지락문화예술공작단

USN-3141-1: Thunderbird vulnerabilities Ubuntu Security Notice USN-3141-1 30th November, 2016 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Thunderbird. Software description thunderbird – Mozilla Open Source mail and newsgroup client Details Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong,Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issuesin Thunderbird. If a user were tricked in to opening a specially craftedmessage, an attacker could potentially exploit these to cause a denial ofservice via application crash, or execute arbitrary code. (CVE-2016-5290) A same-origin policy bypass was discovered with local HTML files in somecircumstances. An attacker could potentially exploit this to obtainsensitive information. (CVE-2016-5291) A heap buffer-overflow was discovered in Cairo when processing SVGcontent. If a user were [ more… ]

USN-3140-1: Firefox vulnerabilities Ubuntu Security Notice USN-3140-1 30th November, 2016 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could be made to crash or run programs as your login if it opened a malicious website. Software description firefox – Mozilla Open Source web browser Details It was discovered that data: URLs can inherit the wrong origin after aHTTP redirect in some circumstances. An attacker could potentiallyexploit this to bypass same-origin restrictions. (CVE-2016-9078) A use-after-free was discovered in SVG animations. If a user were trickedin to opening a specially crafted website, an attacker could exploit thisto cause a denial of service via application crash, or execute arbitrarycode. (CVE-2016-9079) Update instructions The problem can be corrected by updating your system to the following package [ more… ]

USN-3144-1: Linux kernel vulnerability Ubuntu Security Notice USN-3144-1 30th November, 2016 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary The system could be made to crash under certain conditions. Software description linux – Linux kernel Details Marco Grassi discovered that the driver for Areca RAID Controllers in theLinux kernel did not properly validate control messages. A local attackercould use this to cause a denial of service (system crash) or possibly gainprivileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: linux-image-powerpc-smp 3.2.0.116.132 linux-image-3.2.0-116-generic 3.2.0-116.158 linux-image-3.2.0-116-virtual 3.2.0-116.158 linux-image-3.2.0-116-generic-pae 3.2.0-116.158 linux-image-generic 3.2.0.116.132 linux-image-generic-pae 3.2.0.116.132 linux-image-highbank 3.2.0.116.132 linux-image-3.2.0-116-powerpc64-smp 3.2.0-116.158 linux-image-virtual 3.2.0.116.132 linux-image-powerpc64-smp 3.2.0.116.132 linux-image-3.2.0-116-highbank 3.2.0-116.158 linux-image-3.2.0-116-omap 3.2.0-116.158 linux-image-3.2.0-116-powerpc-smp 3.2.0-116.158 linux-image-omap 3.2.0.116.132 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system [ more… ]

USN-3144-2: Linux kernel (OMAP4) vulnerability Ubuntu Security Notice USN-3144-2 30th November, 2016 linux-ti-omap4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary The system could be made to crash under certain conditions. Software description linux-ti-omap4 – Linux kernel for OMAP4 Details Marco Grassi discovered that the driver for Areca RAID Controllers in theLinux kernel did not properly validate control messages. A local attackercould use this to cause a denial of service (system crash) or possibly gainprivileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: linux-image-omap4 3.2.0.1494.89 linux-image-3.2.0-1494-omap4 3.2.0-1494.121 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel [ more… ]