USN-2360-2: Thunderbird vulnerabilities

USN-2360-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory details: Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. An attacker could use this issue to forge RSA certificates...

USN-2360-1: Firefox vulnerabilities

Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. An attacker could use this issue to forge RSA certificates...

USN-2361-1: NSS vulnerability

Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. An attacker could use this issue to forge RSA certificates...

USN-2362-1: Bash vulnerability

Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments...

USN-2359-1: Linux kernel vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Jason...

USN-2358-1: Linux kernel (Trusty HWE) vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Jason...

USN-2357-1: Linux kernel (OMAP4) vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Chris Evans...

USN-2356-1: Linux kernel vulnerabilities

Jack Morgenstein reported a flaw in the page handling of the KVM Kerenl Virtual Machine subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service host OS memory corruption or possibly have other unspecified impact on the host OS. CVE-2014-3601 Chris Evans...

USN-2355-1: Linux kernel (EC2) vulnerabilities

Chris Evans reported an flaw in the Linux kernel's handling of iso9660 compact disk filesystem images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service system crash or reboot. CVE-2014-5471 Chris Evans reported an flaw ...

USN-2354-1: Linux kernel vulnerabilities

Chris Evans reported an flaw in the Linux kernel's handling of iso9660 compact disk filesystem images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service system crash or reboot. CVE-2014-5471 Chris Evans reported an flaw ...

USN-2353-1: APT vulnerability

It was discovered that APT incorrectly handled certain http URLs. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to cause APT to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for...

USN-2352-1: DBus vulnerabilities

Simon McVittie discovered that DBus incorrectly handled the file descriptors message limit. A local attacker could use this issue to cause DBus to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS...

USN-2351-1: nginx vulnerability

Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that nginx incorrectly reused cached SSL sessions. An attacker could possibly use this issue in certain configurations to obtain access to information from a different virtual host...

USN-2350-1: NSS update

The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17 which includes the latest CA certificate bundle...

USN-2349-1: Libav vulnerabilities

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program...

USN-2319-3: OpenJDK 7 update

USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could...

USN-2348-1: APT vulnerabilities

It was discovered that APT did not re-verify downloaded files when the If-Modified-Since wasn't met. CVE-2014-0487 It was discovered that APT did not invalidate repository data when it switched from an unauthenticated to an authenticated state. CVE-2014-0488 It was discovered that the APT...

USN-2347-1: Django vulnerabilities

Florian Apolloner discovered that Django incorrectly validated URLs. A remote attacker could use this issue to conduct phishing attacks. CVE-2014-0480 David Wilson discovered that Django incorrectly handled file name generation. A remote attacker could use this issue to cause Django to consume...

USN-2346-1: curl vulnerabilities

Tim Ruehsen discovered that curl incorrectly handled partial literal IP addresses. This could lead to the disclosure of cookies to the wrong site, and malicious sites being able to set cookies for others. CVE-2014-3613 Tim Ruehsen discovered that curl incorrectly allowed cookies to be set for Top...

USN-2330-1: Thunderbird vulnerabilities

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to...

USN-2344-1: PHP vulnerabilities

It was discovered that the Fileinfo component in php5 contains an integer overflow. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code via a crafted CDF file. CVE-2014-3587 It was discovered that the phpparserr function contains multiple buffer...

USN-2343-1: NSS vulnerability

Tyson Smith and Jesse Schwartzentruber discovered that NSS contained a race condition when performing certificate validation. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2342-1: QEMU vulnerabilities

Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,...

USN-2341-1: CUPS vulnerabilities

Salvatore Bonaccorso discovered that the CUPS web interface incorrectly validated permissions and incorrectly handled symlinks. An attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation...

USN-2306-3: GNU C Library regression

USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Maksymilian Arciemowicz discovered that the GNU C Library...

USN-2340-1: procmail vulnerability

Tavis Ormandy discovered that the formail tool incorrectly handled certain malformed mail headers. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2339-2: Libgcrypt vulnerability

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys...

USN-2339-1: GnuPG vulnerability

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys...

USN-2338-1: Lua vulnerability

It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2326-1: Oxide vulnerabilities

A use-after-free was discovered in the SVG implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render...

USN-2329-1: Firefox vulnerabilities

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman, JW Wang and David Weir discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of...

USN-2337-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt requests irq. A guest OS user could exploit this flaw to cause a denial of service host OS crash. CVE-2014-0155 Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket...

USN-2336-1: Linux kernel (Trusty HWE) vulnerabilities

A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt requests irq. A guest OS user could exploit this flaw to cause a denial of service host OS crash. CVE-2014-0155 Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket...

USN-2335-1: Linux kernel (OMAP4) vulnerabilities

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS. CVE-2014-3917 An information leak was discovered in the rdm...

USN-2334-1: Linux kernel vulnerabilities

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS. CVE-2014-3917 An information leak was discovered in the rdm...

USN-2331-1: LibreOffice vulnerability

Rohan Durve and James Kettle discovered LibreOffice Calc sometimes allowed for command injection when opening spreadsheets. If a user were tricked into opening a crafted Calc spreadsheet, an attacker could exploit this to run programs as your login...

USN-2333-1: Linux kernel (EC2) vulnerabilities

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...

USN-2332-1: Linux kernel vulnerabilities

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...

USN-2328-1: GNU C Library vulnerability

Tavis Ormandy and John Haxby discovered that the GNU C Library contained an off-by-one error when performing transliteration module loading. A local attacker could exploit this to gain administrative privileges. CVE-2014-5119 USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04...

USN-2327-1: Squid 3 vulnerability

Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service...

USN-2319-2: OpenJDK 7 regression

USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several...

USN-2325-1: OpenStack Nova vulnerability

Alex Gaynor discovered that OpenStack Nova would sometimes respond with variable times when comparing authentication tokens. If nova were configured to proxy metadata requests via Neutron, a remote authenticated attacker could exploit this to conduct timing attacks and ascertain configuration...

USN-2324-1: OpenStack Keystone vulnerabilities

Steven Hardy discovered that OpenStack Keystone did not properly handle chained delegation. A remove authenticated attacker could use this to gain privileges by creating a new token with additional roles. CVE-2014-3476 Jamie Lennox discovered that OpenStack Keystone did not properly validate the...

USN-2323-1: OpenStack Horizon vulnerabilities

Jason Hullinger discovered that OpenStack Horizon did not properly perform input sanitization on Heat templates. If a user were tricked into using a specially crafted Heat template, an attacker could conduct cross-site scripting attacks. With cross-site scripting vulnerabilities, if a user were...

USN-2322-1: OpenStack Glance vulnerability

Thomas Leaman and Stuart McLaren discovered that OpenStack Glance did not properly honor the imagesizecap configuration option. A remote authenticated attacker could exploit this to cause a denial of service via disk consumption...

USN-2321-1: OpenStack Neutron vulnerabilities

Liping Mao discovered that OpenStack Neutron did not properly handle requests for a large number of allowed address pairs. A remote authenticated attacker could exploit this to cause a denial of service. CVE-2014-3555 Zhi Kun Liu discovered that OpenStack Neutron incorrectly filtered certain...

USN-2311-2: OpenStack Ceilometer vulnerability

USN-2311-1 fixed vulnerabilities in pyCADF. This update provides the corresponding updates for OpenStack Ceilometer. Original advisory details: Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in...

USN-2320-1: Oxide vulnerabilities

A use-after-free was discovered in the websockets implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. CVE-2014-3165 An issue was discovered in the Public Key Pinning...

USN-2319-1: OpenJDK 7 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219,...

USN-2232-4: OpenSSL regression

USN-2232-1 fixed vulnerabilities in OpenSSL. One of the patch backports for Ubuntu 10.04 LTS caused a regression for certain applications. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jüri Aedla discovered that OpenSSL incorrectly handled invalid...