Category Archives: Ubuntu

Ubuntu Security Notices

Ubuntu

USN-2768-1: Firefox vulnerability

Ubuntu Security Notice USN-2768-1

16th October, 2015

firefox vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Firefox could be made to expose sensitive information across origins

Software description

  • firefox
    – Mozilla Open Source web browser

Details

Abdulrahman Alqabandi and Ben Kelly discovered that the fetch() API did
not correctly implement the Cross Origin Resource Sharing (CORS)
specification. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to obtain sensitive
information from other origins. (CVE-2015-7184)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
firefox

41.0.2+build2-0ubuntu0.15.04.1
Ubuntu 14.04 LTS:
firefox

41.0.2+build2-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
firefox

41.0.2+build2-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

CVE-2015-7184

Ubuntu

USN-2771-1: Click vulnerability

Ubuntu Security Notice USN-2771-1

15th October, 2015

click vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS

Summary

Click could be made to allow malicious apps unintended access to the
system.

Software description

  • click
    – Click package manager

Details

It was discovered that click did not properly perform input sanitization
during click package installation. If a user were tricked into installing a
crafted click package, a remote attacker could exploit this to escalate
privileges by tricking click into installing lenient security policy for
the installed application.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
python3-click

0.4.38.5ubuntu0.2
Ubuntu 14.04 LTS:
python3-click

0.4.21.1ubuntu0.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes. A
corresponding update will be provided to Ubuntu Phone users soon.

For more information, please see:
https://insights.ubuntu.com/2015/10/15/update-on-ubuntu-phone-security-issue/

References

LP: 1506467

Ubuntu

USN-2709-2: pollinate update

Ubuntu Security Notice USN-2709-2

14th October, 2015

pollinate update

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS

Summary

The system would not have expected entropy available.

Software description

  • pollinate
    – seed the pseudo random number generator in virtual machines

Details

USN-2709-1 updated pollinate’s certificate for entropy.ubuntu.com but did
not include a new certificate authority certificate.

This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

The pollinate package bundles the certificate for entropy.ubuntu.com. This
update refreshes the certificate to match the new certificate for the
server.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
pollinate

4.11-0ubuntu2.2
Ubuntu 14.04 LTS:
pollinate

4.7-0ubuntu1.4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

LP: 1506238

Ubuntu

USN-2769-1: Apache Commons HttpClient vulnerabilities

Ubuntu Security Notice USN-2769-1

14th October, 2015

commons-httpclient vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in commons-httpclient.

Software description

  • commons-httpclient
    – A Java(TM) library for creating HTTP clients

Details

It was discovered that Apache Commons HttpClient did not properly verify the
Common Name or subjectAltName fields of X.509 certificates. An attacker could
exploit this to perform a man in the middle attack to view sensitive
information or alter encrypted communications. This issue only affected Ubuntu
12.04 LTS. (CVE-2012-5783)

Florian Weimer discovered the fix for CVE-2012-5783 was incomplete for Apache
Commons HttpClient. An attacker could exploit this to perform a man in the
middle attack to view sensitive information or alter encrypted communications.
This issue only affected Ubuntu 12.04 LTS. (CVE-2012-6153)

Subodh Iyengar and Will Shackleton discovered the fix for CVE-2012-5783 was
incomplete for Apache Commons HttpClient. An attacker could exploit this to
perform a man in the middle attack to view sensitive information or alter
encrypted communications. (CVE-2014-3577)

It was discovered that Apache Commons HttpClient did not properly handle read
timeouts during HTTPS handshakes. A remote attacker could trigger this flaw to
cause a denial of service. (CVE-2015-5262)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
libcommons-httpclient-java

3.1-10.2ubuntu0.15.04.1
Ubuntu 14.04 LTS:
libcommons-httpclient-java

3.1-10.2ubuntu0.14.04.1
Ubuntu 12.04 LTS:
libcommons-httpclient-java

3.1-10ubuntu0.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2012-5783,

CVE-2012-6153,

CVE-2014-3577,

CVE-2015-5262

Ubuntu

USN-2767-1: GDK-PixBuf vulnerabilities

Ubuntu Security Notice USN-2767-1

13th October, 2015

gdk-pixbuf vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

GDK-PixBuf could be made to crash or run programs as your login if it
opened a specially crafted file.

Software description

  • gdk-pixbuf
    – GDK Pixbuf library

Details

Gustavo Grieco discovered that the GDK-PixBuf library did not properly
handle scaling tga image files, leading to a heap overflow. If a
user or automated system were tricked into opening a tga image file,
a remote attacker could use this flaw to cause GDK-PixBuf to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-7673)

Gustavo Grieco discovered that the GDK-PixBuf library contained
an integer overflow when handling certain GIF images. If a user
or automated system were tricked into opening a GIF image file,
a remote attacker could use this flaw to cause GDK-PixBuf to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-7674)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
libgdk-pixbuf2.0-0

2.31.3-1ubuntu0.2
Ubuntu 14.04 LTS:
libgdk-pixbuf2.0-0

2.30.7-0ubuntu1.2
Ubuntu 12.04 LTS:
libgdk-pixbuf2.0-0

2.26.1-1ubuntu1.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make
all the necessary changes.

References

CVE-2015-7673,

CVE-2015-7674

Ubuntu

USN-2766-1: Spice vulnerabilities

Ubuntu Security Notice USN-2766-1

6th October, 2015

spice vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS

Summary

Spice could be made to crash or run programs.

Software description

  • spice
    – SPICE protocol client and server library

Details

Frediano Ziglio discovered multiple buffer overflows, undefined behavior
signed integer operations, race conditions, memory leaks, and denial
of service issues in Spice. A malicious guest operating system could
potentially exploit these issues to escape virtualization. (CVE-2015-5260,
CVE-2015-5261)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
libspice-server1

0.12.5-1ubuntu0.2
Ubuntu 14.04 LTS:
libspice-server1

0.12.4-0nocelt2ubuntu1.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart qemu guests to make
all the necessary changes.

References

CVE-2015-5260,

CVE-2015-5261

Ubuntu

USN-2754-1: Thunderbird vulnerabilities

Ubuntu Security Notice USN-2754-1

5th October, 2015

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Thunderbird.

Software description

  • thunderbird
    – Mozilla Open Source mail and newsgroup client

Details

Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David
Major, Andrew McCreight, and Cameron McCormack discovered multiple memory
safety issues in Thunderbird. If a user were tricked in to opening a
specially crafted message, an attacker could potentially exploit these to
cause a denial of service via application crash, or execute arbitrary code
with the privileges of the user invoking Thunderbird. (CVE-2015-4500)

Khalil Zhani discovered a buffer overflow when parsing VP9 content in some
circumstances. If a user were tricked in to opening a specially crafted
message, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking Thunderbird. (CVE-2015-4506)

A use-after-free was discovered when manipulating HTML media content in
some circumstances. If a user were tricked in to opening a specially
crafted website in a browsing context, an attacker could potentially
exploit this to cause a denial of service via application crash, or
execute arbitrary code with the privileges of the user invoking
Thunderbird. (CVE-2015-4509)

Atte Kettunen discovered a buffer overflow in the nestegg library when
decoding WebM format video in some circumstances. If a user were tricked
in to opening a specially crafted message, an attacker could potentially
exploit this to cause a denial of service via application crash, or
execute arbitrary code with the privileges of the user invoking
Thunderbird. (CVE-2015-4511)

Ronald Crane reported multiple vulnerabilities. If a user were tricked in
to opening a specially crafted website in a browsing context, an attacker
could potentially exploit these to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the
user invoking Thunderbird. (CVE-2015-4517, CVE-2015-4521, CVE-2015-4522,
CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180)

Mario Gomes discovered that dragging and dropping an image after a
redirect exposes the redirected URL to scripts. An attacker could
potentially exploit this to obtain sensitive information. (CVE-2015-4519)

Ehsan Akhgari discovered 2 issues with CORS preflight requests. An
attacker could potentially exploit these to bypass CORS restrictions.
(CVE-2015-4520)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
thunderbird

1:38.3.0+build1-0ubuntu0.15.04.1
Ubuntu 14.04 LTS:
thunderbird

1:38.3.0+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
thunderbird

1:38.3.0+build1-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References

CVE-2015-4500,

CVE-2015-4506,

CVE-2015-4509,

CVE-2015-4511,

CVE-2015-4517,

CVE-2015-4519,

CVE-2015-4520,

CVE-2015-4521,

CVE-2015-4522,

CVE-2015-7174,

CVE-2015-7175,

CVE-2015-7176,

CVE-2015-7177,

CVE-2015-7180

Ubuntu

USN-2757-1: Oxide vulnerabilities

Ubuntu Security Notice USN-2757-1

5th October, 2015

oxide-qt vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Oxide.

