These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-535-1: Firefox vulnerabilities

Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user’s privileges. (CVE-2007-5336, CVE-2007-5339, CVE-2007-5340) Michal Zalewski discovered that the onUnload event handlers were incorrectly able to access information outside…

22 October 2007 | ubuntu-7.10, ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-501-2: Ghostscript vulnerability

USN-501-1 fixed vulnerabilities in Jasper. This update provides the corresponding update for the Jasper internal to Ghostscript. Original advisory details: It was discovered that Jasper did not correctly handle corrupted JPEG2000 images. By tricking a user into opening a specially crafted JPG, a remote attacker could cause the application…

22 October 2007 | ubuntu-7.10, ubuntu-7.04, ubuntu-6.10

USN-534-1: OpenSSL vulnerability

Andy Polyakov discovered that the DTLS implementation in OpenSSL was vulnerable. A remote attacker could send a specially crafted connection request to services using DTLS and execute arbitrary code with the service’s privileges. There are no known Ubuntu applications that are currently using DTLS.

22 October 2007 | ubuntu-7.10, ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-533-1: util-linux vulnerability

Ludwig Nussel discovered that mount and umount did not properly drop privileges when using helper programs. Local attackers may be able to bypass security restrictions and gain root privileges using programs such as mount.nfs or mount.cifs.

22 October 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-532-1: nagios-plugins vulnerability

Nobuhiro Ban discovered that check_http in nagios-plugins did not properly sanitize its input when following redirection requests. A malicious remote web server could cause a denial of service or possibly execute arbitrary code as the user. (CVE-2007-5198) Aravind Gottipati discovered that sslutils.c in nagios-plugins did not properly reset…

22 October 2007 | ubuntu-6.06-lts

USN-531-1: dhcp vulnerability

Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not correctly handle certain client options. A remote attacker could send malicious DHCP replies to the server and execute arbitrary code.

22 October 2007 | ubuntu-7.10, ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-530-1: hplip vulnerability

It was discovered that the hpssd tool of hplip did not correctly handle shell meta-characters. A local attacker could exploit this to execute arbitrary commands as the hplip user.

12 October 2007 | ubuntu-7.04, ubuntu-6.10

USN-529-1: Tk vulnerability

It was discovered that Tk could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges.

11 October 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-528-1: MySQL vulnerabilities

Neil Kettle discovered that MySQL could be made to dereference a NULL pointer and divide by zero. An authenticated user could exploit this with a crafted IF clause, leading to a denial of service. (CVE-2007-2583) Victoria Reznichenko discovered that MySQL did not always require the DROP privilege. An authenticated user could exploit this via…

11 October 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-527-1: xen-3.0 vulnerability

Joris van Rantwijk discovered that the Xen host did not correctly validate the contents of a Xen guests’s grug.conf file. Xen guest root users could exploit this to run arbitrary commands on the host when the guest system was rebooted.

5 October 2007 | ubuntu-7.04