Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Show: All  

USN-1816-1: ClamAV vulnerabilities - 3rd May 2013

It was discovered that ClamAV would incorrectly parse a UPX-packed executable, leading to possible inappropriate heap reads. An attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-2020) It was discovered that ClamAV would incorrectly parse a PDF ...

CVE-2013-2020 CVE-2013-2021

USN-1808-1: Linux kernel (EC2) vulnerabilities - 25th April 2013

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. (CVE-2012-6542) Mathias Krause discovered information leaks in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol ...

CVE-2012-6542 CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6548 CVE-2013-0228 CVE-2013-0349 CVE-2013-1774 CVE-2013-1796

USN-1807-1: MySQL vulnerabilities - 24th April 2013

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.69 in Ubuntu 10.04 LTS and Ubuntu 11.10. Ubuntu 12.04 LTS and Ubuntu 12.10 have been updated to MySQL 5.5.31. In addition to security fixes, the ...

CVE-2012-0553 CVE-2013-1492 CVE-2013-1502 CVE-2013-1506 CVE-2013-1511 CVE-2013-1512 CVE-2013-1521 CVE-2013-1523 CVE-2013-1526 CVE-2013-1532 CVE-2013-1544 CVE-2013-1552 CVE-2013-1555 CVE-2013-1623 CVE-2013-2375 CVE-2013-2376 CVE-2013-2378 CVE-2013-2389 CVE-2013-2391 CVE-2013-2392

USN-1805-1: Linux kernel vulnerabilities - 19th April 2013

Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. (CVE-2012-6542) Mathias Krause discovered information leaks in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol ...

CVE-2012-6542 CVE-2012-6544 CVE-2012-6545 CVE-2012-6546 CVE-2012-6548 CVE-2013-0228 CVE-2013-0349 CVE-2013-1774 CVE-2013-1796

USN-1804-1: IcedTea-Web vulnerabilities - 18th April 2013

Jiri Vanek discovered that IcedTea-Web would use the same classloader for applets from different domains. A remote attacker could exploit this to expose sensitive information or potentially manipulate applets from other domains. (CVE-2013-1926) It was discovered that IcedTea-Web did not properly verify JAR files and was susceptible to the GIFAR ...

CVE-2013-1926 CVE-2013-1927

USN-1803-1: X.Org X server vulnerability - 17th April 2013

It was discovered that the X.Org X server did not properly clear input events in certain circumstances. A local attacker with physical access could use this flaw to capture keystrokes.

CVE-2013-1940

USN-1801-1: curl vulnerability - 15th April 2013

YAMADA Yasuharu discovered that libcurl was vulnerable to a cookie leak when doing requests across domains with matching tails. curl did not properly restrict cookies to domains and subdomains. If a user or automated system were tricked into processing a specially crafted URL, an attacker could read cookie values stored ...

CVE-2013-1944

USN-1798-1: Linux kernel (EC2) vulnerabilities - 8th April 2013

Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537) Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack ...

CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2013-0914 CVE-2013-1767 CVE-2013-1792

USN-1792-1: Linux kernel vulnerabilities - 8th April 2013

Mathias Krause discovered several errors in the Linux kernel's xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537) Mathias Krause discovered information leak in the Linux kernel's compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack ...

CVE-2012-6537 CVE-2012-6539 CVE-2012-6540 CVE-2013-0914 CVE-2013-1767 CVE-2013-1792

USN-1791-1: Thunderbird vulnerabilities - 8th April 2013

Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic and Joe Drew discovered multiple memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or ...

CVE-2013-0788 CVE-2013-0791 CVE-2013-0793 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 LP: 1162043

USN-1786-1: Firefox vulnerabilities - 4th April 2013

Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan Sreckovic, Joe Drew, Andrew McCreight, Randell Jesup, Gary Kwong and Mats Palmgren discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of ...

CVE-2013-0788 CVE-2013-0789 CVE-2013-0791 CVE-2013-0792 CVE-2013-0793 CVE-2013-0794 CVE-2013-0795 CVE-2013-0796 CVE-2013-0800 LP: 1161422

USN-1789-1: PostgreSQL vulnerabilities - 4th April 2013

Mitsumasa Kondo and Kyotaro Horiguchi discovered that PostgreSQL incorrectly handled certain connection requests containing database names starting with a dash. A remote attacker could use this flaw to damage or destroy files within a server's data directory. This issue only applied to Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. ...

CVE-2013-1899 CVE-2013-1900 CVE-2013-1901

USN-1788-1: Linux kernel (Oneiric backport) vulnerabilities - 3rd April 2013

Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to bypass ASLR (Address Space Layout Randomization). A local user could use this flaw to bypass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). ...

CVE-2013-0914 CVE-2013-1767 CVE-2013-1792

USN-1785-1: poppler vulnerabilities - 2nd April 2013

It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program.

CVE-2013-1788 CVE-2013-1789 CVE-2013-1790

USN-1784-1: libxslt vulnerability - 2nd April 2013

Nicholas Gregoire discovered that libxslt incorrectly handled certain empty values. If a user or automated system were tricked into processing a specially crafted XSLT document, a remote attacker could cause libxslt to crash, causing a denial of service.

CVE-2012-6139

USN-1783-1: Bind vulnerability - 29th March 2013

Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. A remote attacker could use this flaw to cause Bind to consume an excessive amount of memory, possibly resulting in a denial of service. This issue was corrected by disabling RDATA regular expression syntax checking.

CVE-2013-2266

USN-1782-1: libxml2 vulnerability - 28th March 2013

It was discovered that libxml2 incorrectly handled XML entity expansion. An attacker could use this flaw to cause libxml2 to consume large amounts of resources, resulting in a denial of service.

CVE-2013-0338

USN-1780-1: Ruby vulnerability - 25th March 2013

Ben Murphy discovered that the Ruby REXML library incorrectly handled XML entity expansion. An attacker could use this flaw to cause Ruby to consume large amounts of memory, resulting in a denial of service.

CVE-2013-1821

USN-1776-1: Linux kernel (EC2) vulnerabilities - 22nd March 2013

A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268) A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when ...

CVE-2013-0268 CVE-2013-0309 CVE-2013-1773

USN-1775-1: Linux kernel vulnerabilities - 22nd March 2013

A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. (CVE-2013-0268) A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when ...

CVE-2013-0268 CVE-2013-0309 CVE-2013-1773

USN-1773-1: ClamAV vulnerabilities - 21st March 2013

Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind discovered multiple security issues with ClamAV. An attacker could use these issues to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.

LP: 1157385

USN-1770-1: Perl vulnerability - 19th March 2013

Yves Orton discovered that Perl incorrectly handled hashing when using user-provided hash keys. An attacker could use this flaw to perform a denial of service attack against software written in Perl.

CVE-2013-1667

USN-1765-1: Apache HTTP Server vulnerabilities - 18th March 2013

Niels Heinen discovered that multiple modules incorrectly sanitized certain strings, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to ...

CVE-2012-3499 CVE-2012-4557 CVE-2012-4558 CVE-2013-1048

USN-1763-2: NSPR update - 14th March 2013

USN-1763-1 fixed a vulnerability in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker ...

LP: 1155295

USN-1763-1: NSS vulnerability - 14th March 2013

Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.

CVE-2013-1620

USN-1761-1: PHP vulnerability - 13th March 2013

It was discovered that PHP incorrectly handled XML external entities in SOAP WSDL files. A remote attacker could use this flaw to read arbitrary files off the server.

CVE-2013-1643

USN-1758-2: Thunderbird vulnerability - 12th March 2013

USN-1758-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Thunderbird. Original advisory details: It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary ...

CVE-2013-0787

USN-1760-1: Linux kernel (Oneiric backport) vulnerabilities - 12th March 2013

A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. (CVE-2013-0216) A memory leak was discovered in the Linux kernel's ...

CVE-2013-0216 CVE-2013-0217 CVE-2013-0228 CVE-2013-0268 CVE-2013-0311 CVE-2013-0349 CVE-2013-1773

USN-1758-1: Firefox vulnerability - 8th March 2013

It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.

CVE-2013-0787 LP: 1152052

USN-1757-1: Django vulnerabilities - 7th March 2013

James Kettle discovered that Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users. Although this issue had been previously addressed in USN-1632-1, this update adds additional hardening measures to host header validation. This ...

CVE-2012-4520 CVE-2013-0305 CVE-2013-0306 CVE-2013-1664 CVE-2013-1665

USN-1755-1: OpenJDK 6 vulnerabilities - 5th March 2013

It was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash. (CVE-2013-0809) It was discovered that OpenJDK did not properly check return values when performing color conversion for images. If a user were tricked into opening a ...

CVE-2013-0809 CVE-2013-1493

USN-1754-1: Sudo vulnerability - 28th February 2013

Marco Schoepl discovered that Sudo incorrectly handled time stamp files when the system clock is set to epoch. A local attacker could use this issue to run Sudo commands without a password prompt.

CVE-2013-1775

USN-1753-1: DBus-GLib vulnerability - 27th February 2013

Sebastian Krahmer and Bastien Nocera discovered that DBus-GLib did not properly validate the message sender when the "NameOwnerChanged" signal was received. A local attacker could possibly use this issue to escalate their privileges.

CVE-2013-0292

USN-1752-1: GnuTLS vulnerability - 27th February 2013

Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.

CVE-2013-1619

USN-1748-1: Thunderbird vulnerabilities - 25th February 2013

Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges ...

CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782 CVE-2013-0783 CVE-2013-0784 LP: 1131110

USN-1746-1: Pidgin vulnerabilities - 25th February 2013

Chris Wysopal discovered that Pidgin incorrectly handled file transfers in the MXit protocol handler. A remote attacker could use this issue to create or overwrite arbitrary files. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2013-0271) It was discovered that Pidgin incorrectly handled long HTTP headers ...

CVE-2013-0271 CVE-2013-0272 CVE-2013-0273 CVE-2013-0274

USN-1738-1: Linux kernel (Oneiric backport) vulnerability - 21st February 2013

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

CVE-2013-0871

USN-1737-1: Linux kernel (EC2) vulnerability - 21st February 2013

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

CVE-2013-0871

USN-1736-1: Linux kernel vulnerability - 21st February 2013

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

CVE-2013-0871

USN-1735-1: OpenJDK vulnerabilities - 21st February 2013

Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenJDK was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. (CVE-2013-0169) A vulnerability was discovered in the ...

CVE-2013-0169 CVE-2013-1484 CVE-2013-1485 CVE-2013-1486 CVE-2013-1487

USN-1732-1: OpenSSL vulnerabilities - 21st February 2013

Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. (CVE-2012-2686) Stephen Henson discovered ...

CVE-2012-2686 CVE-2013-0166 CVE-2013-0169

USN-1729-1: Firefox vulnerabilities - 19th February 2013

Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreight, Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierron discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an ...

CVE-2013-0765 CVE-2013-0772 CVE-2013-0773 CVE-2013-0774 CVE-2013-0775 CVE-2013-0776 CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0780 CVE-2013-0781 CVE-2013-0782 CVE-2013-0783 CVE-2013-0784 LP: 1128883

USN-1728-1: Linux kernel (EC2) vulnerability - 18th February 2013

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.

CVE-2013-0190

USN-1725-1: Linux kernel vulnerability - 14th February 2013

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously.

CVE-2013-0190

USN-1724-1: OpenJDK vulnerabilities - 14th February 2013

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2012-1541, CVE-2012-3342, CVE-2013-0351, CVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0441, CVE-2013-0442, CVE-2013-0445, CVE-2013-0450, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480) Vulnerabilities were discovered in ...

CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0444 CVE-2013-0445 CVE-2013-0446 CVE-2013-0448 CVE-2013-0449 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481

USN-1723-1: Qt vulnerabilities - 14th February 2013

Richard J. Moore and Peter Hartmann discovered that Qt allowed redirecting requests from http to file schemes. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. (CVE-2012-5624) Stephen ...

CVE-2012-5624 CVE-2012-6093 CVE-2013-0254

USN-1722-1: jQuery vulnerability - 13th February 2013

It was discovered that jQuery incorrectly handled selecting elements using location.hash, resulting in a possible cross-site scripting (XSS) issue. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the ...

CVE-2011-4969

USN-1719-1: Linux kernel (Oneiric backport) vulnerabilities - 12th February 2013

It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. (CVE-2012-2669) Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem ...

CVE-2012-2669 CVE-2012-4508 CVE-2013-0190

USN-1717-1: PostgreSQL vulnerability - 12th February 2013

Sumit Soni discovered that PostgreSQL incorrectly handled calling a certain internal function with invalid arguments. An authenticated attacker could use this issue to cause PostgreSQL to crash, resulting in a denial of service.

CVE-2013-0255

USN-1681-4: Firefox regression - 5th February 2013

USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression, Firefox suffered from instabilities when accessing some websites. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos, Benoit Jacob, Gary Kwong, Robert O'Callahan, Jesse Ruderman, and ...

LP: 1116725

Show: All