Ubuntu Security Notices

Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.

To report a security vulnerability in an Ubuntu package, please contact the Security Team.

The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.

Subscribe for updates  

Mailing list Atom RSS

Search USNs

USN ID, name, description or CVE ID contains

Filter by Ubuntu release

231 - 240 of 537 results

USN-960-1: libpng vulnerabilities

8 July 2010

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04 ,
  • 8.04 ,
  • 6.06

CVE ID

CVE-2010-2249, CVE-2010-1205

USN-956-1: sudo vulnerability

30 June 2010

Under certain conditions, a user might be able to run commands with administrative privileges.

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04 ,
  • 8.04 ,
  • 6.06

CVE ID

CVE-2010-1646

USN-930-3: Firefox regression

30 June 2010

This update fixes a problem with Firefox not installing alongside the old Firefox 2 package.

  • Ubuntu 8.04

USN-930-2: apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update

29 June 2010

This update is for use with the new Xulrunner provided in USN-930-1.

  • Ubuntu 8.04

USN-930-1: Firefox and Xulrunner vulnerabilities

29 June 2010

Firefox could be made to run programs as your login if it opened a specially crafted file or website.

  • Ubuntu 10.04 ,
  • 8.04

CVE ID

CVE-2010-1121, CVE-2010-1200, CVE-2010-1201 + 8 others

USN-927-5: nspr update

29 June 2010

This update is for use with the new NSS provided in USN-927-4.

  • Ubuntu 8.04

USN-927-4: nss vulnerability

29 June 2010

Under certain conditions, an attacker could execute commands in web applications using your authenticated credentials.

  • Ubuntu 8.04

CVE ID

CVE-2009-3555

USN-952-1: CUPS vulnerabilities

21 June 2010

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04 ,
  • 8.04 ,
  • 6.06

CVE ID

CVE-2010-0540, CVE-2010-1748, CVE-2010-0542

USN-954-1: tiff vulnerabilities

21 June 2010

Multiple integer overflows leading to crashes or arbitrary code execution.

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04 ,
  • 8.04 ,
  • 6.06

CVE ID

CVE-2010-1411, CVE-2010-2065, CVE-2010-2067

USN-953-1: fastjar vulnerability

21 June 2010

  • Ubuntu 10.04 ,
  • 9.10 ,
  • 9.04 ,
  • 8.04

CVE ID

CVE-2010-0831

  1. Previous page
  2. 22
  3. 23
  4. 24
  5. 25
  6. 26
  7. Next page

Resources

Join the discussion

Further reading

Canonical is offering
Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›