These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-296-2: Firefox vulnerabilities

USN-296-1 fixed several vulnerabilities in Firefox for the Ubuntu 6.06 LTS release. This update provides the corresponding fixes for Ubuntu 5.04 and Ubuntu 5.10. For reference, these are the details of the original USN: Jonas Sicking discovered that under some circumstances persisted XUL attributes are associated with the wrong URL. A…

25 July 2006 | ubuntu-5.10, ubuntu-5.04

USN-322-1: Konqueror vulnerability

A Denial of Service vulnerability has been reported in the replaceChild() method in KDE’s DOM handler. A malicious remote web page could exploit this to cause Konqueror to crash.

25 July 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-321-1: mysql-dfsg-4.1 vulnerability

Jean-David Maillefer discovered a format string bug in the date_format() function’s error reporting. By calling the function with invalid arguments, an authenticated user could exploit this to crash the server.

21 July 2006 | ubuntu-5.10

USN-320-1: PHP vulnerabilities

The phpinfo() PHP function did not properly sanitize long strings. A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo(). Please note that it is not recommended to publicly expose phpinfo(). (CVE-2006-0996) An information disclosure has been reported in…

19 July 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-319-2: Linux kernel vulnerability

USN-319-1 fixed a Linux kernel vulnerability in Ubuntu 6.06 LTS. This followup advisory provides the corresponding updates for Ubuntu 5.04 and 5.10. For reference, these are the details of the original USN: A race condition has been discovered in the file permission handling of the /proc file system. A local attacker could exploit this to …

19 July 2006 | ubuntu-5.10, ubuntu-5.04

USN-313-2: OpenOffice.org vulnerabilities

USN-313-1 fixed several vulnerabilities in OpenOffice for Ubuntu 5.04 and Ubuntu 6.06 LTS. This followup advisory provides the corresponding update for Ubuntu 5.10. For reference, these are the details of the original USN: It was possible to embed Basic macros in documents in a way that OpenOffice.org would not ask for confirmation about…

19 July 2006 | ubuntu-5.10

USN-319-1: Linux kernel vulnerability

A race condition has been discovered in the file permission handling of the /proc file system. A local attacker could exploit this to execute arbitrary code with full root privileges.

18 July 2006 | ubuntu-6.06-lts

USN-318-1: libtunepimp vulnerability

Kevin Kofler discovered several buffer overflows in the tag parser. By tricking a user into opening a specially crafted tagged multimedia file (such as .ogg or .mp3 music) with an application that uses libtunepimp, this could be exploited to execute arbitrary code with the user’s privileges. This particularly affects the KDE applications…

13 July 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-317-1: zope2.8 vulnerability

Zope did not deactivate the ‘raw’ command when exposing RestructuredText functionalities to untrusted users. A remote user with the privilege of editing Zope webpages with RestructuredText could exploit this to expose arbitrary files that can be read with the privileges of the Zope server.

13 July 2006 | ubuntu-5.10

USN-315-1: libmms, xine-lib vulnerabilities

Matthias Hopf discovered several buffer overflows in libmms. By tricking a user into opening a specially crafted remote multimedia stream with an application using libmms, a remote attacker could exploit this to execute arbitrary code with the user’s privileges. The Xine library contains an embedded copy of libmms, and thus needs the same…

13 July 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04