Ubuntu Security Notices
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
Search USNs
USN ID, name, description or CVE ID contains
1 - 10 of 585 results
24 May 2011
A denial of service issue exists that affects the Apache web server.
- Ubuntu 11.04 ,
- 10.10 ,
- 10.04 ,
- 8.04 ,
- 6.06
CVE ID
11 May 2011
An attacker could send crafted input to Postfix and cause it to crash or run programs.
- Ubuntu 11.04 ,
- 10.10 ,
- 10.04 ,
- 8.04 ,
- 6.06
CVE ID
5 May 2011
Multiple flaws fixed in the Linux kernel.
- Ubuntu 6.06
CVE ID
CVE-2010-4164, CVE-2010-4249, CVE-2010-4258 + 6 others
5 May 2011
USN 1126-1 introduced two regressions in PHP.
- Ubuntu 11.04 ,
- 10.10 ,
- 10.04 ,
- 9.10 ,
- 8.04 ,
- 6.06
3 May 2011
An attacker could send crafted input to Perl and bypass intended restrictions.
- Ubuntu 11.04 ,
- 10.10 ,
- 10.04 ,
- 8.04 ,
- 6.06
CVE ID
CVE-2010-2761, CVE-2010-4410, CVE-2011-1487 + 3 others
29 April 2011
Multiple vulnerabilities in PHP.
- Ubuntu 11.04 ,
- 10.10 ,
- 10.04 ,
- 9.10 ,
- 8.04 ,
- 6.06
CVE ID
CVE-2011-0421, CVE-2011-0708, CVE-2011-0441 + 16 others
20 April 2011
An attacker could send crafted input to OpenSLP and cause it to hang.
- Ubuntu 10.10 ,
- 10.04 ,
- 9.10 ,
- 8.04 ,
- 6.06
CVE ID
18 April 2011
An attacker could send crafted input to Postfix and cause it to reveal confidential information.
- Ubuntu 10.10 ,
- 10.04 ,
- 9.10 ,
- 8.04 ,
- 6.06
CVE ID
11 April 2011
An attacker's DHCP server could send crafted responses to your computer and cause it to run programs as root.
- Ubuntu 10.10 ,
- 10.04 ,
- 9.10 ,
- 8.04 ,
- 6.06
CVE ID
4 April 2011
Certain applications could be made to run programs as your login if they opened a specially crafted TIFF file.
- Ubuntu 10.10 ,
- 10.04 ,
- 9.10 ,
- 8.04 ,
- 6.06
CVE ID
Resources
Join the discussion
Canonical is offering
Expanded Security Maintenance
Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.