These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-484-1: curl vulnerability

It was discovered that the GnuTLS certificate verification methods implemented in Curl did not check for expiration and activation dates. When performing validations, tools using libcurl3-gnutls would incorrectly allow connections to sites using expired certificates.

17 July 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-483-1: libnet-dns-perl vulnerabilities

Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. (CVE-2007-3377) Steffen Ullrich discovered that the Net::DNS Perl module did not correctly detect recursive compressed responses. A remote…

13 July 2007 | ubuntu-6.10, ubuntu-6.06-lts

USN-482-1: OpenOffice.org vulnerability

John Heasman discovered that OpenOffice did not correctly validate the sizes of tags in RTF documents. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges.

11 July 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-481-1: ImageMagick vulnerabilities

Multiple vulnerabilities were found in ImageMagick’s handling of DCM and WXD image files. By tricking a user into processing a specially crafted image with an application that uses imagemagick, an attacker could execute arbitrary code with the user’s privileges.

10 July 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-480-1: Gimp vulnerability

Stefan Cornelius discovered that Gimp could miscalculate the size of heap buffers when processing PSD images. By tricking a user into opening a specially crafted PSD file with Gimp, an attacker could exploit this to execute arbitrary code with the user’s privileges.

4 July 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-479-1: MadWifi vulnerabilities

Multiple flaws in the MadWifi driver were discovered that could lead to a system crash. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. (CVE-2006-7177, CVE-2006-7178, CVE-2006-7179, CVE-2007-2829, CVE-2007-2830) A flaw was discovered in the MadWifi driver that would allow…

29 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-478-1: libexif vulnerability

Sean Larsson discovered that libexif did not correctly verify the size of EXIF components. By tricking a user into opening an image with specially crafted EXIF headers, a remote attacker could cause the application using libexif to execute arbitrary code with user privileges.

27 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-477-1: krb5 vulnerabilities

Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. (CVE-2007-2442) Wei Wang discovered that the krb5 RPC library did not correctly…

27 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-476-1: redhat-cluster-suite vulnerability

Fabio Massimo Di Nitto discovered that cman did not correctly validate the size of client messages. A local user could send a specially crafted message and execute arbitrary code with cluster manager privileges or crash the manager, leading to a denial of service.

22 June 2007 | ubuntu-7.04

USN-475-1: evolution-data-server vulnerability

Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute arbitrary code with user privileges.

21 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts