This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============6147145212289506684== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="KBdbatq32893op2s4UUbipNceVqGAgagW"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --KBdbatq32893op2s4UUbipNceVqGAgagW Content-Type: text/plain; charset=windows-125 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2702-1 August 11, 2015
firefox vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.04 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS
Summary:
Firefox could be made to crash or run programs as your login if it opened a malicious website.
Software Description: - firefox: Mozilla Open Source web browser
Details:
Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-4473, CVE-2015-4474)
Aki Helin discovered an out-of-bounds read when playing malformed MP3 content in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information, cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-4475)
A use-after-free was discovered during MediaStream playback in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox. (CVE-2015-4477)
André Bargull discovered that non-configurable properties on javascript objects could be redefined when parsing JSON. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2015-4478)
Multiple integer overflows were discovered in libstagefright. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-4479, CVE-2015-4480, CVE-2015-4493)
Jukka Jylänki discovered a crash that occurs because javascript does not properly gate access to Atomics or SharedArrayBuffers in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. (CVE-2015-4484)
Abhishek Arya discovered 2 buffer overflows in libvpx when decoding malformed WebM content in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-4485, CVE-2015-4486)
Ronald Crane reported 3 security issues. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these, in combination with another security vulnerability, to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-4487, CVE-2015-4488, CVE-2015-4489)
Christoph Kerschbaumer discovered an issue with Mozilla's implementation of Content Security Policy (CSP), which could allow for a more permissive usage in some cirucumstances. An attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2015-4490)
Gustavo Grieco discovered a heap overflow in gdk-pixbuf. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox. (CVE-2015-4491)
Looben Yang discovered a use-after-free when using XMLHttpRequest with shared workers in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the priviliges of the user invoking Firefox. (CVE-2015-4492)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.04: firefox 40.0+build4-0ubuntu0.15.04.1
Ubuntu 14.04 LTS: firefox 40.0+build4-0ubuntu0.14.04.1
Ubuntu 12.04 LTS: firefox 40.0+build4-0ubuntu0.12.04.1
After a standard system update you need to restart Firefox to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2702-1 CVE-2015-4473, CVE-2015-4474, CVE-2015-4475, CVE-2015-4477, CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4484, CVE-2015-4485, CVE-2015-4486, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489, CVE-2015-4490, CVE-2015-4491, CVE-2015-4492, CVE-2015-4493
Package Information: https://launchpad.net/ubuntu/+source/firefox/40.0+build4-0ubuntu0.15.04.1 https://launchpad.net/ubuntu/+source/firefox/40.0+build4-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/firefox/40.0+build4-0ubuntu0.12.04.1
--KBdbatq32893op2s4UUbipNceVqGAgagW Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEcBAEBAgAGBQJVykEJAAoJEGEfvezVlG4P1F4H+gKxJXAZBlU9d9xTkeYjJ3p8 TW4epglUa2LIi30D8Zbob/GgouEyp873Ubq5iqGxbPu+QiL6+Rvc6I/gmwCuIV9g RyBwfsQ0h6Mng8NGzwTX6YXWISUiNU0Szb6o8yIvSiRlYopFWw666MYbacPEve6g mJ5PI8kydZFJBN3rMdJ9tmxDTAPbAbowTTRgCLIZhN+q53q8BeTsQ79gO3QBDv+R 5vNV3jDfFC+WBb1rozwg+JVRp6q/aNqwOmy6PXvV72zN2upyzRBQnuLurgDwhp5L d5WYINSaQrerZL/n/c35KPEb6wXT1wzmYTvn8xAjHYs8ktrmj4hkSJR2co3DvyI= =kppS -----END PGP SIGNATURE-----
--KBdbatq32893op2s4UUbipNceVqGAgagW--
--===============6147145212289506684== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6147145212289506684==--
|