USN-2175-1: Linux kernel (Quantal HWE) vulnerabilities

A flaw was discovered in the Kernel Virtual Machine KVM subsystem of the Linux kernel. A guest OS user could exploit this flaw to execute arbitrary code on the host OS. CVE-2014-0049 Al Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged loc...

USN-2174-1: Linux kernel (EC2) vulnerabilities

A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2014-0101 An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a...

USN-2173-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2014-0101 An error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a...

USN-2172-1: CUPS vulnerability

Alex Korobkin discovered that the CUPS web interface incorrectly protected against cross-site scripting XSS attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidentia...

USN-2171-1: rsync vulnerability

Ryan Finnie discovered that the rsync daemon incorrectly handled invalid usernames. A remote attacker could use this issue to cause rsync to consume resources, resulting in a denial of service...

USN-2170-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.37. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the...

USN-2169-2: Django regression

USN-2169-1 fixed vulnerabilities in Django. The upstream security patch for CVE-2014-0472 introduced a regression for certain applications. This update fixes the problem. Original advisory details: Benjamin Bach discovered that Django incorrectly handled dotted Python paths when using the reverse...

USN-2169-1: Django vulnerabilities

Benjamin Bach discovered that Django incorrectly handled dotted Python paths when using the reverse function. An attacker could use this issue to cause Django to import arbitrary modules from the Python path, resulting in possible code execution. CVE-2014-0472 Paul McMillan discovered that Django...

USN-2168-1: Python Imaging Library vulnerabilities

Jakub Wilk discovered that the Python Imaging Library incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files, or gain access to temporary file contents. CVE-2014-1932, CVE-2014-1933...

USN-2167-1: curl vulnerabilities

Steve Holme discovered that libcurl incorrectly reused wrong connections when using protocols other than HTTP and FTP. This could lead to the use of unintended credentials, possibly exposing sensitive information. CVE-2014-0138 Richard Moore discovered that libcurl incorrectly validated wildcard...

USN-2166-1: Net-SNMP vulnerabilities

Ken Farnen discovered that Net-SNMP incorrectly handled AgentX timeouts. A remote attacker could use this issue to cause the server to crash or to hang, resulting in a denial of service. CVE-2012-6151 It was discovered that the Net-SNMP ICMP-MIB incorrectly validated input. A remote attacker coul...

USN-2124-2: OpenJDK 6 regression

USN-2124-1 fixed vulnerabilities in OpenJDK 6. Due to an upstream regression, memory was not properly zeroed under certain circumstances which could lead to instability. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A vulnerability was discovered in...

USN-2165-1: OpenSSL vulnerabilities

Neel Mehta discovered that OpenSSL incorrectly handled memory in the TLS heartbeat extension. An attacker could use this issue to obtain up to 64k of memory contents from the client or server, possibly leading to the disclosure of private keys and other sensitive information. CVE-2014-0160 Yuval...

USN-2164-1: OpenSSH vulnerability

Matthew Vernon discovered that OpenSSH did not correctly check SSHFP DNS records if a server presented an unacceptable host certificate. A malicious server could use this issue to disable SSHFP checking...

USN-2163-1: PHP vulnerability

It was discovered that PHP's embedded libmagic library incorrectly handled PE executables. An attacker could use this issue to cause PHP to crash, resulting in a denial of service...

USN-2162-1: file vulnerability

It was discovered that file incorrectly handled PE executable files. An attacker could use this issue to cause file to crash, resulting in a denial of service...

USN-2161-1: libyaml-libyaml-perl vulnerabilities

Florian Weimer discovered that libyaml-libyaml-perl incorrectly handled certain large YAML documents. An attacker could use this issue to cause libyaml-libyaml-perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-6393 Ivan Fratric discovered that...

USN-2160-1: LibYAML vulnerability

Ivan Fratric discovered that LibYAML incorrectly handled certain malformed YAML documents. An attacker could use this issue to cause LibYAML to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2159-1: NSS vulnerability

It was discovered that NSS incorrectly handled wildcard certificates when used with internationalized domain names. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to spoof SSL servers...

USN-2158-1: Linux kernel (Raring HWE) vulnerabilities

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 Nico Golde and Fabian Yamaguchi reported buffer underflow errors in the implementation of the XFS filesystem...

USN-2157-1: ClamAV update

This updates ClamAV to a new major version in order to gain new detection technologies and maintain proper compatibility with the virus signature database...

USN-2156-1: Samba vulnerability

Andrew Bartlett discovered that Samba did not properly enforce the password guessing protection mechanism for all interfaces. A remote attacker could use this issue to possibly attempt to brute force user passwords...

USN-2155-1: OpenSSH vulnerability

Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to possibly bypass certain intended environment variable restrictions...

USN-2154-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20130906 package...

USN-2153-1: initramfs-tools vulnerability

Kees Cook discovered that initramfs-tools incorrectly mounted /run without the noexec option, contrary to expected behaviour...

