These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-638-1: Yelp vulnerability

Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges.

27 August 2008 | ubuntu-8.04-lts, ubuntu-7.10

USN-637-1: Linux kernel vulnerabilities

It was discovered that there were multiple NULL-pointer function dereferences in the Linux kernel terminal handling code. A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. (CVE-2008-2812) The do_change_type routine did not correctly validation administrative users. A local…

25 August 2008 | ubuntu-8.04-lts, ubuntu-7.10, ubuntu-7.04, ubuntu-6.06-lts

USN-636-1: Postfix vulnerability

Sebastian Krahmer discovered that Postfix was not correctly handling mailbox ownership when dealing with Linux’s implementation of hardlinking to symlinks. In certain mail spool configurations, a local attacker could exploit this to append data to arbitrary files as the root user. The default Ubuntu configuration was not vulnerable.

19 August 2008 | ubuntu-8.04-lts, ubuntu-7.10, ubuntu-7.04, ubuntu-6.06-lts

USN-635-1: xine-lib vulnerabilities

Alin Rad Pop discovered an array index vulnerability in the SDP parser. If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker may be able to execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-0073) Luigi Auriemma discovered that xine-lib did not properly check buffer…

6 August 2008 | ubuntu-8.04-lts, ubuntu-7.10, ubuntu-7.04, ubuntu-6.06-lts

USN-626-2: Devhelp, Epiphany, Midbrowser and Yelp update

USN-626-1 fixed vulnerabilities in xulrunner-1.9. The changes required that Devhelp, Epiphany, Midbrowser and Yelp also be updated to use the new xulrunner-1.9. Original advisory details: A flaw was discovered in the browser engine. A variable could be made to overflow causing the browser to crash. If a user were tricked into opening a…

4 August 2008 | ubuntu-8.04-lts

USN-633-1: libxslt vulnerabilities

It was discovered that long transformation matches in libxslt could overflow. If an attacker were able to make an application linked against libxslt process malicious XSL style sheet input, they could execute arbitrary code with user privileges or cause the application to crash, leading to a denial of serivce. (CVE-2008-1767) Chris Evans…

1 August 2008 | ubuntu-8.04-lts, ubuntu-7.10, ubuntu-7.04, ubuntu-6.06-lts

USN-632-1: Python vulnerabilities

It was discovered that there were new integer overflows in the imageop module. If an attacker were able to trick a Python application into processing a specially crafted image, they could execute arbitrary code with user privileges. (CVE-2008-1679) Justin Ferguson discovered that the zlib module did not correctly handle certain archives. If an…

1 August 2008 | ubuntu-8.04-lts, ubuntu-7.10, ubuntu-7.04, ubuntu-6.06-lts

USN-634-1: OpenLDAP vulnerability

Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data. A remote attacker could send a specially crafted packet and crash slapd, leading to a denial of service.

1 August 2008 | ubuntu-8.04-lts, ubuntu-7.10, ubuntu-7.04, ubuntu-6.06-lts

USN-626-1: Firefox and xulrunner vulnerabilities

A flaw was discovered in the browser engine. A variable could be made to overflow causing the browser to crash. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2785) Billy Rios discovered that…

28 July 2008 | ubuntu-8.04-lts

USN-631-1: poppler vulnerability

Felipe Andres Manzano discovered that poppler did not correctly initialize certain page widgets. If a user were tricked into viewing a malicious PDF file, a remote attacker could exploit this to crash applications linked against poppler, leading to a denial of service.

28 July 2008 | ubuntu-8.04-lts, ubuntu-7.10