USN-3236-1
- Source
- https://ubuntu.com/security/notices/USN-3236-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3236-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-3236-1
- Related
- Published
- 2017-03-29T20:24:43.665277Z
- Modified
- 2017-03-29T20:24:43.665277Z
- Summary
- oxide-qt vulnerabilities
- Details
-
Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, spoof application UI by causing the security status API or webview URL to indicate the wrong values, bypass security restrictions, cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033, CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041, CVE-2017-5044, CVE-2017-5045, CVE-2017-5046)
- References
-
- https://ubuntu.com/security/notices/USN-3236-1
- https://ubuntu.com/security/CVE-2017-5029
- https://ubuntu.com/security/CVE-2017-5030
- https://ubuntu.com/security/CVE-2017-5031
- https://ubuntu.com/security/CVE-2017-5033
- https://ubuntu.com/security/CVE-2017-5035
- https://ubuntu.com/security/CVE-2017-5037
- https://ubuntu.com/security/CVE-2017-5040
- https://ubuntu.com/security/CVE-2017-5041
- https://ubuntu.com/security/CVE-2017-5044
- https://ubuntu.com/security/CVE-2017-5045
- https://ubuntu.com/security/CVE-2017-5046
Affected packages
Ubuntu:14.04:LTS / oxide-qt
Package
- Name
- oxide-qt
- Purl
- pkg:deb/ubuntu/oxide-qt?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.21.5-0ubuntu0.14.04.1
Affected versions
1.*
1.0.0~bzr437-0ubuntu1
1.0.0~bzr452-0ubuntu1
1.0.0~bzr475-0ubuntu1
1.0.0~bzr490-0ubuntu1
1.0.0~bzr501-0ubuntu1
1.0.0~bzr501-0ubuntu2
1.0.4-0ubuntu0.14.04.1
1.0.5-0ubuntu0.14.04.1
1.1.2-0ubuntu0.14.04.1
1.2.5-0ubuntu0.14.04.1
1.3.4-0ubuntu0.14.04.1
1.4.2-0ubuntu0.14.04.1
1.4.3-0ubuntu0.14.04.1
1.5.5-0ubuntu0.14.04.3
1.5.6-0ubuntu0.14.04.2
1.6.5-0ubuntu0.14.04.1
1.6.6-0ubuntu0.14.04.1
1.7.8-0ubuntu0.14.04.1
1.7.9-0ubuntu0.14.04.1
1.8.4-0ubuntu0.14.04.2
1.9.1-0ubuntu0.14.04.2
1.9.5-0ubuntu0.14.04.1
1.10.3-0ubuntu0.14.04.1
1.11.3-0ubuntu0.14.04.1
1.11.4-0ubuntu0.14.04.1
1.12.5-0ubuntu0.14.04.1
1.12.6-0ubuntu0.14.04.1
1.12.7-0ubuntu0.14.04.1
1.13.6-0ubuntu0.14.04.1
1.14.7-0ubuntu0.14.04.1
1.14.9-0ubuntu0.14.04.1
1.15.7-0ubuntu0.14.04.1
1.15.8-0ubuntu0.14.04.1
1.16.5-0ubuntu0.14.04.1
1.17.7-0ubuntu0.14.04.1
1.17.9-0ubuntu0.14.04.1
1.18.3-0ubuntu0.14.04.1
1.18.5-0ubuntu0.14.04.1
1.19.4-0ubuntu0.14.04.1
1.20.4-0ubuntu0.14.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqt-qmlplugin"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtcore-dev"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtcore0"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtcore0-dbgsym"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtquick-dev"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "liboxideqtquick0"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqmlscene"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-chromedriver"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-dbg"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-dbgsym"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-extra"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-extra-dbg"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-codecs-extra-dbgsym"
},
{
"binary_version": "1.21.5-0ubuntu0.14.04.1",
"binary_name": "oxideqt-dbg"
}
]
}
Ubuntu:16.04:LTS / oxide-qt
Package
- Name
- oxide-qt
- Purl
- pkg:deb/ubuntu/oxide-qt?arch=src?distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.21.5-0ubuntu0.16.04.1
Affected versions
1.*
1.9.5-0ubuntu1
1.10.3-0ubuntu0.15.10.1
1.10.3-0ubuntu0.15.10.2
1.11.3-0ubuntu3
1.11.4-0ubuntu1
1.11.5-0ubuntu1
1.12.5-0ubuntu1
1.12.6-0ubuntu1
1.12.7-0ubuntu1
1.13.6-0ubuntu1
1.14.7-0ubuntu1
1.14.9-0ubuntu0.16.04.1
1.15.7-0ubuntu0.16.04.1
1.15.8-0ubuntu0.16.04.1
1.16.5-0ubuntu0.16.04.1
1.17.7-0ubuntu0.16.04.1
1.17.9-0ubuntu0.16.04.1
1.18.3-0ubuntu0.16.04.1
1.18.5-0ubuntu0.16.04.1
1.19.4-0ubuntu0.16.04.1
1.20.4-0ubuntu0.16.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqt-qmlplugin"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtcore-dev"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtcore0"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtcore0-dbgsym"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtquick-dev"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "liboxideqtquick0"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-codecs"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-codecs-dbgsym"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-codecs-extra"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-codecs-extra-dbgsym"
},
{
"binary_version": "1.21.5-0ubuntu0.16.04.1",
"binary_name": "oxideqt-doc"
}
]
}