Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 3 of 17   Next >
Show: All  

USN-2128-1: Linux kernel vulnerabilities - 5th March 2014

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. (CVE-2013-0160) Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. ...

CVE-2013-0160 CVE-2013-2929 CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6382 CVE-2013-7027 CVE-2013-7266 CVE-2013-7267 CVE-2013-7268 CVE-2013-7269 CVE-2013-7270 CVE-2013-7271 CVE-2014-1444 CVE-2014-1445 CVE-2014-1446 CVE-2014-1874

USN-2127-1: GnuTLS vulnerability - 4th March 2014

Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly handled certificate verification functions. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited with specially crafted certificates to view sensitive information.

CVE-2014-0092

USN-2126-1: PHP vulnerabilities - 3rd March 2014

Bernd Melchers discovered that PHP's embedded libmagic library incorrectly handled indirect offset values. An attacker could use this issue to cause PHP to consume resources or crash, resulting in a denial of service. (CVE-2014-1943) It was discovered that PHP incorrectly handled certain values when using the imagecrop function. An attacker ...

CVE-2013-7226 CVE-2013-7327 CVE-2013-7328 CVE-2014-1943 CVE-2014-2020

USN-2125-1: Python vulnerability - 3rd March 2014

Ryan Smith-Roberts discovered that Python incorrectly handled buffer sizes when using the socket.recvfrom_into() function. An attacker could possibly use this issue to cause Python to crash, resulting in denial of service, or possibly execute arbitrary code.

CVE-2014-1912

USN-2124-1: OpenJDK 6 vulnerabilities - 27th February 2014

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-0411) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to ...

CVE-2013-5878 CVE-2013-5884 CVE-2013-5896 CVE-2013-5907 CVE-2013-5910 CVE-2014-0368 CVE-2014-0373 CVE-2014-0376 CVE-2014-0411 CVE-2014-0416 CVE-2014-0422 CVE-2014-0423 CVE-2014-0428 LP: 1283828

USN-2123-1: file vulnerabilities - 26th February 2014

It was discovered that file incorrectly handled Composite Document files. An attacker could use this issue to cause file to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-1571) Bernd Melchers discovered that file incorrectly handled indirect offset values. An ...

CVE-2012-1571 CVE-2014-1943

USN-2122-1: FreeRADIUS vulnerabilities - 26th February 2014

It was discovered that FreeRADIUS incorrectly handled unix authentication. A remote user could successfully authenticate with an expired password. (CVE-2011-4966) Pierre Carrier discovered that FreeRADIUS incorrectly handled rlm_pap hash processing. An authenticated user could use this issue to cause FreeRADIUS to crash, resulting in a denial of service, or possibly ...

CVE-2011-4966 CVE-2014-2015

USN-2120-1: PostgreSQL vulnerabilities - 24th February 2014

Noah Misch and Jonas Sundman discovered that PostgreSQL did not correctly enforce ADMIN OPTION restrictions. An authenticated attacker could use this issue to possibly revoke access from others, contrary to expected permissions. (CVE-2014-0060) Andres Freund discovered that PostgreSQL incorrectly handled validator functions. An authenticated attacker could possibly use this issue ...

CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066

USN-2108-1: Linux kernel (EC2) vulnerabilities - 18th February 2014

A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383) mpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in ...

CVE-2013-6383 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7281

USN-2107-1: Linux kernel vulnerabilities - 18th February 2014

A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383) mpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in ...

CVE-2013-6383 CVE-2013-7263 CVE-2013-7264 CVE-2013-7265 CVE-2013-7281

USN-2099-1: Perl vulnerability - 5th February 2014

It was discovered that Perl's Locale::Maketext module incorrectly handled backslashes and fully qualified method names. An attacker could possibly use this flaw to execute arbitrary code when an application used untrusted templates.

CVE-2012-6329

USN-2097-1: curl vulnerability - 3rd February 2014

Paras Sethia and Yehezkel Horowitz discovered that libcurl incorrectly reused connections when NTLM authentication was being used. This could lead to the use of unintended credentials, possibly exposing sensitive information.

CVE-2014-0015

USN-2088-1: NSS vulnerability - 23rd January 2014

Brian Smith discovered that NSS incorrectly handled the TLS False Start feature. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to spoof SSL servers.

CVE-2013-1740

USN-2087-1: NSPR vulnerability - 23rd January 2014

It was discovered that NSPR incorrectly handled certain malformed X.509 certificates. A remote attacker could use a crafted X.509 certificate to cause NSPR to crash, leading to a denial of service, or possibly execute arbitrary code.

CVE-2013-5607

USN-2086-1: MySQL vulnerabilities - 21st January 2014

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.73 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.10 have been updated to MySQL 5.5.35. In addition to security fixes, the updated ...

CVE-2013-5891 CVE-2013-5908 CVE-2014-0386 CVE-2014-0393 CVE-2014-0401 CVE-2014-0402 CVE-2014-0412 CVE-2014-0420 CVE-2014-0437

USN-2085-1: HPLIP vulnerabilities - 21st January 2014

It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and higher, this should be prevented by the Yama link restrictions. (CVE-2013-6402) It was discovered that HPLIP contained ...

CVE-2013-6402 CVE-2013-6427

USN-2084-1: devscripts vulnerability - 21st January 2014

It was discovered that the uscan tool incorrectly repacked archive files. If a user or automated system were tricked into processing specially crafted files, a remote attacker could possibly execute arbitrary code.

CVE-2013-6888

USN-2083-1: Graphviz vulnerabilities - 16th January 2014

It was discovered that Graphviz incorrectly handled memory in the yyerror function. If a user were tricked into opening a specially crafted dot file, an attacker could cause Graphviz to crash, or possibly execute arbitrary code. (CVE-2014-0978, CVE-2014-1235) It was discovered that Graphviz incorrectly handled memory in the chkNum function. ...

CVE-2014-0978 CVE-2014-1235 CVE-2014-1236

USN-2081-1: Bind vulnerability - 13th January 2014

Jared Mauch discovered that Bind incorrectly handled certain queries for NSEC3-signed zones. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service.

CVE-2014-0591

USN-2078-1: libXfont vulnerability - 7th January 2014

It was discovered that libXfont incorrectly handled certain malformed BDF fonts. An attacker could use a specially crafted font file to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of ...

CVE-2013-6462

USN-2065-1: Linux kernel (EC2) vulnerabilities - 3rd January 2014

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345) A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit ...

CVE-2013-4345 CVE-2013-4588 CVE-2013-6378 CVE-2013-6763

USN-2064-1: Linux kernel vulnerabilities - 3rd January 2014

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345) A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit ...

CVE-2013-4345 CVE-2013-4588 CVE-2013-6378 CVE-2013-6763

USN-2063-1: NSS vulnerability - 20th December 2013

It was discovered that an intermediate certificate was incorrectly issued by a subordinate certificate authority of a trusted CA included in NSS. This intermediate certificate could be used in a man-in-the-middle attack, and has such been marked as untrusted in this update.

LP: 1263135

USN-2060-1: libjpeg, libjpeg-turbo vulnerabilities - 19th December 2013

Michal Zalewski discovered that libjpeg and libjpeg-turbo incorrectly handled certain memory operations. An attacker could use this issue with a specially-crafted JPEG file to possibly expose sensitive information.

CVE-2013-6629 CVE-2013-6630

USN-2059-1: GnuPG vulnerability - 18th December 2013

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via acoustic emanations. A local attacker could use this attack to possibly recover private keys.

CVE-2013-4576

USN-2055-1: PHP vulnerabilities - 12th December 2013

Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-6420) It was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP ...

CVE-2013-6420 CVE-2013-6712

USN-2054-1: Samba vulnerabilities - 11th December 2013

It was discovered that Winbind incorrectly handled invalid group names with the require_membership_of parameter. If an administrator used an invalid group name by mistake, access was granted instead of having the login fail. (CVE-2012-6150) Stefan Metzmacher and Michael Adam discovered that Samba incorrectly handled DCE-RPC fragment length fields. A remote ...

CVE-2012-6150 CVE-2013-4408 CVE-2013-4475

USN-2048-2: curl regression - 6th December 2013

USN-2048-1 fixed a vulnerability in curl. The security fix uncovered a bug in the curl command line tool which resulted in the --insecure (-k) option not working as intended. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Scott Cantor discovered that libcurl incorrectly verified CN ...

LP: 1258366

USN-2048-1: curl vulnerability - 5th December 2013

Scott Cantor discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted ...

CVE-2013-4545

USN-2037-1: Linux kernel (EC2) vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux ...

CVE-2012-2121 CVE-2013-4511

USN-2036-1: Linux kernel vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux ...

CVE-2012-2121 CVE-2013-4511

USN-2033-1: OpenJDK 6 vulnerabilities - 21st November 2013

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783, CVE-2013-5804) Several vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial ...

CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851

USN-2030-1: NSS vulnerabilities - 18th November 2013

Multiple security issues were discovered in NSS. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. This update also adds TLS v1.2 support to ...

CVE-2013-1739 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606

USN-2029-1: Apache Commons FileUpload vulnerability - 13th November 2013

It was discovered that Apache Commons FileUpload incorrectly handled file names with NULL bytes in serialized instances. An attacker could use this issue to possibly write to arbitrary files.

CVE-2013-2186

USN-2028-1: Apache XML Security for Java vulnerability - 12th November 2013

James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures.

CVE-2013-2172

USN-2016-1: Linux kernel (EC2) vulnerabilities - 8th November 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. ...

CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2897 CVE-2013-4299

USN-2015-1: Linux kernel vulnerabilities - 8th November 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. ...

CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2897 CVE-2013-4299

USN-2006-1: MySQL vulnerabilities - 24th October 2013

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.72 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 and Ubuntu 13.10 have been updated to MySQL 5.5.34. In addition to security fixes, ...

CVE-2013-3839 CVE-2013-5807

USN-1991-1: GNU C Library vulnerabilities - 21st October 2013

It was discovered that the GNU C Library incorrectly handled the strcoll() function. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2012-4412, CVE-2012-4424) It was discovered that the GNU C Library incorrectly handled multibyte characters in the regular expression matcher. An ...

CVE-2012-4412 CVE-2012-4424 CVE-2013-0242 CVE-2013-1914 CVE-2013-4237 CVE-2013-4332

USN-1987-1: GnuPG vulnerabilities - 9th October 2013

Daniel Kahn Gillmor discovered that GnuPG treated keys with empty usage flags as being valid for all usages. (CVE-2013-4351) Taylor R Campbell discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or automated system were tricked into processing a specially-crafted message, GnuPG could consume resources, resulting in a ...

CVE-2013-4351 CVE-2013-4402

USN-1982-1: Python 2.6 vulnerability - 1st October 2013

Ryan Sleevi discovered that Python did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

CVE-2013-4238

USN-1981-1: HPLIP vulnerabilities - 30th September 2013

It was discovered that HPLIP incorrectly handled temporary files when using the fax capabilities. A local attacker could possibly use this issue to overwrite arbitrary files. This issue only applied to Ubuntu 10.04 LTS. (CVE-2011-2722) Tim Waugh discovered that HPLIP incorrectly handled temporary files when printing. A local attacker could ...

CVE-2011-2722 CVE-2013-0200

USN-1977-1: Linux kernel (EC2) vulnerabilities - 30th September 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2892

USN-1976-1: Linux kernel vulnerabilities - 30th September 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2892

USN-1966-1: Samba vulnerability - 24th September 2013

Jeremy Allison discovered that Samba incorrectly handled certain extended attribute lists. A remote attacker could use this issue to cause Samba to hang, resulting in a denial of service.

CVE-2013-4124

USN-1967-1: Django vulnerabilities - 24th September 2013

It was discovered that Django incorrectly handled large passwords. A remote attacker could use this issue to consume resources, resulting in a denial of service. (CVE-2013-1443) It was discovered that Django incorrectly handled ssi templates. An attacker could use this issue to read arbitrary files. (CVE-2013-4315) It was discovered that ...

CVE-2013-1443 CVE-2013-4315

USN-1965-1: pyOpenSSL vulnerability - 23rd September 2013

It was discovered that pyOpenSSL did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

CVE-2013-4314

USN-1956-1: HPLIP vulnerability - 18th September 2013

It was discovered that HPLIP was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

CVE-2013-4325

USN-1954-1: libvirt vulnerabilities - 18th September 2013

It was discovered that libvirt used the pkcheck tool in an unsafe manner. A local attacker could possibly use this flaw to bypass polkit authentication. In Ubuntu, libvirt polkit authentication is not enabled by default. (CVE-2013-4311) It was discovered that libvirt incorrectly handled certain memory stats requests. A remote attacker ...

CVE-2013-4296 CVE-2013-4311 CVE-2013-5651

USN-1953-1: polkit vulnerability - 18th September 2013

It was discovered that polkit didn't allow applications to use the pkcheck tool in a way which prevented a race condition in the UID lookup. A local attacker could use this flaw to possibly escalate privileges.

CVE-2013-4288

< Previous   Showing page 3 of 17   Next >
Show: All