These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-398-3: Firefox theme regression

USN-398-1 fixed vulnerabilities in Firefox. Due to the updated version, a flaw was uncovered in the Firefox Themes bundle, which erroneously reported to be incompatible with the updated Firefox. This update fixes the problem. We apologize for the inconvenience.

4 January 2007 | ubuntu-6.10

USN-398-2: Firefox vulnerabilities

USN-398-1 fixed vulnerabilities in Firefox 2.0. This update provides the corresponding updates for Firefox 1.5. Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript or SVG. (CVE-2006-6497, CVE-2006-6498,…

3 January 2007 | ubuntu-6.06-lts, ubuntu-5.10

USN-399-1: w3m vulnerabilities

A format string vulnerability was discovered in w3m. If a user were tricked into visiting an HTTPS URL protected by a specially crafted SSL certificate, an attacker could execute arbitrary code with user privileges.

3 January 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-398-1: Firefox vulnerabilities

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript or SVG. (CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6504) Various flaws have been reported that allow an attacker to bypass…

3 January 2007 | ubuntu-6.10

USN-397-1: mono vulnerability

Jose Ramon Palanco discovered that the mono System.Web class did not consistently verify local file paths. As a result, the source code for mono web applications could be retrieved remotely, possibly leading to further compromise via the application’s source.

20 December 2006 | ubuntu-6.10, ubuntu-6.06-lts

USN-396-1: gdm vulnerability

A format string vulnerability was discovered in the gdmchooser component of the GNOME Display Manager. By typing a specially crafted host name, local users could gain gdm user privileges, which could lead to further account information exposure.

14 December 2006 | ubuntu-6.10, ubuntu-6.06-lts

USN-380-2: avahi regression

USN-380-1 fixed a vulnerability in Avahi. However, if used with Network manager, that version occasionally failed to resolve .local DNS names until Avahi got restarted. This update fixes the problem. We apologize for the inconvenience.

14 December 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-395-1: Linux kernel vulnerabilities

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has only be fixed for Ubuntu 6.10; the corresponding fix for Ubuntu 5.10 and 6.06 will follow soon. (CVE-2006-4572) Dmitriy Monakhov…

14 December 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-394-1: Ruby vulnerability

An error was found in Ruby’s CGI library that did not correctly quote the boundary of multipart MIME requests. Using a crafted HTTP request, a remote user could cause a denial of service, where Ruby CGI applications would end up in a loop, monopolizing a CPU.

8 December 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-393-2: GnuPG2 vulnerabilities

USN-389-1 and USN-393-1 fixed vulnerabilities in gnupg. This update provides the corresponding updates for gnupg2. Original advisory details: A buffer overflow was discovered in GnuPG. By tricking a user into running gpg interactively on a specially crafted message, an attacker could execute arbitrary code with the user’s privileges. …

7 December 2006 | ubuntu-6.10