These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-131-1: Linux kernel vulnerabilities

Colin Percival discovered an information disclosure in the “Hyper Threading Technology” architecture in processors which are capable of simultaneous multithreading (in particular Intel Pentium 4, Intel Mobile Pentium 4, and Intel Xeon processors). This allows a malicious thread to monitor the execution of another thread on the same CPU. This could…

23 May 2005 | ubuntu-5.04, ubuntu-4.10

USN-130-1: TIFF library vulnerability

Tavis Ormandy discovered a buffer overflow in the TIFF library. A malicious image with an invalid “bits per sample” number could be constructed which, when decoded, would have resulted in execution of arbitrary code with the privileges of the process using the library. Since this library is used in many applications like “ghostscript” and the…

20 May 2005 | ubuntu-5.04, ubuntu-4.10

USN-129-1: Squid vulnerability

It was discovered that Squid did not verify the validity of DNS server responses. When Squid is started, it opens a DNS client UDP port whose number is randomly assigned by the operating system. Unless your network firewall is configured to accept DNS responses only from known good nameservers, this vulnerability allowed users within the…

18 May 2005 | ubuntu-5.04, ubuntu-4.10

USN-128-1: nasm vulnerability

Josh Bressers discovered a buffer overflow in the ieee_putascii() function of nasm. If an attacker tricked a user into assembling a malicious source file, they could exploit this to execute arbitrary code with the privileges of the user that runs nasm.

18 May 2005 | ubuntu-5.04, ubuntu-4.10

USN-127-1: bzip2 vulnerabilities

Imran Ghory discovered a race condition in the file permission restore code of bunzip2. While a user was decompressing a file, a local attacker with write permissions in the directory of that file could replace the target file with a hard link. This would cause bzip2 to restore the file permissions to the hard link target instead of to the bzip2…

17 May 2005 | ubuntu-5.04, ubuntu-4.10

USN-126-1: GNU TLS library vulnerability

A Denial of Service vulnerability was discovered in the GNU TLS library, which provides common cryptographic algorithms and is used by many applications in Ubuntu. Due to a missing sanity check of the padding length field, specially crafted ciphertext blocks caused an out of bounds memory access which could crash the application. It was not…

13 May 2005 | ubuntu-5.04, ubuntu-4.10

USN-125-1: Gaim vulnerabilities

Marco Alvarez found a Denial of Service vulnerability in the Jabber protocol handler. A remote attacker could exploit this to crash Gaim by sending specially crafted file transfers to the user. (CAN-2005-0967) Stu Tomlinson discovered an insufficient bounds checking flaw in the URL parser. By sending a message containing a very long URL, a…

13 May 2005 | ubuntu-5.04, ubuntu-4.10

USN-124-2: Fixed packages for USN-124-1

USN-124-1 fixed several vulnerabilities of Firefox. After that update, several users experienced XML errors on various actions like adding bookmarks (see After installing these new packages and restarting the browser, these problems should be fixed.

13 May 2005 | ubuntu-5.04

USN-124-1: Mozilla and Firefox vulnerabilities

When a popup is blocked the user is given the ability to open that popup through the popup-blocking status bar icon and, in Firefox, through the information bar. Doron Rosenberg noticed that popups which are permitted by the user were executed with elevated privileges, which could be abused to automatically install and execute arbitrary code with…

11 May 2005 | ubuntu-5.04

USN-123-1: Xine library vulnerabilities

Two buffer overflows have been discovered in the MMS and Real RTSP stream handlers of the Xine library. By tricking a user to connect to a malicious MMS or RTSP video/audio stream source with an application that uses this library, an attacker could crash the client and possibly even execute arbitrary code with the privileges of the…

6 May 2005 | ubuntu-5.04, ubuntu-4.10