|
|
Log in / Subscribe / Register

Ubuntu alert USN-2937-1 (webkitgtk)



From:
    	      Marc Deslauriers <marc.deslauriers@canonical.com> 


To:
    	      ubuntu-security-announce@lists.ubuntu.com 


Subject:
    	      [USN-2937-1] WebKitGTK+ vulnerabilities 


Date:
    	      Mon, 21 Mar 2016 14:09:39 -0400


Message-ID:
    	      <56F038E3.3040404@canonical.com>


==========================================================================
Ubuntu Security Notice USN-2937-1
March 21, 2016

webkitgtk vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in WebKitGTK+.

Software Description:
- webkitgtk: Web content engine library for GTK+

Details:

A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
  libjavascriptcoregtk-1.0-0      2.4.10-0ubuntu0.15.10.1
  libjavascriptcoregtk-3.0-0      2.4.10-0ubuntu0.15.10.1
  libwebkitgtk-1.0-0              2.4.10-0ubuntu0.15.10.1
  libwebkitgtk-3.0-0              2.4.10-0ubuntu0.15.10.1

Ubuntu 14.04 LTS:
  libjavascriptcoregtk-1.0-0      2.4.10-0ubuntu0.14.04.1
  libjavascriptcoregtk-3.0-0      2.4.10-0ubuntu0.14.04.1
  libwebkitgtk-1.0-0              2.4.10-0ubuntu0.14.04.1
  libwebkitgtk-3.0-0              2.4.10-0ubuntu0.14.04.1

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany and Evolution, to make all the
necessary changes.

References:
  http://www.ubuntu.com/usn/usn-2937-1
  CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081,
  CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127,
  CVE-2015-1153, CVE-2015-1155, CVE-2015-3658, CVE-2015-3659,
  CVE-2015-3727, CVE-2015-3731, CVE-2015-3741, CVE-2015-3743,
  CVE-2015-3745, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749,
  CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801,
  CVE-2015-5809, CVE-2015-5822, CVE-2015-5928

Package Information:
  https://launchpad.net/ubuntu/+source/webkitgtk/2.4.10-0ub...
  https://launchpad.net/ubuntu/+source/webkitgtk/2.4.10-0ub...


-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds