These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-512-1: Quagga vulnerability

It was discovered that Quagga did not correctly verify OPEN messages or COMMUNITY attributes sent from configured peers. Malicious authenticated remote peers could send a specially crafted message which would cause bgpd to abort, leading to a denial of service.

15 September 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-511-2: Kerberos vulnerability

USN-511-1 fixed vulnerabilities in krb5 and librpcsecgss. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes the problem. Original advisory details: It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An…

7 September 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-511-1: Kerberos vulnerability

It was discovered that the libraries handling RPCSEC_GSS did not correctly validate the size of certain packet structures. An unauthenticated remote user could send a specially crafted request and execute arbitrary code with root privileges.

4 September 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-510-1: Linux kernel vulnerabilities

A flaw was discovered in the PPP over Ethernet implementation. Local attackers could manipulate ioctls and cause kernel memory consumption leading to a denial of service. (CVE-2007-2525) An integer underflow was discovered in the cpuset filesystem. If mounted, local attackers could obtain kernel memory using large file offsets while reading the…

31 August 2007 | ubuntu-7.04

USN-508-1: Linux kernel vulnerabilities

A buffer overflow was discovered in the Moxa serial driver. Local attackers could execute arbitrary code and gain root privileges. (CVE-2005-0504) A flaw was discovered in the IPv6 stack’s handling of type 0 route headers. By sending a specially crafted IPv6 packet, a remote attacker could cause a denial of service between two IPv6 hosts….

31 August 2007 | ubuntu-6.06-lts

USN-509-1: Linux kernel vulnerabilities

A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. (CVE-2007-3104) A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional privileges. (CVE-2007-3105) A flaw was…

30 August 2007 | ubuntu-6.10

USN-507-1: tcp-wrappers vulnerability

It was discovered that the TCP wrapper library was incorrectly allowing connections to services that did not specify server-side connection details. Remote attackers could connect to services that had been configured to block such connections. This only affected Ubuntu Feisty.

29 August 2007 | ubuntu-7.04

USN-469-2: Enigmail regression

USN-469-1 fixed vulnerabilities in the Mozilla Thunderbird email client. The updated Thunderbird version broken compatibility with the Enigmail plugin. This update corrects the problem. We apologize for the inconvenience.

28 August 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-506-1: tar vulnerability

Dmitry V. Levin discovered that tar did not correctly detect the “..” file path element when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted tar file, arbitrary files could be overwritten with user privileges.

28 August 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-505-1: vim vulnerability

Ulf Harnhammar discovered that vim does not properly sanitise the “helptags_one()” function when running the “helptags” command. By tricking a user into running a crafted help file, a remote attacker could execute arbitrary code with the user’s privileges.

28 August 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts