These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-278-1: gdm vulnerability

Marcus Meissner discovered a race condition in gdm’s handling of the ~/.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts (like cron jobs), the attacker could eventually leverage this flaw to execute arbitrary commands…

4 May 2006 | ubuntu-5.10, ubuntu-5.04

USN-277-1: TIFF library vulnerabilities

Tavis Ormandy and Andrey Kiselev discovered that libtiff did not sufficiently verify the validity of TIFF files. By tricking an user into opening a specially crafted TIFF file with any application that uses libtiff, an attacker could exploit this to crash the application or even execute arbitrary code with the application’s privileges.

4 May 2006 | ubuntu-5.10, ubuntu-5.04

USN-276-1: Thunderbird vulnerabilities

Igor Bukanov discovered that the JavaScript engine did not properly declare some temporary variables. Under some rare circumstances, a malicious mail with embedded JavaScript could exploit this to execute arbitrary code with the privileges of the user. (CVE-2006-0292, CVE-2006-1742) The function XULDocument.persist() did not sufficiently…

3 May 2006 | ubuntu-5.10, ubuntu-5.04

USN-275-1: Mozilla vulnerabilities

Web pages with extremely long titles caused subsequent launches of Mozilla browser to hang for up to a few minutes, or caused Mozilla to crash on computers with insufficient memory. (CVE-2005-4134) Igor Bukanov discovered that the JavaScript engine did not properly declare some temporary variables. Under some rare circumstances, a malicious…

28 April 2006 | ubuntu-5.10, ubuntu-5.04, ubuntu-4.10

USN-274-1: MySQL vulnerability

A logging bypass was discovered in the MySQL query parser. A local attacker could exploit this by inserting NUL characters into query strings (even into comments), which would cause the query to be logged incompletely. This only affects you if you enabled the ‘log’ parameter in the MySQL configuration.

27 April 2006 | ubuntu-5.10, ubuntu-5.04, ubuntu-4.10

USN-273-1: Ruby vulnerability

Yukihiro Matsumoto reported that Ruby’s HTTP module uses blocking sockets. By sending large amounts of data to a server application that uses this module, a remote attacker could exploit this to render this application unusable and not respond any more to other clients (Denial of Service).

24 April 2006 | ubuntu-5.10, ubuntu-5.04, ubuntu-4.10

USN-272-1: cyrus-sasl2 vulnerability

A Denial of Service vulnerability has been discovered in the SASL authentication library when using the DIGEST-MD5 plugin. By sending a specially crafted realm name, a malicious SASL server could exploit this to crash the application that uses SASL.

24 April 2006 | ubuntu-5.10, ubuntu-5.04, ubuntu-4.10

USN-271-1: Firefox vulnerabilities

Web pages with extremely long titles caused subsequent launches of Firefox browser to hang for up to a few minutes, or caused Firefox to crash on computers with insufficient memory. (CVE-2005-4134) Igor Bukanov discovered that the JavaScript engine did not properly declare some temporary variables. Under some rare circumstances, a malicious…

20 April 2006 | ubuntu-5.10, ubuntu-5.04, ubuntu-4.10

USN-270-1: xpdf vulnerabilities

Derek Noonburg discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document. The CUPS printing system…

13 April 2006 | ubuntu-5.10, ubuntu-5.04, ubuntu-4.10

USN-269-1: xscreensaver vulnerability

In some cases, xscreensaver did not properly grab the keyboard when reading the password for unlocking the screen, so that the password was typed into the currently active application window. The only known vulnerable case was when xscreensaver activated while an rdesktop session was currently active.

11 April 2006 | ubuntu-5.04, ubuntu-4.10