[gentoo-announce] ERRATA: [ GLSA 201701-15 ] Mozilla Firefox, Thunderbird: Multiple vulnerabilities - gentoo-announce

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-announce@l.g.o
Subject:	[gentoo-announce] ERRATA: [ GLSA 201701-15 ] Mozilla Firefox, Thunderbird: Multiple vulnerabilities
Date:	Wed, 04 Jan 2017 15:33:30
Message-Id:	`69ad238a-8a52-3773-a499-349012d7df8b@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory [ERRATA UPDATE]           GLSA 201701-15

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                           https://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

 Severity: Normal

8

    Title: Mozilla Firefox, Thunderbird: Multiple vulnerabilities

9

     Date: January 03, 2017

10

     Bugs: #581326, #590330, #594616, #599924, #601320, #602576, #604024

11

       ID: 201701-15

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Errata

16

======

17

18

The first revision of GLSA 201701-15 included Mozilla SeaMonkey, but

19

not all CVEs listed were resolved in this package. In order to rectify

20

the reporting Mozilla SeaMonkey has been removed. The Gentoo Security

21

team will publish a separate GLSA addressing the outstanding Mozilla

22

SeaMonkey vulnerabilities as soon as possible.

23

24

Synopsis

25

========

26

27

Multiple vulnerabilities have been found in Mozilla Firefox and

28

Thunderbird the worst of which could lead to the execution of arbitrary

29

code.

30

31

Background

32

==========

33

34

Mozilla Firefox is a cross-platform web browser from Mozilla. The

35

Mozilla Thunderbird mail client is a redesign of the Mozilla Mail

36

component. The goal is to produce a cross-platform stand-alone mail

37

application using XUL (XML User Interface Language).

38

39

Affected packages

40

=================

41

42

    -------------------------------------------------------------------

43

     Package              /     Vulnerable     /            Unaffected

44

    -------------------------------------------------------------------

45

  1  www-client/firefox           < 45.6.0                  >= 45.6.0

46

  2  www-client/firefox-bin       < 45.6.0                  >= 45.6.0

47

  3  mail-client/thunderbird      < 45.6.0                  >= 45.6.0

48

  4  mail-client/thunderbird-bin

49

                                  < 45.6.0                  >= 45.6.0

50

    -------------------------------------------------------------------

51

     4 affected packages

52

53

Description

54

===========

55

56

Multiple vulnerabilities have been discovered in Mozilla Firefox and

57

Thunderbird. Please review the CVE identifiers referenced below for

58

details.

59

60

Impact

61

======

62

63

A remote attacker could possibly execute arbitrary code with the

64

privileges of the process or cause a Denial of Service condition via

65

multiple vectors.

66

67

Workaround

68

==========

69

70

There is no known workaround at this time.

71

72

Resolution

73

==========

74

75

All Firefox users should upgrade to the latest version:

76

77

  # emerge --sync

78

  # emerge --ask --oneshot --verbose ">=www-client/firefox-45.6.0"

79

80

All Firefox-bin users should upgrade to the latest version:

81

82

  # emerge --sync

83

  # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-45.6.0"

84

85

All Thunderbird users should upgrade to the latest version:

86

87

  # emerge --sync

88

  # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-45.6.0"

89

90

All Thunderbird-bin users should upgrade to the latest version:

