Jump to content


NEW UPDATES Debian

debian updates sunrat bruno v.t. eric layton

  • Please log in to reply
1351 replies to this topic

#351 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 16 January 2012 - 07:15 AM

- ----------------------------------------------------------------------
Debian Security Advisory DSA-2389-1                security@debian.org
http://www.debian.org/security/                           Dann Frazier
January 15, 2012                    http://www.debian.org/security/faq
- ----------------------------------------------------------------------

Package        : linux-2.6
Vulnerability  : privilege escalation/denial of service/information leak
Problem type   : local/remote
Debian-specific: no
CVE Id(s)      : CVE-2011-2183 CVE-2011-2213 CVE-2011-2898 CVE-2011-3353
                 CVE-2011-4077 CVE-2011-4110 CVE-2011-4127 CVE-2011-4611
                 CVE-2011-4622 CVE-2011-4914

Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service or privilege escalation. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2011-2183

    Andrea Righi reported an issue in KSM, a memory-saving de-duplication
    feature. By exploiting a race with exiting tasks, local users can cause
    a kernel oops, resulting in a denial of service.
                
CVE-2011-2213

    Dan Rosenberg discovered an issue in the INET socket monitoring interface.
    Local users could cause a denial of service by injecting code and causing
    the kernel to execute an infinite loop.

CVE-2011-2898

    Eric Dumazet reported an information leak in the raw packet socket
    implementation.

CVE-2011-3353

    Han-Wen Nienhuys reported a local denial of service issue issue in the FUSE
    (Filesystem in Userspace) support in the linux kernel. Local users could
    cause a buffer overflow, leading to a kernel oops and resulting in a denial
    of service.

CVE-2011-4077

    Carlos Maiolino reported an issue in the XFS filesystem. A local user
    with the ability to mount a filesystem could corrupt memory resulting
    in a denial of service or possibly gain elevated privileges.

CVE-2011-4110

    David Howells reported an issue in the kernel's access key retention
    system which allow local users to cause a kernel oops leading to a denial
    of service.

CVE-2011-4127

    Paolo Bonzini of Red Hat reported an issue in the ioctl passthrough
    support for SCSI devices. Users with permission to access restricted
    portions of a device (e.g. a partition or a logical volume) can obtain
    access to the entire device by way of the SG_IO ioctl. This could be
    exploited by a local user or privileged VM guest to achieve a privilege
    escalation.

CVE-2011-4611

    Maynard Johnson reported an issue with the perf support on POWER7 systems
    that allows local users to cause a denial of service.

CVE-2011-4622

    Jan Kiszka reported an issue in the KVM PIT timer support. Local users
    with the permission to use KVM can cause a denial of service by starting
    a PIT timer without first setting up the irqchip.

CVE-2011-4914

    Ben Hutchings reported various bounds checking issues within the ROSE
    protocol support in the kernel. Remote users could possibly use this
    to gain access to sensitive memory or cause a denial of service.

For the stable distribution (squeeze), this problem has been fixed in version
2.6.32-39squeeze1. Updates for issues impacting the oldstable distribution
(lenny) will be available soon.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

                                             Debian 6.0 (squeeze)
     user-mode-linux                         2.6.32-1um-4+39squeeze1
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#352 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 22 January 2012 - 05:43 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2391-1                   security@debian.org
http://www.debian.org/security/                           Thijs Kinkhorst
January 22, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : phpmyadmin
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-1940 CVE-2011-3181 CVE-2011-4107
Debian Bug     : 656247

Several vulnerabilities have been discovered in phpMyAdmin, a tool
to administer MySQL over the web. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2011-4107

  The XML import plugin allowed a remote attacker to read arbitrary
  files via XML data containing external entity references.

CVE-2011-1940, CVE-2011-3181

  Cross site scripting was possible in the table tracking feature,
  allowing a remote attacker to inject arbitrary web script or HTML.


The oldstable distribution (lenny) is not affected by these problems.

For the stable distribution (squeeze), these problems have been fixed
in version 4:3.3.7-7.

For the testing distribution (wheezy) and unstable distribution (sid),
these problems have been fixed in version 4:3.4.7.1-1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#353 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 23 January 2012 - 08:25 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2392-1                   security@debian.org
http://www.debian.org/security/                                          
January 23, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : rails
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-2930 CVE-2011-2931 CVE-2011-3186 CVE-2009-4214
Debian Bug     : 629067

It was discovered that the last security update for Ruby on Rails,
DSA-2301-1, introduced a regression in the libactionpack-ruby package.

For the oldstable distribution (lenny), this problem has been fixed in
version 2.1.0-7+lenny2.

For the stable distribution (squeeze), this problem has been fixed in
version 2.3.5-1.2+squeeze2.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2392-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
January 23, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openssl
Vulnerability  : out-of-bounds read
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0050

Antonio Martin discovered a denial-of-service vulnerability in
OpenSSL, an implementation of TLS and related protocols.  A malicious
client can cause the DTLS server implementation to crash.  Regular,
TCP-based TLS is not affected by this issue.

For the oldstable distribution (lenny), this problem has been fixed in
version 0.9.8g-15+lenny16.

For the stable distribution (squeeze), this problem has been fixed in
version 0.9.8o-4squeeze7.

For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 1.0.0g-1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#354 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 25 January 2012 - 07:11 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2393-1                   security@debian.org
http://www.debian.org/security/                              dann frazier
January 25, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : bip
Vulnerability  : buffer overflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0806
Debian Bug     : 657217

Julien Tinnes reported a buffer overflow in the bip multiuser irc proxy
which may allow arbitrary code execution by remote users.

The oldstable distribution (lenny) is not affected by this problem.

For the stable distribution (squeeze), this problem has been fixed in
version 0.8.2-1squeeze4.

For the testing distribution (wheezy) and the unstable distribution (sid),
this problem will be fixed soon.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#355 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 27 January 2012 - 07:47 AM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2394-1                   security@debian.org
http://www.debian.org/security/                             Luciano Bello
January 27, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libxml2
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-0216 CVE-2011-2821 CVE-2011-2834 CVE-2011-3905
                 CVE-2011-3919
Debian Bug     : 652352 643648 656377

Many security problems had been fixed in libxml2, a popular library to handle
XML data files.

CVE-2011-3919:
Jüri Aedla discovered a heap-based buffer overflow that allows remote attackers
to cause a denial of service or possibly have unspecified other impact via
unknown vectors.

CVE-2011-0216:
An Off-by-one error have been discoveried that allows remote attackers to
execute arbitrary code or cause a denial of service.

CVE-2011-2821:
A memory corruption (double free) bug has been identified in libxml2's XPath
engine. Through it, it is possible to an attacker allows cause a denial of
service or possibly have unspecified other impact. This vulnerability does not
affect the oldstable distribution (lenny).

CVE-2011-2834:
Yang Dingning discovered a double free vulnerability related to XPath handling.

CVE-2011-3905:
An out-of-bounds read vulnerability had been discovered, which allows remote
attackers to cause a denial of service.

For the oldstable distribution (lenny), this problem has been fixed in
version 2.6.32.dfsg-5+lenny5.

For the stable distribution (squeeze), this problem has been fixed in
version 2.7.8.dfsg-2+squeeze2.

For the testing distribution (wheezy), this problem has been fixed in
version 2.7.8.dfsg-7.

For the unstable distribution (sid), this problem has been fixed in
version 2.7.8.dfsg-7.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#356 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 27 January 2012 - 04:15 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2395-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
January 27, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wireshark
Vulnerability  : buffer underflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3483 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066
                 CVE-2012-0067 CVE-2012-0068

Laurent Butti discovered a buffer underflow in the LANalyzer dissector
of the Wireshark network traffic analyzer, which could lead to the
execution of arbitrary code (CVE-2012-0068)

This update also addresses several bugs, which can lead to crashes of
Wireshark. These are not treated as security issues, but are fixed
nonetheless if security updates are scheduled: CVE-2011-3483,
CVE-2012-0041, CVE-2012-0042, CVE-2012-0066 and CVE-2012-0067.

For the stable distribution (squeeze), this problem has been fixed in
version 1.2.11-6+squeeze6.

For the unstable distribution (sid), this problem has been fixed in
version 1.6.5-1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2396-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
January 27, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : qemu-kvm
Vulnerability  : buffer underflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0029

Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e
network interface card of KVM, a solution for full virtualization on
x86 hardware, which could result in denial of service or privilege
escalation.

This update also fixes a guest-triggerable memory corruption in
VNC handling.

For the stable distribution (squeeze), this problem has been fixed in
version 0.12.5+dfsg-5+squeeze8.

For the unstable distribution (sid), this problem has been fixed in
version 1.0+dfsg-5.

registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#357 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 29 January 2012 - 06:34 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2397-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
January 29, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : icu
Vulnerability  : buffer underflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-4599

It was discovered that a buffer overflow in the Unicode libraray ICU
could lead to the execution of arbitrary code.

For the oldstable distribution (lenny), this problem has been fixed in
version 3.8.1-3+lenny3.

For the stable distribution (squeeze), this problem has been fixed in
version 4.4.1-8.

For the unstable distribution (sid), this problem has been fixed in
version 4.8.1.1-3.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#358 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 30 January 2012 - 05:14 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2398-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
January 30, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : curl
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3389 CVE-2012-0036

Several vulnerabilities have been discovered in Curl, an URL transfer
library. The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2011-3389

   This update enables OpenSSL workarounds against the "BEAST" attack.
   Additional information can be found in the Curl advisory:
   http://curl.haxx.se/docs/adv_20120124B.html

CVE-2012-0036

   Dan Fandrich discovered that Curl performs insufficient sanitising
   when extracting the file path part of an URL.

For the oldstable distribution (lenny), this problem has been fixed in
version 7.18.2-8lenny6.

