Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in WebKitGTK+
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in WebKitGTK+
ID: USN-2937-1
Distribution: Ubuntu
Plattformen: Ubuntu 14.04 LTS, Ubuntu 15.10
Datum: Di, 22. März 2016, 07:22
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5928
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5822
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============5360274865144453619==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="NwKAVhWe486wpMXdf5t4bASCMkE4exjlj"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--NwKAVhWe486wpMXdf5t4bASCMkE4exjlj
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2937-1
March 21, 2016

webkitgtk vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in WebKitGTK+.

Software Description:
- webkitgtk: Web content engine library for GTK+

Details:

A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
libjavascriptcoregtk-1.0-0 2.4.10-0ubuntu0.15.10.1
libjavascriptcoregtk-3.0-0 2.4.10-0ubuntu0.15.10.1
libwebkitgtk-1.0-0 2.4.10-0ubuntu0.15.10.1
libwebkitgtk-3.0-0 2.4.10-0ubuntu0.15.10.1

Ubuntu 14.04 LTS:
libjavascriptcoregtk-1.0-0 2.4.10-0ubuntu0.14.04.1
libjavascriptcoregtk-3.0-0 2.4.10-0ubuntu0.14.04.1
libwebkitgtk-1.0-0 2.4.10-0ubuntu0.14.04.1
libwebkitgtk-3.0-0 2.4.10-0ubuntu0.14.04.1

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany and Evolution, to make all the
necessary changes.

References:
http://www.ubuntu.com/usn/usn-2937-1
CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081,
CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127,
CVE-2015-1153, CVE-2015-1155, CVE-2015-3658, CVE-2015-3659,
CVE-2015-3727, CVE-2015-3731, CVE-2015-3741, CVE-2015-3743,
CVE-2015-3745, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749,
CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801,
CVE-2015-5809, CVE-2015-5822, CVE-2015-5928

Package Information:
https://launchpad.net/ubuntu/+source/webkitgtk/2.4.10-0ubuntu0.15.10.1
https://launchpad.net/ubuntu/+source/webkitgtk/2.4.10-0ubuntu0.14.04.1



--NwKAVhWe486wpMXdf5t4bASCMkE4exjlj
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJW8DjmAAoJEGVp2FWnRL6T1VgP/Aocjm3W/9eG7cq0AckC1hrl
mkRJ9mmwN02R7P3sozUVQ5L7wYmfKBLX/00qY3zFRAoL0mmEn59/33OEYgEWdqdC
8zrfo0LzVeX2SW8vrrAPTd7/5SdTlPMiVx5DHlt6VAFZHkRlY+AXvMFnSzc/XbnX
JFZvHVZ53kiOvqeVMt3dHVQ57NryGx9jGshSKqhmzKDOo4/8lsech7IKDu+7ijS6
YO1nAQcp3x+kI8n3lXAXPzDQ1ic1OQsNPRQ+OZAb89KmqkgbQ4H8yreypfOn6sSc
Z60kexFsL6SypbcpSTQ+N7pZrnniHKFBUQ75H1WseGeacOwLozU1QTN4i64jQ9Kt
jNFJiRK+fLSo50EVTxQjXPmZYF2n/5Dsg5C04wM+DW4LGk9w/GwOZteAvcjLqh4E
Nr8GNpaBADSNLcozs2wOayoEkFm7BSAw1jBSdd3hf5GEzhq/P+2A7cJHdgjMDTcx
gKJYq9iMzQAFvIQ4iGtWcszHkm5MoCrt2ODu/LkzPfhuTUcnqhME7qoo0tnGJazn
oMA43tbtu+5YiNRzRF6f9K4LTHI7+fgiSBnQiWt+248udGDRG+hVAGWbcuSb89Ui
Cbxg9ijiVCSsyd56fyhQtV09F3E7grWhP3I4ooRqZn1CgfXLjOQNMnvsfPLqY+Pn
EpmsNAEj2kWzX8925qVQ
=q7ZB
-----END PGP SIGNATURE-----

--NwKAVhWe486wpMXdf5t4bASCMkE4exjlj--


--===============5360274865144453619==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============5360274865144453619==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung