USN-1505-1: OpenJDK 6 vulnerabilities

It was discovered that multiple flaws existed in the CORBA Common Object Request Broker Architecture implementation in OpenJDK. An attacker could create a Java application or applet that used these flaws to bypass Java sandbox restrictions or modify immutable object data. CVE-2012-1711,...

USN-1506-1: Puppet vulnerabilities

It was discovered that Puppet incorrectly handled certain HTTP GET requests. An attacker could use this flaw with a valid client certificate to retrieve arbitrary files from the Puppet primary server. CVE-2012-3864 It was discovered that Puppet incorrectly handled Delete requests. If a Puppet...

USN-1504-1: Qt vulnerabilities

It was discovered that Qt did not properly handle wildcard domain names or IP addresses in the Common Name field of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. This issue only affecte...

USN-1503-1: Rhythmbox vulnerability

Hans Spaans discovered that the Context plugin in Rhythmbox created a temporary directory in an insecure manner. A local attacker could exploit this to execute arbitrary code as the user invoking the program. The Context plugin is disabled by default in Ubuntu...

USN-1501-1: Nova vulnerability

Dan Prince discovered that the Nova scheduler, when using DifferentHostFilter or SameHostFilter, would make repeated database instance lookup calls based on passed scheduler hints. An authenticated attacker could use this to cause a denial of service...

USN-1502-1: X.Org X Server vulnerability

Ken Mixter discovered a format string vulnerability in the LogVHdrMessageVerb function when handling input device names. This could allow a local attacker to cause a denial of service or possibly execute arbitrary code. The default compiler options for the affected release should reduce the...

USN-1500-1: Pidgin vulnerabilities

Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10...

USN-1499-1: Linux kernel (OMAP4) vulnerability

A flaw was discovered in the Linux kernel's NFSv4 Network file system handling of ACLs access control lists. A remote NFS server attacker could cause a denial of service OOPS...

USN-1498-1: tiff vulnerabilities

It was discovered that the TIFF library incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with...

USN-1497-1: Nova vulnerabilities

Matthias Weckbecker discovered that, when using the OpenStack API to setup libvirt-based hypervisors, an authenticated user could inject files in arbitrary locations on the file system of the host running Nova. A remote attacker could use this to gain root privileges. This issue only affects Ubun...

USN-1496-1: OpenOffice.org vulnerabilities

A stack-based buffer overflow was discovered in the Lotus Word Pro import filter in OpenOffice.org. The default compiler options for affected releases should reduce the vulnerability to a denial of service. CVE-2011-2685 Huzaifa Sidhpurwala discovered that OpenOffice.org could be made to crash if...

USN-1495-1: LibreOffice vulnerabilities

Integer overflows were discovered in the graphics loading code of several different image types. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program...

USN-1494-1: Linux kernel (OMAP4) vulnerability

A flaw was discovered in the Linux kernel's NFSv4 Network file system handling of ACLs access control lists. A remote NFS server attacker could cause a denial of service OOPS...

USN-1493-1: Linux kernel vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

USN-1492-1: Linux kernel vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

USN-1491-1: Linux kernel (EC2) vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

USN-1490-1: Linux kernel (Natty backport) vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

USN-1489-1: Linux kernel (Oneiric backport) vulnerability

A flaw was discovered in the Linux kernel's NFSv4 Network file system handling of ACLs access control lists. A remote NFS server attacker could cause a denial of service OOPS...

USN-1488-1: Linux kernel vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

USN-1487-1: Linux kernel vulnerability

A flaw was discovered in the Linux kernel's NFSv4 Network file system handling of ACLs access control lists. A remote NFS server attacker could cause a denial of service OOPS...

USN-1486-1: Linux kernel vulnerability

A flaw was discovered in the Linux kernel's NFSv4 Network file system handling of ACLs access control lists. A remote NFS server attacker could cause a denial of service OOPS...

USN-1484-1: PyCrypto vulnerability

It was discovered that PyCrypto produced inappropriate prime numbers when generating ElGamal keys. An attacker could use this flaw to facilitate brute-forcing of ElGamal encryption keys...

USN-1485-1: AccountsService vulnerability

Florian Weimer discovered that AccountsService incorrectly handled privileges when copying certain files to the system cache directory. A local attacker could exploit this issue to read arbitrary files, bypassing intended permissions...

USN-1483-1: NetworkManager vulnerability

It was discovered that certain wireless drivers incorrectly handled the creation of WPA-secured AdHoc connections. This could result in AdHoc wireless connections being created without any security at all. This update removes WPA as a security choice for AdHoc connections in NetworkManager...