For the stable distribution (squeeze), this problem has been fixed in
version 7.21.0-2.1+squeeze1.

For the unstable distribution (sid), this problem has been fixed in
version 7.24.0-1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#359 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 31 January 2012 - 05:38 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2399-1                   security@debian.org
http://www.debian.org/security/                           Thijs Kinkhorst
January 31, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php5
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885
                 CVE-2012-0057

Several vulnerabilities have been discovered in PHP, the web scripting
language. The Common Vulnerabilities and Exposures project identifies
the following issues:

CVE-2011-1938

  The UNIX socket handling allowed attackers to trigger a buffer overflow
  via a long path name.

CVE-2011-2483

  The crypt_blowfish function did not properly handle 8-bit characters,
  which made it easier for attackers to determine a cleartext password
  by using knowledge of a password hash.

CVE-2011-4566

  When used on 32 bit platforms, the exif extension could be used to
  trigger an integer overflow in the exif_process_IFD_TAG function
  when processing a JPEG file.

CVE-2011-4885

  It was possible to trigger hash collisions predictably when parsing
  form parameters, which allows remote attackers to cause a denial of
  service by sending many crafted parameters.

CVE-2012-0057

  When applying a crafted XSLT transform, an attacker could write files
  to arbitrary places in the filesystem.

NOTE: the fix for CVE-2011-2483 required changing the behaviour of this
function: it is now incompatible with some old (wrongly) generated hashes
for passwords containing 8-bit characters. See the package NEWS entry
for details. This change has not been applied to the Lenny version of PHP.


For the oldstable distribution (lenny), these problems have been fixed
in version 5.2.6.dfsg.1-1+lenny14.

For the stable distribution (squeeze), these problems have been fixed
in version 5.3.3-7+squeeze5.

For the testing distribution (wheezy) and unstable distribution (sid),
these problems have been fixed in version 5.3.9-1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2399-2                   security@debian.org
http://www.debian.org/security/                           Thijs Kinkhorst
January 31, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php5
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-1938 CVE-2011-2483 CVE-2011-4566 CVE-2011-4885
                 CVE-2012-0057

A regression was found in the fix for PHP's XSLT transformations
(CVE-2012-0057). Updated packages are now available to address this
regression. For reference, the original advisory text follows.

Several vulnerabilities have been discovered in PHP, the web scripting
language. The Common Vulnerabilities and Exposures project identifies
the following issues:

CVE-2011-1938

  The UNIX socket handling allowed attackers to trigger a buffer overflow
  via a long path name.

CVE-2011-2483

  The crypt_blowfish function did not properly handle 8-bit characters,
  which made it easier for attackers to determine a cleartext password
  by using knowledge of a password hash.

CVE-2011-4566

  When used on 32 bit platforms, the exif extension could be used to
  trigger an integer overflow in the exif_process_IFD_TAG function
  when processing a JPEG file.

CVE-2011-4885

  It was possible to trigger hash collisions predictably when parsing
  form parameters, which allows remote attackers to cause a denial of
  service by sending many crafted parameters.

CVE-2012-0057

  When applying a crafted XSLT transform, an attacker could write files
  to arbitrary places in the filesystem.

NOTE: the fix for CVE-2011-2483 required changing the behaviour of this
function: it is now incompatible with some old (wrongly) generated hashes
for passwords containing 8-bit characters. See the package NEWS entry
for details. This change has not been applied to the Lenny version of PHP.

NOTE: at the time of release packages for some architectures are still
being built. They will be installed into the archive as soon as they
arrive.

For the oldstable distribution (lenny), these problems have been fixed
in version 5.2.6.dfsg.1-1+lenny15.

For the stable distribution (squeeze), these problems have been fixed
in version 5.3.3-7+squeeze6.

For the testing distribution (wheezy) and unstable distribution (sid),
these problems have been fixed in version 5.3.9-1.

We recommend that you upgrade your php5 packages.

registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#360 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 02 February 2012 - 06:06 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2401-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 02, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : tomcat6
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-1184 CVE-2011-2204 CVE-2011-2526 CVE-2011-3190
                 CVE-2011-3375 CVE-2011-4858 CVE-2011-5062 CVE-2011-5063
                 CVE-2011-5064 CVE-2012-0022

Several vulnerabilities have been found in Tomcat, a servlet and JSP
engine:

CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064

   The HTTP Digest Access Authentication implementation performed
   insufficient countermeasures against replay attacks.

CVE-2011-2204

   In rare setups passwords were written into a logfile.

CVE-2011-2526
  
   Missing input sanisiting in the HTTP APR or HTTP NIO connectors
   could lead to denial of service.

CVE-2011-3190

   AJP requests could be spoofed in some setups.

CVE-2011-3375

   Incorrect request caching could lead to information disclosure.

CVE-2011-4858 CVE-2012-0022

   This update adds countermeasures against a collision denial of
   service vulnerability in the Java hashtable implementation and
   addresses denial of service potentials when processing large
   amounts of requests.

Additional information can be
found at http://tomcat.apache.org/security-6.html

For the stable distribution (squeeze), this problem has been fixed in
version 6.0.35-1+squeeze2.

For the unstable distribution (sid), this problem has been fixed in
version 6.0.35-1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2400-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 02, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : iceweasel
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3670 CVE-2012-0442 CVE-2012-0444 CVE-2012-0449

Several vulnerabilities have been discovered in Iceweasel, a web browser
based on Firefox. The included XULRunner library provides rendering
services for several other applications included in Debian.

CVE-2011-3670

   Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed,
   resulting in potential information disclosure.

CVE-2012-0442

   Jesse Ruderman and Bob Clary discovered memory corruption bugs, which
   may lead to the execution of arbitrary code.

CVE-2012-0444

   "regenrecht" discovered that missing input sanisiting in the Ogg Vorbis
   parser may lead to the execution of arbitrary code.

CVE-2012-0449

   Nicolas Gregoire and Aki Helin discovered that missing input
   sanisiting in XSLT processing may lead to the execution of arbitrary
   code.

For the oldstable distribution (lenny), this problem has been fixed in
version 1.9.0.19-13 of the xulrunner source package.

For the stable distribution (squeeze), this problem has been fixed in
version 3.5.16-12.

For the unstable distribution (sid), this problem has been fixed in
version 10.0-1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2402-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 02, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : iceape
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3670 CVE-2012-0442 CVE-2012-0444 CVE-2012-0449

Several vulnerabilities have been found in the Iceape internet suite, an
unbranded version of Seamonkey:

CVE-2011-3670

   Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed,
   resulting in potential information disclosure.

CVE-2012-0442

   Jesse Ruderman and Bob Clary discovered memory corruption bugs, which
   may lead to the execution of arbitrary code.

CVE-2012-0444

   "regenrecht" discovered that missing input sanisiting in the Ogg Vorbis
   parser may lead to the execution of arbitrary code.

CVE-2012-0449

   Nicolas Gregoire and Aki Helin discovered that missing input
   sanisiting in XSLT processing may lead to the execution of arbitrary
   code.

For the stable distribution (squeeze), this problem has been fixed in
version 2.0.11-10.

For the unstable distribution (sid), this problem has been fixed in
version 2.0.14-10.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2403-1                   security@debian.org
http://www.debian.org/security/                           Thijs Kinkhorst
February 02, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php5
Vulnerability  : code injection
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0830

Stefan Esser discovered that the implementation of the max_input_vars
configuration variable in a recent PHP security update was flawed such
that it allows remote attackers to crash PHP or potentially execute
code.

For the oldstable distribution (lenny), no fix is available at this time.

For the stable distribution (squeeze), this problem has been fixed in
version 5.3.3-7+squeeze7.

The testing distribution (wheezy) and unstable distribution (sid)
will be fixed soon.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#361 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 04 February 2012 - 08:30 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2384-2                   security@debian.org
http://www.debian.org/security/                                          
February 04, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : cacti
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2010-1644 CVE-2010-1645 CVE-2010-2543 CVE-2010-2545
                 CVE-2011-4824

It was discovered that the last security update for cacti, DSA-2384-1,
introduced a regression in lenny.

For the oldstable distribution (lenny), this problem has been fixed in
version 0.8.7b-2.1+lenny5.

The stable distribution (squeeze) is not affected by this regression.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#362 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 05 February 2012 - 09:41 AM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2404-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
February 05, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : xen-qemu-dm-4.0
Vulnerability  : buffer overflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0029

Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e
network interface card of QEMU, which is used in the xen-qemu-dm-4.0
packages.  This vulnerability might enable to malicious guest systems
to crash the host system or escalate their privileges.

The old stable distribution (lenny) does not contain the
xen-qemu-dm-4.0 package.

For the stable distribution (squeeze), this problem has been fixed in
version 4.0.1-2+squeeze1.

The testing distribution (wheezy) and the unstable distribution (sid)
will be fixed soon.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#363 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 06 February 2012 - 05:45 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2405-1                   security@debian.org
http://www.debian.org/security/                            Stefan Fritsch
February 06, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : apache2
Vulnerability  : multiple issues
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3607 CVE-2011-3368 CVE-2011-3639 CVE-2011-4317
                 CVE-2012-0031 CVE-2012-0053

Several vulnerabilities have been found in the Apache HTTPD Server:

CVE-2011-3607:

  An integer overflow in ap_pregsub() could allow local attackers to
  execute arbitrary code at elevated privileges via crafted .htaccess
  files.

CVE-2011-3368 CVE-2011-3639 CVE-2011-4317:

  The Apache HTTP Server did not properly validate the request URI for
  proxied requests. In certain reverse proxy configurations using the
  ProxyPassMatch directive or using the RewriteRule directive with the
  [P] flag, a remote attacker could make the proxy connect to an
  arbitrary server. The could allow the attacker to access internal
  servers that are not otherwise accessible from the outside.

  The three CVE ids denote slightly different variants of the same
  issue.

  Note that, even with this issue fixed, it is the responsibility of
  the administrator to ensure that the regular expression replacement
  pattern for the target URI does not allow a client to append arbitrary
  strings to the host or port parts of the target URI. For example, the
  configuration

    ProxyPassMatch ^/mail(.*)  http://internal-host$1

  is still insecure and should be replaced by one of the following
  configurations:

    ProxyPassMatch ^/mail(/.*)  http://internal-host$1
    ProxyPassMatch ^/mail/(.*)  http://internal-host/$1

CVE-2012-0031:

  An apache2 child process could cause the parent process to crash
  during shutdown. This is a violation of the privilege separation
  between the apache2 processes and could potentially be used to worsen
  the impact of other vulnerabilities.

CVE-2012-0053:

  The response message for error code 400 (bad request) could be used to
  expose "httpOnly" cookies. This could allow a remote attacker using
  cross site scripting to steal authentication cookies.


For the oldstable distribution (lenny), these problems have been fixed in
version apache2 2.2.9-10+lenny12.

For the stable distribution (squeeze), these problems have been fixed in
version apache2 2.2.16-6+squeeze6

For the testing distribution (wheezy), these problems will be fixed in
version 2.2.22-1.

For the unstable distribution (sid), these problems have been fixed in
version 2.2.22-1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2403-2                   security@debian.org
http://www.debian.org/security/                           Thijs Kinkhorst
February 06, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php5
Vulnerability  : code injection
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0830

Stefan Esser discovered that the implementation of the max_input_vars
configuration variable in a recent PHP security update was flawed such
that it allows remote attackers to crash PHP or potentially execute
code.

This update adds packages for the oldstable distribution, which were
missing from the original advisory. The problem has been fixed in
version 5.2.6.dfsg.1-1+lenny16, installed into the security archive
on 3 Feb 2012.

For the stable distribution (squeeze), this problem has been fixed in
version 5.3.3-7+squeeze7.

For the unstable distribution (sid), this problem has been fixed in
version 5.3.10-1.

registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#364 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 09 February 2012 - 05:39 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2406-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
February 09, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : icedove
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3670 CVE-2012-0442 CVE-2012-0444 CVE-2012-0449

Several vulnerabilities have been discovered in Icedove, Debian's
variant of the Mozilla Thunderbird code base.

CVE-2011-3670
Icedove does not not properly enforce the IPv6 literal address
syntax, which allows remote attackers to obtain sensitive
information by making XMLHttpRequest calls through a proxy and
reading the error messages.

CVE-2012-0442
Memory corruption bugs could cause Icedove to crash or
   possibly execute arbitrary code.

CVE-2012-0444
Icedove does not properly initialize nsChildView data
structures, which allows remote attackers to cause a denial of
service (memory corruption and application crash) or possibly
execute arbitrary code via a crafted Ogg Vorbis file.

CVE-2012-0449
Icedove allows remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute
arbitrary code via a malformed XSLT stylesheet that is
embedded in a document

For the stable distribution (squeeze), this problem has been fixed in
version 3.0.11-1+squeeze7.


- -------------------------------------------------------------------------
Debian Security Advisory DSA-2407-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
February 09, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : cvs
Vulnerability  : heap overflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0804

It was discovered that a malicious CVS server could cause a heap
overflow in the CVS client, potentially allowing the server to execute
arbitrary code on the client.

For the stable distribution (squeeze), this problem has been fixed in
version 1:1.12.13-12+squeeze1.

For the unstable distribution (sid), this problem has been fixed in
version 2:1.12.13+real-7.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#365 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 13 February 2012 - 09:31 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2408-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 13, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php5
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-1072 CVE-2011-4153 CVE-2012-0781 CVE-2012-0788
                 CVE-2012-0831

Several vulnerabilities have been discovered in PHP, the web scripting
language. The Common Vulnerabilities and Exposures project identifies
the following issues:

CVE-2011-1072

   It was discoverd that insecure handling of temporary files in the PEAR
   installer could lead to denial of service.

CVE-2011-4153

   Maksymilian Arciemowicz discovered that a NULL pointer dereference in
   the zend_strndup() function could lead to denial of service.

CVE-2012-0781

   Maksymilian Arciemowicz discovered that a NULL pointer dereference in
   the tidy_diagnose() function could lead to denial of service.

CVE-2012-0788

   It was discovered that missing checks in the handling of PDORow
   objects could lead to denial of service.

CVE-2012-0831

   It was discovered that the magic_quotes_gpc setting could be disabled
   remotely

This update also addresses PHP bugs, which are not treated as security issues
in Debian (see README.Debian.security), but which were fixed nonetheless:
CVE-2010-4697, CVE-2011-1092, CVE-2011-1148, CVE-2011-1464, CVE-2011-1467
CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1657, CVE-2011-3182
CVE-2011-3267

For the stable distribution (squeeze), this problem has been fixed in
version 5.3.3-7+squeeze8.

For the unstable distribution (sid), this problem has been fixed in
version 5.3.10-1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#366 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 15 February 2012 - 08:06 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2409-1                   security@debian.org
http://www.debian.org/security/                          Raphael Geissert
February 15, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : devscripts
Vulnerability  : several
Problem type   : local (remote)
Debian-specific: yes
CVE ID         : CVE-2012-0210 CVE-2012-0211 CVE-2012-0212

Several vulnerabilities have been discovered in debdiff, a script used
to compare two Debian packages, which is part of the devscripts package.
The following Common Vulnerabilities and Exposures project ids have been
assigned to identify them:

CVE-2012-0210:

    Paul Wise discovered that due to insufficient input sanitising when
    processing .dsc and .changes files, it is possible to execute
    arbitrary code and disclose system information.

CVE-2012-0211:

    Raphael Geissert discovered that it is possible to inject or modify
    arguments of external commands when processing source packages with
    specially-named tarballs in the top-level directory of the .orig
    tarball, allowing arbitrary code execution.

CVE-2012-0212:

    Raphael Geissert discovered that it is possible to inject or modify
    arguments of external commands when passing as argument to debdiff
    a specially-named file, allowing arbitrary code execution.


For the stable distribution (squeeze), these problems have been fixed in
version 2.10.69+squeeze2.

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems will be fixed in
version 2.11.4.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2410-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 15, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libpng
Vulnerability  : integer overflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3026

Jueri Aedla discovered an integer overflow in the libpng PNG library,
which could lead to the execution of arbitrary code if a malformed
image is processed.

For the stable distribution (squeeze), this problem has been fixed in
version 1.2.44-1+squeeze2.

For the unstable distribution (sid), this problem will be fixed soon.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#367 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 19 February 2012 - 06:02 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2411-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
February 19, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mumble
Vulnerability  : information disclosure
Problem type   : local
Debian-specific: no
CVE ID         : CVE-2012-0863
Debian Bug     : 659039

It was discovered that mumble, a VoIP client, does not probably manage
permission on its user-specific configuration files, allowing other
local users on the system to access them.

For the stable distribution (squeeze), this problem has been fixed in
version 1.2.2-6+squeeze1.

For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 1.2.3-3.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2412-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 19, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libvorbis
Vulnerability  : buffer overflow
Problem type   : local
Debian-specific: no
CVE ID         : CVE-2012-0444

It was discovered that a heap overflow in the Vorbis audio compression
library could lead to the execution of arbitrary code if a malformed
Ogg Vorbis file is processed.

For the stable distribution (squeeze), this problem has been fixed in
version 1.3.1-1+squeeze1.

For the unstable distribution (sid), this problem will be fixed soon.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#368 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 20 February 2012 - 07:21 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2413-1                   security@debian.org
http://www.debian.org/security/                                 Luk Claes
February 20, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libarchive
Vulnerability  : buffer overflows
Problem type   : remote/local
Debian-specific: no
CVE ID         : CVE-2011-1777 CVE-2011-1778

Two buffer overflows have been discovered in libarchive, a library
providing a flexible interface for reading and writing archives in
various formats. The possible buffer overflows while reading is9660
or tar streams allow remote attackers to execute arbitrary
code depending on the application that makes use of this functionality.

For the stable distribution (squeeze), this problem has been fixed in
version 2.8.4-1+squeeze1.

For the testing (wheezy) and unstable (sid) distributions,
this problem has been fixed in version 2.8.5-5.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#369 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 22 February 2012 - 08:57 AM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2413-1                   security@debian.org
http://www.debian.org/security/                                Nico Golde
February 21, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : fex
Vulnerability  : insufficient input sanitization
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0869

Nicola Fioravanti discovered that F*X, a web service for transferring
very large files, is not properly sanitizing input parameters of the "fup"
script.  An attacker can use this flaw to conduct reflected cross-site
scripting attacks via various script parameters.

For the stable distribution (squeeze), this problem has been fixed in
version 20100208+debian1-1+squeeze2.

For the testing distribution (wheezy), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed
in version 20120215-1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2415-1                   security@debian.org
http://www.debian.org/security/                                Nico Golde
February 21, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libmodplug
Vulnerability  : several
Problem type   : local
Debian-specific: no
CVE ID         : CVE-2011-1761 CVE-2011-2911 CVE-2011-2912 CVE-2011-2913
                 CVE-2011-2914 CVE-2011-2915

Several vulnerabilities that can lead to the execution of arbitrary code
have been discovered in libmodplug, a library for mod music based on
ModPlug.  The Common Vulnerabilities and Exposures project identifies
the following issues:

CVE-2011-1761

    epiphant discovered that the abc file parser is vulnerable to several
    stack-based buffer overflows that potentially lead to the execution
    of arbitrary code.

CVE-2011-2911

    Hossein Lotfi of Secunia discovered that the CSoundFile::ReadWav
    function is vulnerable to an integer overflow which leads to a
    heap-based buffer overflow.  An attacker can exploit this flaw to
    potentially execute arbitrary code by tricking a victim into opening
    crafted WAV files.

CVE-2011-2912

    Hossein Lotfi of Secunia discovered that the CSoundFile::ReadS3M
    function is vulnerable to a stack-based buffer overflow.  An attacker
    can exploit this flaw to potentially execute arbitrary code by
    tricking a victim into opening crafted S3M files.

CVE-2011-2913

    Hossein Lotfi of Secunia discovered that the CSoundFile::ReadAMS
    function suffers from an off-by-one vulnerability that leads to
    memory corruption.  An attacker can exploit this flaw to potentially
    execute arbitrary code by tricking a victim into opening crafted AMS
    files.

CVE-2011-2914

    It was discovered that the CSoundFile::ReadDSM function suffers
    from an off-by-one vulnerability that leads to memory corruption.
    An attacker can exploit this flaw to potentially execute arbitrary
    code by tricking a victim into opening crafted DSM files.

CVE-2011-2915

    It was discovered that the CSoundFile::ReadAMS2 function suffers
    from an off-by-one vulnerability that leads to memory corruption.
    An attacker can exploit this flaw to potentially execute arbitrary
    code by tricking a victim into opening crafted AMS files.


For the stable distribution (squeeze), this problem has been fixed in
version 1:0.8.8.1-1+squeeze2.

For the testing (wheezy) and unstable (sid) distributions, this problem
has been fixed in version 1:0.8.8.4-1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#370 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 22 February 2012 - 07:30 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2417-1                   security@debian.org
http://www.debian.org/security/                                Nico Golde
February 22, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libxml2
Vulnerability  : computational denial of service
Problem type   : local/remote
Debian-specific: no
Debug bug      : 660846
CVE ID         : CVE-2012-0841

It was discovered that the internal hashing routine of libxml2,
a library providing an extensive API to handle XML data, is vulnerable to
predictable hash collisions.  Given an attacker with knowledge of the
hashing algorithm, it is possible to craft input that creates a large
amount of collisions.  As a result it is possible to perform denial of
service attacks against applications using libxml2 functionality because
of the computational overhead.


For the stable distribution (squeeze), this problem has been fixed in
version 2.7.8.dfsg-2+squeeze3.

For the testing (wheezy) and unstable (sid) distributions, this problem
will be fixed soon.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#371 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 23 February 2012 - 04:22 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2416-1                   security@debian.org
http://www.debian.org/security/                           Thijs Kinkhorst
February 22, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : notmuch
Vulnerability  : information disclosure
Problem type   : remote
Debian-specific: no

It was discovered that Notmuch, an email indexer, did not sufficiently
escape Emacs MML tags. When using the Emacs interface, a user could
be tricked into replying to a maliciously formatted message which could
lead to files from the local machine being attached to the outgoing
message.

For the stable distribution (squeeze), this problem has been fixed in
version 0.3.1+squeeze1.

For the testing distribution (wheezy) and unstable distribution (sid),
this problem has been fixed in version 0.11.1-1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#372 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 26 February 2012 - 10:08 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2414-2                   security@debian.org
http://www.debian.org/security/                                Nico Golde
February 25, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : fex
Vulnerability  : insufficient input sanitization
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0869

It was discovered that the last security update for F*X, DSA-2414-1,
introduced a regression. Updated packages are now available to address
this problem.

For the stable distribution (squeeze), this problem has been fixed in
version 20100208+debian1-1+squeeze3.

The testing (wheezy) and unstable (sid) distributions are not affected
by this problem.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#373 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 27 February 2012 - 07:15 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2418-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 27, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : postgresql-8.4
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2012-0866 CVE-2012-0867 CVE-2012-0868

Several local vulnerabilities have been discovered in PostgreSQL, an
object-relational SQL database. The Common Vulnerabilities and Exposures
project identifies the following problems:

CVE-2012-0866

   It was discovered that the permissions of a function called by a
   trigger are not checked. This could result in privilege escalation.

CVE-2012-0867

   It was discovered that only the first 32 characters of a host name
   are checked when validating host names through SSL certificates.
   This could result in spoofing the connection in limited
   circumstances.

CVE-2012-0868

   It was discovered that pg_dump did not sanitise object names.
   This could result in arbitrary SQL command execution if a
   malformed dump file is opened.  

For the stable distribution (squeeze), this problem has been fixed in
version 8.4.11-0squeeze1.

For the unstable distribution (sid), this problem has been fixed in
version 8.4.11-1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2419-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
February 27, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : puppet
Vulnerability  : several
Problem type   : local
Debian-specific: no
CVE ID         : CVE-2012-1053 CVE-2012-1054

Two vulnerabilities were discovered in Puppet, a centralized
configuration management tool.

CVE-2012-1053
Puppet runs execs with an unintended group privileges,
potentially leading to privilege escalation.

CVE-2012-1054
The k5login type writes to untrusted locations,
enabling local users to escalate their privileges
if the k5login type is used.

For the stable distribution (squeeze), these problems have been fixed
in version 2.6.2-5+squeeze4.

