CVE-2013-2164 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 CVE-2013-2851

USN-1912-1: Linux kernel vulnerabilities - 29th July 2013

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom driver. A local user can exploit this leak to obtain sensitive information from kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164) A flaw was discovered in the Linux kernel when an IPv6 socket is used to connect to ...

CVE-2013-2164 CVE-2013-2232 CVE-2013-2234 CVE-2013-2237 CVE-2013-2851

USN-1910-1: Bind vulnerability - 29th July 2013

Maxim Shudrak discovered that Bind incorrectly handled certain malformed rdata. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service.

CVE-2013-4854

USN-1909-1: MySQL vulnerabilities - 25th July 2013

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.70 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.04 have been updated to MySQL 5.5.32. In addition to security fixes, the updated ...

CVE-2013-1861 CVE-2013-2162 CVE-2013-3783 CVE-2013-3793 CVE-2013-3802 CVE-2013-3804 CVE-2013-3809 CVE-2013-3812

USN-1908-1: OpenJDK 6 vulnerabilities - 23rd July 2013

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-1500, CVE-2013-2454, CVE-2013-2458) A vulnerability was discovered in the OpenJDK Javadoc related to data integrity. (CVE-2013-1571) A vulnerability was discovered in the OpenJDK ...

CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 CVE-2013-3743

USN-1904-2: libxml2 regression - 17th July 2013

USN-1904-1 fixed vulnerabilities in libxml2. The update caused a regression for certain users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that libxml2 would load XML external entities by default. If a user or automated system were tricked into opening a specially ...

LP: 1201849

USN-1905-1: PHP vulnerabilities - 16th July 2013

It was discovered that PHP incorrectly handled the xml_parse_into_struct function. If a PHP application parsed untrusted XML, an attacker could use this flaw with a specially-crafted XML document to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code. (CVE-2013-4113) It was discovered that ...

CVE-2013-4113 CVE-2013-4635

USN-1903-1: Apache HTTP Server vulnerabilities - 15th July 2013

It was discovered that the mod_rewrite module incorrectly sanitized non- printable characters before writing data to log files. A remote attacker could possibly use this flaw to execute arbitrary commands by injecting escape sequences in the log file. (CVE-2013-1862) It was discovered that the mod_dav module incorrectly handled certain MERGE ...

CVE-2013-1862 CVE-2013-1896

USN-1904-1: libxml2 vulnerabilities - 15th July 2013

It was discovered that libxml2 would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly obtain access to arbitrary files or cause resource consumption. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and ...

CVE-2013-0339 CVE-2013-2877

USN-1900-1: Linux kernel (EC2) vulnerabilities - 4th July 2013

Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508) An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local ...

CVE-2012-4508 CVE-2013-2141 CVE-2013-2852

USN-1899-1: Linux kernel vulnerabilities - 4th July 2013

Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508) An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local ...

CVE-2012-4508 CVE-2013-2141 CVE-2013-2852

USN-1898-1: OpenSSL vulnerability - 3rd July 2013

The TLS protocol 1.2 and earlier can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext content by observing length differences during a series of guesses in which a provided string potentially matches an unknown string in encrypted and compressed ...

CVE-2012-4929

USN-1894-1: curl vulnerability - 2nd July 2013

Timo Sirainen discovered that libcurl incorrectly handled memory when parsing URL encoded strings. An attacker could possibly use this issue to cause libcurl to crash, leading to a denial of service, or execute arbitrary code.

CVE-2013-2174

< Previous   Showing page 3 of 16   Next >
Show: All