Jump to content


NEW UPDATES Debian

debian updates sunrat bruno v.t. eric layton

  • Please log in to reply
1477 replies to this topic

#1476 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,658 posts

Posted 19 September 2018 - 06:45 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4297-1                   security@debian.org
https://www.debian.org/security/                          Michael Gilbert
September 19, 2018                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : chromium-browser

Two vulnerabilities have been discovered in the chromium web browser.
Kevin Cheung discovered an error in the WebAssembly implementation and
evil1m0 discovered a URL spoofing issue.

For the stable distribution (stretch), this problem has been fixed in
version 69.0.3497.92-1~deb9u1.
registered Linux user number 324659  ||    The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted Image
For the things we have to learn before we can do them, we learn by doing them.

#1477 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,658 posts

Posted 21 September 2018 - 07:54 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4298-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 20, 2018                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : hylafax
CVE ID         : CVE-2018-17141

Luis Merino, Markus Vervier and Eric Sesterhenn discovered that missing
input sanitising in the Hylafax fax software could potentially result in
the execution of arbitrary code via a malformed fax message.

For the stable distribution (stretch), this problem has been fixed in
version 3:6.0.6-7+deb9u1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4299-1                   security@debian.org
https://www.debian.org/security/                        Yves-Alexis Perez
September 21, 2018                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : texlive-bin
CVE            : not yet available

Nick Roessler from the University of Pennsylvania has found a buffer overflow
in texlive-bin, the executables for TexLive, the popular distribution of TeX
document production system.

This buffer overflow can be used for arbitrary code execution by crafting a
special type1 font (.pfb) and provide it to users running pdf(la)tex, dvips or
luatex in a way that the font is loaded.

For the stable distribution (stretch), this problem has been fixed in
version 2016.20160513.41080.dfsg-2+deb9u1.
registered Linux user number 324659  ||    The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted Image
For the things we have to learn before we can do them, we learn by doing them.

#1478 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,658 posts

Posted Yesterday, 08:03 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4300-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
September 22, 2018                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libarchive-zip-perl
CVE ID         : CVE-2018-10860
Debian Bug     : 902882

It was discovered that Archive::Zip, a perl module for manipulation of
ZIP archives, is prone to a directory traversal vulnerability. An
attacker able to provide a specially crafted archive for processing can
take advantage of this flaw to overwrite arbitrary files during archive
extraction.

For the stable distribution (stretch), this problem has been fixed in
version 1.59-1+deb9u1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4301-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 22, 2018                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mediawiki
CVE ID         : CVE-2018-0503 CVE-2018-0504 CVE-2018-0505

Multiple security vulnerabilities have been discovered in MediaWiki, a
website engine for collaborative work, which result in incorrectly
configured rate limits, information disclosure in Special:Redirect/logid
and bypass of an account lock.

For the stable distribution (stretch), these problems have been fixed in
version 1:1.27.5-1~deb9u1.
registered Linux user number 324659  ||    The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted Image
For the things we have to learn before we can do them, we learn by doing them.





Also tagged with one or more of these keywords: debian, updates, sunrat, bruno, v.t. eric layton

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users