Category Archives: Ubuntu

Ubuntu Security Notices

Ubuntu

USN-2521-1: Oxide vulnerabilities

March 11, 2015 007admin

Ubuntu Security Notice USN-2521-1

10th March, 2015

oxide-qt vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.10
Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Oxide.

Software description

oxide-qt
– Web browser engine library for Qt (QML plugin)

Details

Several out-of-bounds write bugs were discovered in Skia. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash or execute arbitrary code with the privileges of the user invoking
the program. (CVE-2015-1213, CVE-2015-1214, CVE-2015-1215)

A use-after-free was discovered in the V8 bindings in Blink. If a user
were tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via renderer crash,
or execute arbitrary code with the privileges of the sandboxed render
process. (CVE-2015-1216)

Multiple type confusion bugs were discovered in the V8 bindings in Blink.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit these to cause a denial of service via
renderer crash, or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2015-1217, CVE-2015-1230)

Multiple use-after-free bugs were discovered in the DOM implementation in
Blink. If a user were tricked in to opening a specially crafted website,
an attacker could potentially exploit these to cause a denial of service
via renderer crash, or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2015-1218, CVE-2015-1223)

An integer overflow was discovered in Skia. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via application crash or execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2015-1219)

A use-after-free was discovered in the GIF image decoder in Blink. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via renderer
crash, or execute arbitrary code with the privileges of the sandboxed
render process. (CVE-2015-1220)

A use-after-free was discovered in Blink. If a user were tricked in to
opening a specially crafted website, an attacker could potentially
exploit this to cause a denial of service via renderer crash, or execute
arbitrary code with the privileges of the sandboxed render process.
(CVE-2015-1221)

Multiple use-after-free bugs were discovered in the service worker
implementation in Chromium. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit these
to cause a denial of service via application crash or execute arbitrary
code with the privileges of the user invoking the program. (CVE-2015-1222)

An out-of-bounds read was discovered in the VPX decoder implementation in
Chromium. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via renderer crash. (CVE-2015-1224)

It was discovered that Blink did not initialize memory for image drawing
in some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to read
uninitialized memory. (CVE-2015-1227)

It was discovered that Blink did not initialize memory for a data
structure in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
cause a denial of service via renderer crash, or execute arbitrary code
with the privileges of the sandboxed render process. (CVE-2015-1228)

It was discovered that a web proxy returning a 407 response could inject
cookies in to the originally requested domain. If a user connected to a
malicious web proxy, an attacker could potentially exploit this to conduct
session-fixation attacks. (CVE-2015-1229)

Multiple security issues were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, cause a denial
of service via application crash or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2015-1231)

Multiple security issues were discovered in V8. If a user were tricked
in to opening a specially crafted website, an attacker could potentially
exploit these to read uninitialized memory, cause a denial of service via
renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2015-2238)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:: liboxideqtcore0

1.5.5-0ubuntu0.14.10.2; oxideqt-codecs

1.5.5-0ubuntu0.14.10.2; oxideqt-chromedriver

1.5.5-0ubuntu0.14.10.2; oxideqt-codecs-extra

1.5.5-0ubuntu0.14.10.2
Ubuntu 14.04 LTS:: liboxideqtcore0

1.5.5-0ubuntu0.14.04.3; oxideqt-codecs

1.5.5-0ubuntu0.14.04.3; oxideqt-chromedriver

1.5.5-0ubuntu0.14.04.3; oxideqt-codecs-extra

1.5.5-0ubuntu0.14.04.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

Ubuntu

USN-2523-1: Apache HTTP Server vulnerabilities

March 11, 2015 007admin

Ubuntu Security Notice USN-2523-1

10th March, 2015

apache2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.10
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS
Ubuntu 10.04 LTS

Summary

Several security issues were fixed in the Apache HTTP Server.

Software description

apache2
– Apache HTTP server

Details

Martin Holst Swende discovered that the mod_headers module allowed HTTP
trailers to replace HTTP headers during request processing. A remote
attacker could possibly use this issue to bypass RequestHeaders directives.
(CVE-2013-5704)

Mark Montague discovered that the mod_cache module incorrectly handled
empty HTTP Content-Type headers. A remote attacker could use this issue to
cause the server to stop responding, leading to a denial of service. This
issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-3581)

Teguh P. Alko discovered that the mod_proxy_fcgi module incorrectly
handled long response headers. A remote attacker could use this issue to
cause the server to stop responding, leading to a denial of service. This
issue only affected Ubuntu 14.10. (CVE-2014-3583)

It was discovered that the mod_lua module incorrectly handled different
arguments within different contexts. A remote attacker could possibly use
this issue to bypass intended access restrictions. This issue only affected
Ubuntu 14.10. (CVE-2014-8109)

Guido Vranken discovered that the mod_lua module incorrectly handled a
specially crafted websocket PING in certain circumstances. A remote
attacker could possibly use this issue to cause the server to stop
responding, leading to a denial of service. This issue only affected
Ubuntu 14.10. (CVE-2015-0228)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:: apache2.2-bin

2.4.10-1ubuntu1.1
Ubuntu 14.04 LTS:: apache2.2-bin

2.4.7-1ubuntu4.4
Ubuntu 12.04 LTS:: apache2.2-bin

2.2.22-1ubuntu1.8
Ubuntu 10.04 LTS:: apache2.2-bin

2.2.14-5ubuntu8.15

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

Ubuntu

USN-2524-1: eCryptfs vulnerability

March 11, 2015 007admin

Ubuntu Security Notice USN-2524-1

10th March, 2015

ecryptfs-utils vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.10
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS
Ubuntu 10.04 LTS

Summary

Sensitive information in encrypted home and Private directories could be
exposed if an attacker gained access to your files.

Software description

ecryptfs-utils
– eCryptfs cryptographic filesystem utilities

Details

Sylvain Pelissier discovered that eCryptfs did not generate a random salt when
encrypting the mount passphrase with the login password. An attacker could use
this issue to discover the login password used to protect the mount passphrase
and gain unintended access to the encrypted files.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:: ecryptfs-utils

104-0ubuntu1.14.10.3; libecryptfs0

104-0ubuntu1.14.10.3
Ubuntu 14.04 LTS:: ecryptfs-utils

104-0ubuntu1.14.04.3; libecryptfs0

104-0ubuntu1.14.04.3
Ubuntu 12.04 LTS:: ecryptfs-utils

96-0ubuntu3.4; libecryptfs0

96-0ubuntu3.4
Ubuntu 10.04 LTS:: ecryptfs-utils

83-0ubuntu3.2.10.04.6; libecryptfs0

83-0ubuntu3.2.10.04.6

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to log out of all sessions and then log
back in to make all the necessary changes.

References

CVE-2014-9687

Ubuntu

USN-2522-3: ICU vulnerabilities

March 11, 2015 007admin

Ubuntu Security Notice USN-2522-3

10th March, 2015

icu vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 12.04 LTS

Summary

ICU could be made to crash or run programs as your login if it processed
specially crafted data.

Software description

icu
– International Components for Unicode library

Details

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font
patches caused a regression when using LibreOffice Calc. The patches have
now been updated to fix the regression.

We apologize for the inconvenience.

Original advisory details:

It was discovered that ICU incorrectly handled memory operations when
processing fonts. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program. This issue only affected
Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2419)

It was discovered that ICU incorrectly handled memory operations when
processing regular expressions. If an application using ICU processed
crafted data, an attacker could cause it to crash or potentially execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2014-7923, CVE-2014-7926, CVE-2014-9654)

It was discovered that ICU collator implementation incorrectly handled
memory operations. If an application using ICU processed crafted data, an
attacker could cause it to crash or potentially execute arbitrary code with
the privileges of the user invoking the program. (CVE-2014-7940)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:: libicu48

4.8.1.1-3ubuntu0.5

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

Ubuntu

USN-2505-2: Firefox regression

March 10, 2015 007admin

Ubuntu Security Notice USN-2505-2

9th March, 2015

firefox regression

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.10
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS

Summary

USN-2505-1 introduced a regression in Firefox.

