Ubuntu Security Notices
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
Search USNs
USN ID, name, description or CVE ID contains
71 - 80 of 373 results
6 February 2014
Several security issues were fixed in Pidgin.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04
CVE ID
CVE-2012-6152, CVE-2013-6477, CVE-2013-6478 + 10 others
5 February 2014
Perl could be made to run programs if it processed a specially crafted Locale::Maketext templates.
- Ubuntu 12.10 ,
- 12.04 ,
- 10.04
CVE ID
4 February 2014
LibYAML could be made to crash or run programs if it opened specially crafted yaml document.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04
CVE ID
3 February 2014
libcurl could be made to expose sensitive information.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04 ,
- 10.04
CVE ID
30 January 2014
Several security issues were fixed in libvirt.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04
CVE ID
CVE-2013-6436, CVE-2013-6457, CVE-2013-6458 + 2 others
30 January 2014
Several security issues were fixed in QEMU.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04
CVE ID
27 January 2014
Several security issues were fixed in Munin.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04
CVE ID
23 January 2014
Several security issues were fixed in OpenJDK 7.
- Ubuntu 13.10 ,
- 13.04 ,
- 12.10
CVE ID
CVE-2013-5817, CVE-2013-5820, CVE-2013-5823 + 42 others
23 January 2014
NSS could be made to expose sensitive information over the network.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04 ,
- 10.04
CVE ID
23 January 2014
NSPR could be made to crash or run programs if it received a specially crafted certificate.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04 ,
- 10.04
CVE ID
Resources
Join the discussion
Canonical is offering
Expanded Security Maintenance
Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.