Jump to content

Bruno

Recommended Posts

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2913-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

April 25, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : drupal7

CVE ID : CVE-2014-2983

 

An information disclosure vulnerability was discovered in Drupal, a

fully-featured content management framework. When pages are cached for

anonymous users, form state may leak between anonymous users. Sensitive

or private information recorded for one anonymous user could thus be

disclosed to other users interacting with the same form at the same

time.

 

This security update introduces small API changes, see the upstream

advisory at https://drupal.org/SA-CORE-2014-002 for further information.

 

For the stable distribution (wheezy), this problem has been fixed in

version 7.14-2+deb7u4.

 

For the testing distribution (jessie), this problem has been fixed in

version 7.27-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 7.27-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2914-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

April 25, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : drupal6

CVE ID : CVE-2014-2983

 

An information disclosure vulnerability was discovered in Drupal, a

fully-featured content management framework. When pages are cached for

anonymous users, form state may leak between anonymous users. Sensitive

or private information recorded for one anonymous user could thus be

disclosed to other users interacting with the same form at the same

time.

 

This security update introduces small API changes, see the upstream

advisory at https://drupal.org/SA-CORE-2014-002 for further information.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 6.31-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2915-1 security@debian.org

http://www.debian.org/security/ Raphael Geissert

April 28, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dpkg

CVE ID : CVE-2014-0471

 

Jakub Wilk discovered that dpkg did not correctly parse C-style

filename quoting, allowing for paths to be traversed when unpacking a

source package - leading to the creation of files outside the directory

of the source being unpacked.

 

The update to the stable distribution (wheezy) incorporates

non-security changes that were targeted for the point release 7.5.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 1.15.9.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.16.13.

 

For the testing distribution (jessie), this problem will be fixed soon.

 

For the unstable distribution (sid), this problem will be fixed in

version 1.17.8.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2916-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

April 28, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libmms

CVE ID : CVE-2014-2892

 

Alex Chapman discovered that a buffer overflow in processing "MMS over

HTTP" messages could result in the execution of arbitrary code.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 0.6-1+squeeze2.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.6.2-3+deb7u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.6.2-4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2917-1 security@debian.org

http://www.debian.org/security/ Florian Weimer

April 28, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : super

CVE ID : CVE-2014-0470

 

John Lightsey of the Debian Security Audit project discovered that the

super package did not check for setuid failures, allowing local users

to increase the privileges on kernel versions which do not guard

against RLIMIT_NPROC attacks.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 3.30.0-3+squeeze2.

 

For the stable distribution (wheezy), this problem has been fixed in

version 3.30.0-6+deb7u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2918-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

April 30, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iceweasel

CVE ID : CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529

CVE-2014-1530 CVE-2014-1531 CVE-2014-1532

 

Multiple security issues have been found in Iceweasel, Debian's version

of the Mozilla Firefox web browser: Multiple memory safety errors,

buffer overflows, missing permission checks, out of bound reads,

use-after-frees and other implementation errors may lead to the

execution of arbitrary code, privilege escalation, cross-site scripting

or denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 24.5.0esr-1~deb7u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 24.5.0esr-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2915-2 security@debian.org

http://www.debian.org/security/ Raphael Geissert

April 30, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dpkg

Debian Bug : 746306

 

Javier Serrano Polo discovered that the recent dpkg update introduced a

vulnerability in systems where the patch utility did not support

C-style filename quoting - such as the oldstable distribution

(squeeze). This revision of dpkg instead refuses to process patches

with C-style filename quoting altogether.

 

For reference, the original text of DSA-2915-1 is reproduced below:

 

Jakub Wilk discovered that dpkg did not correctly parse C-style

filename quoting, allowing for paths to be traversed when unpacking a

source package - leading to the creation of files outside the directory

of the source being unpacked.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 1.15.10.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.16.14.

 

For the testing distribution (jessie), this problem will be fixed soon.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.17.9.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2919-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

May 03, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mysql-5.5

CVE ID : CVE-2014-0001 CVE-2014-0384 CVE-2014-2419 CVE-2014-2430

CVE-2014-2431 CVE-2014-2432 CVE-2014-2436 CVE-2014-2438

CVE-2014-2440

Debian Bug : 737596 744910

 

Several issues have been discovered in the MySQL database server. The

vulnerabilities are addressed by upgrading MySQL to the new upstream

version 5.5.37. Please see the MySQL 5.5 Release Notes and Oracle's

Critical Patch Update advisory for further details:

 

http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-36.html

http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-37.html

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

 

For the stable distribution (wheezy), these problems have been fixed in

version 5.5.37-0+wheezy1.

 

For the testing distribution (jessie), these problems have been fixed in

version 5.5.37-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 5.5.37-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2920-1 security@debian.org

http://www.debian.org/security/ Michael Gilbert

May 03, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2014-1730 CVE-2014-1731 CVE-2014-1732 CVE-2014-1733

CVE-2014-1734 CVE-2014-1735 CVE-2014-1736

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2014-1730

 

A type confusion issue was discovered in the v8 javascript library.

 

CVE-2014-1731

 

John Butler discovered a type confusion issue in the WebKit/Blink

document object model implementation.

 

CVE-2014-1732

 

Khalil Zhani discovered a use-after-free issue in the speech

recognition feature.

 

CVE-2014-1733

 

Jed Davis discovered a way to bypass the seccomp-bpf sandbox.

 

CVE-2014-1734

 

The Google Chrome development team discovered and fixed multiple

issues with potential security impact.

 

CVE-2014-1735

 

The Google Chrome development team discovered and fixed multiple

issues in version 3.24.35.33 of the v8 javascript library.

 

CVE-2014-1736

 

SkyLined discovered an integer overlflow issue in the v8 javascript

library.

 

For the stable distribution (wheezy), these problems have been fixed in

version 34.0.1847.132-1~deb7u1.

 

For the testing distribution (jessie), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 34.0.1847.132-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2921-1 security@debian.org

http://www.debian.org/security/ Yves-Alexis Perez

May 04, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xbuffy

CVE ID : CVE-2014-0469

 

Michael Niedermayer discovered a vulnerability in xbuffy, an utility for

displaying message count in mailbox and newsgroup accounts.

 

By sending carefully crafted messages to a mail or news account

monitored by xbuffy, an attacker can trigger a stack-based buffer

overflow, leading to xbuffy crash or even remote code execution.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 3.3.bl.3.dfsg-8+deb6u1.

 

For the stable distribution (wheezy), this problem has been fixed in

version 3.3.bl.3.dfsg-8+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 3.3.bl.3.dfsg-9.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.3.bl.3.dfsg-9.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2922-1 security@debian.org

http://www.debian.org/security/ Yves-Alexis Perez

May 05, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : strongswan

CVE ID : CVE-2014-2891

 

A vulnerability has been found in the ASN.1 parser of strongSwan, an

IKE/IPsec suite used to establish IPsec protected links.

 

By sending a crafted ID_DER_ASN1_DN ID payload to a vulnerable pluto or

charon daemon, a malicious remote user can provoke a null pointer

dereference in the daemon parsing the identity, leading to a crash and a

denial of service.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 4.4.1-5.6.

 

For the stable distribution (wheezy), this problem has been fixed in

version 4.5.2-1.5+deb7u4.

 

For the testing distribution (jessie), this problem has been fixed in

version 5.1.2-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 5.1.2-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2923-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

May 05, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2013-6629 CVE-2013-6954 CVE-2014-0429 CVE-2014-0446

CVE-2014-0451 CVE-2014-0452 CVE-2014-0453 CVE-2014-0454

CVE-2014-0455 CVE-2014-0456 CVE-2014-0457 CVE-2014-0458

CVE-2014-0459 CVE-2014-0460 CVE-2014-0461 CVE-2014-1876

CVE-2014-2397 CVE-2014-2398 CVE-2014-2402 CVE-2014-2403

CVE-2014-2412 CVE-2014-2413 CVE-2014-2414 CVE-2014-2421

CVE-2014-2423 CVE-2014-2427

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in the execution

of arbitrary code, breakouts of the Java sandbox, information disclosure

or denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 7u55-2.4.7-1~deb7u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 7u55-2.4.7-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2924-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

May 05, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icedove

CVE ID : CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529

CVE-2014-1530 CVE-2014-1531 CVE-2014-1532

 

Multiple security issues have been found in Icedove, Debian's version

of the Mozilla Thunderbird mail and news client: Multiple memory safety

errors, buffer overflows, missing permission checks, out of bound reads,

use-after-frees and other implementation errors may lead to the

execution of arbitrary code, privilege escalation, cross-site scripting

or denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 24.5.0-1~deb7u1.

 

For the testing distribution (jessie), these problems have been fixed in

version 24.5.0-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 24.5.0-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2925-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

May 08, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : rxvt-unicode

CVE ID : CVE-2014-3121

Debian Bug : 746593

 

Phillip Hallam-Baker discovered that window property values could be

queried in rxvt-unicode, resulting in the potential execution of

arbitrary commands.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 9.07-2+deb6u1.

 

For the stable distribution (wheezy), this problem has been fixed in

version 9.15-2+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 9.20-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 9.20-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2926-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

May 12, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2014-0196 CVE-2014-1737 CVE-2014-1738 CVE-2014-2851

CVE-2014-3122

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a denial of service, information leaks or privilege

escalation:

 

CVE-2014-0196

 

Jiri Slaby discovered a race condition in the pty layer, which could

lead to denial of service or privilege escalation.

 

CVE-2014-1737 / CVE-2014-1738

 

Matthew Daley discovered that missing input sanitising in the

FDRAWCMD ioctl and an information leak could result in privilege

escalation.

 

CVE-2014-2851

 

Incorrect reference counting in the ping_init_sock() function allows

denial of service or privilege escalation.

 

CVE-2014-3122

 

Incorrect locking of memory can result in local denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 3.2.57-3+deb7u1. This update also fixes a regression in the isci

driver and suspend problems with certain AMD CPUs (introduced in the

updated kernel from the Wheezy 7.5 point release).

 

For the unstable distribution (sid), these problems will be fixed soon.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2927-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

May 13, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libxfont

CVE ID : CVE-2014-0209 CVE-2014-0210 CVE-2014-0211

 

Ilja van Sprundel of IOActive discovered several security issues in the

X.Org libXfont library, which may allow a local, authenticated user to

attempt to raise privileges; or a remote attacker who can control the

font server to attempt to execute code with the privileges of the X

server.

