These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-27-1: libxpm4 vulnerability

Chris Evans discovered several stack overflows in the versions of libXpm shipped by X.Org, XFree86, and LessTif. These overflows were fixed in the Warty development tree before its release. Mathieu Herrb of OpenBSD subsequently discovered that the original patch was insufficient to address these overflows, and thus the version of libxpm4 shipped…

18 November 2004 | ubuntu-4.10

USN-26-1: bogofilter vulnerability

Antti-Juhani Kaijanaho discovered a Denial of Service vulnerability in bogofilter. The quoted-printable decoder handled certain Base-64 encoded strings in an invalid way which caused a buffer overflow and an immediate program abort. The exact impact depends on the way bogofilter is integrated into the system. In common setups, the mail that…

17 November 2004 | ubuntu-4.10

USN-25-1: libgd2 vulnerability

CAN-2004-0990 described several more buffer overflows which had been discovered in libgd2’s PNG handling functions. However, it was determined that the update from USN-11-1 was not sufficient to prevent every possible attack, so another update is required. If an attacker tricked a user into loading a malicious PNG image, they could leverage this…

16 November 2004 | ubuntu-4.10

USN-24-1: openssl script vulnerability

Recently, Trustix Secure Linux discovered a vulnerability in the openssl package. The auxiliary script “der_chop” created temporary files in an insecure way, which could allow a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program.

12 November 2004 | ubuntu-4.10

USN-23-1: apache2 vulnerability

Chintan Trivedi discovered a Denial of Service vulnerability in apache2. The field length limit was not enforced for certain malicious requests. This could allow a remote attacker who is able to send large amounts of data to a server to cause HTTP server instances to consume proportional amounts of memory, which can render the service unavailable.

12 November 2004 | ubuntu-4.10

USN-22-1: samba vulnerability

Karol Wiesek discovered a Denial of Service vulnerability in samba. A flaw in the input validation routines used to match filename strings containing wildcard characters may allow a remote user to consume more than normal amounts of CPU resources, thus impacting the performance and response of the server. In some circumstances the server…

10 November 2004 | ubuntu-4.10

USN-21-1: libgd vulnerabilities

Several buffer overflows have been discovered in libgd’s PNG handling functions. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PHP. One possible target would be a PHP driven photo…

10 November 2004 | ubuntu-4.10

USN-20-1: Ruby CGI module vulnerability

The Ruby developers discovered a potential Denial of Service vulnerability in the CGI module (cgi.rb). Specially crafted CGI requests could cause an infinite loop in the server process. Repetitive attacks could use most of the available processor resources, exhaust the number of allowed parallel connections in web servers, or cause similar effects…

9 November 2004 | ubuntu-4.10

USN-19-1: squid vulnerabilities

Recently, two Denial of Service vulnerabilities have been discovered in squid, a WWW proxy cache. Insufficient input validation in the NTLM authentication handler allowed a remote attacker to crash the service by sending a specially crafted NTLMSSP packet. Likewise, due to an insufficient validation of ASN.1 headers, a remote attacker…

7 November 2004 | ubuntu-4.10

USN-18-1: zip vulnerability

HexView discovered a buffer overflow in the zip package. The overflow is triggered by creating a ZIP archive of files with very long path names. This vulnerability might result in execution of arbitrary code with the privileges of the user who calls zip. This flaw may lead to privilege escalation on systems which automatically create ZIP archives…

6 November 2004 | ubuntu-4.10