91

92

  # emerge --sync

93

  # emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-45.6.0"

94

95

References

96

==========

97

98

[  1 ] CVE-2016-2804

99

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2804

100

[  2 ] CVE-2016-2805

101

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2805

102

[  3 ] CVE-2016-2806

103

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2806

104

[  4 ] CVE-2016-2807

105

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2807

106

[  5 ] CVE-2016-2808

107

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2808

108

[  6 ] CVE-2016-2809

109

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2809

110

[  7 ] CVE-2016-2810

111

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2810

112

[  8 ] CVE-2016-2811

113

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2811

114

[  9 ] CVE-2016-2812

115

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2812

116

[ 10 ] CVE-2016-2813

117

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2813

118

[ 11 ] CVE-2016-2814

119

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2814

120

[ 12 ] CVE-2016-2816

121

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2816

122

[ 13 ] CVE-2016-2817

123

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2817

124

[ 14 ] CVE-2016-2820

125

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2820

126

[ 15 ] CVE-2016-2827

127

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2827

128

[ 16 ] CVE-2016-2830

129

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2830

130

[ 17 ] CVE-2016-2835

131

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2835

132

[ 18 ] CVE-2016-2836

133

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2836

134

[ 19 ] CVE-2016-2837

135

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2837

136

[ 20 ] CVE-2016-2838

137

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2838

138

[ 21 ] CVE-2016-2839

139

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2839

140

[ 22 ] CVE-2016-5250

141

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5250

142

[ 23 ] CVE-2016-5251

143

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5251

144

[ 24 ] CVE-2016-5252

145

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5252

146

[ 25 ] CVE-2016-5253

147

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5253

148

[ 26 ] CVE-2016-5254

149

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5254

150

[ 27 ] CVE-2016-5255

151

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5255

152

[ 28 ] CVE-2016-5256

153

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5256

154

[ 29 ] CVE-2016-5257

155

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5257

156

[ 30 ] CVE-2016-5258

157

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5258

158

[ 31 ] CVE-2016-5259

159

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5259

160

[ 32 ] CVE-2016-5260

161

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5260

162

[ 33 ] CVE-2016-5261

163

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5261

164

[ 34 ] CVE-2016-5262

165

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5262

166

[ 35 ] CVE-2016-5263

167

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5263

168

[ 36 ] CVE-2016-5264

169

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5264

170

[ 37 ] CVE-2016-5265

171

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5265

172

[ 38 ] CVE-2016-5266

173

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5266

174

[ 39 ] CVE-2016-5267

175

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5267

176

[ 40 ] CVE-2016-5268

177

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5268

178

[ 41 ] CVE-2016-5270

179

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5270

180

[ 42 ] CVE-2016-5271

181

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5271

182

[ 43 ] CVE-2016-5272

183

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5272

184

[ 44 ] CVE-2016-5273

185

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5273

186

[ 45 ] CVE-2016-5274

187

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5274

188

[ 46 ] CVE-2016-5275

189

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5275

190

[ 47 ] CVE-2016-5276

191

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5276

192

[ 48 ] CVE-2016-5277

193

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5277

194

[ 49 ] CVE-2016-5278

195

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5278

196

[ 50 ] CVE-2016-5279

197

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5279

198

[ 51 ] CVE-2016-5280

199

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5280

200

[ 52 ] CVE-2016-5281

201

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5281

202

[ 53 ] CVE-2016-5282

203

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5282

204

[ 54 ] CVE-2016-5283

205

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5283

206

[ 55 ] CVE-2016-5284

207

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5284

208

[ 56 ] CVE-2016-5290

209

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5290

210

[ 57 ] CVE-2016-5291

211

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5291

212

[ 58 ] CVE-2016-5293

213

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5293

214

[ 59 ] CVE-2016-5294

215

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5294

216

[ 60 ] CVE-2016-5296

217

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5296

218

[ 61 ] CVE-2016-5297

219

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5297

220

[ 62 ] CVE-2016-9064

221

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9064

222

[ 63 ] CVE-2016-9066

223

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9066

224

[ 64 ] CVE-2016-9074

225

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9074

226

[ 65 ] CVE-2016-9079

227

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9079

228

[ 66 ] CVE-2016-9893

229

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9893

230

[ 67 ] CVE-2016-9895

231

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9895

232

[ 68 ] CVE-2016-9897

233

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9897

234

[ 69 ] CVE-2016-9898

235

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9898

236

[ 70 ] CVE-2016-9899

237

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9899

238

[ 71 ] CVE-2016-9900

239

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9900

240

[ 72 ] CVE-2016-9901

241

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9901

242

[ 73 ] CVE-2016-9902

243

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9902

244

[ 74 ] CVE-2016-9904

245

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9904

246

[ 75 ] CVE-2016-9905

247

       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9905

248

249

Availability

250

============

251

252

This GLSA and any updates to it are available for viewing at

253

the Gentoo Security Website:

254

255

 https://security.gentoo.org/glsa/201701-15

256

257

Concerns?

258

=========

259

260

Security is a primary focus of Gentoo Linux and ensuring the

261

confidentiality and security of our users' machines is of utmost

262

importance to us. Any security concerns should be addressed to

263

security@g.o or alternatively, you may file a bug at

264

https://bugs.gentoo.org.

