Ubuntu Security Notices
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
Search USNs
USN ID, name, description or CVE ID contains
101 - 110 of 315 results
21 May 2012
Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04 ,
- 10.04 ,
- 8.04
CVE ID
17 May 2012
BackupPC could be made to expose sensitive information over the network.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04 ,
- 10.04 ,
- 8.04
CVE ID
17 May 2012
Update Manager could expose sensitive information in certain circumstances.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04
CVE ID
16 May 2012
Sudo could allow users to run arbitrary programs as the administrator.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04 ,
- 10.04 ,
- 8.04
CVE ID
15 May 2012
Quagga could be made to crash if it received specially crafted network traffic.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04 ,
- 10.04
CVE ID
8 May 2012
Several security issues were fixed in the kernel.
- Ubuntu 11.04
CVE ID
CVE-2011-4086, CVE-2012-1090, CVE-2012-2100 + 1 other
4 May 2012
Standalone PHP CGI scripts could be made to execute arbitrary code with the privilege of the web server.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04 ,
- 10.04 ,
- 8.04
CVE ID
4 May 2012
Several security issues were fixed in Thunderbird.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04 ,
- 10.04
CVE ID
CVE-2011-1187, CVE-2011-3062, CVE-2012-0467 + 10 others
2 May 2012
Libtasn1 could be made to crash or run programs as your login if it received specially crafted input.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04 ,
- 10.04 ,
- 8.04
CVE ID
1 May 2012
ImageMagick could be made to crash or run programs as your login if it opened a specially crafted file.
- Ubuntu 12.04 ,
- 11.10 ,
- 11.04 ,
- 10.04
CVE ID
CVE-2012-0247, CVE-2012-0248, CVE-2012-0259 + 4 others
Resources
Join the discussion
Canonical is offering
Expanded Security Maintenance
Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.