Ubuntu Security Notices

Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.

To report a security vulnerability in an Ubuntu package, please contact the Security Team.

The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.

Search

Release:

Details contain:

Latest Notices

USN-7145-1: Expat vulnerability ›

10 December 2024

Expat could be made to crash if an unstarted parser was resumed.

USN-7141-1: oFono vulnerabilities ›

9 December 2024

Several security issues were fixed in oFono.

CVE-2023-4233 , CVE-2023-2794 , CVE-2023-4234

USN-7144-1: Linux kernel (Intel IoTG) vulnerabilities ›

9 December 2024

Several security issues were fixed in the Linux kernel.

CVE-2024-43846 , CVE-2024-38577 , CVE-2024-45011 , and 219 others

USN-7143-1: RabbitMQ Server vulnerabilities ›

9 December 2024

RabbitMQ Server could be made to expose sensitive information over the network.

CVE-2021-32719 , CVE-2021-32718

Ubuntu 20.04 LTS

USN-7142-1: WebKitGTK vulnerabilities ›

9 December 2024

Several security issues were fixed in WebKitGTK.

CVE-2024-44309 , CVE-2024-44308

USN-7140-1: Tinyproxy vulnerability ›

9 December 2024

tinyproxy could be made to expose sensitive information.

USN-7117-3: needrestart regression ›

5 December 2024

USN-7117-1 caused some regression in needrestart.

USN-7139-1: Apache Shiro vulnerability ›

5 December 2024

Apache Shiro could be made to run programs or expose sensitive information over the network.

Ubuntu 16.04 ESM

USN-7138-1: Ghostscript vulnerabilities ›

5 December 2024

Several security issues were fixed in Ghostscript.

CVE-2024-46951 , CVE-2024-46956 , CVE-2024-46955 , and 1 other

USN-7137-1: recutils vulnerabilities ›

4 December 2024

recutils could be made to crash or run programs as a login user if a specially crafted file was opened.

CVE-2021-46021 , CVE-2019-11637 , CVE-2019-6456 , and 10 others

Subscribe

1
2
3
4
5

Subscribe

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading