sunrat Posted July 7, 2014 Share Posted July 7, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2972-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso July 06, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2014-4699 Andy Lutomirski discovered that the ptrace syscall was not verifying the RIP register to be valid in the ptrace API on x86_64 processors. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation. For the stable distribution (wheezy), this problem has been fixed in version 3.2.60-1+deb7u1. In addition, this update contains several bugfixes originally targeted for the upcoming Wheezy point release. For the unstable distribution (sid), this problem will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted July 8, 2014 Share Posted July 8, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2973-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 07, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vlc CVE ID : CVE-2013-1868 CVE-2013-1954 CVE-2013-4388 Multiple buffer overflows have been found in the VideoLAN media player. Processing malformed subtitles or movie files could lead to denial of service and potentially the execution of arbitrary code. For the stable distribution (wheezy), these problems have been fixed in version 2.0.3-5+deb7u1. For the testing distribution (jessie), these problems have been fixed in version 2.1.0-1. For the unstable distribution (sid), these problems have been fixed in version 2.1.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 10, 2014 Share Posted July 10, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2974-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso July 08, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-4721 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-0207 Francisco Alonso of the Red Hat Security Response Team reported an incorrect boundary check in the cdf_read_short_sector() function. CVE-2014-3478 Francisco Alonso of the Red Hat Security Response Team discovered a flaw in the way the truncated pascal string size in the mconvert() function is computed. CVE-2014-3479 Francisco Alonso of the Red Hat Security Response Team reported an incorrect boundary check in the cdf_check_stream_offset() function. CVE-2014-3480 Francisco Alonso of the Red Hat Security Response Team reported an insufficient boundary check in the cdf_count_chain() function. CVE-2014-3487 Francisco Alonso of the Red Hat Security Response Team discovered an incorrect boundary check in the cdf_read_property_info() funtion. CVE-2014-3515 Stefan Esser discovered that the ArrayObject and the SPLObjectStorage unserialize() handler do not verify the type of unserialized data before using it. A remote attacker could use this flaw to execute arbitrary code. CVE-2014-4721 Stefan Esser discovered a type confusion issue affecting phpinfo(), which might allow an attacker to obtain sensitive information from process memory. For the stable distribution (wheezy), these problems have been fixed in version 5.4.4-14+deb7u12. In addition, this update contains several bugfixes originally targeted for the upcoming Wheezy point release. For the testing distribution (jessie), these problems have been fixed in version 5.6.0~rc2+dfsg-1. For the unstable distribution (sid), these problems have been fixed in version 5.6.0~rc2+dfsg-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2975-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst July 09, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : phpmyadmin CVE ID : CVE-2013-4995 CVE-2013-4996 CVE-2013-5002 CVE-2013-5003 CVE-2014-1879 Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4995 Authenticatd users could inject arbitrary web script or HTML via a crafted SQL query. CVE-2013-4996 Cross site scripting was possible via a crafted logo URL in the navigation panel or a crafted entry in the Trusted Proxy list. CVE-2013-5002 Authenticated users could inject arbitrary web script or HTML via a crafted pageNumber value in Schema Export. CVE-2013-5003 Authenticated users could execute arbitrary SQL commands as the phpMyAdmin 'control user' via the scale parameter PMD PDF export and the pdf_page_number parameter in Schema Export. CVE-2014-1879 Authenticated users could inject arbitrary web script or HTML via a crafted file name in the Import function. For the stable distribution (wheezy), these problems have been fixed in version 4:3.4.11.1-2+deb7u1. For the unstable distribution (sid), these problems have been fixed in version 4:4.2.5-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 10, 2014 Share Posted July 10, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2976-1 security@debian.org http://www.debian.org/security/ Florian Weimer July 10, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : eglibc CVE ID : CVE-2014-0475 Stephane Chazelas discovered that the GNU C library, glibc, processed ".." path segments in locale-related environment variables, possibly allowing attackers to circumvent intended restrictions, such as ForceCommand in OpenSSH, assuming that they can supply crafted locale settings. For the stable distribution (wheezy), this problem has been fixed in version 2.13-38+deb7u3. This update also includes changes previously scheduled for the next wheezy point release as version 2.13-38+deb7u2. See the Debian changelog for details. Link to comment Share on other sites More sharing options...
