Created
August 14, 2015 10:18
-
-
Save philicious/c8d714c3e2e03a511fc3 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <opt><USN-2677-1 description="Several security issues were fixed in Oxide. | |
| Software Description: | |
| - oxide-qt: Web browser engine library for Qt (QML plugin) | |
| Details: | |
| An uninitialized value issue was discovered in ICU. If a user were | |
| tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit this to cause a denial of service. (CVE-2015-1270) | |
| A use-after-free was discovered in the GPU process implementation in | |
| Chromium. If a user were tricked in to opening a specially crafted | |
| website, an attacker could potentially exploit this to cause a denial of | |
| service via application crash, or execute arbitrary code with the | |
| privileges of the user invoking the program. (CVE-2015-1272) | |
| A use-after-free was discovered in the IndexedDB implementation in | |
| Chromium. If a user were tricked in to opening a specially crafted | |
| website, an attacker could potentially exploit this to cause a denial of | |
| service via application crash, or execute arbitrary code with the | |
| privileges of the user invoking the program. (CVE-2015-1276) | |
| A use-after-free was discovered in the accessibility implemetation in | |
| Chromium. If a user were tricked in to opening a specially crafted | |
| website, an attacker could potentially exploit this to cause a denial of | |
| service via application crash, or execute arbitrary code with the | |
| privileges of the user invoking the program. (CVE-2015-1277) | |
| A memory corruption issue was discovered in Skia. If a user were tricked | |
| in to opening a specially crafted website, an attacker could potentially | |
| exploit this to cause a denial of service via renderer crash, or execute | |
| arbitrary code with the privileges of the sandboxed render process. | |
| (CVE-2015-1280) | |
| It was discovered that Blink did not properly determine the V8 context of | |
| a microtask in some circumstances. If a user were tricked in to opening a | |
| specially crafted website, an attacker could potentially exploit this to | |
| bypass Content Security Policy (CSP) restrictions. (CVE-2015-1281) | |
| Multiple integer overflows were discovered in Expat. If a user were | |
| tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit this to cause a denial of service via application | |
| crash, or execute arbitrary code with the privileges of the user invoking | |
| the program. (CVE-2015-1283) | |
| It was discovered that Blink did not enforce a page's maximum number of | |
| frames in some circumstances, resulting in a use-after-free. If a user | |
| were tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit this to cause a denial of service via renderer crash, | |
| or execute arbitrary code with the privileges of the sandboxed render | |
| process. (CVE-2015-1284) | |
| It was discovered that the XSS auditor in Blink did not properly choose a | |
| truncation point. If a user were tricked in to opening a specially crafted | |
| website, an attacker could potentially exploit this to obtain sensitive | |
| information. (CVE-2015-1285) | |
| An issue was discovered in the CSS implementation in Blink. If a user were | |
| tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit this to bypass same-origin restrictions. | |
| (CVE-2015-1287) | |
| Multiple security issues were discovered in Chromium. If a user were | |
| tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit these to read uninitialized memory, cause a denial | |
| of service via application crash or execute arbitrary code with the | |
| privileges of the user invoking the program. (CVE-2015-1289) | |
| A use-after-free was discovered in oxide::qt::URLRequestDelegatedJob in | |
| some circumstances. If a user were tricked in to opening a specially | |
| crafted website, an attacker could potentially exploit this to cause a | |
| denial of service via application crash, or execute arbitrary code with | |
| the privileges of the user invoking the program. (CVE-2015-1329) | |
| A crash was discovered in the regular expression implementation in V8 in | |
| some circumstances. If a user were tricked in to opening a specially | |
| crafted website, an attacker could potentially exploit this to cause a | |
| denial of service. (CVE-2015-5605)" errataFrom="chris.coulson at canonical.com (Chris Coulson)" issue_date="Tue, 4 Aug 2015 17:55:55 +0100" notes="N/A" product="Ubuntu Linux" references="http://www.ubuntu.com/usn/usn-2677-1 | |
| CVE-2015-1270, CVE-2015-1272, CVE-2015-1276, CVE-2015-1277, | |
| CVE-2015-1280, CVE-2015-1281, CVE-2015-1283, CVE-2015-1284, | |
| CVE-2015-1285, CVE-2015-1287, CVE-2015-1289, CVE-2015-1329, | |
| CVE-2015-5605, https://launchpad.net/bugs/1466208" release="1" solution="N/A" synopsis="Oxide vulnerabilities" topic="N/A" type="Security Advisory"><packages>liboxideqtcore0-1.8.4-0ubuntu0.14.04.2.amd64-deb.deb</packages><cves>CVE-2015-1270</cves><cves>CVE-2015-1272</cves><cves>CVE-2015-1276</cves><cves>CVE-2015-1277</cves><cves>CVE-2015-1280</cves><cves>CVE-2015-1281</cves><cves>CVE-2015-1283</cves><cves>CVE-2015-1284</cves><cves>CVE-2015-1285</cves><cves>CVE-2015-1287</cves><cves>CVE-2015-1289</cves><cves>CVE-2015-1329</cves><cves>CVE-2015-5605</cves></USN-2677-1><USN-2703-1 description="Cinder could be made to access unintended files over the network by an | |
| authenticated user. | |
| Software Description: | |
| - cinder: OpenStack storage service | |
| Details: | |
| Bastian Blank discovered that Cinder guessed image formats based on | |
| untrusted data. An attacker could use this to read arbitrary files from | |
| the Cinder host." errataFrom="seth.arnold at canonical.com (Seth Arnold)" issue_date="Wed, 5 Aug 2015 19:50:42 -0700" notes="N/A" product="Ubuntu Linux" references="http://www.ubuntu.com/usn/usn-2703-1 | |
| CVE-2015-1851" release="1" solution="N/A" synopsis="Cinder vulnerability" topic="N/A" type="Security Advisory"><cves>CVE-2015-1851</cves></USN-2703-1><USN-2705-1 description="Keystone could be made to expose sensitive information over the | |
| network. | |
| Software Description: | |
| - python-keystoneclient: Client library for OpenStack Identity API | |
| - python-keystonemiddleware: Client library for OpenStack Identity API | |
| Details: | |
| Qin Zhao discovered Keystone disabled certification verification when | |
| the "insecure" option is set in a paste configuration (paste.ini) | |
| file regardless of the value, which allows remote attackers to conduct | |
| man-in-the-middle attacks via a crafted certificate. (CVE-2014-7144) | |
| Brant Knudson discovered Keystone disabled certification verification when | |
| the "insecure" option is set in a paste configuration (paste.ini) | |
| file regardless of the value, which allows remote attackers to conduct | |
| man-in-the-middle attacks via a crafted certificate. (CVE-2015-1852)" errataFrom="seth.arnold at canonical.com (Seth Arnold)" issue_date="Wed, 5 Aug 2015 21:11:30 -0700" notes="N/A" product="Ubuntu Linux" references="http://www.ubuntu.com/usn/usn-2705-1 | |
| CVE-2014-7144, CVE-2015-1852" release="1" solution="N/A" synopsis="Keystone vulnerabilities" topic="N/A" type="Security Advisory"><packages>python-keystoneclient-1:0.7.1-ubuntu1.2.amd64-deb.deb</packages><cves>CVE-2014-7144</cves><cves>CVE-2015-1852</cves></USN-2705-1><USN-2704-1 description="Several security issues were fixed in Swift. | |
| Software Description: | |
| - swift: OpenStack distributed virtual object store | |
| Details: | |
| Rajaneesh Singh discovered Swift does not properly enforce metadata | |
| limits. An attacker could abuse this issue to store more metadata than | |
| allowed by policy. (CVE-2014-7960) | |
| Clay Gerrard discovered Swift allowed users to delete the latest version | |
| of object regardless of object permissions when allow_version is | |
| configured. An attacker could use this issue to delete objects. | |
| (CVE-2015-1856)" errataFrom="seth.arnold at canonical.com (Seth Arnold)" issue_date="Wed, 5 Aug 2015 20:24:32 -0700" notes="N/A" product="Ubuntu Linux" references="http://www.ubuntu.com/usn/usn-2704-1 | |
| CVE-2014-7960, CVE-2015-1856" release="1" solution="N/A" synopsis="Swift vulnerabilities" topic="N/A" type="Security Advisory"><packages>swift-1.13.1-0ubuntu1.2.amd64-deb.deb</packages><packages>swift-1.4.8-0ubuntu2.5.amd64-deb.deb</packages><cves>CVE-2014-7960</cves><cves>CVE-2015-1856</cves></USN-2704-1><USN-2706-1 description="Several security issues were fixed in OpenJDK 6. | |
| Software Description: | |
| - openjdk-6: Open Source Java implementation | |
| Details: | |
| Several vulnerabilities were discovered in the OpenJDK JRE related to | |
| information disclosure, data integrity, and availability. An attacker | |
| could exploit these to cause a denial of service or expose sensitive | |
| data over the network. (CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, | |
| CVE-2015-4732, CVE-2015-4733, CVE-2015-4760, CVE-2015-4748) | |
| Several vulnerabilities were discovered in the cryptographic components | |
| of the OpenJDK JRE. An attacker could exploit these to expose sensitive | |
| data over the network. (CVE-2015-2601, CVE-2015-2808, CVE-2015-4000, | |
| CVE-2015-2625, CVE-2015-2613) | |
| As a security improvement, this update modifies OpenJDK behavior to | |
| disable RC4 TLS/SSL cipher suites by default. | |
| As a security improvement, this update modifies OpenJDK behavior to | |
| reject DH key sizes below 768 bits by default, preventing a possible | |
| downgrade attack. | |
| Several vulnerabilities were discovered in the OpenJDK JRE related | |
| to information disclosure. An attacker could exploit these to expose | |
| sensitive data over the network. (CVE-2015-2621, CVE-2015-2632) | |
| A vulnerability was discovered with how the JNDI component of the | |
| OpenJDK JRE handles DNS resolutions. A remote attacker could exploit | |
| this to cause a denial of service. (CVE-2015-4749)" errataFrom="steve.beattie at canonical.com (Steve Beattie)" issue_date="Thu, 6 Aug 2015 12:45:10 -0700" notes="N/A" product="Ubuntu Linux" references="http://www.ubuntu.com/usn/usn-2706-1 | |
| CVE-2015-2590, CVE-2015-2601, CVE-2015-2621, CVE-2015-2625, | |
| CVE-2015-2628, CVE-2015-2632, CVE-2015-2808, CVE-2015-4000, | |
| CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, | |
| CVE-2015-4749, CVE-2015-4760" release="1" solution="N/A" synopsis="OpenJDK 6 vulnerabilities" topic="N/A" type="Security Advisory"><packages>icedtea-6-jre-cacao-6b36-1.13.8-0ubuntu1~12.04.amd64-deb.deb</packages><packages>icedtea-6-jre-jamvm-6b36-1.13.8-0ubuntu1~12.04.amd64-deb.deb</packages><packages>openjdk-6-jdk-6b36-1.13.8-0ubuntu1~12.04.amd64-deb.deb</packages><packages>openjdk-6-jre-6b36-1.13.8-0ubuntu1~12.04.amd64-deb.deb</packages><packages>openjdk-6-jre-headless-6b36-1.13.8-0ubuntu1~12.04.amd64-deb.deb</packages><packages>openjdk-6-jre-lib-6b36-1.13.8-0ubuntu1~12.04.amd64-deb.deb</packages><packages>openjdk-6-jre-zero-6b36-1.13.8-0ubuntu1~12.04.amd64-deb.deb</packages><packages>openjdk-6-source-6b36-1.13.8-0ubuntu1~12.04.amd64-deb.deb</packages><cves>CVE-2015-2590</cves><cves>CVE-2015-2601</cves><cves>CVE-2015-2621</cves><cves>CVE-2015-2625</cves><cves>CVE-2015-2628</cves><cves>CVE-2015-2632</cves><cves>CVE-2015-2808</cves><cves>CVE-2015-4000</cves><cves>CVE-2015-4731</cves><cves>CVE-2015-4732</cves><cves>CVE-2015-4733</cves><cves>CVE-2015-4748</cves><cves>CVE-2015-4749</cves><cves>CVE-2015-4760</cves></USN-2706-1><USN-2707-1 description="Firefox could be made to expose sensitive information from local files. | |
| Software Description: | |
| - firefox: Mozilla Open Source web browser | |
| Details: | |
| Cody Crews discovered a way to violate the same-origin policy to inject | |
| script in to a non-privileged part of the PDF viewer. If a user were | |
| tricked in to opening a specially crafted website, an attacker could | |
| exploit this to read sensitive information from local files. | |
| (CVE-2015-4495)" errataFrom="chris.coulson at canonical.com (Chris Coulson)" issue_date="Fri, 7 Aug 2015 09:55:15 +0100" notes="N/A" product="Ubuntu Linux" references="http://www.ubuntu.com/usn/usn-2707-1 | |
| CVE-2015-4495" release="1" solution="N/A" synopsis="Firefox vulnerability" topic="N/A" type="Security Advisory"><packages>firefox-39.0.3+build2-0ubuntu0.14.04.1.amd64-deb.deb</packages><packages>firefox-39.0.3+build2-0ubuntu0.12.04.1.amd64-deb.deb</packages><cves>CVE-2015-4495</cves></USN-2707-1><USN-2702-1 description="Firefox could be made to crash or run programs as your login if it | |
| opened a malicious website. | |
| Software Description: | |
| - firefox: Mozilla Open Source web browser | |
| Details: | |
| Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, | |
| Chris Coulson, and Eric Rahm discovered multiple memory safety issues in | |
| Firefox. If a user were tricked in to opening a specially crafted website, | |
| an attacker could potentially exploit these to cause a denial of service | |
| via application crash, or execute arbitrary code with the privileges of | |
| the user invoking Firefox. (CVE-2015-4473, CVE-2015-4474) | |
| Aki Helin discovered an out-of-bounds read when playing malformed MP3 | |
| content in some circumstances. If a user were tricked in to opening a | |
| specially crafted website, an attacker could potentially exploit this to | |
| obtain sensitive information, cause a denial of service via application | |
| crash, or execute arbitrary code with the privileges of the user invoking | |
| Firefox. (CVE-2015-4475) | |
| A use-after-free was discovered during MediaStream playback in some | |
| circumstances. If a user were tricked in to opening a specially crafted | |
| website, an attacker could potentially exploit this to cause a denial of | |
| service via application crash or execute arbitrary code with the | |
| priviliges of the user invoking Firefox. (CVE-2015-4477) | |
| Andr? Bargull discovered that non-configurable properties on javascript | |
| objects could be redefined when parsing JSON. If a user were tricked in to | |
| opening a specially crafted website, an attacker could potentially exploit | |
| this to bypass same-origin restrictions. (CVE-2015-4478) | |
| Multiple integer overflows were discovered in libstagefright. If a user | |
| were tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit these to cause a denial of service via application | |
| crash, or execute arbitrary code with the privileges of the user invoking | |
| Firefox. (CVE-2015-4479, CVE-2015-4480, CVE-2015-4493) | |
| Jukka Jyl?nki discovered a crash that occurs because javascript does not | |
| properly gate access to Atomics or SharedArrayBuffers in some | |
| circumstances. If a user were tricked in to opening a specially crafted | |
| website, an attacker could potentially exploit this to cause a denial of | |
| service. (CVE-2015-4484) | |
| Abhishek Arya discovered 2 buffer overflows in libvpx when decoding | |
| malformed WebM content in some circumstances. If a user were tricked in | |
| to opening a specially crafted website, an attacker could potentially | |
| exploit these to cause a denial of service via application crash, or | |
| execute arbitrary code with the privileges of the user invoking Firefox. | |
| (CVE-2015-4485, CVE-2015-4486) | |
| Ronald Crane reported 3 security issues. If a user were tricked in to | |
| opening a specially crafted website, an attacker could potentially | |
| exploit these, in combination with another security vulnerability, to | |
| cause a denial of service via application crash, or execute arbitrary | |
| code with the privileges of the user invoking Firefox. (CVE-2015-4487, | |
| CVE-2015-4488, CVE-2015-4489) | |
| Christoph Kerschbaumer discovered an issue with Mozilla's implementation | |
| of Content Security Policy (CSP), which could allow for a more permissive | |
| usage in some cirucumstances. An attacker could potentially exploit this | |
| to conduct cross-site scripting (XSS) attacks. (CVE-2015-4490) | |
| Gustavo Grieco discovered a heap overflow in gdk-pixbuf. If a user were | |
| tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit this to cause a denial of service via application | |
| crash or execute arbitrary code with the priviliges of the user invoking | |
| Firefox. (CVE-2015-4491) | |
| Looben Yang discovered a use-after-free when using XMLHttpRequest with | |
| shared workers in some circumstances. If a user were tricked in to opening | |
| a specially crafted website, an attacker could potentially exploit this to | |
| cause a denial of service via application crash or execute arbitrary code | |
| with the priviliges of the user invoking Firefox. (CVE-2015-4492)" errataFrom="chris.coulson at canonical.com (Chris Coulson)" issue_date="Tue, 11 Aug 2015 19:37:59 +0100" notes="N/A" product="Ubuntu Linux" references="http://www.ubuntu.com/usn/usn-2702-1 | |
| CVE-2015-4473, CVE-2015-4474, CVE-2015-4475, CVE-2015-4477, | |
| CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4484, | |
| CVE-2015-4485, CVE-2015-4486, CVE-2015-4487, CVE-2015-4488, | |
| CVE-2015-4489, CVE-2015-4490, CVE-2015-4491, CVE-2015-4492, | |
| CVE-2015-4493" release="1" solution="N/A" synopsis="Firefox vulnerabilities" topic="N/A" type="Security Advisory"><packages>firefox-40.0+build4-0ubuntu0.14.04.1.amd64-deb.deb</packages><packages>firefox-40.0+build4-0ubuntu0.12.04.1.amd64-deb.deb</packages><cves>CVE-2015-4473</cves><cves>CVE-2015-4474</cves><cves>CVE-2015-4475</cves><cves>CVE-2015-4477</cves><cves>CVE-2015-4478</cves><cves>CVE-2015-4479</cves><cves>CVE-2015-4480</cves><cves>CVE-2015-4484</cves><cves>CVE-2015-4485</cves><cves>CVE-2015-4486</cves><cves>CVE-2015-4487</cves><cves>CVE-2015-4488</cves><cves>CVE-2015-4489</cves><cves>CVE-2015-4490</cves><cves>CVE-2015-4491</cves><cves>CVE-2015-4492</cves><cves>CVE-2015-4493</cves></USN-2702-1><USN-2702-2 description="This update provides compatible packages for Firefox 40. | |
| Software Description: | |
| - ubufox: Ubuntu modifications for Firefox | |
| Details: | |
| USN-2702-1 fixed vulnerabilities in Firefox. This update provides the | |
| corresponding updates for Ubufox. | |
| Original advisory details: | |
| Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, | |
| Chris Coulson, and Eric Rahm discovered multiple memory safety issues in | |
| Firefox. If a user were tricked in to opening a specially crafted website, | |
| an attacker could potentially exploit these to cause a denial of service | |
| via application crash, or execute arbitrary code with the privileges of | |
| the user invoking Firefox. (CVE-2015-4473, CVE-2015-4474) | |
| Aki Helin discovered an out-of-bounds read when playing malformed MP3 | |
| content in some circumstances. If a user were tricked in to opening a | |
| specially crafted website, an attacker could potentially exploit this to | |
| obtain sensitive information, cause a denial of service via application | |
| crash, or execute arbitrary code with the privileges of the user invoking | |
| Firefox. (CVE-2015-4475) | |
| A use-after-free was discovered during MediaStream playback in some | |
| circumstances. If a user were tricked in to opening a specially crafted | |
| website, an attacker could potentially exploit this to cause a denial of | |
| service via application crash or execute arbitrary code with the | |
| priviliges of the user invoking Firefox. (CVE-2015-4477) | |
| Andr? Bargull discovered that non-configurable properties on javascript | |
| objects could be redefined when parsing JSON. If a user were tricked in to | |
| opening a specially crafted website, an attacker could potentially exploit | |
| this to bypass same-origin restrictions. (CVE-2015-4478) | |
| Multiple integer overflows were discovered in libstagefright. If a user | |
| were tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit these to cause a denial of service via application | |
| crash, or execute arbitrary code with the privileges of the user invoking | |
| Firefox. (CVE-2015-4479, CVE-2015-4480, CVE-2015-4493) | |
| Jukka Jyl?nki discovered a crash that occurs because javascript does not | |
| properly gate access to Atomics or SharedArrayBuffers in some | |
| circumstances. If a user were tricked in to opening a specially crafted | |
| website, an attacker could potentially exploit this to cause a denial of | |
| service. (CVE-2015-4484) | |
| Abhishek Arya discovered 2 buffer overflows in libvpx when decoding | |
| malformed WebM content in some circumstances. If a user were tricked in | |
| to opening a specially crafted website, an attacker could potentially | |
| exploit these to cause a denial of service via application crash, or | |
| execute arbitrary code with the privileges of the user invoking Firefox. | |
| (CVE-2015-4485, CVE-2015-4486) | |
| Ronald Crane reported 3 security issues. If a user were tricked in to | |
| opening a specially crafted website, an attacker could potentially | |
| exploit these, in combination with another security vulnerability, to | |
| cause a denial of service via application crash, or execute arbitrary | |
| code with the privileges of the user invoking Firefox. (CVE-2015-4487, | |
| CVE-2015-4488, CVE-2015-4489) | |
| Christoph Kerschbaumer discovered an issue with Mozilla's implementation | |
| of Content Security Policy (CSP), which could allow for a more permissive | |
| usage in some cirucumstances. An attacker could potentially exploit this | |
| to conduct cross-site scripting (XSS) attacks. (CVE-2015-4490) | |
| Gustavo Grieco discovered a heap overflow in gdk-pixbuf. If a user were | |
| tricked in to opening a specially crafted website, an attacker could | |
| potentially exploit this to cause a denial of service via application | |
| crash or execute arbitrary code with the priviliges of the user invoking | |
| Firefox. (CVE-2015-4491) | |
| Looben Yang discovered a use-after-free when using XMLHttpRequest with | |
| shared workers in some circumstances. If a user were tricked in to opening | |
| a specially crafted website, an attacker could potentially exploit this to | |
| cause a denial of service via application crash or execute arbitrary code | |
| with the priviliges of the user invoking Firefox. (CVE-2015-4492)" errataFrom="chris.coulson at canonical.com (Chris Coulson)" issue_date="Tue, 11 Aug 2015 19:50:09 +0100" notes="N/A" product="Ubuntu Linux" references="http://www.ubuntu.com/usn/usn-2702-2 | |
| http://www.ubuntu.com/usn/usn-2702-1 | |
| https://launchpad.net/bugs/1483858" release="1" solution="N/A" synopsis="Ubufox update" topic="N/A" type="Security Advisory"><packages>xul-ext-ubufox-3.1-0ubuntu0.14.04.1.amd64-deb.deb</packages><packages>xul-ext-ubufox-3.1-0ubuntu0.12.04.1.amd64-deb.deb</packages></USN-2702-2></opt> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment