Ubuntu Security Notices
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
Search USNs
USN ID, name, description or CVE ID contains
151 - 155 of 328 results
26 March 2014
Samba did not properly enforce the password guessing protection mechanism.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04 ,
- 10.04
CVE ID
25 March 2014
OpenSSH incorrectly handled environment restrictions with wildcards.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04 ,
- 10.04
CVE ID
24 March 2014
ca-certificates was updated to the 20130906 package.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04 ,
- 10.04
24 March 2014
Apache HTTP server could be made to crash if it received specially crafted network traffic.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04 ,
- 10.04
CVE ID
21 March 2014
Several security issues were fixed in Thunderbird.
- Ubuntu 13.10 ,
- 12.10 ,
- 12.04
CVE ID
CVE-2014-1493, CVE-2014-1497, CVE-2014-1505 + 7 others
Resources
Join the discussion
Canonical is offering
Expanded Security Maintenance
Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.