These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-482-1: OpenOffice.org vulnerability

John Heasman discovered that OpenOffice did not correctly validate the sizes of tags in RTF documents. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges.

11 July 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-481-1: ImageMagick vulnerabilities

Multiple vulnerabilities were found in ImageMagick’s handling of DCM and WXD image files. By tricking a user into processing a specially crafted image with an application that uses imagemagick, an attacker could execute arbitrary code with the user’s privileges.

10 July 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-480-1: Gimp vulnerability

Stefan Cornelius discovered that Gimp could miscalculate the size of heap buffers when processing PSD images. By tricking a user into opening a specially crafted PSD file with Gimp, an attacker could exploit this to execute arbitrary code with the user’s privileges.

4 July 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-479-1: MadWifi vulnerabilities

Multiple flaws in the MadWifi driver were discovered that could lead to a system crash. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. (CVE-2006-7177, CVE-2006-7178, CVE-2006-7179, CVE-2007-2829, CVE-2007-2830) A flaw was discovered in the MadWifi driver that would allow…

29 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-478-1: libexif vulnerability

Sean Larsson discovered that libexif did not correctly verify the size of EXIF components. By tricking a user into opening an image with specially crafted EXIF headers, a remote attacker could cause the application using libexif to execute arbitrary code with user privileges.

27 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-477-1: krb5 vulnerabilities

Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. (CVE-2007-2442) Wei Wang discovered that the krb5 RPC library did not correctly…

27 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-476-1: redhat-cluster-suite vulnerability

Fabio Massimo Di Nitto discovered that cman did not correctly validate the size of client messages. A local user could send a specially crafted message and execute arbitrary code with cluster manager privileges or crash the manager, leading to a denial of service.

22 June 2007 | ubuntu-7.04

USN-475-1: evolution-data-server vulnerability

Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute arbitrary code with user privileges.

21 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-474-1: xscreensaver vulnerability

It was discovered that xscreensaver did not correctly validate the return values from network authentication systems such as LDAP or NIS. A local attacker could bypass a locked screen if they were able to interrupt network connectivity.

12 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts

USN-473-1: libgd2 vulnerabilities

A buffer overflow was discovered in libgd2’s font renderer. By tricking an application using libgd2 into rendering a specially crafted string with a JIS encoded font, a remote attacker could read heap memory or crash the application, leading to a denial of service. (CVE-2007-0455) Xavier Roche discovered that libgd2 did not correctly validate…

12 June 2007 | ubuntu-7.04, ubuntu-6.10, ubuntu-6.06-lts