These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-175-1: ntp server vulnerability

Thomas Biege discovered a flaw in the privilege dropping of the NTP server. When ntpd was configured to drop root privileges, and the group to run under was specified as a name (as opposed to a numeric group ID), ntpd changed to the wrong group. Depending on the actual group it changed to, this could either cause non-minimal privileges, or a…

2 September 2005 | ubuntu-4.10

USN-173-4: PCRE vulnerabilities

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library. However, it was found that the various python packages and gnumeric contain static copies of the library code, so these packages need to be updated as well. In gnumeric this bug could be exploited to execute arbitrary code with the privileges of the user if the user was tricked…

31 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-173-3: Fixed apache2 packages for USN-173-2

USN-173-2 fixed a vulnerability in Apache’s regular expression parser. However, the packages from that advisories had a bug that prevented Apache from starting. This update fixes this. We apologize for the inconvenience!

30 August 2005 | ubuntu-4.10

USN-174-1: courier vulnerability

A Denial of Service vulnerability has been discovered in the Courier mail server. Due to a flawed status code check, failed DNS (domain name service) queries for SPF (sender policy framework) were not handled properly and could lead to memory corruption. A malicious DNS server could exploit this to crash the Courier server. However, SPF is not…

26 August 2005 | ubuntu-5.04

USN-173-2: PCRE vulnerability

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library. However, it was determined that this did not suffice to prevent all possible overflows, so another update is necessary. In addition, it was found that the Ubuntu 4.10 version of Apache 2 contains a static copy of the library code, so this package needs to be updated as well. In…

25 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-173-1: PCRE vulnerability

A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the…

24 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-172-1: lm-sensors vulnerability

Javier Fern�ndez-Sanguino Pe�a noticed that the pwmconfig script created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges since pwmconfig is usually executed by root.

24 August 2005 | ubuntu-5.04

USN-171-1: PHP4 vulnerabilities

CAN-2005-1751: The php4-dev package ships a copy of the “shtool” utility in /usr/lib/php4/build/, which provides useful functionality for developers of software packages. Eric Romang discovered that shtool created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with the …

21 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-170-1: gnupg vulnerability

Serge Mister and Robert Zuccherato discovered a weakness of the symmetrical encryption algorithm of gnupg. When decrypting a message, gnupg uses a feature called “quick scan”; this can quickly check whether the key that is used for decryption is (probably) the right one, so that wrong keys can be determined quickly without decrypting the whole…

20 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-169-1: Linux kernel vulnerabilities

David Howells discovered a local Denial of Service vulnerability in the key session joining function. Under certain user-triggerable conditions, a semaphore was not released properly, which caused processes which also attempted to join a key session to hang forever. This only affects Ubuntu 5.04 (Hoary Hedgehog). (CAN-2005-2098) David Howells…

19 August 2005 | ubuntu-5.04, ubuntu-4.10