These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-161-1: bzip2 utility vulnerability

USN-158-1 fixed a command injection vulnerability in the “zgrep” utility. It was determined that the “bzgrep” counterpart in the bzip2 package is vulnerable to the same flaw. bzgrep did not handle shell metacharacters like ‘|’ and ‘&’ properly when they occurred in input file names. This could be exploited to execute arbitrary commands with user…

5 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-160-1: Apache 2 vulnerabilities

Marc Stern discovered a buffer overflow in the SSL module’s certificate revocation list (CRL) handler. If Apache is configured to use a malicious CRL, this could possibly lead to a server crash or arbitrary code execution with the privileges of the Apache web server. (CAN-2005-1268) Watchfire discovered that Apache insufficiently verified…

4 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-157-2: Updated Mozilla Thunderbird Enigmail plugin for Ubuntu 4.10

USN-157-1 fixed some vulnerabilities in the Mozilla Thunderbird email client. The updated Thunderbird version broke compatibility with the Enigmail plugin. As announced in USN-157-1, the Enigmail package was now updated for Ubuntu 4.10 (Warty Warthog) to work with the new Thunderbird version.

2 August 2005 | ubuntu-4.10

USN-159-1: unzip vulnerability

If a ZIP archive contains binaries with the setuid and/or setgid bit set, unzip preserved those bits when extracting the archive. This could be exploited by tricking the administrator into unzipping an archive with a setuid-root binary into a directory the attacker can access. This allowed the attacker to execute arbitrary commands with root…

1 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-158-1: gzip utility vulnerability

zgrep did not handle shell metacharacters like ‘|’ and ‘&’ properly when they occurred in input file names. This could be exploited to execute arbitrary commands with user privileges if zgrep is run in an untrusted directory with specially crafted file names.

1 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-157-1: Mozilla Thunderbird vulnerabilities

Vladimir V. Perepelitsa discovered a bug in Thunderbird’s handling of anonymous functions during regular expression string replacement. A malicious HTML email could exploit this to capture a random block of client memory. (CAN-2005-0989) Georgi Guninski discovered that the types of certain XPInstall related JavaScript objects were not…

1 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-156-1: TIFF vulnerability

Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the “YCbCr subsampling” value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a Denial of Service in server applications that use…

29 July 2005 | ubuntu-5.04, ubuntu-4.10

USN-155-2: Updated Epiphany packages to match Mozilla security update

USN-155-1 fixed some security vulnerabilities of the Mozilla suite. Unfortunately this update caused regressions in the Epiphany web browser, which uses parts of the Mozilla browser. The updated packages fix these problems.

29 July 2005 | ubuntu-4.10

USN-149-3: Ubuntu 4.10 update for Firefox vulnerabilities

USN-149-1 fixed some vulnerabilities in the Ubuntu 5.04 (Hoary Hedgehog) version of Firefox. The version shipped with Ubuntu 4.10 (Warty Warthog) is also vulnerable to these flaws, so it needs to be upgraded as well. Please see http://www.ubuntulinux.org/support/documentation/usn/usn-149-1 for the original advisory. This update also fixes…

28 July 2005 | ubuntu-4.10

USN-155-1: Mozilla vulnerabilities

Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious web site to spoof the contents of other web sites. (CAN-2005-1937) It was discovered that a malicious website could inject arbitrary scripts into a target site by…

27 July 2005 | ubuntu-5.04, ubuntu-4.10