sunrat Posted July 12, 2014 Share Posted July 12, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2977-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 11, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libav CVE ID : CVE-2014-4609 Don A. Baley discovered an integer overflow in the lzo compression handler which could result in the execution of arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 6:0.8.13-1. For the testing distribution (jessie), this problem has been fixed in version 6:10.2-1. For the unstable distribution (sid), this problem has been fixed in version 6:10.2-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2978-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 11, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libxml2 CVE ID : CVE-2014-0191 Daniel P. Berrange discovered a denial of service vulnerability in libxml2 entity substitution. For the stable distribution (wheezy), this problem has been fixed in version 2.8.0+dfsg1-7+wheezy1. For the unstable distribution (sid), this problem has been fixed in version 2.9.1+dfsg1-4. Link to comment Share on other sites More sharing options...
sunrat Posted July 17, 2014 Share Posted July 17, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2765-2 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst July 16, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : davfs2 Vulnerability : privilege escalation Problem type : remote Debian-specific: no CVE ID : CVE-2013-4362 Debian Bug : 723034 The update released for davfs2 in DSA 2765 had a version number for Debian 7 "wheezy" that sorts lower than the version in Debian 6 "squeeze", causing problems on upgrades. This update makes a package of davfs2 in wheezy available which corrects only the version number. For reference, the original advisory follows. Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root. This might allow a privilege escalation. For the stable distribution (wheezy), this problem has been fixed in version 1.4.6-1.1+wheezy1. Link to comment Share on other sites More sharing options...
sunrat Posted July 18, 2014 Share Posted July 18, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2979-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 17, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : fail2ban CVE ID : CVE-2013-7176 CVE-2013-7177 Two vulnerabilities were discovered in Fail2ban, a solution to ban hosts that cause multiple authentication errors. When using Fail2ban to monitor Postfix or Cyrus IMAP logs, improper input validation in log parsing could enable a remote attacker to trigger an IP ban on arbitrary addresses, resulting in denial of service. For the stable distribution (wheezy), these problems have been fixed in version 0.8.6-3wheezy3. For the testing distribution (jessie), these problems have been fixed in version 0.8.11-1. For the unstable distribution (sid), these problems have been fixed in version 0.8.11-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2980-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 17, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-6 CVE ID : CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4266 CVE-2014-4268 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. For the stable distribution (wheezy), these problems have been fixed in version 6b32-1.13.4-1~deb7u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 21, 2014 Share Posted July 21, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2981-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso July 18, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : polarssl CVE ID : CVE-2014-4911 Debian Bug : 754655 A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute the denial of service attack against its clients. For the stable distribution (wheezy), this problem has been fixed in version 1.2.9-1~deb7u3. For the testing distribution (jessie), this problem has been fixed in version 1.3.7-2.1. For the unstable distribution (sid), this problem has been fixed in version 1.3.7-2.1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2982-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 19, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ruby-activerecord-3.2 CVE ID : CVE-2014-3482 CVE-2014-3483 Sean Griffin discovered two vulnerabilities in the PostgreSQL adapter for Active Record which could lead to SQL injection. For the stable distribution (wheezy), these problems have been fixed in version 3.2.6-5+deb7u1. Debian provides two variants of "Ruby on Rails" in Wheezy (2.3 and 3.2). Support for the 2.3 variants had to be ceased at this point. This affects the following source packages: ruby-actionmailer-2.3, ruby-actionpack-2.3 ruby-activerecord-2.3, ruby-activeresource-2.3, ruby-activesupport-2.3 and ruby-rails-2.3. The version of Redmine in Wheezy still requires 2.3, you can use an updated version from backports.debian.org which is compatible with rails 3.2. For the unstable distribution (sid), these problems have been fixed in version 3.2.19-1 of the rails-3.2 source package. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2983-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 20, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : drupal7 CVE ID : not yet available Multiple security issues have been discovered in the Drupal content management system, ranging from denial of service to cross-site scripting. More information can be found at https://www.drupal.org/SA-CORE-2014-003 For the stable distribution (wheezy), this problem has been fixed in version 7.14-2+deb7u5. For the testing distribution (jessie), this problem has been fixed in version 7.29-1. For the unstable distribution (sid), this problem has been fixed in version 7.29-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 24, 2014 Share Posted July 24, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2984-1 security@debian.org http://www.debian.org/security/ Luciano Bello July 22, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : acpi-support CVE ID : CVE-2014-1419 CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script. For the stable distribution (wheezy), this problem has been fixed in version 0.140-5+deb7u1. For the testing distribution (jessie), this problem has been fixed in version 0.142-2. For the unstable distribution (sid), this problem has been fixed in version 0.142-2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2985-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso July 22, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2014-2494 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 Debian Bug : 754941 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.38. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-38.html http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html For the stable distribution (wheezy), these problems have been fixed in version 5.5.38-0+wheezy1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2986-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 23, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : iceweasel CVE ID : CVE-2014-1544 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. For the stable distribution (wheezy), these problems have been fixed in version 24.7.0esr-1~deb7u1. For the unstable distribution (sid), these problems have been fixed in version 31.0-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2987-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 23, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4266 CVE-2014-4268 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service. For the stable distribution (wheezy), these problems have been fixed in version 7u65-2.5.1-2~deb7u1. For the unstable distribution (sid), these problems have been fixed in version 7u65-2.5.1-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 25, 2014 Share Posted July 25, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2988-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 24, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : transmission CVE ID : CVE-2014-4909 Ben Hawkes discovered that incorrect handling of peer messages in the Transmission bittorrent client could result in denial of service or the execution of arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 2.52-3+nmu2. For the unstable distribution (sid), this problem will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2989-1 security@debian.org http://www.debian.org/security/ Stefan Fritsch July 24, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apache2 CVE ID : CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 Several security issues were found in the Apache HTTP server. CVE-2014-0118 The DEFLATE input filter (inflates request bodies) in mod_deflate allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size. CVE-2014-0226 A race condition was found in mod_status. An attacker able to access a public server status page on a server could send carefully crafted requests which could lead to a heap buffer overflow, causing denial of service, disclosure of sensitive information, or potentially the execution of arbitrary code. CVE-2014-0231 A flaw was found in mod_cgid. If a server using mod_cgid hosted CGI scripts which did not consume standard input, a remote attacker could cause child processes to hang indefinitely, leading to denial of service. For the stable distribution (wheezy), these problems have been fixed in version 2.2.22-13+deb7u3. For the testing distribution (jessie), these problems will be fixed in version 2.4.10-1. For the unstable distribution (sid), these problems have been fixed in version 2.4.10-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 28, 2014 Share Posted July 28, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2990-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso July 27, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cups CVE ID : CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 It was discovered that the web interface in CUPS, the Common UNIX Printing System, incorrectly validated permissions on rss files and directory index files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation. For the stable distribution (wheezy), these problems have been fixed in version 1.5.3-5+deb7u4. For the unstable distribution (sid), these problems have been fixed in version 1.7.4-2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2991-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso July 27, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : modsecurity-apache CVE ID : CVE-2013-5705 Martin Holst Swende discovered a flaw in the way chunked requests are handled in ModSecurity, an Apache module whose purpose is to tighten the Web