USN-1483-2: network-manager-applet vulnerability

USN-1483-1 fixed a vulnerability in NetworkManager by disabling the creation of WPA-secured AdHoc wireless connections. This update provides the corresponding change for network-manager-applet. Original advisory details: It was discovered that certain wireless drivers incorrectly handled the...

USN-1463-6: Thunderbird vulnerabilities

USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory details: Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy discovered memory safety issues...

USN-1463-5: Unity 2D update

USN-1463-2 fixed a bug in Unity 2D exposed by a recent Firefox update. It was discovered that the issue was only partially fixed on Ubuntu 11.04. When Thunderbird was started from the launcher, Thunderbird was still unable to obtain pointer grabs under certain conditions. This update fixes the...

USN-1463-4: Thunderbird vulnerabilities

USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Original advisory details: Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy discovered memory safety issues...

USN-1463-3: Firefox regressions

USN-1463-1 fixed vulnerabilities in Firefox. The new package caused a regression in the rendering of Hebrew text and the ability of the Hotmail inbox to auto-update. This update fixes the problem. Original advisory details: Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew...

USN-1482-2: ClamAV regression

USN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail to install in certain situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote...

USN-1482-1: ClamAV vulnerabilities

It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create a specially-crafted TAR file containing malware that could escape being detected. CVE-2012-1457, CVE-2012-1459 It was discovered that ClamAV incorrectly handled certain malformed CHM...

USN-1481-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain Tidy::diagnose operations on invalid objects. A remote attacker could use this flaw to cause PHP to crash, leading to a denial of service. CVE-2012-0781 It was discovered that PHP incorrectly handled certain multi-file upload filenames. A...

USN-1480-1: Raptor vulnerability

Timothy D. Morgan discovered that Raptor would unconditionally load XML external entities. If a user were tricked into opening a specially crafted document in an application linked against Raptor, an attacker could possibly obtain access to arbitrary files on the user's system or potentially...

USN-1479-1: FFmpeg vulnerabilities

Mateusz Jurczyk and Gynvael Coldwind discovered that FFmpeg incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...

USN-1478-1: Libav vulnerabilities

Mateusz Jurczyk and Gynvael Coldwind discovered that Libav incorrectly handled certain malformed DV files. If a user were tricked into opening a crafted DV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...

USN-1477-1: APT vulnerability

Georgi Guninski discovered that APT did not properly validate imported keyrings via apt-key net-update. USN-1475-1 added additional verification for imported keyrings, but it was insufficient. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be...

USN-1476-1: Linux kernel (OMAP4) vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage...

USN-1463-2: Unity 2D update

USN-1463-1 fixed vulnerabilities in Firefox. The Firefox update exposed a bug in Unity 2D which resulted in Firefox being unable to obtain pointer grabs in order to open popup menus. This update fixes the problem...

USN-1475-1: APT update

Georgi Guninski discovered that APT relied on GnuPG argument order and did not check GPG subkeys when validating imported keyrings via apt-key net-update. While it appears that a machine-in-the-middle attacker cannot exploit this, as a hardening measure this update adjusts apt-key to validate all...

USN-1474-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. CVE-2012-2121 Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An...

USN-1473-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. CVE-2012-2121 Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An...

USN-1466-2: Nova regression

USN 1466-1 fixed a vulnerability in Nova. The upstream patch introduced a regression when a security group granted full access and therefore the network protocol was left unset, causing an error in processing. This update fixes the issue. We apologize for the inconvenience. Original advisory...

USN-1430-4: AppArmor update

USN-1430-1 fixed vulnerabilities in Firefox and USN-1430-3 fixed vulnerabilities in Thunderbird. This update provides an AppArmor package with updated abstractions for use with the latest Firefox and Thunderbird...

USN-1472-1: Linux kernel vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage...

USN-1471-1: Linux kernel (Oneiric backport) vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage...

USN-1470-1: Linux kernel (Natty backport) vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit...

USN-1469-1: Linux kernel (EC2) vulnerability

Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges...

USN-1468-1: Linux kernel vulnerability

Schacher Raindel discovered a flaw in the Linux kernel's memory handling when hugetlb is enabled. An unprivileged local attacker could exploit this flaw to cause a denial of service and potentially gain higher privileges...

USN-1467-1: MySQL vulnerabilities

It was discovered that certain builds of MySQL incorrectly handled password authentication on certain platforms. A remote attacker could use this issue to authenticate with an arbitrary password and establish a connection. CVE-2012-2122 MySQL has been updated to 5.5.24 in Ubuntu 12.04 LTS. Ubuntu...

USN-1466-1: Nova vulnerability

It was discovered that, when defining security groups in Nova using the EC2 or OS APIs, specifying the network protocol e.g. 'TCP' in the incorrect case would cause the security group to not be applied correctly. An attacker could use this to bypass Nova security group restrictions...