These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-445-1: XMMS vulnerabilities

Sven Krewitt of Secunia Research discovered that XMMS did not correctly handle BMP images when loading GUI skins. If a user were tricked into loading a specially crafted skin, a remote attacker could execute arbitrary code with user privileges.

27 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-444-1: OpenOffice.org vulnerabilities

A stack overflow was discovered in OpenOffice.org’s StarCalc parser. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. (CVE-2007-0238) A flaw was discovered in OpenOffice.org’s link handling code. If a user were tricked into clicking a link in a specially…

27 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-443-1: Firefox vulnerability

A flaw was discovered in how Firefox handled PASV FTP responses. If a user were tricked into visiting a malicious FTP server, a remote attacker could perform a port-scan of machines within the user’s network, leading to private information disclosure.

27 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-442-1: Evolution vulnerability

Ulf Harnhammar of Secunia Research discovered that Evolution did not correctly handle format strings when displaying shared memos. If a remote attacker tricked a user into viewing a specially crafted shared memo, they could execute arbitrary code with user privileges.

26 March 2007 | ubuntu-6.10, ubuntu-6.06-lts

USN-441-1: Squid vulnerability

A flaw was discovered in Squid’s handling of the TRACE request method which could lead to a crash. Remote attackers with access to the Squid server could send malicious TRACE requests, and cause a denial of service.

26 March 2007 | ubuntu-6.10

USN-440-1: MySQL vulnerability

Stefan Streichbier and B. Mueller of SEC Consult discovered that MySQL subselect queries using “ORDER BY” could be made to crash the MySQL server. An attacker with access to a MySQL instance could cause an intermitant denial of service.

22 March 2007 | ubuntu-6.10, ubuntu-6.06-lts

USN-439-1: file vulnerability

Jean-Sebastien Guay-Leroux discovered that “file” did not correctly check the size of allocated heap memory. If a user were tricked into examining a specially crafted file with the “file” utility, a remote attacker could execute arbitrary code with user privileges.

22 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-438-1: Inkscape vulnerability

A flaw was discovered in Inkscape’s use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges.

21 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-437-1: libwpd vulnerability

Sean Larsson of iDefense Labs discovered that libwpd was vulnerable to integer overflows. If a user were tricked into opening a specially crafted WordPerfect document with an application that used libwpd, an attacker could execute arbitrary code with user privileges.

19 March 2007 | ubuntu-6.10, ubuntu-6.06-lts, ubuntu-5.10

USN-432-2: GnuPG2, GPGME vulnerability

USN-432-1 fixed a vulnerability in GnuPG. This update provides the corresponding updates for GnuPG2 and the GPGME library. Original advisory details: Gerardo Richarte from Core Security Technologies discovered that when gnupg is used without –status-fd, there is no way to distinguish initial unsigned messages from a following signed…

13 March 2007 | ubuntu-6.10, ubuntu-6.06-lts