SECURITY

No Image

USN-3073-1: Thunderbird vulnerabilities

2016-09-23 KENNETH 0

USN-3073-1: Thunderbird vulnerabilities Ubuntu Security Notice USN-3073-1 22nd September, 2016 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Thunderbird could be made to crash or run programs as your login if it opened a malicious message. Software description thunderbird – Mozilla Open Source mail and newsgroup client Details Christian Holler, Carsten Book, Gary Kwong, Jesse Ruderman, AndrewMcCreight, and Phil Ringnalda discovered multiple memory safety issues inThunderbird. If a user were tricked in to opening a specially craftedmessage, an attacker could potentially exploit these to cause a denial ofservice via application crash, or execute arbitrary code. (CVE-2016-2836) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: thunderbird 1:45.3.0+build1-0ubuntu0.16.04.2 Ubuntu 14.04 LTS: thunderbird 1:45.3.0+build1-0ubuntu0.14.04.4 Ubuntu 12.04 LTS: [ more… ]

No Image

RHBA-2016:1913-1: gluster-smb bug fix update

2016-09-22 KENNETH 0

RHBA-2016:1913-1: gluster-smb bug fix update Red Hat Enterprise Linux: Updated Samba package that adds one enhancement is now available for Red Hat Gluster Storage 3.1. Source: RHBA-2016:1913-1: gluster-smb bug fix update

No Image

RHBA-2016:1914-1: gluster-smb bug fix update

2016-09-22 KENNETH 0

RHBA-2016:1914-1: gluster-smb bug fix update Red Hat Enterprise Linux: Updated Samba package that adds one enhancement is now available for Red Hat Gluster Storage 3.1. Source: RHBA-2016:1914-1: gluster-smb bug fix update

No Image

USN-3085-1: GDK-PixBuf vulnerabilities

2016-09-22 KENNETH 0

USN-3085-1: GDK-PixBuf vulnerabilities Ubuntu Security Notice USN-3085-1 21st September, 2016 gdk-pixbuf vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file. Software description gdk-pixbuf – GDK-Pixbuf library Details It was discovered that the GDK-PixBuf library did not properly handle speciallycrafted bmp images, leading to a heap-based buffer overflow. If a user orautomated system were tricked into opening a specially crafted bmp file, aremote attacker could use this flaw to cause GDK-PixBuf to crash, resultingin a denial of service, or possibly execute arbitrary code. This issue onlyaffected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-7552) It was discovered that the GDK-PixBuf library contained an integer overflowwhen handling certain images. If [ more… ]

No Image

USN-3086-1: Irssi vulnerabilities

2016-09-22 KENNETH 0

USN-3086-1: Irssi vulnerabilities Ubuntu Security Notice USN-3086-1 21st September, 2016 irssi vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Irssi could be made to crash if it received specially crafted network traffic. Software description irssi – terminal based IRC client Details Gabriel Campana and Adrien Guinet discovered that the format parsing codein Irssi did not properly verify 24bit color codes. A remote attacker coulduse this to cause a denial of service (application crash). (CVE-2016-7044) Gabriel Campana and Adrien Guinet discovered that a buffer overflow existedin the format parsing code in Irssi. A remote attacker could use this tocause a denial of service (application crash). (CVE-2016-7045) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: irssi 0.8.19-1ubuntu1.2 To update your system, please follow [ more… ]