Software description

firefox
– Mozilla Open Source web browser

Details

USN-2505-1 fixed vulnerabilities in Firefox. This update removed the
deprecated “-remote” command-line switch that some older software still
depends on. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Matthew Noorenberghe discovered that whitelisted Mozilla domains could
make UITour API calls from background tabs. If one of these domains were
compromised and open in a background tab, an attacker could potentially
exploit this to conduct clickjacking attacks. (CVE-2015-0819)

Jan de Mooij discovered an issue that affects content using the Caja
Compiler. If web content loads specially crafted code, this could be used
to bypass sandboxing security measures provided by Caja. (CVE-2015-0820)

Armin Razmdjou discovered that opening hyperlinks with specific mouse
and key combinations could allow a Chrome privileged URL to be opened
without context restrictions being preserved. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to bypass security restrictions. (CVE-2015-0821)

Armin Razmdjou discovered that contents of locally readable files could
be made available via manipulation of form autocomplete in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to obtain sensitive
information. (CVE-2015-0822)

Atte Kettunen discovered a use-after-free in the OpenType Sanitiser (OTS)
in some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash. (CVE-2015-0823)

Atte Kettunen discovered a crash when drawing images using Cairo in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service. (CVE-2015-0824)

Atte Kettunen discovered a buffer underflow during playback of MP3 files
in some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to obtain
sensitive information. (CVE-2015-0825)

Atte Kettunen discovered a buffer overflow during CSS restyling in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking Firefox. (CVE-2015-0826)

Abhishek Arya discovered an out-of-bounds read and write when rendering
SVG content in some circumstances. If a user were tricked in to opening
a specially crafted website, an attacker could potentially exploit this
to obtain sensitive information. (CVE-2015-0827)

A buffer overflow was discovered in libstagefright during video playback
in some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking Firefox. (CVE-2015-0829)

Daniele Di Proietto discovered that WebGL could cause a crash in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service. (CVE-2015-0830)

Paul Bandha discovered a use-after-free in IndexedDB. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2015-0831)

Muneaki Nishimura discovered that a period appended to a hostname could
bypass key pinning and HSTS in some circumstances. A remote attacker could
potentially exloit this to conduct a Man-in-the-middle (MITM) attack.
(CVE-2015-0832)

Alexander Kolesnik discovered that Firefox would attempt plaintext
connections to servers when handling turns: and stuns: URIs. A remote
attacker could potentially exploit this by conducting a Man-in-the-middle
(MITM) attack in order to obtain credentials. (CVE-2015-0834)

Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Liz Henry, Byron
Campen, Tom Schuster, Ryan VanderMeulen, Christian Holler, Jesse Ruderman,
Randell Jesup, Robin Whittleton, Jon Coppeard, and Nikhil Marathe
discovered multiple memory safety issues in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2015-0835, CVE-2015-0836)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:: firefox

36.0.1+build2-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:: firefox

36.0.1+build2-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:: firefox

36.0.1+build2-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

LP: 1425972,

LP: 1429115

Ubuntu

USN-2522-2: ICU regression

March 7, 2015 007admin

Ubuntu Security Notice USN-2522-2

6th March, 2015

icu regression

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 12.04 LTS

Summary

USN-2522-1 introduced a regression in ICU.

Software description

icu
– International Components for Unicode library

Details

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font
patches caused a regression when using LibreOffice Calc. The patches have
been temporarily backed out until the regression is investigated.

We apologize for the inconvenience.

Original advisory details:

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:: libicu48

4.8.1.1-3ubuntu0.4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

LP: 1429043

Ubuntu

USN-2522-1: ICU vulnerabilities

March 6, 2015 007admin

Ubuntu Security Notice USN-2522-1

5th March, 2015

icu vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.10
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS

Summary

ICU could be made to crash or run programs as your login if it processed
specially crafted data.

Software description

icu
– International Components for Unicode library

Details

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:: libicu52

52.1-6ubuntu0.2
Ubuntu 14.04 LTS:: libicu52

52.1-3ubuntu0.2
Ubuntu 12.04 LTS:: libicu48

4.8.1.1-3ubuntu0.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

Ubuntu

USN-2516-3: Linux kernel vulnerabilities regression

March 4, 2015 007admin

Ubuntu Security Notice USN-2516-3

4th March, 2015

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.04 LTS

Summary

USN-2516-1 introduced a regression in the Linux kernel.

Software description

linux
– Linux kernel

Details

USN-2516-1 fixed vulnerabilities in the Linux kernel, and the fix in
USN-2516-2 was incomplete. There was an unrelated regression in the use of
the virtual counter (CNTVCT) on arm64 architectures.

This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

A flaw was discovered in the Kernel Virtual Machine’s (KVM) emulation of
the SYSTENTER instruction when the guest OS does not initialize the
SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of
service of the guest OS (crash) or potentially gain privileges on the guest
OS. (CVE-2015-0239)

Andy Lutomirski discovered an information leak in the Linux kernel’s Thread
Local Storage (TLS) implementation allowing users to bypass the espfix to
obtain information that could be used to bypass the Address Space Layout
Randomization (ASLR) protection mechanism. A local user could exploit this
flaw to obtain potentially sensitive information from kernel memory.
(CVE-2014-8133)

A restriction bypass was discovered in iptables when conntrack rules are
specified and the conntrack protocol handler module is not loaded into the
Linux kernel. This flaw can cause the firewall rules on the system to be
bypassed when conntrack rules are used. (CVE-2014-8160)

A flaw was discovered with file renaming in the linux kernel. A local user
could exploit this flaw to cause a denial of service (deadlock and system
hang). (CVE-2014-8559)

A flaw was discovered in how supplemental group memberships are handled in
certain namespace scenarios. A local user could exploit this flaw to bypass
file permission restrictions. (CVE-2014-8989)

A flaw was discovered in how Thread Local Storage (TLS) is handled by the
task switching function in the Linux kernel for x86_64 based machines. A
local user could exploit this flaw to bypass the Address Space Layout
Radomization (ASLR) protection mechanism. (CVE-2014-9419)

Prasad J Pandit reported a flaw in the rock_continue function of the Linux
kernel’s ISO 9660 CDROM file system. A local user could exploit this flaw
to cause a denial of service (system crash or hang). (CVE-2014-9420)

A flaw was discovered in the fragment handling of the B.A.T.M.A.N. Advanced
Meshing Protocol in the Linux kernel. A remote attacker could exploit this
flaw to cause a denial of service (mesh-node system crash) via fragmented
packets. (CVE-2014-9428)

A race condition was discovered in the Linux kernel’s key ring. A local
user could cause a denial of service (memory corruption or panic) or
possibly have unspecified impact via the keyctl commands. (CVE-2014-9529)

A memory leak was discovered in the ISO 9660 CDROM file system when parsing
rock ridge ER records. A local user could exploit this flaw to obtain
sensitive information from kernel memory via a crafted iso9660 image.
(CVE-2014-9584)

A flaw was discovered in the Address Space Layout Randomization (ASLR) of
the Virtual Dynamically linked Shared Objects (vDSO) location. This flaw
makes it easier for a local user to bypass the ASLR protection mechanism.
(CVE-2014-9585)

Dmitry Chernenkov discovered a buffer overflow in eCryptfs’ encrypted file
name decoding. A local unprivileged user could exploit this flaw to cause a
denial of service (system crash) or potentially gain administrative
privileges. (CVE-2014-9683)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:: linux-image-3.13.0-46-generic-lpae

