Articles / Ubuntu

All articles tagged with Ubuntu

January 26, 2012 07:09 Ubuntu: New Thunderbird packages fix security vulnerability

0

Security researchers discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as the user that invoked Thunderbird. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. An attacker could potentially exploit this vulnerability to crash Thunderbird.

Mario Heiderich discovered it was possible to use SVG animation accessKey events to detect key strokes even when JavaScript was disabled. A malicious web page could potentially exploit this to trick a user into interacting with a prompt thinking it came from Thunderbird in a context where the user believed scripting was disabled. It was discovered that it was possible to crash Thunderbird when scaling an OGG <video> element to extreme sizes.

Updated packages are available from security.ubuntu.com.

January 26, 2012 07:08 Ubuntu: New QEMU packages fix security vulnerability

0

Nicolae Mogoreanu discovered that QEMU did not properly verify legacy mode packets in the e1000 network driver. A remote attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program. Updated packages are available from security.ubuntu.com.

January 26, 2012 07:07 Ubuntu: New Linux packages fix security vulnerability

0

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Updated packages are available from security.ubuntu.com.

January 24, 2012 09:35 Ubuntu: New rsyslog packages fix security vulnerability

0

Peter Eisentraut discovered that Rsyslog would not properly perform input validation when configured to use imfile. If an attacker were able to craft messages in a file that Rsyslog monitored, an attacker could cause a denial of service. Updated packages are available from security.ubuntu.com.

January 24, 2012 09:20 Ubuntu: New Linux packages fix security vulnerability

0

Jüri Aedla discovered that the kernel incorrectly handled /proc/<pid>/mem permissions. A local attacker could exploit this and gain root privileges. Updated packages are available from security.ubuntu.com.

January 22, 2012 20:23 Ubuntu: New libxml2 packages fix security vulnerabilities

0

It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. It was discovered that libxml2 did not properly detect end of file when parsing certain XML documents. An attacker could exploit this to crash applications linked against libxml2.

It was discovered that libxml2 did not properly decode entity references with long names. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program.

Updated packages are available from security.ubuntu.com.

January 22, 2012 20:22 Ubuntu: New t1lib packages fix security vulnerabilities

0

Jon Larimer discovered that t1lib did not properly parse AFM fonts. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges. Jonathan Brossard discovered that t1lib did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash. Updated packages are available from security.ubuntu.com.

January 19, 2012 19:48 Ubuntu: New Libav packages fix security vulnerability

0

Steve Manzuik discovered that Libav incorrectly handled certain malformed Matroska files. If a user were tricked into opening a crafted Matroska file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Phillip Langlois discovered that Libav incorrectly handled certain malformed QDM2 streams. If a user were tricked into opening a crafted QDM2 stream file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Phillip Langlois discovered that Libav incorrectly handled certain malformed VP3 streams. If a user were tricked into opening a crafted file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

Phillip Langlois discovered that Libav incorrectly handled certain malformed VP5 and VP6 streams. If a user were tricked into opening a crafted file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Libav incorrectly handled certain malformed VMD files. If a user were tricked into opening a crafted VMD file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Phillip Langlois discovered that Libav incorrectly handled certain malformed SVQ1 streams. If a user were tricked into opening a crafted SVQ1 stream file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

Updated packages are available from security.ubuntu.com.

January 13, 2012 21:26 Ubuntu: New Nova packages fix security vulnerability

0

Nachi Ueno, Rohit Karajgi, and Venkatesan Ravikumar discovered that when Nova is configured to use the OpenStack API, it would not correctly enforce access controls on certain incoming requests. A remote authenticated attacker could exploit this to change resources of arbitrary tenants. Updated packages are available from security.ubuntu.com.

January 13, 2012 21:24 Ubuntu: New Linux kernel packages fix security vulnerability

0

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in the b43 driver in the Linux kernel. An attacker could use this flaw to cause a denial of service if the system has an active wireless interface using the b43 driver.

A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Updated packages are available from security.ubuntu.com.

January 11, 2012 07:10 Ubuntu: New Linux packages fix security vulnerabilities

0

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A bug was discovered in the XFS filesystem’s handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops.

A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Clement Lecigne discovered a bug in the HFS file system bounds checking. When a malformed HFS file system is mounted a local user could crash the system or gain root privileges.

Updated packages are available from security.ubuntu.com.

January 09, 2012 06:58 Ubuntu: New Firefox packages fix security vulnerabilities

0

Security researchers discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. An attacker could potentially exploit this vulnerability to crash Firefox.

Mario Heiderich discovered it was possible to use SVG animation accessKey events to detect key strokes even when JavaScript was disabled. A malicious web page could potentially exploit this to trick a user into interacting with a prompt thinking it came from the browser in a context where the user believed scripting was disabled. It was discovered that it was possible to crash Firefox when scaling an OGG <video> element to extreme sizes.

Updated packages are available from security.ubuntu.com.

January 09, 2012 06:56 Ubuntu: New FFmpeg packages fix security vulnerabilities

0

Steve Manzuik discovered that FFmpeg incorrectly handled certain malformed Matroska files. If a user were tricked into opening a crafted Matroska file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Phillip Langlois discovered that FFmpeg incorrectly handled certain malformed QDM2 streams. If a user were tricked into opening a crafted QDM2 stream file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Phillip Langlois discovered that FFmpeg incorrectly handled certain malformed VP3 streams. If a user were tricked into opening a crafted file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

Phillip Langlois discovered that FFmpeg incorrectly handled certain malformed VP5 and VP6 streams. If a user were tricked into opening a crafted file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that FFmpeg incorrectly handled certain malformed VMD files. If a user were tricked into opening a crafted VMD file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Phillip Langlois discovered that FFmpeg incorrectly handled certain malformed SVQ1 streams. If a user were tricked into opening a crafted SVQ1 stream file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

Updated packages are available from security.ubuntu.com.

January 07, 2012 15:48 Ubuntu: New Ghostscript packages fix security vulnerabili...

0

It was discovered that Ghostscript did not correctly handle memory allocation when parsing certain malformed JPEG-2000 images. If a user or automated system were tricked into opening a specially crafted image, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges. It was discovered that Ghostscript did not correctly handle certain formatting operations when parsing JPEG-2000 images. If a user or automated system were tricked into opening a specially crafted image, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges. It was discovered that Ghostscript incorrectly handled certain malformed TrueType fonts. If a user or automated system were tricked into opening a document containing a specially crafted font, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges.

It was discovered that Ghostscript incorrectly handled certain malformed Type 2 fonts. If a user or automated system were tricked into opening a document containing a specially crafted font, an attacker could cause a denial of service and possibly execute arbitrary code with user privileges. Jonathan Foote discovered that Ghostscript incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system were tricked into opening a specially crafted JPEG-2000 image file, an attacker could cause Ghostscript to crash or possibly execute arbitrary code with user privileges.

Updated packages are available from security.ubuntu.com.

January 01, 2012 19:12 Ubuntu: New Thunderbird packages fix security vulnerabili...

0

Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs which would potentially allow an attacker to remotely crash Thunderbird. Updated packages are available from security.ubuntu.com.

January 01, 2012 19:10 Ubuntu: New t1lib packages fix security vulnerabilities

0

Jonathan Brossard discovered that t1lib did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges. Updated packages are available from security.ubuntu.com.

December 29, 2011 08:50 Ubuntu: New Python packages fix security vulnerabilities

0

Giampaolo Rodola discovered that the smtpd module in Python 3 did not properly handle certain error conditions. A remote attacker could exploit this to cause a denial of service via daemon outage. Niels Heinen discovered that the urllib module in Python 3 would process Location headers that specify a file:// URL. A remote attacker could use this to obtain sensitive information or cause a denial of service via resource consumption. Updated packages are available from security.ubuntu.com.

December 29, 2011 08:50 Ubuntu: New JasPer packages fix security vulnerabilities

0

Jonathan Foote discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. Updated packages are available from security.ubuntu.com.

December 29, 2011 08:48 Ubuntu: New Linux packages fix security vulnerabilities

0

Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. A bug was discovered in the XFS filesystem’s handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops.

A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. A bug was found in the way headroom check was performed in udp6_ufo_fragment() function. A remote attacker could use this flaw to crash the system. Clement Lecigne discovered a bug in the HFS file system bounds checking. When a malformed HFS file system is mounted a local user could crash the system or gain root privileges.

Updated packages are available from security.ubuntu.com.

December 27, 2011 08:37 Ubuntu: New Linux packages fix security vulnerabilities

0

A bug was discovered in the XFS filesystem’s handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service.

Clement Lecigne discovered a bug in the HFS file system bounds checking. When a malformed HFS file system is mounted a local user could crash the system or gain root privileges.

Updated packages are available from security.ubuntu.com.

December 27, 2011 08:31 Ubuntu: New libarchive packages fix security vulnerabilities

0

It was discovered that libarchive incorrectly handled certain ISO 9660 image files. If a user were tricked into using a specially crafted ISO 9660 image file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. It was discovered that libarchive incorrectly handled certain tar archive files. If a user were tricked into using a specially crafted tar file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. Updated packages are available from security.ubuntu.com.

December 26, 2011 08:07 Ubuntu: New DHCP packages fix security vulnerabilities

0

It was discovered that the DHCP server incorrectly handled certain malformed packets when configured to evaluate regular expressions. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service. Updated packages are available from security.ubuntu.com.

December 26, 2011 08:05 Ubuntu: New bzip2 packages fix security vulnerabilities

0

vladz discovered that executables compressed by bzexe insecurely create temporary files when they are ran. A local attacker could exploit this issue to execute arbitrary code as the user running a compressed executable. Updated packages are available from security.ubuntu.com.

December 23, 2011 16:36 Ubuntu: New PHP packages fix security vulnerabilities

0

Florent Hochwelker discovered that PHP incorrectly handled certain EXIF headers in JPEG files. A remote attacker could exploit this issue to view sensitive information or cause the PHP server to crash. Updated packages are available from security.ubuntu.com.

December 21, 2011 06:41 Ubuntu: New Nova packages fix security vulnerabilities

0

David Black discovered that Nova did not properly perform input validation during image registration. An attacker could exploit this by registering a crafted image using the EC2 API or S3/RegisterImage method and overwrite files as the nova user. Updated packages are available from security.ubuntu.com.

December 21, 2011 06:36 Ubuntu: New Apache Commons Daemon packages fix security v...

0

Wilfried Weissmann discovered that Apache Commons Daemon incorrectly dropped capabilities after starting. A remote attacker could possibly use this flaw to read certain files, bypassing the intended permissions. Updated packages are available from security.ubuntu.com.

December 19, 2011 09:26 Ubuntu: New Django packages fix security vulnerabilities

0

Paul McMillan discovered that Django used the root namespace when storing cached session data. A remote attacker could exploit this to modify sessions. Paul McMillan discovered that Django would not timeout on arbitrary URLs when the application used URLFields. This could be exploited by a remote attacker to cause a denial of service via resource exhaustion. Paul McMillan discovered that while Django would check the validity of a URL via a HEAD request, it would instead use a GET request for the target of a redirect. This could potentially be used to trigger arbitrary GET requests via a crafted Location header.

It was discovered that Django would sometimes use a request’s HTTP Host header to construct a full URL. A remote attacker could exploit this to conduct host header cache poisoning attacks via a crafted request. Updated packages are available from security.ubuntu.com.

December 19, 2011 09:24 Ubuntu: New acpid packages fix security vulnerabilities

0

Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask (umask). A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. Updated packages are available from security.ubuntu.com.

December 17, 2011 15:32 Ubuntu: New Dovecot packages fix security vulnerabilities

0

It was discovered that Dovecot incorrectly validated certificate hostnames when being used as a POP3 and IMAP proxy. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. Updated packages are available from security.ubuntu.com.

December 17, 2011 15:31 Ubuntu: New Linux packages fix security vulnerabilities

0

A bug was discovered in the XFS filesystem’s handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Clement Lecigne discovered a bug in the HFS file system bounds checking. When a malformed HFS file system is mounted a local user could crash the system or gain root privileges. Updated packages are available from security.ubuntu.com.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.