These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-376-1: imlib2 vulnerabilities

M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user’s privileges.

3 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-375-1: PHP vulnerability

Stefan Esser discovered two buffer overflows in the htmlentities() and htmlspecialchars() functions. By supplying specially crafted input to PHP applications which process that input with these functions, a remote attacker could potentially exploit this to execute arbitrary code with the privileges of the application. (CVE-2006-5465) This update…

3 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-372-1: imagemagick vulnerability

M. Joonas Pihlaja discovered that ImageMagick did not sufficiently verify the validity of PALM and DCM images. When processing a specially crafted image with an application that uses imagemagick, this could be exploited to execute arbitrary code with the application’s privileges.

1 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-369-2: postgresql-8.1 vulnerabilities

USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS. This update provides the corresponding update for Ubuntu 6.10. Original advisory details: Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker…

1 November 2006 | ubuntu-6.10

USN-374-1: wvWare vulnerability

An integer overflow was discovered in the DOC file parser of the wv library. By tricking a user into opening a specially crafted MSWord (.DOC) file, remote attackers could execute arbitrary code with the user’s privileges.

1 November 2006 | ubuntu-6.10

USN-373-1: mutt vulnerabilities

Race conditions were discovered in mutt’s handling of temporary files. Under certain conditions when using a shared temp directory (the default), other local users could overwrite arbitrary files owned by the user running mutt. This vulnerability is more likely when the temp directory is over NFS.

1 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-371-1: Ruby vulnerability

An error was found in Ruby’s CGI library that did not correctly check for the end of multipart MIME requests. Using a crafted HTTP request, a remote user could cause a denial of service, where Ruby CGI applications would end up in a loop, monopolizing a CPU.

1 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-370-1: screen vulnerability

cstone and Rich Felker discovered a programming error in the UTF8 string handling code of “screen” leading to a denial of service. If a crafted string was displayed within a screen session, screen would crash or possibly execute arbitrary code.

1 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-369-1: PostgreSQL vulnerabilities

Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker could cause a server crash. Josh Drake and Alvaro Herrera reported a crash when using aggregate functions in UPDATE statements. A local authenticated attacker could exploit…

25 October 2006 | ubuntu-6.06-lts

USN-368-1: Qt vulnerability

An integer overflow was discovered in Qt’s image loader. By processing a specially crafted image with an application that uses this library (like Konqueror), a remote attacker could exploit this to execute arbitrary code with the application’s privileges.

24 October 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04