These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-177-1: Apache 2 vulnerabilities

Apache did not honour the “SSLVerifyClient require” directive within a <Location> block if the surrounding <VirtualHost> block contained a directive “SSLVerifyClient optional”. This allowed clients to bypass client certificate validation on servers with the above configuration. (CAN-2005-2700) Filip Sneppe discovered a Denial of Service…

7 September 2005 | ubuntu-5.04, ubuntu-4.10

USN-176-1: kcheckpass vulnerability

Ilja van Sprundel discovered a flaw in the lock file handling of kcheckpass. A local attacker could exploit this to execute arbitrary code with root privileges.

7 September 2005 | ubuntu-5.04

USN-145-2: wget bug fix

USN-145-1 fixed several vulnerabilities in wget. However, Ralph Corderoy discovered some regressions that caused wget to crash in some cases. The updated version fixes this flaw.

6 September 2005 | ubuntu-5.04

USN-175-1: ntp server vulnerability

Thomas Biege discovered a flaw in the privilege dropping of the NTP server. When ntpd was configured to drop root privileges, and the group to run under was specified as a name (as opposed to a numeric group ID), ntpd changed to the wrong group. Depending on the actual group it changed to, this could either cause non-minimal privileges, or a…

2 September 2005 | ubuntu-4.10

USN-173-4: PCRE vulnerabilities

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library. However, it was found that the various python packages and gnumeric contain static copies of the library code, so these packages need to be updated as well. In gnumeric this bug could be exploited to execute arbitrary code with the privileges of the user if the user was tricked…

31 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-173-3: Fixed apache2 packages for USN-173-2

USN-173-2 fixed a vulnerability in Apache’s regular expression parser. However, the packages from that advisories had a bug that prevented Apache from starting. This update fixes this. We apologize for the inconvenience!

30 August 2005 | ubuntu-4.10

USN-174-1: courier vulnerability

A Denial of Service vulnerability has been discovered in the Courier mail server. Due to a flawed status code check, failed DNS (domain name service) queries for SPF (sender policy framework) were not handled properly and could lead to memory corruption. A malicious DNS server could exploit this to crash the Courier server. However, SPF is not…

26 August 2005 | ubuntu-5.04

USN-173-2: PCRE vulnerability

USN-173-1 fixed a buffer overflow vulnerability in the PCRE library. However, it was determined that this did not suffice to prevent all possible overflows, so another update is necessary. In addition, it was found that the Ubuntu 4.10 version of Apache 2 contains a static copy of the library code, so this package needs to be updated as well. In…

25 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-173-1: PCRE vulnerability

A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the…

24 August 2005 | ubuntu-5.04, ubuntu-4.10

USN-172-1: lm-sensors vulnerability

Javier Fern�ndez-Sanguino Pe�a noticed that the pwmconfig script created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges since pwmconfig is usually executed by root.

24 August 2005 | ubuntu-5.04