These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-361-1: Mozilla vulnerabilities

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL. (CVE-2006-2788, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-4565, CVE-2006-4568, CVE-2006-4571) A bug was found in the script handler for automatic…

10 October 2006 | ubuntu-5.10, ubuntu-5.04

USN-360-1: awstats vulnerabilities

awstats did not fully sanitize input, which was passed directly to the user’s browser, allowing for an XSS attack. If a user was tricked into following a specially crafted awstats URL, the user’s authentication information could be exposed for the domain where awstats was hosted. (CVE-2006-3681) awstats could display its installation path under…

10 October 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-359-1: Python vulnerability

Benjamin C. Wiley Sittler discovered that Python’s repr() function did not properly handle UTF-32/UCS-4 strings. If an application uses repr() on arbitrary untrusted data, this could be exploited to execute arbitrary code with the privileges of the python application.

6 October 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-357-1: Mono vulnerability

Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program. Under some circumstances, a local attacker could also exploit this to inject…

5 October 2006 | ubuntu-6.06-lts, ubuntu-5.10

USN-353-2: OpenSSL vulnerability

USN-353-1 fixed several vulnerabilities in OpenSSL. However, Mark J Cox noticed that the applied patch for CVE-2006-2940 was flawed. This update corrects that patch. For reference, this is the relevant part of the original advisory: Certain types of public key could take disproportionate amounts of time to process. The library now limits the…

5 October 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-358-1: ffmpeg, xine-lib vulnerabilities

XFOCUS Security Team discovered that the AVI decoder used in xine-lib did not correctly validate certain headers. By tricking a user into playing an AVI with malicious headers, an attacker could execute arbitrary code with the target user’s privileges. (CVE-2006-4799) Multiple integer overflows were discovered in ffmpeg and tools that contain…

5 October 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-356-1: gdb vulnerability

Will Drewry, of the Google Security Team, discovered buffer overflows in GDB’s DWARF processing. This would allow an attacker to execute arbitrary code with user privileges by tricking the user into using GDB to load an executable that contained malicious debugging information.

2 October 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-355-1: openssh vulnerabilities

Tavis Ormandy discovered that the SSH daemon did not properly handle authentication packets with duplicated blocks. By sending specially crafted packets, a remote attacker could exploit this to cause the ssh daemon to drain all available CPU resources until the login grace time expired. (CVE-2006-4924) Mark Dowd discovered a race condition in the…

2 October 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-353-1: openssl vulnerabilities

Dr. Henson of the OpenSSL core team and Open Network Security discovered a mishandled error condition in the ASN.1 parser. By sending specially crafted packet data, a remote attacker could exploit this to trigger an infinite loop, which would render the service unusable and consume all available system memory. (CVE-2006-2937) Certain types of…

29 September 2006 | ubuntu-6.06-lts, ubuntu-5.10, ubuntu-5.04

USN-352-1: Thunderbird vulnerabilities

Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. (CVE-2006-4253, CVE-2006-4565, CVE-2006-4566, CVE-2006-4571) The…

25 September 2006 | ubuntu-6.06-lts