 

CVE-2014-0209

 

Integer overflow of allocations in font metadata file parsing could

allow a local user who is already authenticated to the X server to

overwrite other memory in the heap.

 

CVE-2014-0210

 

libxfont does not validate length fields when parsing xfs protocol

replies allowing to write past the bounds of allocated memory when

storing the returned data from the font server.

 

CVE-2014-0211

 

Integer overflows calculating memory needs for xfs replies could

result in allocating too little memory and then writing the returned

data from the font server past the end of the allocated buffer.

 

For the oldstable distribution (squeeze), these problems have been fixed in

version 1:1.4.1-5.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1:1.4.5-4.

 

For the unstable distribution (sid), these problems have been fixed in

version 1:1.4.7-2.

 

- ----------------------------------------------------------------------

Debian Security Advisory DSA-2928-1 security@debian.org

http://www.debian.org/security/ Dann Frazier

May 14, 2014 http://www.debian.org/security/faq

- ----------------------------------------------------------------------

 

Package : linux-2.6

Vulnerability : privilege escalation/denial of service/information leak

Problem type : local

Debian-specific: no

CVE Id(s) : CVE-2014-0196 CVE-2014-1737 CVE-2014-1738

 

Several vulnerabilities have been discovered in the Linux kernel that may lead

to a denial of service, information leak or privilege escalation. The Common

Vulnerabilities and Exposures project identifies the following problems:

 

CVE-2014-0196

 

Jiri Slaby discovered a race condition in the pty layer, which could lead

to a denial of service or privilege escalation.

 

CVE-2014-1737 CVE-2014-1738

 

Matthew Daley discovered an information leak and missing input

sanitising in the FDRAWCMD ioctl of the floppy driver. This could result

in a privilege escalation.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 2.6.32-48squeeze6.

 

The following matrix lists additional source packages that were rebuilt for

compatibility with or to take advantage of this update:

 

Debian 6.0 (squeeze)

user-mode-linux 2.6.32-1um-4+48squeeze6

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2929-1 security@debian.org

http://www.debian.org/security/ Florian Weimer

May 16, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ruby-actionpack-3.2

CVE ID : CVE-2014-0081 CVE-2014-0082 CVE-2014-0130

Debian Bug : 747382

 

Several vulnerabilities were discovered in Action Pack, a compononent

of Ruby o Rails.

 

CVE-2014-0081

 

actionview/lib/action_view/helpers/number_helper.rb contains

multiple cross-site scripting vulnerabilities

 

CVE-2014-0082

 

actionpack/lib/action_view/template/text.rb performs symbol

interning on MIME type strings, allowing remote denial-of-service

attacks via increased memory consumption.

 

CVE-2014-0130

 

A directory traversal vulnerability in

actionpack/lib/abstract_controller/base.rb allows remote attackers

to read arbitrary files.

 

For the stable distribution (wheezy), these problems have been fixed in

version 3.2.6-6+deb7u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2930-1 security@debian.org

http://www.debian.org/security/ Michael Gilbert

May 17, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2014-1740 CVE-2014-1741 CVE-2014-1742

 

Several vulnerabilties have been discovered in the chromium web browser.

 

CVE-2014-1740

 

Collin Payne discovered a use-after-free issue in chromium's

WebSockets implementation.

 

CVE-2014-1741

 

John Butler discovered multiple integer overflow issues in the

Blink/Webkit document object model implementation.

 

CVE-2014-1742

 

cloudfuzzer discovered a use-after-free issue in the Blink/Webkit

text editing feature.

 

For the stable distribution (wheezy), these problems have been fixed in

version 34.0.1847.137-1~deb7u1.

 

For the testing distribution (jessie), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 34.0.1847.137-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2931-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

May 18, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2014-0198

 

It was discovered that incorrect memory handling in OpenSSL's

do_ssl3_write() function could result in denial of service.

 

The oldstable distribution (squeeze) is not affected.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.0.1e-2+deb7u9.

 

For the testing distribution (jessie), this problem has been fixed in

version 1.0.1g-4.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.0.1g-4.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2932-1 security@debian.org

http://www.debian.org/security/ Giuseppe Iuculano

May 19, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : qemu

CVE ID : CVE-2013-4344 CVE-2014-2894

Debian Bug : 745157 725944

 

Several vulnerabilities were discovered in qemu, a fast processor emulator.

 

CVE-2013-4344

 

Buffer overflow in the SCSI implementation in QEMU,

when a SCSI controller has more than 256 attached devices, allows

local users to gain privileges via a small transfer buffer in a

REPORT LUNS command.

 

CVE-2014-2894

 

Off-by-one error in the cmd_smart function in the smart self test in

hw/ide/core.c in QEMU allows local users to have

unspecified impact via a SMART EXECUTE OFFLINE command that triggers

a buffer underflow and memory corruption.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.1.2+dfsg-6a+deb7u3.

 

For the testing distribution (jessie), these problems have been fixed in

version 2.0.0+dfsg-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.0.0+dfsg-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2933-1 security@debian.org

http://www.debian.org/security/ Giuseppe Iuculano

May 19, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : qemu-kvm

CVE ID : CVE-2013-4344 CVE-2014-2894

Debian Bug : 745157 725944

 

Several vulnerabilities were discovered in qemu-kvm, a full

virtualization solution on x86 hardware.

 

CVE-2013-4344

 

Buffer overflow in the SCSI implementation in QEMU,

when a SCSI controller has more than 256 attached devices, allows

local users to gain privileges via a small transfer buffer in a

REPORT LUNS command.

 

CVE-2014-2894

 

Off-by-one error in the cmd_smart function in the smart self test in

hw/ide/core.c in QEMU allows local users to have

unspecified impact via a SMART EXECUTE OFFLINE command that triggers

a buffer underflow and memory corruption.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.1.2+dfsg-6+deb7u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2934-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

May 19, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-django

CVE ID : CVE-2014-0472 CVE-2014-0473 CVE-2014-0474 CVE-2014-1418

CVE-2014-3730

 

Several vulnerabilities were discovered in Django, a high-level Python

web development framework. The Common Vulnerabilities and Exposures

project identifies the following problems:

 

CVE-2014-0472

 

Benjamin Bach discovered that Django incorrectly handled dotted

Python paths when using the reverse() URL resolver function. An

attacker able to request a specially crafted view from a Django

application could use this issue to cause Django to import arbitrary

modules from the Python path, resulting in possible code execution.

 

CVE-2014-0473

 

Paul McMillan discovered that Django incorrectly cached certain

pages that contained CSRF cookies. A remote attacker could use this

flaw to acquire the CSRF token of a different user and bypass

intended CSRF protections in a Django application.

 

CVE-2014-0474

 

Michael Koziarski discovered that certain Django model field classes

did not properly perform type conversion on their arguments, which

allows remote attackers to obtain unexpected results.

 

CVE-2014-1418

 

Michael Nelson, Natalia Bidart and James Westby discovered that

cached data in Django could be served to a different session, or to

a user with no session at all. An attacker may use this to retrieve

private data or poison caches.

 

CVE-2014-3730

 

Peter Kuma and Gavin Wahl discovered that Django incorrectly

validated certain malformed URLs from user input. An attacker may

use this to cause unexpected redirects.

 

For the oldstable distribution (squeeze), these problems have been fixed in

version 1.2.3-3+squeeze10.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.4.5-1+deb7u7.

 

For the testing distribution (jessie), these problems have been fixed in

version 1.6.5-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.6.5-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2935-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

May 21, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libgadu

CVE ID : CVE-2014-3775

 

It was discovered that malformed responses from a Gadu-Gadu file relay

server could lead to denial of service or the execution of arbitrary

code in applications linked to the libgadu library.

 

The oldstable distribution (squeeze) is not affected.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.11.2-1+deb7u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:1.12.0~rc3-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2936-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

May 23, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : torque

CVE ID : CVE-2014-0749

Debian Bug : 748827

 

John Fitzpatrick from MWR Labs reported a stack-based buffer overflow

vulnerability in torque, a PBS-derived batch processing queueing system.

An unauthenticated remote attacker could exploit this flaw to execute

arbitrary code with root privileges.

 

For the oldstable distribution (squeeze), this problem has been fixed in

version 2.4.8+dfsg-9squeeze4.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.4.16+dfsg-1+deb7u3.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.4.16+dfsg-1.4.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2937-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

May 27, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mod-wsgi

CVE ID : CVE-2014-0240 CVE-2014-0242

 

Two security issues have been found in the Python WSGI adapter module

for Apache:

 

CVE-2014-0240

 

Robert Kisteleki discovered a potential privilege escalation in

daemon mode. This is not exploitable with the kernel used in Debian

7.0/wheezy.

 

CVE-2014-0242

 

Buck Golemon discovered that incorect memory handling could lead to

information disclosure when processing Content-Type headers.

 

For the oldstable distribution (squeeze), these problems have been fixed in

version 3.3-2+deb6u1.

 

For the stable distribution (wheezy), these problems have been fixed in

version 3.3-4+deb7u1.

 

For the testing distribution (jessie), these problems have been fixed in

version 3.5-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 3.5-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2938-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

May 27, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

The initial organisation and setup of Squeeze LTS has now happened and

it is ready for taking over security support once the standard security

support ends at the end of the month:

 

 

Information for users

=====================

 

Support for Squeeze LTS will end five years after the release of Squeeze,

i.e. until the 6th of February 2016.

 

You need to enable the apt sources for squeeze-lts manually.

Information on how to do this can be found at

https://wiki.debian.org/LTS/Development#Add_squeeze-lts_to_your_sources.list

 

You should also subscribe to the new annoucement mailing list for

security updates for squeeze-lts:

https://lists.debian.org/debian-lts-announce/

 

A few packages are not covered by the Squeeze LTS support. These can be

detected with the new tool debian-security-support. Information on how

to run it can be found here:

https://wiki.debian.org/LTS/Development#Check_for_unsupported_packages

 

If debian-security-support detects an unsupported package which is

critical to you, please get in touch with debian-lts@lists.debian.org

(see below).

 

squeeze-backports will continue to be supported for the lifetime of

Squeeze LTS.

 

 

 

Information for Debian maintainers

==================================

 

First of all, Debian package maintainers are not expected to work on

updates of their packages for squeeze-lts. Package updates for

squeeze-lts will be handled by the Debian LTS team.

 

However, if you _are_ interested in doing so (and the maintainer always

knows best on a package), you're certainly welcome to do so; everyone

in the Debian.org and Debian maintainers key ring can upload to the

squeeze-lts suite. Information on how to upload a fixed package can

be found at https://wiki.debian.org/LTS/Development#Upload_Packages

 

 

 

Mailing lists

=============

 

The whole coordination of the Debian LTS effort is handled through the

debian-lts mailing list: https://lists.debian.org/debian-lts/

 

Please subscribe or follow us via GMANE (gmane.linux.debian.devel.lts)

 

Aside from the debian-lts-announce list, there's also a list for

following all uploads in debian-lts:

https://lists.debian.org/debian-lts-changes/

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2939-1 security@debian.org

http://www.debian.org/security/ Michael Gilbert

May 31, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2014-1743 CVE-2014-1744 CVE-2014-1745 CVE-2014-1746

CVE-2014-1747 CVE-2014-1748 CVE-2014-1749 CVE-2014-3152

 

Several vulnerabilities were discovered in the chromium web browser.

 

CVE-2014-1743

 

cloudfuzzer discovered a use-after-free issue in the Blink/Webkit

document object model implementation.

 

CVE-2014-1744

 

Aaron Staple discovered an integer overflow issue in audio input

handling.

 

CVE-2014-1745

 

Atte Kettunen discovered a use-after-free issue in the Blink/Webkit

scalable vector graphics implementation.

 

CVE-2014-1746

 

Holger Fuhrmannek discovered an out-of-bounds read issue in the URL

protocol implementation for handling media.

 

CVE-2014-1747

 

packagesu discovered a cross-site scripting issue involving

malformed MHTML files.

 

CVE-2014-1748

 

Jordan Milne discovered a user interface spoofing issue.

 

CVE-2014-1749

 

The Google Chrome development team discovered and fixed multiple

issues with potential security impact.

 

CVE-2014-3152

 

An integer underflow issue was discovered in the v8 javascript

library.

 

For the stable distribution (wheezy), these problems have been fixed in

version 35.0.1916.114-1~deb7u2.

 

For the testing distribution (jessie), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 35.0.1916.114-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2941-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

Jun 01, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lxml

CVE ID : CVE-2014-3146

 

It was discovered that clean_html() function of lxml (pythonic bindings

for the libxml2 and libxslt libraries) performed insufficient

sanitisation for some non-printable characters. This could lead to

cross-site scripting.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.3.2-1+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 3.3.5-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.3.5-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2942-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

Jun 01, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : typo3-src

CVE ID : not available yet

Debian Bug : 749215

 

Multiple security issues have been discovered in the Typo3 CMS. More

information can be found in the upstream advisory:

http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/

 

For the stable distribution (wheezy), this problem has been fixed in

version 4.5.19+dfsg1-5+wheezy3.

 

For the testing distribution (jessie), this problem has been fixed in

version 4.5.34+dfsg1-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 4.5.34+dfsg1-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2943-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 01, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2014-0185 CVE-2014-0237 CVE-2014-0238 CVE-2014-2270

 

Several vulnerabilities were found in PHP, a general-purpose scripting

language commonly used for web application development:

 

CVE-2014-0185

 

The default PHP FPM socket permission has been changed from 0666

to 0660 to mitigate a security vulnerability (CVE-2014-0185) in PHP

FPM that allowed any local user to run a PHP code under the active

user of FPM process via crafted FastCGI client.

 

The default Debian setup now correctly sets the listen.owner and

listen.group to www-data:www-data in default php-fpm.conf. If you

have more FPM instances or a webserver not running under www-data

user you need to adjust the configuration of FPM pools in

/etc/php5/fpm/pool.d/ so the accessing process has rights to

access the socket.

 

CVE-2014-0237 / CVE-2014-0238:

 

Denial of service in the CDF parser of the fileinfo module.

 

CVE-2014-2270

 

Denial of service in the fileinfo module.

 

For the stable distribution (wheezy), these problems have been fixed in

version 5.4.4-14+deb7u10.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2944-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 01, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gnutls26

CVE ID : CVE-2014-3466

 

Joonas Kuorilehto discovered that GNU TLS performed insufficient

validation of session IDs during TLS/SSL handshakes. A malicious server

could use this to execute arbitrary code or perform denial or service.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.12.20-8+deb7u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.12.23-16.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2945-1 security@debian.org

http://www.debian.org/security/ Giuseppe Iuculano

June 03, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chkrootkit

CVE ID : CVE-2014-0476

 

Thomas Stangner discovered a vulnerability in chkrootkit, a rootkit

detector, which may allow local attackers to gain root access when /tmp

is mounted without the noexec option.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.49-4.1+deb7u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.49-5.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2947-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 04, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libav

CVE ID : not available

 

Several security issues have been corrected in multiple demuxers and

decoders of the libav multimedia library. A full list of the changes is

available at

http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.12

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.8.12-1.

 

For the testing distribution (jessie), this problem has been fixed in

version 6:10.1-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 6:10.1-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2948-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 04, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-bottle

CVE ID : CVE-2014-3137

 

It was discovered that Bottle, a WSGI-framework for Python, performed

a too permissive detection of JSON content, resulting a potential

bypass of security mechanisms.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.10.11-1+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 0.12.6-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.12.6-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2946-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 04, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-gnupg

CVE ID : CVE-2013-7323 CVE-2014-1927 CVE-2014-1928 CVE-2014-1929

 

Multiple vulnerabilities were discovered in the Python wrapper for the

Gnu Privacy Guard (GPG). Insufficient sanitising could lead to the

execution of arbitrary shell commands.

 

For the stable distribution (wheezy), these problems have been fixed in

version 0.3.6-1~deb7u1.

 

For the testing distribution (jessie), these problems have been fixed in

version 0.3.6-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 0.3.6-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2950-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 05, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470

 

Multiple vulnerabilities have been discovered in OpenSSL:

 

CVE-2014-0195

 

Jueri Aedla discovered that a buffer overflow in processing DTLS

fragments could lead to the execution of arbitrary code or denial

of service.

 

CVE-2014-0221

 

Imre Rad discovered the processing of DTLS hello packets is

susceptible to denial of service.

 

CVE-2014-0224

 

KIKUCHI Masashi discovered that carefully crafted handshakes can

force the use of weak keys, resulting in potential man-in-the-middle

attacks.

 

CVE-2014-3470

 

Felix Groebert and Ivan Fratric discovered that the implementation of

anonymous ECDH ciphersuites is suspectible to denial of service.

 

Additional information can be found at

http://www.openssl.org/news/secadv_20140605.txt

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.0.1e-2+deb7u10. All applications linked to openssl need to

be restarted. You can use the tool checkrestart from the package

debian-goodies to detect affected programs or reboot your system. There's

also a forthcoming security update for the Linux kernel later the day

(CVE-2014-3153), so you need to reboot anyway. Perfect timing, isn't it?

 

For the unstable distribution (sid), these problems will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2949-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

June 05, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2014-3144 CVE-2014-3145 CVE-2014-3153

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a denial of service or privilege escalation:

 

CVE-2014-3144 / CVE-2014-3145

 

A local user can cause a denial of service (system crash) via

crafted BPF instructions.

 

CVE-2014-3153

 

Pinkie Pie discovered an issue in the futex subsystem that allows a

local user to gain ring 0 control via the futex syscall. An

unprivileged user could use this flaw to crash the kernel (resulting

in denial of service) or for privilege escalation.

 

For the stable distribution (wheezy), these problems have been fixed in

version 3.2.57-3+deb7u2.

 

For the unstable distribution (sid), these problems will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2951-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 05, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mupdf

CVE ID : CVE-2014-2013

 

It was discovered that a buffer overflow in the MuPDF viewer might lead

to the execution of arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.9-2+deb7u2.

 

For the testing distribution (jessie), this problem has been fixed in

version 1.3-2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.3-2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2952-1 security@debian.org

http://www.debian.org/security/ Nico Golde

June 05, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : kfreebsd-9

CVE ID : CVE-2014-1453 CVE-2014-3000 CVE-2014-3880

 

Several vulnerabilities have been discovered in the FreeBSD kernel that may

lead to a denial of service or possibly disclosure of kernel memory. The Common

Vulnerabilities and Exposures project identifies the following problems:

 

CVE-2014-1453

 

A remote, authenticated attacker could cause the NFS server become

deadlocked, resulting in a denial of service.

 

CVE-2014-3000:

 

An attacker who can send a series of specifically crafted packets with a

connection could cause a denial of service situation by causing the kernel

to crash.

 

Additionally, because the undefined on stack memory may be overwritten by

other kernel threads, while difficult, it may be possible for an attacker

to construct a carefully crafted attack to obtain portion of kernel memory

via a connected socket. This may result in the disclosure of sensitive

information such as login credentials, etc. before or even without

crashing the system.

 

CVE-2014-3880

 

A local attacker can trigger a kernel crash (triple fault) with potential

data loss, related to the execve/fexecve system calls.

Reported by Ivo De Decker.

 

For the stable distribution (wheezy), these problems have been fixed in

version 9.0-10+deb70.7.

 

For the unstable (sid) and testing (jessie) distributions, these problems are fixed

in kfreebsd-10 version 10.0-6.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2953-1 security@debian.org

http://www.debian.org/security/ Raphael Geissert

June 08, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dpkg

CVE ID : CVE-2014-3864 CVE-2014-3865

Debian Bug : 746498 749183

 

Multiple vulnerabilities were discovered in dpkg that allow file

modification through path traversal when unpacking source packages with

especially-crafted patch files.

 

This update had been scheduled before the end of security support for

the oldstable distribution (squeeze), hence an exception has been made

and was released through the security archive. However, no further updates

should be expected.

 

For the oldstable distribution (squeeze), these problems have been fixed in

version 1.15.11.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.16.15.

 

For the testing distribution (jessie), these problems will be fixed

soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.17.10.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2954-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

June 09, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dovecot

CVE ID : CVE-2014-3430

Debian Bug : 747549

 

It was discovered that the Dovecot email server is vulnerable to a

denial of service attack against imap/pop3-login processes due to

incorrect handling of the closure of inactive SSL/TLS connections.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1:2.1.7-7+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 1:2.2.13~rc1-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:2.2.13~rc1-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2955-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 11, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iceweasel

CVE ID : CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 CVE-2014-1545

 

Multiple security issues have been found in Iceweasel, Debian's version

of the Mozilla Firefox web browser: Multiple memory safety errors and

buffer overflows may lead to the execution of arbitrary code or denial

of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 24.6.0esr-1~deb7u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 30.0-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2956-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 11, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icinga

CVE ID : CVE-2013-7106 CVE-2013-7107 CVE-2013-7108 CVE-2014-1878

CVE-2014-2386

 

Multiple security issues have been found in the Icinga host and network

monitoring system (buffer overflows, cross-site request forgery, off-by

ones) which could result in the execution of arbitrary code, denial of

service or session hijacking.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.7.1-7.

 

For the testing distribution (jessie), these problems have been fixed in

version 1.11.0-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.11.0-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2957-1 security@debian.org

http://www.debian.org/security/ Thijs Kinkhorst

June 12, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mediawiki

CVE ID : CVE-2014-3966

 

Omer Iqbal discovered that Mediawiki, a wiki engine, parses invalid

usernames on Special:PasswordReset as wikitext when $wgRawHtml is

enabled. On such wikis this allows an unauthenticated attacker to

insert malicious Javascript, a cross site scripting attack.

 

 

For the stable distribution (wheezy), this problem has been fixed in

version 1:1.19.16+dfsg-0+deb7u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:1.19.16+dfsg-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2958-1 security@debian.org

http://www.debian.org/security/ Thijs Kinkhorst

June 12, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : apt

CVE ID : CVE-2014-0478

Debian Bug : 749795

 

Jakub Wilk discovered that APT, the high level package manager,

did not properly perform authentication checks for source packages

downloaded via "apt-get source". This only affects use cases where

source packages are downloaded via this command; it does not

affect regular Debian package installation and upgrading.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.9.7.9+deb7u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.0.4.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2959-1 security@debian.org

http://www.debian.org/security/ Michael Gilbert

June 14, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2014-3154 CVE-2014-3155 CVE-2014-3156 CVE-2014-3157

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2014-3154

 

Collin Payne discovered a use-after-free issue in the filesystem API.

 

CVE-2014-3155

 

James March, Daniel Sommermann, and Alan Frindell discovered several

out-of-bounds read issues in the SPDY protocol implementation.

 

CVE-2014-3156

 

Atte Kettunen discovered a buffer overflow issue in bitmap handling

in the clipboard implementation.

 

CVE-2014-3157

 

A heap-based buffer overflow issue was discovered in chromium's

ffmpeg media filter.

 

In addition, this version corrects a regression in the previous update.

Support for older i386 processors had been dropped. This functionality

is now restored.

 

For the stable distribution (wheezy), these problems have been fixed in

version 35.0.1916.153-1~deb7u1.

 

For the testing (jessie) and unstable (sid) distribution, these problems

have been fixed in version 35.0.1916.153-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2960-1 security@debian.org

http://www.debian.or... Moritz Muehlenhoff

June 16, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icedove

CVE ID : CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 CVE-2014-1545

 

Multiple security issues have been found in Icedove, Debian's version of

the Mozilla Thunderbird mail and news client: Multiple memory safety

errors and buffer overflows may lead to the execution of arbitrary code

or denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 24.6.0-1.

 

For the unstable distribution (sid), these problems will be fixed soon.

 

- - -------------------------------------------------------------------------

Debian Security Advisory DSA-2950-2 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 16, 2014 http://www.debian.org/security/faq

- - -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470

 

This update updates the upstream fix for CVE-2014-0224 to address

problems with CCS which could result in problems with the Postgres

database.

 

In addition this update disables ZLIB compress by default. If you need

to re-enable it for some reason, you can set the environment variable

OPENSSL_NO_DEFAULT_ZLIB.

 

This update also fixes a header declaration which could result in

build failures in applications using OpenSSL.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.0.1e-2+deb7u11.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2961-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

June 16, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2014-4049

Debian Bug : 751364

 

It was discovered that PHP, a general-purpose scripting language

commonly used for web application development, is vulnerable to a

heap-based buffer overflow in the DNS TXT record parsing. A malicious

server or man-in-the-middle attacker could possibly use this flaw to

execute arbitrary code as the PHP interpreter if a PHP application uses

dns_get_record() to perform a DNS query.

 

For the stable distribution (wheezy), this problem has been fixed in

version 5.4.4-14+deb7u11.

 

For the testing distribution (jessie), this problem has been fixed in

version 5.6.0~beta4+dfsg-3.

 

For the unstable distribution (sid), this problem has been fixed in

version 5.6.0~beta4+dfsg-3.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2962-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 17, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : nspr

CVE ID : CVE-2014-1545

 

Abhiskek Arya discovered an out of bounds write in the cvt_t() function

of the NetScape Portable Runtime Library which could result in the

execution of arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2:4.9.2-1+deb7u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 2:4.10.6-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2963-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 17, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lucene-solr

CVE ID : CVE-2013-6397 CVE-2013-6407 CVE-2013-6408

 

Multiple vulnerabilities were found in Solr, an open source enterprise

search server based on Lucene, resulting in information disclosure or

code execution.

 

For the stable distribution (wheezy), these problems have been fixed in

version 3.6.0+dfsg-1+deb7u1.

 

For the testing distribution (jessie), these problems have been fixed in

version 3.6.2+dfsg-2.

 

For the unstable distribution (sid), these problems have been fixed in

version 3.6.2+dfsg-2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2964-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

June 21, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iodine

CVE ID : CVE-2014-4168

Debian Bug : 751834

 

Oscar Reparaz discovered an authentication bypass vulnerability in

iodine, a tool for tunneling IPv4 data through a DNS server. A remote

attacker could provoke a server to accept the rest of the setup or

also network traffic by exploiting this flaw.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.6.0~rc1-12+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 0.6.0~rc1-19.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.6.0~rc1-19.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2965-1 security@debian.org

http://www.debian.org/security/ Michael Gilbert

June 22, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tiff

CVE ID : CVE-2013-4243

Debian Bug : 742917

 

Murray McAllister discovered a heap-based buffer overflow in the gif2tiff

command line tool. Executing gif2tiff on a malicious tiff image could

result in arbitrary code execution.

 

For the stable distribution (wheezy), this problem has been fixed in

version 4.0.2-6+deb7u3.

 

For the testing distribution (jessie), this problem will be fixed soon.

 

For the unstable distribution (sid), this problem has been fixed in

version 4.0.3-9.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2966-1 security@debian.org

http://www.debian.org/security/ Yves-Alexis Perez

June 23, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

CVE ID : CVE-2014-0178 CVE-2014-0244 CVE-2014-3493

Debian Bug :

 

Multiple vulnerabilities were discovered and fixed in Samba, a SMB/CIFS

file, print, and login server:

 

CVE-2014-0178

 

Information leak vulnerability in the VFS code, allowing an

authenticated user to retrieve eight bytes of uninitialized memory

when shadow copy is enabled.

 

CVE-2014-0244

 

Denial of service (infinite CPU loop) in the nmbd Netbios name

service daemon. A malformed packet can cause the nmbd server to

enter an infinite loop, preventing it to process later requests to

the Netbios name service.

 

CVE-2014-3493

 

Denial of service (daemon crash) in the smbd file server daemon. An

authenticated user attempting to read a Unicode path using a

non-Unicode request can force the daemon to overwrite memory at an

invalid address.

 

For the stable distribution (wheezy), these problems have been fixed in

version 2:3.6.6-6+deb7u4.

 

For the testing distribution (jessie), these problems have been fixed in

version 2:4.1.9+dfsg-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2:4.1.9+dfsg-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2967-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

June 25, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gnupg

CVE ID : CVE-2014-4617

Debian Bug : 752497

 

Jean-René Reinhard, Olivier Levillain and Florian Maury reported that

GnuPG, the GNU Privacy Guard, did not properly parse certain garbled

compressed data packets. A remote attacker could use this flaw to mount

a denial of service against GnuPG by triggering an infinite loop.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.4.12-7+deb7u4.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.4.16-1.2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2968-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

June 27, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gnupg2

CVE ID : CVE-2014-4617

Debian Bug : 752498

 

Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that

GnuPG, the GNU Privacy Guard, did not properly parse certain garbled

compressed data packets. A remote attacker could use this flaw to mount

a denial of service against GnuPG by triggering an infinite loop.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.0.19-2+deb7u2.

 

For the testing distribution (jessie), this problem has been fixed in

version 2.0.24-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.0.24-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2969-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

June 27, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libemail-address-perl

CVE ID : CVE-2014-0477

 

Bastian Blank reported a denial of service vulnerability in

Email::Address, a Perl module for RFC 2822 address parsing and creation.

Email::Address::parse used significant time on parsing empty quoted

strings. A remote attacker able to supply specifically crafted input to

an application using Email::Address for parsing, could use this flaw to

mount a denial of service attack against the application.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.895-1+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 1.905-1.

 

For the unstable distribution (sid), this problem has been fixed

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2970-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

June 29, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cacti

CVE ID : CVE-2014-2326 CVE-2014-2327 CVE-2014-2328 CVE-2014-2708

CVE-2014-2709 CVE-2014-4002

 

Multiple security issues (cross-site scripting, cross-site request

forgery, SQL injections, missing input sanitising) have been found in

Cacti, a web frontend for RRDTool.

 

For the stable distribution (wheezy), these problems have been fixed in

version 0.8.8a+dfsg-5+deb7u3.

 

For the testing distribution (jessie), these problems have been fixed in

version 0.8.8b+dfsg-6.

 

For the unstable distribution (sid), these problems have been fixed in

version 0.8.8b+dfsg-6.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2971-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

July 02, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dbus

CVE ID : CVE-2014-3477 CVE-2014-3532 CVE-2014-3533

 

Several vulnerabilities have been discovered in dbus, an asynchronous

inter-process communication system. The Common Vulnerabilities and

Exposures project identifies the following problems:

 

CVE-2014-3477

 

Alban Crequy at Collabora Ltd. discovered that dbus-daemon sends an

AccessDenied error to the service instead of a client when the

client is prohibited from accessing the service. A local attacker

could use this flaw to cause a bus-activated service that is not

currently running to attempt to start, and fail, denying other users

access to this service.

 

CVE-2014-3532

 

Alban Crequy at Collabora Ltd. discovered a bug in dbus-daemon's

support for file descriptor passing. A malicious process could force

system services or user applications to be disconnected from the

D-Bus system by sending them a message containing a file descriptor,

leading to a denial of service.

 

CVE-2014-3533

 

Alban Crequy at Collabora Ltd. and Alejandro Martinez Suarez

discovered that a malicious process could force services to be

disconnected from the D-Bus system by causing dbus-daemon to attempt

to forward invalid file descriptors to a victim process, leading to

a denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.6.8-1+deb7u3.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.8.6-1.

Link to comment
Share on other sites

×
×
  • Create New...