Ubuntu Security Notices
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
Search USNs
USN ID, name, description or CVE ID contains
18 - 23 of 384 results
12 July 2016
Pidgin could be made to crash or run programs if it received specially crafted network traffic.
- Ubuntu 15.10 ,
- 14.04 LTS,
- 12.04
CVE ID
CVE-2016-2365, CVE-2016-2366, CVE-2016-2367 + 13 others
11 July 2016
The GD library could be made to crash or run programs if it processed a specially crafted image file.
- Ubuntu 16.04 LTS,
- 15.10 ,
- 14.04 LTS,
- 12.04
CVE ID
CVE-2013-7456, CVE-2016-5116, CVE-2016-5766 + 2 others
11 July 2016
NSS could be made to crash or run programs if it processed specially crafted network traffic.
- Ubuntu 16.04 LTS,
- 15.10 ,
- 14.04 LTS,
- 12.04
CVE ID
11 July 2016
NSPR could be made to crash or run programs if it received specially crafted input.
- Ubuntu 16.04 LTS,
- 15.10 ,
- 14.04 LTS,
- 12.04
CVE ID
5 July 2016
libusbmuxd would allow unintended access to devices over the network.
- Ubuntu 16.04 LTS,
- 15.10
CVE ID
5 July 2016
libimobiledevice would allow unintended access to devices over the network.
- Ubuntu 16.04 LTS,
- 15.10 ,
- 14.04 LTS
CVE ID
Resources
Join the discussion
Canonical is offering
Expanded Security Maintenance
Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.