3.13.0-46.77; linux-image-3.13.0-46-generic

3.13.0-46.77; linux-image-3.13.0-46-powerpc-e500mc

3.13.0-46.77; linux-image-3.13.0-46-powerpc-smp

3.13.0-46.77; linux-image-3.13.0-46-powerpc64-emb

3.13.0-46.77; linux-image-3.13.0-46-powerpc-e500

3.13.0-46.77; linux-image-3.13.0-46-powerpc64-smp

3.13.0-46.77; linux-image-3.13.0-46-lowlatency

3.13.0-46.77

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

LP: 1427292

Ubuntu

USN-2515-2: Linux kernel (Trusty HWE) vulnerabilities regression

March 4, 2015 007admin

Ubuntu Security Notice USN-2515-2

4th March, 2015

linux-lts-trusty vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 12.04 LTS

Summary

USN-2515-1 introduced a regression in the Linux kernel.

Software description

linux-lts-trusty
– Linux hardware enablement kernel from Trusty

Details

USN-2515-1 fixed vulnerabilities in the Linux kernel. There was an unrelated
regression in the use of the virtual counter (CNTVCT) on arm64 architectures.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

A flaw was discovered with file renaming in the linux kernel. A local user
could exploit this flaw to cause a denial of service (deadlock and system
hang). (CVE-2014-8559)

A flaw was discovered in how supplemental group memberships are handled in
certain namespace scenarios. A local user could exploit this flaw to bypass
file permission restrictions. (CVE-2014-8989)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:: linux-image-3.13.0-46-generic-lpae

3.13.0-46.77~precise1; linux-image-3.13.0-46-generic

3.13.0-46.77~precise1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

LP: 1427297

Ubuntu

USN-2506-1: Thunderbird vulnerabilities

March 3, 2015 007admin

Ubuntu Security Notice USN-2506-1

3rd March, 2015

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

Ubuntu 14.10
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Thunderbird.

Software description

thunderbird
– Mozilla Open Source mail and newsgroup client

Details

Armin Razmdjou discovered that contents of locally readable files could
be made available via manipulation of form autocomplete in some
circumstances. If a user were tricked in to opening a specially crafted
message with scripting enabled, an attacker could potentially exploit this
to obtain sensitive information. (CVE-2015-0822)

Abhishek Arya discovered an out-of-bounds read and write when rendering
SVG content in some circumstances. If a user were tricked in to opening
a specially crafted message with scripting enabled, an attacker could
potentially exploit this to obtain sensitive information. (CVE-2015-0827)

Paul Bandha discovered a use-after-free in IndexedDB. If a user were
tricked in to opening a specially crafted message with scripting enabled,
an attacker could potentially exploit this to cause a denial of service
via application crash, or execute arbitrary code with the privileges of
the user invoking Thunderbird. (CVE-2015-0831)

Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Liz Henry, Byron
Campen, Tom Schuster, and Ryan VanderMeulen discovered multiple memory
safety issues in Thunderbird. If a user were tricked in to opening a
specially crafted message with scripting enabled, an attacker could
potentially exploit these to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Thunderbird. (CVE-2015-0836)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:: thunderbird

1:31.5.0+build1-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:: thunderbird

1:31.5.0+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:: thunderbird

1:31.5.0+build1-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References

Ubuntu Security Notice USN-2521-1

oxide-qt vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2523-1

apache2 vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2524-1

ecryptfs-utils vulnerability

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2522-3

icu vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2505-2

firefox regression

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2522-2

icu regression

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2522-1

icu vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2516-3

linux vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2515-2

linux-lts-trusty vulnerabilities

Summary

Software description

Details

Update instructions

References

Ubuntu Security Notice USN-2506-1

thunderbird vulnerabilities

Summary

Software description

Details

Update instructions

References

Software and Security Information