These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-393-1: GnuPG vulnerability

Tavis Ormandy discovered that gnupg was incorrectly using the stack. If a user were tricked into processing a specially crafted message, an attacker could execute arbitrary code with the user’s privileges.

7 December 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-390-3: evince-gtk vulnerability

USN-390-2 fixed vulnerabilities in evince. This update provides the corresponding update for evince-gtk. Original advisory details: A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrary code with…

7 December 2006 | ubuntu-6.10, ubuntu-6.06-lts

USN-390-2: evince vulnerability

USN-390-1 fixed a vulnerability in evince. The original fix did not fully solve the problem, allowing for a denial of service in certain situations. Original advisory details: A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could…

6 December 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-392-1: xine-lib vulnerability

A buffer overflow was discovered in the Real Media input plugin in xine-lib. If a user were tricked into loading a specially crafted stream from a malicious server, the attacker could execute arbitrary code with the user’s privileges.

4 December 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-391-1: libgsf vulnerability

A heap overflow was discovered in the OLE processing code in libgsf. If a user were tricked into opening a specially crafted OLE document, an attacker could execute arbitrary code with the user’s privileges.

4 December 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-390-1: evince vulnerability

A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrary code with the user’s privileges.

30 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-389-1: GnuPG vulnerability

A buffer overflow was discovered in GnuPG. By tricking a user into running gpg interactively on a specially crafted message, an attacker could execute arbitrary code with the user’s privileges. This vulnerability is not exposed when running gpg in batch mode.

29 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-388-1: KOffice vulnerability

An integer overflow was discovered in KOffice’s filtering code. By tricking a user into opening a specially crafted PPT file, attackers could crash KOffice or possibly execute arbitrary code with the user’s privileges.

29 November 2006 | ubuntu-5.10

USN-387-1: Dovecot vulnerability

Dovecot was discovered to have an error when handling its index cache files. This error could be exploited by authenticated POP and IMAP users to cause a crash of the Dovecot server, or possibly to execute arbitrary code. Only servers using the non-default option “mmap_disable=yes” were vulnerable.

28 November 2006 | ubuntu-6.10, ubuntu-6.06-lts

USN-386-1: ImageMagick vulnerability

Daniel Kobras discovered multiple buffer overflows in ImageMagick’s SGI file format decoder. By tricking a user or an automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user’s privileges.

28 November 2006 | ubuntu-6.06-lts, ubuntu-5.10