These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-163-1: xpdf vulnerability

xpdf and kpdf did not sufficiently verify the validity of the “loca” table in PDF files, a table that contains glyph description information for embedded TrueType fonts. After detecting the broken table, xpdf attempted to reconstruct the information in it, which caused the generation of a huge temporary file that quickly filled up available disk…

10 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-162-1: ekg and Gadu library vulnerabilities

Marcin Owsiany and Wojtek Kaniewski discovered that some contributed scripts (contrib/ekgh, contrib/ekgnv.sh, and contrib/getekg.sh) in the ekg package created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the script. (CAN-2005-1850) Marcin…

9 August 2005 | ubuntu-5.04

USN-161-1: bzip2 utility vulnerability

USN-158-1 fixed a command injection vulnerability in the “zgrep” utility. It was determined that the “bzgrep” counterpart in the bzip2 package is vulnerable to the same flaw. bzgrep did not handle shell metacharacters like ‘|’ and ‘&’ properly when they occurred in input file names. This could be exploited to execute arbitrary commands with user…

5 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-160-1: Apache 2 vulnerabilities

Marc Stern discovered a buffer overflow in the SSL module’s certificate revocation list (CRL) handler. If Apache is configured to use a malicious CRL, this could possibly lead to a server crash or arbitrary code execution with the privileges of the Apache web server. (CAN-2005-1268) Watchfire discovered that Apache insufficiently verified…

4 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-157-2: Updated Mozilla Thunderbird Enigmail plugin for Ubuntu 4.10

USN-157-1 fixed some vulnerabilities in the Mozilla Thunderbird email client. The updated Thunderbird version broke compatibility with the Enigmail plugin. As announced in USN-157-1, the Enigmail package was now updated for Ubuntu 4.10 (Warty Warthog) to work with the new Thunderbird version.

2 August 2005 | ubuntu-4.10

USN-159-1: unzip vulnerability

If a ZIP archive contains binaries with the setuid and/or setgid bit set, unzip preserved those bits when extracting the archive. This could be exploited by tricking the administrator into unzipping an archive with a setuid-root binary into a directory the attacker can access. This allowed the attacker to execute arbitrary commands with root…

1 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-158-1: gzip utility vulnerability

zgrep did not handle shell metacharacters like ‘|’ and ‘&’ properly when they occurred in input file names. This could be exploited to execute arbitrary commands with user privileges if zgrep is run in an untrusted directory with specially crafted file names.

1 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-157-1: Mozilla Thunderbird vulnerabilities

Vladimir V. Perepelitsa discovered a bug in Thunderbird’s handling of anonymous functions during regular expression string replacement. A malicious HTML email could exploit this to capture a random block of client memory. (CAN-2005-0989) Georgi Guninski discovered that the types of certain XPInstall related JavaScript objects were not…

1 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-156-1: TIFF vulnerability

Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the “YCbCr subsampling” value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a Denial of Service in server applications that use…

29 July 2005 | ubuntu-5.04, ubuntu-4.10

USN-155-2: Updated Epiphany packages to match Mozilla security update

USN-155-1 fixed some security vulnerabilities of the Mozilla suite. Unfortunately this update caused regressions in the Epiphany web browser, which uses parts of the Mozilla browser. The updated packages fix these problems.

29 July 2005 | ubuntu-4.10