USN-2894-1: PostgreSQL vulnerabilities

It was discovered that PostgreSQL incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. CVE-2016-0773 It was discovered that PostgreSQL incorrectly handled certain configuration settings GUC...

USN-2892-1: nginx vulnerabilities

It was discovered that nginx incorrectly handled certain DNS server responses when the resolver is enabled. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. CVE-2016-0742 It was discovered that nginx incorrectly handled CNAME response...

USN-2880-2: Firefox regression

USN-2880-1 fixed vulnerabilities in Firefox. This update introduced a regression which caused Firefox to crash on startup with some configurations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong,...

USN-2891-1: QEMU vulnerabilities

Qinghao Tang discovered that QEMU incorrectly handled PCI MSI-X support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. CVE-2015-7549 Lian Yihan discovered that QEMU incorrectl...

USN-2890-3: Linux kernel (Raspberry Pi 2) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2890-2: Linux kernel (Wily HWE) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2890-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2889-2: Linux kernel (Vivid HWE) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2889-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2888-1: Linux kernel (Utopic HWE) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2887-2: Linux kernel (Trusty HWE) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2887-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2886-2: Linux kernel (OMAP4) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2886-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

USN-2885-1: OpenJDK 6 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0483, CVE-2016-0494 A...

USN-2884-1: OpenJDK 7 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0483, CVE-2016-0494 A...

USN-2883-1: OpenSSL vulnerability

Antonio Sanso discovered that OpenSSL reused the same private DH exponent for the life of a server process when configured with a X9.42 style parameter file. This could allow a remote attacker to possibly discover the server's private DH exponent when being used with non-safe primes...

USN-2882-1: curl vulnerability

Isaac Boukris discovered that curl could incorrectly re-use NTLM proxy credentials when subsequently connecting to the same host...

USN-2877-1: Oxide vulnerabilities

A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. CVE-2016-1612 An issue was...

USN-2880-1: Firefox vulnerabilities

Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carsten Book, Randell Jesup, Nicolas Pierron, Eric Rescorla, Tyson Smith, and Gabor Krizsanits discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker...

USN-2881-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.47 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.28. In addition to security fixes, th...

USN-2879-1: rsync vulnerability

It was discovered that rsync incorrectly handled invalid filenames. A malicious server could use this issue to write files outside of the intended destination directory...

USN-2878-1: Perl vulnerability

David Golden discovered that the canonpath function in the Perl File::Spec module did not properly preserve the taint attribute. An attacker could possibly use this issue to bypass the taint protection mechanism...

USN-2876-1: eCryptfs vulnerability

Jann Horn discovered that mount.ecryptfsprivate would mount over certain directories in the proc filesystem. A local attacker could use this to escalate their privileges. CVE-2016-1572...

USN-2875-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service...

USN-2874-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain APL data. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

USN-2870-2: Linux kernel (Trusty HWE) vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

USN-2872-3: Linux kernel (Raspberry Pi 2) vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

USN-2872-2: Linux kernel (Wily HWE) vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

USN-2871-2: Linux kernel (Vivid HWE) vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

USN-2873-1: Linux kernel (Utopic HWE) vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

USN-2872-1: Linux kernel vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

USN-2871-1: Linux kernel vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

USN-2870-1: Linux kernel vulnerability

Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

USN-2869-1: OpenSSH vulnerabilities

It was discovered that the OpenSSH client experimental support for resuming connections contained multiple security issues. A malicious server could use this issue to leak client memory to the server, including private client user keys...

USN-2859-1: Thunderbird vulnerabilities

Andrei Vaida, Jesse Ruderman, Bob Clary, and Jesse Ruderman discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitra...

USN-2868-1: DHCP vulnerability

Sebastian Poehn discovered that the DHCP server, client, and relay incorrectly handled certain malformed UDP packets. A remote attacker could use this issue to cause the DHCP server, client, or relay to stop responding, resulting in a denial of service...

USN-2867-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled the firewall rules on bridge networks when the daemon was restarted. This could result in an unintended firewall configuration. This issue only applied to Ubuntu 12.04 LTS. CVE-2011-4600 Peter Krempa discovered that libvirt incorrectly handled...

USN-2860-1: Oxide vulnerabilities

A race condition was discovered in the MutationObserver implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the...

USN-2866-1: Firefox vulnerability

Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information...

USN-2865-1: GnuTLS vulnerability

Karthikeyan Bhargavan and Gaetan Leurent discovered that GnuTLS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information...

USN-2864-1: NSS vulnerability

Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information...

USN-2863-1: OpenSSL vulnerability

Karthikeyan Bhargavan and Gaetan Leurent discovered that OpenSSL incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information...

USN-2862-1: Pygments vulnerability

It was discovered that Pygments incorrectly sanitized strings used to search system fonts. An attacker could possibly use this issue to execute arbitrary code...

USN-2861-1: libpng vulnerabilities

It was discovered that libpng incorrectly handled certain small bit-depth values. If a user or automated system using libpng were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or execute code with the privileges of the user invoking th...

USN-2858-3: Linux kernel (Raspberry Pi 2) vulnerability

Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...

USN-2858-2: Linux kernel (Wily HWE) vulnerability

Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...

USN-2858-1: Linux kernel vulnerability

Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...

USN-2857-2: Linux kernel (Vivid HWE) vulnerability

Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...

USN-2857-1: Linux kernel vulnerability

Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges...