This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8582920153145639276== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="awmSnVUkJvMHBuNQ2elUQ82ueiu8nhj0x"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --awmSnVUkJvMHBuNQ2elUQ82ueiu8nhj0x Content-Type: text/plain; charset=windows-125 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2570-1 April 27, 2015
oxide-qt vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04 - Ubuntu 14.10 - Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Oxide.
Software Description: - oxide-qt: Web browser engine library for Qt (QML plugin)
Details:
An issue was discovered in the HTML parser in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2015-1235)
An issue was discovered in the Web Audio API implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2015-1236)
A use-after-free was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1237)
An out-of-bounds write was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1238)
An out-of-bounds read was discovered in the WebGL implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1240)
An issue was discovered with the interaction of page navigation and touch event handling. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to conduct "tap jacking" attacks. (CVE-2015-1241)
A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-1242)
It was discovered that websocket connections were not upgraded whenever a HSTS policy is active. A remote attacker could potentially exploit this to conduct a man in the middle (MITM) attack. (CVE-2015-1244)
An out-of-bounds read was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash. (CVE-2015-1246)
Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1249)
A use-after-free was discovered in the file picker implementation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1321)
Multiple security issues were discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2015-3333)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: liboxideqtcore0 1.6.5-0ubuntu0.15.04.1 oxideqt-codecs 1.6.5-0ubuntu0.15.04.1 oxideqt-codecs-extra 1.6.5-0ubuntu0.15.04.1
Ubuntu 14.10: liboxideqtcore0 1.6.5-0ubuntu0.14.10.1 oxideqt-codecs 1.6.5-0ubuntu0.14.10.1 oxideqt-codecs-extra 1.6.5-0ubuntu0.14.10.1
Ubuntu 14.04 LTS: liboxideqtcore0 1.6.5-0ubuntu0.14.04.1 oxideqt-codecs 1.6.5-0ubuntu0.14.04.1 oxideqt-codecs-extra 1.6.5-0ubuntu0.14.04.1
In general, a standard system update will make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2570-1 CVE-2015-1235, CVE-2015-1236, CVE-2015-1237, CVE-2015-1238, CVE-2015-1240, CVE-2015-1241, CVE-2015-1242, CVE-2015-1244, CVE-2015-1246, CVE-2015-1249, CVE-2015-1321, CVE-2015-3333
Package Information: https://launchpad.net/ubuntu/+source/oxide-qt/1.6.5-0ubuntu0.15.04.1 https://launchpad.net/ubuntu/+source/oxide-qt/1.6.5-0ubuntu0.14.10.1 https://launchpad.net/ubuntu/+source/oxide-qt/1.6.5-0ubuntu0.14.04.1
--awmSnVUkJvMHBuNQ2elUQ82ueiu8nhj0x Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBAgAGBQJVPmB1AAoJEGEfvezVlG4PdfUIAJgD6v/K2QNujuCDKFbYfqYT FNu1IruCbQg/4JpeNdun197cgzlMNd4X8J7PTf4WUtiKed/NQDcwlA/ahYIHS4RC 1zhifkGVzlgswerG6QYhIAOkrxt/otyFqJzETaT6Jg52JDQw5iBFeeE6N7CXa9E/ q0ZIjzNkPwGbxDOaJea8fv3eRLAtGxXJB1LAlZN7S8wxZqW9fy1o6iST6+XHHR/8 JhXH1bYf4zu4kTe0gc8Z7FUqZW+2uxlFRRrrMO8jg2Jmvafex4CFTNQRCte1gYgB MbZM3Bh5+DH5kQt2OqI2gUWBGkVoH/CyYjytVgLpqp4sA39Nas/T5yz4j7kN9bc= =RIpK -----END PGP SIGNATURE-----
--awmSnVUkJvMHBuNQ2elUQ82ueiu8nhj0x--
--===============8582920153145639276== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============8582920153145639276==--
|