Software description

  • oxide-qt
    – Web browser engine library for Qt (QML plugin)

Details

Two security issues were discovered in Blink and V8. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to bypass same-origin restrictions.
(CVE-2015-1303, CVE-2015-1304)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
liboxideqtcore0

1.9.5-0ubuntu0.15.04.1
Ubuntu 14.04 LTS:
liboxideqtcore0

1.9.5-0ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-1303,

CVE-2015-1304

Ubuntu

USN-2743-4: Firefox regression

Ubuntu Security Notice USN-2743-4

5th October, 2015

firefox regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

USN-2743-1 introduced a regression in Firefox.

Software description

  • firefox
    – Mozilla Open Source web browser

Details

USN-2743-1 fixed vulnerabilities in Firefox. After upgrading, some users
reported problems with bookmark creation and crashes in some
circumstances. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David
Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup
discovered multiple memory safety issues in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2015-4500, CVE-2015-4501)

André Bargull discovered that when a web page creates a scripted proxy
for the window with a handler defined a certain way, a reference to the
inner window will be passed, rather than that of the outer window.
(CVE-2015-4502)

Felix Gröbert discovered an out-of-bounds read in the QCMS color
management library in some circumstances. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via application crash, or obtain
sensitive information. (CVE-2015-4504)

Khalil Zhani discovered a buffer overflow when parsing VP9 content in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking Firefox. (CVE-2015-4506)

Spandan Veggalam discovered a crash while using the debugger API in some
circumstances. If a user were tricked in to opening a specially crafted
website whilst using the debugger, an attacker could potentially exploit
this to execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2015-4507)

Juho Nurminen discovered that the URL bar could display the wrong URL in
reader mode in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
conduct URL spoofing attacks. (CVE-2015-4508)

A use-after-free was discovered when manipulating HTML media content in
some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking Firefox. (CVE-2015-4509)

Looben Yang discovered a use-after-free when using a shared worker with
IndexedDB in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
cause a denial of service via application crash, or execute arbitrary code
with the privileges of the user invoking Firefox. (CVE-2015-4510)

Francisco Alonso discovered an out-of-bounds read during 2D canvas
rendering in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
obtain sensitive information. (CVE-2015-4512)

Jeff Walden discovered that changes could be made to immutable properties
in some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to execute
arbitrary script in a privileged scope. (CVE-2015-4516)

Ronald Crane reported multiple vulnerabilities. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit these to cause a denial of service via application crash, or
execute arbitrary code with the privileges of the user invoking Firefox.
(CVE-2015-4517, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174,
CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180)

Mario Gomes discovered that dragging and dropping an image after a
redirect exposes the redirected URL to scripts. An attacker could
potentially exploit this to obtain sensitive information. (CVE-2015-4519)

Ehsan Akhgari discovered 2 issues with CORS preflight requests. An
attacker could potentially exploit these to bypass CORS restrictions.
(CVE-2015-4520)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
firefox

41.0.1+build2-0ubuntu0.15.04.2
Ubuntu 14.04 LTS:
firefox

41.0.1+build2-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
firefox

41.0.1+build2-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

LP: 1501277

Ubuntu

USN-2762-1: Linux kernel vulnerability

Ubuntu Security Notice USN-2762-1

5th October, 2015

linux vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04

Summary

The system could be made to crash or run programs as an administrator.

Software description

  • linux
    – Linux kernel

Details

Dmitry Vyukov discovered that the Linux kernel did not properly initialize
IPC object state in certain situations. A local attacker could use this to
escalate their privileges, expose confidential information, or cause a
denial of service (system crash).

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
linux-image-3.19.0-30-powerpc64-smp

3.19.0-30.34
linux-image-3.19.0-30-generic

3.19.0-30.34
linux-image-3.19.0-30-powerpc-smp

3.19.0-30.34
linux-image-3.19.0-30-powerpc64-emb

3.19.0-30.34
linux-image-3.19.0-30-generic-lpae

3.19.0-30.34
linux-image-3.19.0-30-lowlatency

3.19.0-30.34
linux-image-3.19.0-30-powerpc-e500mc

3.19.0-30.34

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-7613