For the testing distribution (wheezy) and the unstable distribution
(sid), these problems have been fixed in version 2.7.11-1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#374 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 28 February 2012 - 06:09 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2420-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
February 28, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openjdk-6
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3377 CVE-2011-3563 CVE-2011-5035 CVE-2012-0497
            CVE-2012-0501 CVE-2012-0502 CVE-2012-0503 CVE-2012-0505
CVE-2012-0506 CVE-2012-0507

Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform.

CVE-2011-3377
The Iced Tea browser plugin included in the openjdk-6 package
does not properly enforce the Same Origin Policy on web content
served under a domain name which has a common suffix with the
required domain name.

CVE-2011-3563
The Java Sound component did not properly check for array
boundaries.  A malicious input or an untrusted Java application
or applet could use this flaw to cause Java Virtual Machine to
crash or disclose portion of its memory.

CVE-2011-5035
The OpenJDK embedded web server did not guard against an
excessive number of a request parameters, leading to a denial
of service vulnerability involving hash collisions.

CVE-2012-0497
It was discovered that Java2D did not properly check graphics
rendering objects before passing them to the native renderer.
This could lead to JVM crash or Java sandbox bypass.

CVE-2012-0501
The ZIP central directory parser used by java.util.zip.ZipFile
entered an infinite recursion in native code when processing a
crafted ZIP file, leading to a denial of service.

CVE-2012-0502
A flaw was found in the AWT KeyboardFocusManager class that
could allow untrusted Java applets to acquire keyboard focus
and possibly steal sensitive information.

CVE-2012-0503
The java.util.TimeZone.setDefault() method lacked a security
manager invocation, allowing an untrusted Java application or
applet to set a new default time zone.

CVE-2012-0505
The Java serialization code leaked references to serialization
exceptions, possibly leaking critical objects to untrusted
code in Java applets and applications.

CVE-2012-0506
It was discovered that CORBA implementation in Java did not
properly protect repository identifiers (that can be obtained
using _ids() method) on certain Corba objects.  This could
have been used to perform modification of the data that should
have been immutable.

CVE-2012-0507
The AtomicReferenceArray class implementation did not properly
check if the array is of an expected Object[] type.  A
malicious Java application or applet could use this flaw to
cause Java Virtual Machine to crash or bypass Java sandbox
restrictions

For the stable distribution (squeeze), these problems have been fixed in
version 6b18-1.8.13-0+squeeze1.

For the testing distribution (wheezy) and the unstable distribution
(sid), these problems have been fixed in version 6b24-1.11.1-1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#375 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 29 February 2012 - 08:08 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2421-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 29, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : moodle
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-4308 CVE-2011-4584 CVE-2011-4585 CVE-2011-4586
                 CVE-2011-4587 CVE-2011-4588 CVE-2012-0792 CVE-2012-0793
                 CVE-2012-0794 CVE-2012-0795 CVE-2012-0796

Several security issues have been fixed in Moodle, a course management
system for online learning:

CVE-2011-4308 / CVE-2012-0792

   Rossiani Wijaya discovered an information leak in
   mod/forum/user.php

CVE-2011-4584

   MNET authentication didn't prevent a user using "Login As" from
   jumping to a remove MNET SSO.

CVE-2011-4585

   Darragh Enright discovered that the change password form was send in
   over plain HTTP even if httpslogin was set to "true".

CVE-2011-4586

   David Michael Evans and German Sanchez Gances discovered CRLF
   injection/HTTP response splitting vulnerabilities in the Calendar
   module.

CVE-2011-4587

   Stephen Mc Guiness discovered empty passwords could be entered in
   some circumstances.

CVE-2011-4588

   Patrick McNeill that IP address restrictions could be bypassed in
   MNET.

CVE-2012-0796

   Simon Coggins discovered that additional information could be
   injected into mail headers.

CVE-2012-0795

   John Ehringer discovered that email adresses were insufficiently
   validated.

CVE-2012-0794

   Rajesh Taneja discovered that cookie encryption used a fixed key.

CVE-2012-0793

   Eloy Lafuente discovered that profile images were insufficiently
   protected. A new configuration option "forceloginforprofileimages"
   was introduced for that.

For the stable distribution (squeeze), this problem has been fixed in
version 1.9.9.dfsg2-2.1+squeeze3.

For the unstable distribution (sid), this problem has been fixed in
version 1.9.9.dfsg2-5.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2422-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
February 29, 2012                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : file
Vulnerability  : missing bounds checks
Problem type   : remote
Debian-specific: no

The file type identification tool, file, and its associated library,
libmagic, do not properly process malformed files in the Composite
Document File (CDF) format, leading to crashes.

Note that after this update, file may return different detection
results for CDF files (well-formed or not).  The new detections are
believed to be more accurate.

For the stable distribution (squeeze), this problem has been fixed in
version 5.04-5+squeeze1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.





Also tagged with one or more of these keywords: debian, updates, sunrat, bruno, v.t. eric layton

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users