These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-372-1: imagemagick vulnerability

M. Joonas Pihlaja discovered that ImageMagick did not sufficiently verify the validity of PALM and DCM images. When processing a specially crafted image with an application that uses imagemagick, this could be exploited to execute arbitrary code with the application’s privileges.

1 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-369-2: postgresql-8.1 vulnerabilities

USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS. This update provides the corresponding update for Ubuntu 6.10. Original advisory details: Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker…

1 November 2006 | ubuntu-6.10

USN-374-1: wvWare vulnerability

An integer overflow was discovered in the DOC file parser of the wv library. By tricking a user into opening a specially crafted MSWord (.DOC) file, remote attackers could execute arbitrary code with the user’s privileges.

1 November 2006 | ubuntu-6.10

USN-373-1: mutt vulnerabilities

Race conditions were discovered in mutt’s handling of temporary files. Under certain conditions when using a shared temp directory (the default), other local users could overwrite arbitrary files owned by the user running mutt. This vulnerability is more likely when the temp directory is over NFS.

1 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-371-1: Ruby vulnerability

An error was found in Ruby’s CGI library that did not correctly check for the end of multipart MIME requests. Using a crafted HTTP request, a remote user could cause a denial of service, where Ruby CGI applications would end up in a loop, monopolizing a CPU.

1 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-370-1: screen vulnerability

cstone and Rich Felker discovered a programming error in the UTF8 string handling code of “screen” leading to a denial of service. If a crafted string was displayed within a screen session, screen would crash or possibly execute arbitrary code.

1 November 2006 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-369-1: PostgreSQL vulnerabilities

Michael Fuhr discovered an incorrect type check when handling unknown literals. By attempting to coerce such a literal to the ANYARRAY type, a local authenticated attacker could cause a server crash. Josh Drake and Alvaro Herrera reported a crash when using aggregate functions in UPDATE statements. A local authenticated attacker could exploit…

25 October 2006 | ubuntu-6.06-lts

USN-368-1: Qt vulnerability

An integer overflow was discovered in Qt’s image loader. By processing a specially crafted image with an application that uses this library (like Konqueror), a remote attacker could exploit this to execute arbitrary code with the application’s privileges.

24 October 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-367-1: Pike vulnerability

An SQL injection was discovered in Pike’s PostgreSQL module. Applications using a PostgreSQL database and uncommon character encodings could be fooled into running arbitrary SQL commands, which could result in privilege escalation within the application, application data exposure, or denial of service. Please refer to…

18 October 2006 | ubuntu-5.04

USN-366-1: binutils vulnerability

A buffer overflow was discovered in gas (the GNU assembler). By tricking an user or automated system (like a compile farm) into assembling a specially crafted source file with gcc or gas, this could be exploited to execute arbitrary code with the user’s privileges.

18 October 2006 | ubuntu-5.10