Ubuntu Security Notices

Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.

To report a security vulnerability in an Ubuntu package, please contact the Security Team.

The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.

Search

Release:

Details contain:

Latest Notices

USN-6275-1: Cargo vulnerability ›

3 August 2023

Cargo could be made to run programs as your login if it installed a specially crafted crate.

USN-6273-1: poppler vulnerabilities ›

3 August 2023

poppler could be made to crash if it opened a specially crafted file.

CVE-2022-27337 , CVE-2023-34872

USN-5064-3: GNU cpio vulnerability ›

3 August 2023

GNU cpio could be made to crash or run programs if it opened a specially crafted file.

Ubuntu 14.04 ESM

USN-6272-1: OpenJDK 20 vulnerabilities ›

3 August 2023

Several security issues were fixed in OpenJDK 20.

CVE-2023-22044 , CVE-2023-22045 , CVE-2023-25193 , and 4 others

Ubuntu 23.04

USN-6271-1: MaraDNS vulnerabilities ›

3 August 2023

Several security issues were fixed in MaraDNS.

CVE-2023-31137 , CVE-2022-30256

USN-6270-1: Vim vulnerabilities ›

3 August 2023

Several security issues were fixed in Vim.

CVE-2022-2208 , CVE-2022-2182 , CVE-2022-2264 , and 8 others

USN-6269-1: GStreamer Good Plugins vulnerability ›

2 August 2023

GStreamer Good Plugins could be made to crash or run programs if it opened a specially crafted file.

USN-6268-1: GStreamer Base Plugins vulnerabilities ›

2 August 2023

GStreamer Base Plugins could be made to crash or run programs if it opened a specially crafted file.

CVE-2023-37328 , CVE-2023-37327

USN-6267-1: Firefox vulnerabilities ›

2 August 2023

Several security issues were fixed in Firefox.

CVE-2023-4048 , CVE-2023-4051 , CVE-2023-4047 , and 9 others

Ubuntu 20.04 LTS

USN-6266-1: librsvg vulnerability ›

1 August 2023

librsvg could be made to expose sensitive information.

Subscribe

Subscribe

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading