USN-2927-1: graphite2 vulnerabilities

It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary...

USN-2920-1: Oxide vulnerabilities

It was discovered that the ContainerNode::parserRemoveChild function in Blink mishandled widget updates in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-1630 It was...

USN-2926-1: OTR vulnerability

Markus Vervier discovered that OTR incorrectly handled large incoming messages. A remote attacker could use this issue to cause OTR to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2925-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled input received by the rndc control channel. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2016-1285 It was discovered that Bind incorrectly parsed resource record signatures for DNAME...

USN-2924-1: NSS vulnerability

Francis Gabriel discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2917-1: Firefox vulnerabilities

Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user...

USN-2923-1: BeanShell vulnerability

Alvaro Muñoz and Christian Schneider discovered that BeanShell incorrectly handled deserialization. A remote attacker could possibly use this issue to execute arbitrary code...

USN-2922-1: Samba vulnerabilities

Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. CVE-2015-7560 Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT...

USN-2904-1: Thunderbird vulnerabilities

Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information. CVE-2015-7575 Yves Younan discovered that...

USN-2915-3: Django regression

USN-2915-1 fixed vulnerabilities in Django. The upstream fix for CVE-2016-2512 introduced a regression for certain applications. This update fixes the problem by applying the complete upstream regression fix. Original advisory details: Mark Striemer discovered that Django incorrectly handled...

USN-2915-2: Django regression

USN-2915-1 fixed vulnerabilities in Django. The upstream fix for CVE-2016-2512 introduced a regression for certain applications. This update fixes the problem by applying the complete upstream regression fix. Original advisory details: Mark Striemer discovered that Django incorrectly handled...

USN-2921-1: Squid vulnerabilities

Sebastian Krahmer discovered that Squid incorrectly handled certain SNMP requests. If SNMP is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-6270 Alex Rousskov discovered that Squid incorrectl...

USN-2919-1: JasPer vulnerabilities

Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. CVE-2016-1577...

USN-2918-1: pixman vulnerability

Vincent LE GARREC discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, a remote attacker could cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2916-1: Perl vulnerabilities

It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2013-7422 Markus Vervier discovered that Perl incorrectly...

USN-2915-1: Django vulnerabilities

Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site scripting attack or a malicious redirect. CVE-2016-2512 Sjoerd Job Postmus discovered that Djan...

USN-2914-1: OpenSSL vulnerabilities

Yuval Yarom, Daniel Genkin, and Nadia Heninger discovered that OpenSSL was vulnerable to a side-channel attack on modular exponentiation. On certain CPUs, a local attacker could possibly use this issue to recover RSA keys. This flaw is known as CacheBleed. CVE-2016-0702 Adam Langley discovered th...

USN-2909-2: Linux kernel (Utopic HWE) regression

USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 14.10 backport kernel within VMWare virtual machines. This update fixes the...

USN-2910-2: Linux kernel (Vivid HWE) regression

USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the...

USN-2908-5: Linux kernel (Wily HWE) regression

USN-2908-2 fixed vulnerabilities in the Ubuntu 15.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.10 backport kernel within VMWare virtual machines. This update fixes the...

USN-2908-4: Linux kernel regression

USN-2908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 15.10 guests running within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. Original advisory...

USN-2913-3: OpenSSL update

USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the OpenSSL package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update...

USN-2913-2: glib-networking update

USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the glib-networking package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. Thi...

USN-2913-4: GnuTLS update

USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the GnuTLS package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update...

USN-2913-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, including the removal of the SPI CA and CA certificates with 1024-bit RSA keys...

USN-2903-2: NSS regression

USN-2903-1 fixed a vulnerability in NSS. An incorrect package versioning change in Ubuntu 12.04 LTS caused a regression when building software against NSS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Hanno Böck discovered that NSS incorrectly...

USN-2912-1: libssh vulnerabilities

Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. CVE-2015-3146 Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits...

USN-2905-1: Oxide vulnerability

A security issue was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or a sandbox protection mechanism. CVE-2016-1629...

USN-2911-2: Linux kernel (OMAP4) vulnerability

It was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service system crash...

USN-2911-1: Linux kernel vulnerability

It was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service system crash...

USN-2910-1: Linux kernel (Vivid HWE) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

USN-2909-1: Linux kernel (Utopic HWE) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

USN-2908-1: Linux kernel vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

USN-2908-2: Linux kernel (Wily HWE) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

USN-2908-3: Linux kernel (Raspberry Pi 2) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

USN-2907-2: Linux kernel (Trusty HWE) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

USN-2907-1: Linux kernel vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

USN-2906-1: GNU cpio vulnerabilities

Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic links when used with the --no-absolute-filenames option. If a user or automated system were tricked into extracting a specially-crafted cpio archive, a remote attacker could possibly use this issue to write arbitrary files...

USN-2895-1: Oxide vulnerabilities

The DOM implementation in Chromium did not properly restrict frame-attach operations from occurring during or after frame-detach operations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-16...

USN-2903-1: NSS vulnerability

Hanno Böck discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic weaknesses. CVE-2016-1938 This update also refreshes the NSS package to version 3.21 which includes the latest CA certificate bundle, and removes the SPI CA...

USN-2902-1: graphite2 vulnerabilities

Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute...

USN-2901-1: xdelta3 vulnerability

It was discovered that xdelta3 incorrectly handled certain files. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could use this issue to cause xdelta3 to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2900-1: GNU C Library vulnerability

It was discovered that the GNU C Library incorrectly handled receiving responses while performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2899-1: LibreOffice vulnerabilities

It was discovered that LibreOffice incorrectly handled LWP document files. If a user were tricked into opening a specially crafted LWP document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code...

USN-2855-2: Samba regression

USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem. Original advisory details: Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote...

USN-2898-2: Eye of GNOME vulnerability

It was discovered that Eye of GNOME incorrectly handled certain large images. If a user were tricked into opening a specially-crafted image, a remote attacker could use this issue to cause Eye of GNOME to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2898-1: GTK+ vulnerability

It was discovered that GTK+ incorrectly handled certain large images. A remote attacker could use this issue to cause GTK+ applications to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2897-1: Nettle vulnerabilities

Hanno Böck discovered that Nettle incorrectly handled carry propagation in the NIST P-256 elliptic curve. CVE-2015-8803 Hanno Böck discovered that Nettle incorrectly handled carry propagation in the NIST P-384 elliptic curve. CVE-2015-8804 Niels Moeller discovered that Nettle incorrectly handled...

USN-2896-1: Libgcrypt vulnerability

Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that Libgcrypt was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys...

USN-2893-1: Firefox vulnerability

Jason Pang discovered that service workers intercept responses to plugin network requests made through the browser. An attacker could potentially exploit this to bypass same origin restrictions using the Flash plugin. CVE-2016-1949...