These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-154-1: vim vulnerability

Georgi Guninski discovered that it was possible to construct Vim modelines that execute arbitrary shell commands by wrapping them in glob() or expand() function calls. If an attacker tricked an user to open a file with a specially crafted modeline, he could exploit this to execute arbitrary commands with the user’s privileges.

26 July 2005 | ubuntu-5.04, ubuntu-4.10

USN-153-1: fetchmail vulnerability

Ross Boylan discovered a remote buffer overflow in fetchmail. By sending invalid responses with very long UIDs, a faulty or malicious POP server could crash fetchmail or execute arbitrary code with the privileges of the user invoking fetchmail. fetchmail is commonly run as root to fetch mail for multiple user accounts; in this case, this…

26 July 2005 | ubuntu-5.04, ubuntu-4.10

USN-149-2: Fixed Firefox packages for USN-149-1

USN-149-1 fixed several vulnerabilities in the Firefox web browser. Unfortunately that update introduced a lot of regressions, especially when using extensions, so another update is necessary. The new packages ship Firefox version 1.0.6 which should now work well with most extensions (one known exception is the…

26 July 2005 | ubuntu-5.04

USN-151-2: zlib vulnerabilities

USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams. Most applications use the shared library provided by the “zlib1g” package; however, some packages contain copies of the affected zlib code, so they need to be upgraded…

23 July 2005 | ubuntu-5.04, ubuntu-4.10

USN-152-1: PAM/NSS LDAP vulnerabilitiy

Andrea Barisani discovered a flaw in the SSL handling of pam-ldap and libnss-ldap. When a client connected to a slave LDAP server using SSL, the slave server did not use SSL as well when contacting the LDAP master server. This caused passwords and other confident information to be transmitted unencrypted between the slave and the master.

21 July 2005 | ubuntu-5.04, ubuntu-4.10

USN-151-1: zlib vulnerability

USN-148-1 fixed an improver input verification of zlib (CAN-2005-2096). Markus Oberhumer discovered additional ways a disrupted stream could trigger a buffer overflow and crash the application using zlib, so another update is necessary. zlib is used by hundreds of server and client applications, so this vulnerability could be exploited to cause…

21 July 2005 | ubuntu-5.04, ubuntu-4.10

USN-150-1: KDE library vulnerability

Kate and Kwrite create a backup file before saving a modified file. These backup files were created with default permissions, even if the original file had more strict permissions set, so that other local users could possibly read the backup file even if they are not permitted to read the original file.

21 July 2005 | ubuntu-5.04

USN-149-1: Firefox vulnerabilities reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious web site to spoof the contents of other web sites. (CAN-2005-1937) In several places the browser user interface did not correctly distinguish between true user events,…

21 July 2005 | ubuntu-5.04

USN-147-2: Fixed php4-pear packages for USN-147-1

USN-147-1 [1] fixed a remote code execution vulnerability in the XMLRPC module of the PEAR library. Unfortunately the packages announced in USN-147-1 were faulty and shipped broken xmlrpc modules. The updated packages ship correct modules. We apologize for the inconvenience. [1]

6 July 2005 | ubuntu-5.04, ubuntu-4.10

USN-148-1: zlib vulnerability

Tavis Ormandy discovered that zlib did not properly verify data streams. Decompressing certain invalid compressed files caused corruption of internal data structures, which caused applications which link to zlib to crash. Specially crafted input might even have allowed arbitrary code execution. zlib is used by hundreds of server and client…

6 July 2005 | ubuntu-5.04, ubuntu-4.10