USN-2152-1: Apache HTTP Server vulnerabilities

Ning Zhang & Amin Tora discovered that the moddav module incorrectly handled whitespace characters in CDATA sections. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. CVE-2013-6438 Rainer M Canavan discovered that the modlogconfig...

USN-2151-1: Thunderbird vulnerabilities

Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman and Christoph Diehl discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause...

USN-2150-1: Firefox vulnerabilities

Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Gregor Wagner, Gary Kwong, Luke Wagner, Rob Fletcher and Makoto Kato discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker...

USN-2149-2: GTK+ update

USN-2149-1 fixed a vulnerability in librsvg. This update provides a compatibility fix for GTK+ to work with the librsvg security update. Original advisory details: It was discovered that librsvg would load XML external entities by default. If a user were tricked into viewing a specially crafted S...

USN-2149-1: librsvg vulnerability

It was discovered that librsvg would load XML external entities by default. If a user were tricked into viewing a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files...

USN-2148-1: FreeType vulnerabilities

Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. CVE-2014-2240, CVE-2014-2241...

USN-2147-1: Mutt vulnerability

Beatrice Torracca and Evgeni Golov discovered a buffer overflow in mutt while expanding addresses when parsing email headers. An attacker could specially craft an email to cause mutt to crash, resulting in a denial of service, or possibly execute arbitrary code with the privileges of the user...

USN-2146-1: Sudo vulnerabilities

Sebastien Macke discovered that Sudo incorrectly filtered environment variables when the envreset option was disabled. A local attacker could use this issue to possibly run unintended commands by using environment variables that were intended to be blocked. In a default Ubuntu installation, the...

USN-2145-1: libssh vulnerability

Aris Adamantiadis discovered that libssh allowed the OpenSSL PRNG state to be reused when implementing forking servers. This could allow an attacker to possibly obtain information about the state of the PRNG and perform cryptographic attacks...

USN-2144-1: CUPS vulnerabilities

Florian Weimer discovered that the pdftoopvp filter bundled in the CUPS package incorrectly handled memory. An attacker could possibly use this issue to execute arbitrary code with the privileges of the lp user. CVE-2013-6474, CVE-2013-6475 Florian Weimer discovered that the pdftoopvp filter...

USN-2143-1: cups-filters vulnerabilities

Florian Weimer discovered that cups-filters incorrectly handled memory in the urftopdf filter. An attacker could possibly use this issue to execute arbitrary code with the privileges of the lp user. This issue only affected Ubuntu 13.10. CVE-2013-6473 Florian Weimer discovered that cups-filters...

USN-2142-1: UDisks vulnerability

Florian Weimer discovered that UDisks incorrectly handled certain long path names. A local attacker could use this issue to cause udisks to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerabili...

USN-2141-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

USN-2140-1: Linux kernel vulnerabilities

An information leak was discovered in the Linux kernel when built with the NetFilter Connection Tracking NFCONNTRACK support for IRC protocol NFNATIRC. A remote attacker could exploit this flaw to obtain potentially sensitive kernel information when communicating over a client- to-client IRC...

USN-2139-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

USN-2138-1: Linux kernel vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

USN-2137-1: Linux kernel (Saucy HWE) vulnerabilities

An information leak was discovered in the Linux kernel when built with the NetFilter Connection Tracking NFCONNTRACK support for IRC protocol NFNATIRC. A remote attacker could exploit this flaw to obtain potentially sensitive kernel information when communicating over a client- to-client IRC...

USN-2136-1: Linux kernel (Raring HWE) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

USN-2135-1: Linux kernel (Quantal HWE) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

USN-2134-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported an error in the Linux Kernel's Kernel Virtual Machine KVM...

USN-2133-1: Linux kernel vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported an error in the Linux Kernel's Kernel Virtual Machine KVM...

USN-2132-1: ImageMagick vulnerabilities

Aleksis Kauppinen, Joonas Kuorilehto and Tuomas Parttimaa discovered that ImageMagick incorrectly handled certain restart markers in JPEG images. If a user or automated system using ImageMagick were tricked into opening a specially crafted JPEG image, an attacker could exploit this to cause memor...

USN-2131-1: IcedTea Web vulnerability

Michael Scherer discovered that IcedTea Web created temporary directories in an unsafe fashion. A local attacker could possibly use this issue to obtain or modify sensitive information from other local user sessions...

USN-2130-1: Tomcat vulnerabilities

It was discovered that Tomcat incorrectly handled certain inconsistent HTTP headers. A remote attacker could possibly use this flaw to conduct request smuggling attacks. CVE-2013-4286 It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A...

USN-2129-1: Linux kernel (EC2) vulnerabilities

An information leak was discovered in the Linux kernel when inotify is used to monitor the /dev/ptmx device. A local user could exploit this flaw to discover keystroke timing and potentially discover sensitive information like password length. CVE-2013-0160 Vasily Kulikov reported a flaw in the...