These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-64-1: xpdf, CUPS vulnerabilities

A buffer overflow has been found in the xpdf viewer. An insufficient input validation of the encryption key length could be exploited by an attacker providing a specially crafted PDF file which, when processed by xpdf, could result in abnormal program termination or the execution of attacker supplied program code with the user’s privileges. The…

19 January 2005 | ubuntu-4.10

USN-63-1: MySQL client vulnerability

Javier Fern�ndez-Sanguino Pe�a noticed that the “mysqlaccess” program created temporary files in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program.

19 January 2005 | ubuntu-4.10

USN-62-1: imagemagick vulnerability

Andrei Nigmatulin discovered a potential buffer overflow in the PhotoShop Document image decoding function of ImageMagick. Decoding a malicious PSD image which specifies more than the allowed 24 channels might result in execution of arbitrary code with the user’s privileges. Since ImageMagick can be used in custom printing systems, this…

19 January 2005 | ubuntu-4.10

USN-61-1: vim vulnerabilities

Javier Fern�ndez-Sanguino Pe�a noticed that the auxillary scripts “tcltags” and “” created temporary files in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the script (either by calling it directly or by execution through vim).

19 January 2005 | ubuntu-4.10

USN-60-0: Linux kernel vulnerabilities

CAN-2005-0001: Paul Starzetz discovered a race condition in the Linux page fault handler code. This allowed an unprivileged user to gain root privileges on multiprocessor machines under some circumstances. This also affects the Hyper-Threading mode on Pentium 4…

14 January 2005 | ubuntu-4.10

USN-59-1: mailman vulnerabilities

Florian Weimer discovered a cross-site scripting vulnerability in mailman’s automatically generated error messages. An attacker could craft an URL containing JavaScript (or other content embedded into HTML) which triggered a mailman error page. When an unsuspecting user followed this URL, the malicious content was copied unmodified to the error…

11 January 2005 | ubuntu-4.10

USN-58-1: MIT Kerberos server vulnerability

Michael Tautschnig discovered a possible buffer overflow in the add_to_history() function in the MIT Kerberos 5 implementation. Performing a password change did not properly track the password policy’s history count and the maximum number of keys. This could cause an array overflow and may have allowed authenticated users (not necessarily one with…

10 January 2005 | ubuntu-4.10

USN-57-1: Linux kernel vulnerabilities

Paul Starzetz discovered a race condition in the ELF library and a.out binary format loaders, which can be locally exploited in several different ways to gain root privileges. (CAN-2004-1235) Liang Bin found a design flaw in the capability module. After this module was loaded on demand in a running system, all unprivileged user space processes…

9 January 2005 | ubuntu-4.10

USN-56-1: exim4 vulnerabilities

A flaw has been found in the host_aton() function, which can overflow a buffer if it is presented with an illegal IPv6 address that has more than 8 components. When supplying certain command line parameters, the input was not checked, so that a local attacker could possibly exploit the buffer overflow to run arbitrary code with the privileges of…

7 January 2005 | ubuntu-4.10

USN-55-1: imlib2 vulnerabilities

Recently, Pavel Kankovsky discovered several buffer overflows in imlib which were fixed in USN-53-1. It was found that imlib2 was vulnerable to similar issues. If an attacker tricked a user into loading a malicious XPM or BMP image, he could exploit this to execute arbitrary code in the context of the user opening the image. These…

7 January 2005 | ubuntu-4.10