Jump to content


NEW UPDATES Debian

debian updates sunrat bruno v.t. eric layton

  • Please log in to reply
1351 replies to this topic

#1351 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 17 November 2017 - 07:50 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4040-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 17, 2017                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : imagemagick
CVE ID         : CVE-2017-11352 CVE-2017-11640 CVE-2017-12431
                 CVE-2017-12640 CVE-2017-12877 CVE-2017-12983
CVE-2017-13134 CVE-2017-13139 CVE-2017-13144
CVE-2017-13758 CVE-2017-13769 CVE-2017-14224
                 CVE-2017-14607 CVE-2017-14682 CVE-2017-14989
CVE-2017-15277 CVE-2017-16546

This update fixes several vulnerabilities in imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service, memory disclosure or the execution of
arbitrary code if malformed image files are processed.

For the oldstable distribution (jessie), these problems have been fixed
in version 8:6.8.9.9-5+deb8u11.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.

#1352 OFFLINE   sunrat

sunrat

    Thread Kahuna

  • Forum Moderators
  • 5,346 posts

Posted 19 November 2017 - 06:41 PM

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4041-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
November 19, 2017                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : procmail
CVE ID         : CVE-2017-16844
Debian Bug     : 876511

Jakub Wilk reported a heap-based buffer overflow vulnerability in
procmail's formail utility when processing specially-crafted email
headers. A remote attacker could use this flaw to cause formail to
crash, resulting in a denial of service or data loss.

For the oldstable distribution (jessie), this problem has been fixed
in version 3.22-24+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 3.22-25+deb9u1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4042-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
November 19, 2017                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libxml-libxml-perl
CVE ID         : CVE-2017-10672
Debian Bug     : 866676

A use-after-free vulnerability was discovered in XML::LibXML, a Perl
interface to the libxml2 library, allowing an attacker to execute
arbitrary code by controlling the arguments to a replaceChild() call.

For the oldstable distribution (jessie), this problem has been fixed
in version 2.0116+dfsg-1+deb8u2.

For the stable distribution (stretch), this problem has been fixed in
version 2.0128+dfsg-1+deb9u1.
registered Linux user number 324659  || The importance of Reading The *Fine* Manual! :D
Posted ImagePosted ImagePosted ImagePosted ImageKXStudio
For the things we have to learn before we can do them, we learn by doing them.





Also tagged with one or more of these keywords: debian, updates, sunrat, bruno, v.t. eric layton

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users