SECURITY

USN-3477-3: Firefox regressions Ubuntu Security Notice USN-3477-3 1st December, 2017 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary USN-3477-1 caused some minor regressions in Firefox. Software description firefox – Mozilla Open Source web browser Details USN-3477-1 fixed vulnerabilities in Firefox. The update introduced variousminor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. (CVE-2017-7826, CVE-2017-7827, CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7842) [ more… ]

USN-3490-1: Thunderbird vulnerabilities Ubuntu Security Notice USN-3490-1 1st December, 2017 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in Thunderbird. Software description thunderbird – Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user weretricked in to opening a specially crafted website in a browsing-likecontext, an attacker could potentially exploit these to bypass same-originrestrictions, cause a denial of service via application crash, or executearbitrary code. (CVE-2017-7826, CVE-2017-7828, CVE-2017-7830) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: thunderbird 1:52.5.0+build1-0ubuntu0.17.10.1 Ubuntu 17.04: thunderbird 1:52.5.0+build1-0ubuntu0.17.04.1 Ubuntu 16.04 LTS: thunderbird 1:52.5.0+build1-0ubuntu0.16.04.1 Ubuntu 14.04 LTS: thunderbird 1:52.5.0+build1-0ubuntu0.14.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. [ more… ]