These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-294-1: courier vulnerability

A Denial of Service vulnerability has been found in the function for encoding email addresses. Addresses containing a ‘=’ before the ‘@’ character caused the Courier to hang in an endless loop, rendering the service unusable.

9 June 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-288-3: PostgreSQL client vulnerabilities

USN-288-1 described a PostgreSQL client vulnerability in the way the >>‘<< character is escaped in SQL queries. It was determined that the PostgreSQL backends of Exim, Dovecot, and Postfix used this unsafe escaping method. For reference, these are the details of the original USN: CVE-2006-2313: Akio Ishida and Yasuo Ohgaki discovered a…

9 June 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-292-1: binutils vulnerability

CVE-2006-2362 Jesus Olmos Gonzalez discovered a buffer overflow in the Tektronix Hex Format (TekHex) backend of the BFD library, such as used by the ‘strings’ utility. By tricking an user or automated system into processing a specially crafted file with ‘strings’ or a vulnerable third-party application using the BFD library, this could be…

9 June 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-293-1: gdm vulnerability

If the admin configured a gdm theme that provided an user list, any user could activate the gdm setup program by first choosing the setup option from the menu, clicking on the user list and entering his own (instead of root’s) password. This allowed normal users to configure potentially dangerous features like remote or automatic login. Please…

9 June 2006 | ubuntu-6.06-lts, ubuntu-5.10

USN-288-2: PostgreSQL server/client vulnerabilities

USN-288-1 fixed two vulnerabilities in Ubuntu 5.04 and Ubuntu 5.10. This update fixes the same vulnerabilities for Ubuntu 6.06 LTS. For reference, these are the details of the original USN: CVE-2006-2313: Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling of invalidly-encoded multibyte text data. If a client…

9 June 2006 | ubuntu-6.06-lts

USN-291-1: FreeType vulnerabilities

Several integer overflows have been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user.

8 June 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-290-1: awstats vulnerability

Hendrik Weimer discovered a privilege escalation vulnerability in awstats. By supplying the ‘configdir’ CGI parameter and setting it to an attacker-controlled directory (such as an FTP account, /tmp, or similar), an attacker could execute arbitrary shell commands with the privileges of the web server (user ‘www-data’). This update disables the…

8 June 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-289-1: tiff vulnerabilities

A buffer overflow has been found in the tiff2pdf utility. By tricking an user into processing a specially crafted TIF file with tiff2pdf, this could potentially be exploited to execute arbitrary code with the privileges of the user. (CVE-2006-2193) A. Alejandro Hern´┐Żndez discovered a buffer overflow in the tiffsplit utility. By calling tiffsplit…

8 June 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-288-1: PostgreSQL server/client vulnerabilities

CVE-2006-2313: Akio Ishida and Yasuo Ohgaki discovered a weakness in the handling of invalidly-encoded multibyte text data. If a client application processed untrusted input without respecting its encoding and applied standard string escaping techniques (such as replacing a single quote >>‘<< with >>\’<< or >>“<<), the PostgreSQL server…

29 May 2006 | ubuntu-5.10, ubuntu-5.04

USN-287-1: Nagios vulnerability

The nagios CGI scripts did not sufficiently check the validity of the HTTP Content-Length attribute. By sending a specially crafted HTTP request with an invalidly large Content-Length value to the Nagios server, a remote attacker could exploit this to execute arbitrary code with web server privileges. Please note that the Apache 2 web server…

29 May 2006 | ubuntu-5.10, ubuntu-5.04