This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============5360274865144453619== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="NwKAVhWe486wpMXdf5t4bASCMkE4exjlj"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --NwKAVhWe486wpMXdf5t4bASCMkE4exjlj Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2937-1 March 21, 2016
webkitgtk vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 15.10 - Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in WebKitGTK+.
Software Description: - webkitgtk: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 15.10: libjavascriptcoregtk-1.0-0 2.4.10-0ubuntu0.15.10.1 libjavascriptcoregtk-3.0-0 2.4.10-0ubuntu0.15.10.1 libwebkitgtk-1.0-0 2.4.10-0ubuntu0.15.10.1 libwebkitgtk-3.0-0 2.4.10-0ubuntu0.15.10.1
Ubuntu 14.04 LTS: libjavascriptcoregtk-1.0-0 2.4.10-0ubuntu0.14.04.1 libjavascriptcoregtk-3.0-0 2.4.10-0ubuntu0.14.04.1 libwebkitgtk-1.0-0 2.4.10-0ubuntu0.14.04.1 libwebkitgtk-3.0-0 2.4.10-0ubuntu0.14.04.1
This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany and Evolution, to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-2937-1 CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081, CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127, CVE-2015-1153, CVE-2015-1155, CVE-2015-3658, CVE-2015-3659, CVE-2015-3727, CVE-2015-3731, CVE-2015-3741, CVE-2015-3743, CVE-2015-3745, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801, CVE-2015-5809, CVE-2015-5822, CVE-2015-5928
Package Information: https://launchpad.net/ubuntu/+source/webkitgtk/2.4.10-0ubuntu0.15.10.1 https://launchpad.net/ubuntu/+source/webkitgtk/2.4.10-0ubuntu0.14.04.1
--NwKAVhWe486wpMXdf5t4bASCMkE4exjlj Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAEBCgAGBQJW8DjmAAoJEGVp2FWnRL6T1VgP/Aocjm3W/9eG7cq0AckC1hrl mkRJ9mmwN02R7P3sozUVQ5L7wYmfKBLX/00qY3zFRAoL0mmEn59/33OEYgEWdqdC 8zrfo0LzVeX2SW8vrrAPTd7/5SdTlPMiVx5DHlt6VAFZHkRlY+AXvMFnSzc/XbnX JFZvHVZ53kiOvqeVMt3dHVQ57NryGx9jGshSKqhmzKDOo4/8lsech7IKDu+7ijS6 YO1nAQcp3x+kI8n3lXAXPzDQ1ic1OQsNPRQ+OZAb89KmqkgbQ4H8yreypfOn6sSc Z60kexFsL6SypbcpSTQ+N7pZrnniHKFBUQ75H1WseGeacOwLozU1QTN4i64jQ9Kt jNFJiRK+fLSo50EVTxQjXPmZYF2n/5Dsg5C04wM+DW4LGk9w/GwOZteAvcjLqh4E Nr8GNpaBADSNLcozs2wOayoEkFm7BSAw1jBSdd3hf5GEzhq/P+2A7cJHdgjMDTcx gKJYq9iMzQAFvIQ4iGtWcszHkm5MoCrt2ODu/LkzPfhuTUcnqhME7qoo0tnGJazn oMA43tbtu+5YiNRzRF6f9K4LTHI7+fgiSBnQiWt+248udGDRG+hVAGWbcuSb89Ui Cbxg9ijiVCSsyd56fyhQtV09F3E7grWhP3I4ooRqZn1CgfXLjOQNMnvsfPLqY+Pn EpmsNAEj2kWzX8925qVQ =q7ZB -----END PGP SIGNATURE-----
--NwKAVhWe486wpMXdf5t4bASCMkE4exjlj--
--===============5360274865144453619== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============5360274865144453619==--
|