Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 415
Alerts This Week
Warning Icon 1 415

Ubuntu 16.10: USN-3236-1 Moderate: Oxide Security Update

ubuntu
Calendar Grey March 29, 2017
Dist Ubuntu Esm H88
Several vulnerabilities in Oxide have been resolved in Ubuntu versions 16.10, 16.04 LTS, and 14.04 LTS. Ensure your system is secure!
Several security issues were fixed in Oxide.

Summary

Several security issues were fixed in Oxide.

Software Description:

- oxide-qt: Web browser engine for Qt (QML plugin)

Details:

Multiple vulnerabilities were discovered in Chromium. If a user were

tricked in to opening a specially crafted website, an attacker could

potentially exploit these to obtain sensitive information, spoof

application UI by causing the security status API or webview URL to

indicate the wrong values, bypass security restrictions, cause a denial

of service via application crash, or execute arbitrary code.

(CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033,

CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041, CVE-2017-5044,

CVE-2017-5045, CVE-2017-5046)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
  liboxideqtcore0                 1.21.5-0ubuntu0.16.10.1

Ubuntu 16.04 LTS:
  liboxideqtcore0                 1.21.5-0ubuntu0.16.04.1

Ubuntu 14.04 LTS:
  liboxideqtcore0                 1.21.5-0ubuntu0.14.04.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3236-1

CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033,

CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041,

CVE-2017-5044, CVE-2017-5045, CVE-2017-5046

March 29, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.