14 DAY TRIAL // Canonical closed a few Oxide vulnerabilities that have been found in Ubuntu 14.04 LTS (Trusty Tahr) operating system.
A new set of fixes for Oxide have been implemented in Ubuntu 14.04 LTS, less than a month since the previous update.
“A use-after-free was discovered in the websockets implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash.”
Also, “An issue was discovered in the Public Key Pinning implementation in Chromium. An attacker could potentially exploit this to obtain sensitive information.”
These are just a couple of the vulnerabilities found and fixed, and for a more detailed description of the problems you can see Canonical's security notification. Users are advised to upgrade their systems as soon as possible.
The flaws can be fixed if you upgrade your system(s) to the latest liboxideqtcore0, oxideqt-codecs, and oxideqt-codecs-extra packages specific to each distribution. To apply the patch, run the Update Manager application. You can also enter the following commands in a terminal:
sudo apt-get update sudo apt-get dist-upgrade
In general, a standard system update will make all the necessary changes and you won't have to restart the PC or laptop in order to apply the patch.