265

266

License

267

=======

268

269

Copyright 2017 Gentoo Foundation, Inc; referenced text

270

belongs to its owner(s).

271

272

The contents of this document are licensed under the

273

Creative Commons - Attribution / Share Alike license.

274

275

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 201701-15
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	https://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Mozilla Firefox, Thunderbird: Multiple vulnerabilities
9	Date: January 03, 2017
10	Bugs: #581326, #590330, #594616, #599924, #601320, #602576, #604024
11	ID: 201701-15
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Errata
16	======
17
18	The first revision of GLSA 201701-15 included Mozilla SeaMonkey, but
19	not all CVEs listed were resolved in this package. In order to rectify
20	the reporting Mozilla SeaMonkey has been removed. The Gentoo Security
21	team will publish a separate GLSA addressing the outstanding Mozilla
22	SeaMonkey vulnerabilities as soon as possible.
23
24	Synopsis
25	========
26
27	Multiple vulnerabilities have been found in Mozilla Firefox and
28	Thunderbird the worst of which could lead to the execution of arbitrary
29	code.
30
31	Background
32	==========
33
34	Mozilla Firefox is a cross-platform web browser from Mozilla. The
35	Mozilla Thunderbird mail client is a redesign of the Mozilla Mail
36	component. The goal is to produce a cross-platform stand-alone mail
37	application using XUL (XML User Interface Language).
38
39	Affected packages
40	=================
41
42	-------------------------------------------------------------------
43	Package / Vulnerable / Unaffected
44	-------------------------------------------------------------------
45	1 www-client/firefox < 45.6.0 >= 45.6.0
46	2 www-client/firefox-bin < 45.6.0 >= 45.6.0
47	3 mail-client/thunderbird < 45.6.0 >= 45.6.0
48	4 mail-client/thunderbird-bin
49	< 45.6.0 >= 45.6.0
50	-------------------------------------------------------------------
51	4 affected packages
52
53	Description
54	===========
55
56	Multiple vulnerabilities have been discovered in Mozilla Firefox and
57	Thunderbird. Please review the CVE identifiers referenced below for
58	details.
59
60	Impact
61	======
62
63	A remote attacker could possibly execute arbitrary code with the
64	privileges of the process or cause a Denial of Service condition via
65	multiple vectors.
66
67	Workaround
68	==========
69
70	There is no known workaround at this time.
71
72	Resolution
73	==========
74
75	All Firefox users should upgrade to the latest version:
76
77	# emerge --sync
78	# emerge --ask --oneshot --verbose ">=www-client/firefox-45.6.0"
79
80	All Firefox-bin users should upgrade to the latest version:
81
82	# emerge --sync
83	# emerge --ask --oneshot --verbose ">=www-client/firefox-bin-45.6.0"
84
85	All Thunderbird users should upgrade to the latest version:
86
87	# emerge --sync
88	# emerge --ask --oneshot --verbose ">=mail-client/thunderbird-45.6.0"
89
90	All Thunderbird-bin users should upgrade to the latest version:
91
92	# emerge --sync
93	# emerge --ask --oneshot -v ">=mail-client/thunderbird-bin-45.6.0"
94
95	References
96	==========
97
98	[ 1 ] CVE-2016-2804
99	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2804
100	[ 2 ] CVE-2016-2805
101	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2805
102	[ 3 ] CVE-2016-2806
103	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2806
104	[ 4 ] CVE-2016-2807
105	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2807
106	[ 5 ] CVE-2016-2808
107	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2808
108	[ 6 ] CVE-2016-2809
109	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2809
110	[ 7 ] CVE-2016-2810
111	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2810
112	[ 8 ] CVE-2016-2811
113	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2811
114	[ 9 ] CVE-2016-2812
115	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2812
116	[ 10 ] CVE-2016-2813
117	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2813
118	[ 11 ] CVE-2016-2814
119	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2814
120	[ 12 ] CVE-2016-2816
121	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2816
122	[ 13 ] CVE-2016-2817
123	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2817
124	[ 14 ] CVE-2016-2820
125	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2820
126	[ 15 ] CVE-2016-2827
127	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2827
128	[ 16 ] CVE-2016-2830
129	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2830
130	[ 17 ] CVE-2016-2835
131	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2835
132	[ 18 ] CVE-2016-2836
133	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2836
134	[ 19 ] CVE-2016-2837
135	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2837
136	[ 20 ] CVE-2016-2838
137	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2838
138	[ 21 ] CVE-2016-2839
139	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2839
140	[ 22 ] CVE-2016-5250
141	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5250
142	[ 23 ] CVE-2016-5251
143	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5251
144	[ 24 ] CVE-2016-5252
145	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5252
146	[ 25 ] CVE-2016-5253
147	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5253
148	[ 26 ] CVE-2016-5254
149	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5254
150	[ 27 ] CVE-2016-5255
151	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5255
152	[ 28 ] CVE-2016-5256
153	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5256
154	[ 29 ] CVE-2016-5257
155	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5257
156	[ 30 ] CVE-2016-5258
157	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5258
158	[ 31 ] CVE-2016-5259
159	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5259
160	[ 32 ] CVE-2016-5260
161	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5260
162	[ 33 ] CVE-2016-5261
163	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5261
164	[ 34 ] CVE-2016-5262
165	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5262
166	[ 35 ] CVE-2016-5263
167	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5263
168	[ 36 ] CVE-2016-5264
169	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5264
170	[ 37 ] CVE-2016-5265
171	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5265
172	[ 38 ] CVE-2016-5266
173	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5266
174	[ 39 ] CVE-2016-5267
175	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5267
176	[ 40 ] CVE-2016-5268
177	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5268
178	[ 41 ] CVE-2016-5270
179	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5270
180	[ 42 ] CVE-2016-5271
181	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5271
182	[ 43 ] CVE-2016-5272
183	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5272
184	[ 44 ] CVE-2016-5273
185	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5273
186	[ 45 ] CVE-2016-5274
187	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5274
188	[ 46 ] CVE-2016-5275
189	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5275
190	[ 47 ] CVE-2016-5276
191	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5276
192	[ 48 ] CVE-2016-5277
193	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5277
194	[ 49 ] CVE-2016-5278
195	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5278
196	[ 50 ] CVE-2016-5279
197	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5279
198	[ 51 ] CVE-2016-5280
199	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5280
200	[ 52 ] CVE-2016-5281
201	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5281
202	[ 53 ] CVE-2016-5282
203	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5282
204	[ 54 ] CVE-2016-5283
205	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5283
206	[ 55 ] CVE-2016-5284
207	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5284
208	[ 56 ] CVE-2016-5290
209	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5290
210	[ 57 ] CVE-2016-5291
211	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5291
212	[ 58 ] CVE-2016-5293
213	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5293
214	[ 59 ] CVE-2016-5294
215	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5294
216	[ 60 ] CVE-2016-5296
217	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5296
218	[ 61 ] CVE-2016-5297
219	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5297
220	[ 62 ] CVE-2016-9064
221	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9064
222	[ 63 ] CVE-2016-9066
223	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9066
224	[ 64 ] CVE-2016-9074
225	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9074
226	[ 65 ] CVE-2016-9079
227	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9079
228	[ 66 ] CVE-2016-9893
229	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9893
230	[ 67 ] CVE-2016-9895
231	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9895
232	[ 68 ] CVE-2016-9897
233	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9897
234	[ 69 ] CVE-2016-9898
235	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9898
236	[ 70 ] CVE-2016-9899
237	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9899
238	[ 71 ] CVE-2016-9900
239	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9900
240	[ 72 ] CVE-2016-9901
241	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9901
242	[ 73 ] CVE-2016-9902
243	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9902
244	[ 74 ] CVE-2016-9904
245	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9904
246	[ 75 ] CVE-2016-9905
247	http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9905
248
249	Availability
250	============
251
252	This GLSA and any updates to it are available for viewing at
253	the Gentoo Security Website:
254
255	https://security.gentoo.org/glsa/201701-15
256
257	Concerns?
258	=========
259
260	Security is a primary focus of Gentoo Linux and ensuring the
261	confidentiality and security of our users' machines is of utmost
262	importance to us. Any security concerns should be addressed to
263	security@g.o or alternatively, you may file a bug at
264	https://bugs.gentoo.org.
265
266	License
267	=======
268
269	Copyright 2017 Gentoo Foundation, Inc; referenced text
270	belongs to its owner(s).
271
272	The contents of this document are licensed under the
273	Creative Commons - Attribution / Share Alike license.
274
275	http://creativecommons.org/licenses/by-sa/2.5