These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-88-1: reportbug information disclosure

Rolf Leggewie discovered two information disclosure bugs in reportbug. The per-user configuration file ~/.reportbugrc was created world-readable. If it contained email smarthost passwords, these were readable by any other user on the computer storing the home directory. reportbug usually includes the settings from ~/.reportbugrc in generated bug…

28 February 2005 | ubuntu-4.10

USN-87-1: Cyrus IMAP server vulnerability

Sean Larsson discovered a buffer overflow in the IMAP “annotate” extension. This possibly allowed an authenticated IMAP client to execute arbitrary code with the privileges of the Cyrus IMAP server.

28 February 2005 | ubuntu-4.10

USN-86-1: cURL vulnerability

infamous41md discovered a buffer overflow in cURL’s NT LAN Manager (NTLM) authentication handling. By sending a specially crafted long NTLM reply packet, a remote attacker could overflow the reply buffer. This could lead to execution of arbitrary attacker specified code with the privileges of the application using the cURL library.

28 February 2005 | ubuntu-4.10

USN-85-1: Gaim vulnerabilities

The Gaim developers discovered that the HTML parser did not sufficiently validate its input. This allowed a remote attacker to crash the Gaim client by sending certain malformed HTML messages. (CAN-2005-0208, CAN-2005-0473) Another lack of sufficient input validation was found in the “Oscar” protocol handler which is used for ICQ and AIM. By…

26 February 2005 | ubuntu-4.10

USN-84-1: Squid vulnerabilities

When parsing the configuration file, squid interpreted empty Access Control Lists (ACLs) without defined authentication schemes in a non-obvious way. This could allow remote attackers to bypass intended ACLs. (CAN-2005-0194) A remote Denial of Service vulnerability was discovered in the domain name resolution code. A faulty or malicious DNS…

21 February 2005 | ubuntu-4.10

USN-66-2: PHP vulnerability

Ubuntu Security Notice USN-66-1 described a circumvention of the “open_basedir” restriction by using the cURL module. Adam Conrad discovered that the fix from USN-66-1 still allowed to bypass this restriction with certain variants of path specifications. In addition this update fixes the crash of the PHP interpreter if curl_init() was called…

17 February 2005 | ubuntu-4.10

USN-78-2: Fixed mailman packages for USN-78-1

Ubuntu Security Announce USN-78-1 described a path traversal vulnerability in the “private” module of Mailman. Unfortunately this updated mailman package was broken so that the “private” module could not be executed at all any more. The latest package version fixes this. We apologize for the inconvenience. For reference, this is the description…

17 February 2005 | ubuntu-4.10

USN-83-1: LessTif 2 vulnerabilities

Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library. If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image. Ubuntu does not contain any server applications…

16 February 2005 | ubuntu-4.10

USN-82-1: Linux kernel vulnerabilities

CAN-2004-0176: Michael Kerrisk noticed an insufficient permission checking in the shmctl() function. Any process was permitted to lock/unlock any System V shared memory segment that fell within the the RLIMIT_MEMLOCK limit (that is the maximum size of shared memory that unprivileged users can acquire). This allowed am unprivileged user …

15 February 2005 | ubuntu-4.10

USN-81-1: iptables vulnerability

Faheem Mitha noticed that the “iptables” command did not always load the required modules on its own as it was supposed to. This could lead to firewall rules not being loaded on system startup.

11 February 2005 | ubuntu-4.10