Discover Government News

=========================================================================Ubuntu Security Notice USN-3028-1
July 11, 2016

nspr vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 15.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

NSPR could be made to crash or run programs if it received specially
crafted input.

Software Description:
- nspr: NetScape Portable Runtime Library

Details:

It was discovered that NSPR incorrectly handled memory allocation. A remote
attacker could use this issue to cause NSPR to crash, resulting in a denial
of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  libnspr4                        2:4.12-0ubuntu0.16.04.1

Ubuntu 15.10:
  libnspr4                        2:4.12-0ubuntu0.15.10.1

Ubuntu 14.04 LTS:
  libnspr4                        2:4.12-0ubuntu0.14.04.1

Ubuntu 12.04 LTS:
  libnspr4                        4.12-0ubuntu0.12.04.1

After a standard system update you need to restart your session to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3028-1
  CVE-2016-1951

Package Information:
  https://launchpad.net/ubuntu/+source/nspr/2:4.12-0ubuntu0.16.04.1
  https://launchpad.net/ubuntu/+source/nspr/2:4.12-0ubuntu0.15.10.1
  https://launchpad.net/ubuntu/+source/nspr/2:4.12-0ubuntu0.14.04.1
  https://launchpad.net/ubuntu/+source/nspr/4.12-0ubuntu0.12.04.1


Ubuntu 3028-1: NSPR vulnerability

July 11, 2016
NSPR could be made to crash or run programs if it received specially crafted input.

Summary

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libnspr4 2:4.12-0ubuntu0.16.04.1 Ubuntu 15.10: libnspr4 2:4.12-0ubuntu0.15.10.1 Ubuntu 14.04 LTS: libnspr4 2:4.12-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: libnspr4 4.12-0ubuntu0.12.04.1 After a standard system update you need to restart your session to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3028-1

CVE-2016-1951

Severity
July 11, 2016

Package Information

https://launchpad.net/ubuntu/+source/nspr/2:4.12-0ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/nspr/2:4.12-0ubuntu0.15.10.1 https://launchpad.net/ubuntu/+source/nspr/2:4.12-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/nspr/4.12-0ubuntu0.12.04.1

Related News