The following security announcement applies to mysql-server. If you have mysql-server installed, please see below for details on the vulnerability and instructions on patching your system: It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options… Read More »
The following security announcement applies to linux-image. If you have linux-image installed, please see below for details on the vulnerability and instructions on patching your system: ATTENTION: Due to an unavoidable ABI change (except for Ubuntu 6.06) the kernel updates have been given a new version number, which requires you to recompile and reinstall all… Read More »
On Jan 30, 2010 the Freenode IRC network finally activated SSL support. This is something that many have long been waiting for, and I’m glad to finally see it! I have been an IRC user for some years now, the majority of which has been specific to the Freenode network. Historically all data passed to… Read More »
The following security announcement applies to fuse-utils. If you have fuse-utils installed, please see below for details on the vulnerability and instructions on patching your system: Ronald Volgers discovered that FUSE did not correctly check mount locations. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.… Read More »
The following security announcement applies to smbfs. If you have smbfs installed, please see below for details on the vulnerability and instructions on patching your system: Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, suffered from a race condition when verifying user permissions. A local attacker could trick samba into… Read More »
The following security announcement applies to lintian. If you have lintian installed, please see below for details on the vulnerability and instructions on patching your system: It was discovered that lintian did not correctly validate certain filenames when processing input. If a user or an automated system were tricked into running lintian on a specially… Read More »
The following security announcement applies to dhcp-client. If you have dhcp-client installed, please see below for details on the vulnerability and instructions on patching your system: USN-803-1 fixed a vulnerability in Dhcp. Due to an error, the patch to fix the vulnerability was not properly applied on Ubuntu 8.10 and higher. Even with the patch… Read More »
The following security announcement applies to Python. If you have Python installed, please see below for details on the vulnerability and instructions on patching your system: USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for PyXML. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly… Read More »
The following security announcement applies to Python. If you have Python installed, please see below for details on the vulnerability and instructions on patching your system: USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for the PyExpat module in Python 2.5. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered… Read More »
The following security announcement applies to Expat. If you have Expat installed, please see below for details on the vulnerability and instructions on patching your system: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a… Read More »