These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-434-1: Ekiga vulnerability

It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user’s privileges.

9 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-433-1: Xine vulnerability

Moritz Jodeit discovered that the DMO loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user’s privileges.

9 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-432-1: GnuPG vulnerability

Gerardo Richarte from Core Security Technologies discovered that when gnupg is used without –status-fd, there is no way to distinguish initial unsigned messages from a following signed message. An attacker could inject an unsigned message, which could fool the user into thinking the message was entirely signed by the original sender.

8 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-424-2: PHP regression

USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple buffer overflows have been discovered in various PHP modules. If a PHP application processes untrusted…

8 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-431-1: Thunderbird vulnerabilities

The SSLv2 protocol support in the NSS library did not sufficiently check the validity of public keys presented with a SSL certificate. A malicious SSL web site using SSLv2 could potentially exploit this to execute arbitrary code with the user’s privileges. (CVE-2007-0008) The SSLv2 protocol support in the NSS library did not sufficiently verify…

7 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-430-1: mod_python vulnerability

Miles Egan discovered that mod_python, when used in output filter mode, did not handle output larger than 16384 bytes, and would display freed memory, possibly disclosing private data. Thanks to Jim Garrison of the Software Freedom Law Center for identifying the original bug as a security vulnerability.

6 March 2007 | ubuntu-6.06-lts, ubuntu-5.10

USN-429-1: tcpdump vulnerability

Moritz Jodeit discovered that tcpdump had an overflow in the 802.11 packet parser. Remote attackers could send specially crafted packets, crashing tcpdump, possibly leading to a denial of service.

6 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-428-2: Firefox regression

USN-428-1 fixed vulnerabilities in Firefox 1.5. However, changes to library paths caused applications depending on libnss3 to fail to start up. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious…

2 March 2007 | ubuntu-6.06-lts

USN-416-2: nvidia-glx-config regression

USN-416-1 fixed various vulnerabilities in the Linux kernel. Unfortunately that update caused the ‘nvidia-glx-config’ script to not work any more. The new version fixes the problem. We apologize for the inconvenience.

1 March 2007 | ubuntu-6.10

USN-428-1: Firefox vulnerabilities

Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious web site could exploit these to modify the contents or steal confidential data (such as passwords) from other opened web pages. (CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996) The SSLv2 protocol support…

1 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10