Ubuntu Security Notices

Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.

To report a security vulnerability in an Ubuntu package, please contact the Security Team.

The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.

Subscribe for updates  

Mailing list Atom RSS

Search USNs

USN ID, name, description or CVE ID contains

Filter by Ubuntu release

61 - 70 of 229 results

USN-945-1: ClamAV vulnerabilities

27 May 2010

An attacker could send crafted input to ClamAV and cause it to crash.

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04

CVE ID

CVE-2010-1639, CVE-2010-2077

USN-944-1: GNU C Library vulnerabilities

25 May 2010

The GNU C library did not correctly handle certain mnt entries, strfmon arguments, and ELF program headers.

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04 ,
  • 8.04 ,
  • 6.06

CVE ID

CVE-2010-0296, CVE-2010-0830, CVE-2008-1391

USN-942-1: PostgreSQL vulnerabilities

21 May 2010

If PostgreSQL was configured to use Perl and/or Tcl stored procedures a remote authenticated attacker could run programs as the database user.

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04 ,
  • 8.04 ,
  • 6.06

CVE ID

CVE-2010-1169, CVE-2010-1170, CVE-2010-1975

USN-941-1: MoinMoin vulnerability

20 May 2010

  • Ubuntu 9.04

CVE ID

CVE-2009-4762

USN-940-1: Kerberos vulnerabilities

19 May 2010

Unauthenticated remote attackers could cause Kerberos servers to crash, leading to a denial of service.

  • Ubuntu 9.10 ,
  • 9.04 ,
  • 8.04 ,
  • 6.06

CVE ID

CVE-2007-5971, CVE-2010-1320, CVE-2007-5902 + 2 others

USN-939-1: X.org vulnerabilities

18 May 2010

A remote attacker could trigger a crash in X.org. In addition, the xvfb-run tool left the session cookie visible when launching X.org.

  • Ubuntu 9.10 ,
  • 9.04 ,
  • 8.04

CVE ID

CVE-2009-1573, CVE-2010-1166

USN-938-1: KDENetwork vulnerabilities

13 May 2010

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04

CVE ID

CVE-2010-1000, CVE-2010-1511

USN-937-1: TeX Live vulnerabilities

6 May 2010

TeX Live vulnerabilities

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04 ,
  • 8.04

CVE ID

CVE-2009-1284, CVE-2010-0739, CVE-2010-0827 + 1 other

USN-936-1: dvipng vulnerability

6 May 2010

dvipng vulnerability

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04

CVE ID

CVE-2010-0829

USN-934-1: Netpbm vulnerability

29 April 2010

Netpbm vulnerability

  • Ubuntu 9.10 ,
  • 9.04 ,
  • 8.04

CVE ID

CVE-2009-4274

  1. Previous page
  2. 5
  3. 6
  4. 7
  5. 8
  6. 9
  7. Next page

Resources

Join the discussion

Further reading

Canonical is offering
Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›