application security. A remote attacker could use this flaw to bypass intended mod_security restrictions by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header, allowing to send requests containing content that should have been removed by mod_security. For the stable distribution (wheezy), this problem has been fixed in version 2.6.6-6+deb7u2. For the testing distribution (jessie), this problem has been fixed in version 2.7.7-1. For the unstable distribution (sid), this problem has been fixed in version 2.7.7-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 31, 2014 Share Posted July 31, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2992-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso July 29, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2014-3534 CVE-2014-4667 CVE-2014-4943 Debian Bug : 728705 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation: CVE-2014-3534 Martin Schwidefsky of IBM discovered that the ptrace subsystem does not properly sanitize the psw mask value. On s390 systems, an unprivileged local user could use this flaw to set address space control bits to kernel space combination and thus gain read/write access to kernel memory. CVE-2014-4667 Gopal Reddy Kodudula of Nokia Siemens Networks discovered that the sctp_association_free function does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet. CVE-2014-4943 Sasha Levin discovered a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). An unprivileged local user could use this flaw for privilege escalation. For the stable distribution (wheezy), these problems have been fixed in version 3.2.60-1+deb7u3. For the unstable distribution (sid), these problems have been fixed in version 3.14.13-2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2993-1 security@debian.org http://www.debian.org/security/ Peter Palfrader July 31, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tor CVE ID : CVE-2014-5117 Several issues have been discovered in Tor, a connection-based low-latency anonymous communication system, resulting in information leaks. o Relay-early cells could be used by colluding relays on the network to tag user circuits and so deploy traffic confirmation attacks [CVE-2014-5117]. The updated version emits a warning and drops the circuit upon receiving inbound relay-early cells, preventing this specific kind of attack. Please consult the following advisory for more details about this issue: https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack o A bug in the bounds-checking in the 32-bit curve25519-donna implementation could cause incorrect results on 32-bit implementations when certain malformed inputs were used along with a small class of private ntor keys. This flaw does not currently appear to allow an attacker to learn private keys or impersonate a Tor server, but it could provide a means to distinguish 32-bit Tor implementations from 64-bit Tor implementations. The following additional security-related improvements have been implemented: o As a client, the new version will effectively stop using CREATE_FAST cells. While this adds computational load on the network, this approach can improve security on connections where Tor's circuit handshake is stronger than the available TLS connection security levels. o Prepare clients to use fewer entry guards by honoring the consensus parameters. The following article provides some background: https://blog.torproject.org/blog/improving-tors-anonymity-changing-guard-parameters For the stable distribution (wheezy), these problems have been fixed in version 0.2.4.23-1~deb7u1. For the testing distribution (jessie) and the unstable distribution (sid), these problems have been fixed in version 0.2.4.23-1. For the experimental distribution, these problems have been fixed in version 0.2.5.6-alpha-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2994-1 security@debian.org http://www.debian.org/security/ Raphael Geissert July 31, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nss CVE ID : CVE-2013-1741 CVE-2013-5606 CVE-2014-1491 CVE-2014-1492 Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library: CVE-2013-1741 Runaway memset in certificate parsing on 64-bit computers leading to a crash by attempting to write 4Gb of nulls. CVE-2013-5606 Certificate validation with the verifylog mode did not return validation errors, but instead expected applications to determine the status by looking at the log. CVE-2014-1491 Ticket handling protection mechanisms bypass due to the lack of restriction of public values in Diffie-Hellman key exchanges. CVE-2014-1492 Incorrect IDNA domain name matching for wildcard certificates could allow specially-crafted invalid certificates to be considered as valid. For the stable distribution (wheezy), these problems have been fixed in version 2:3.14.5-1+deb7u1. For the testing distribution (jessie), and the unstable distribution (sid), these problems have been fixed in version 2:3.16-1. Link to comment Share on other sites More sharing options...
sunrat Posted August 4, 2014 Share Posted August 4, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2995-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 03, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lzo2 CVE ID : CVE-2014-4607 Debian Bug : 752861 Don A. Bailey from Lab Mouse Security discovered an integer overflow flaw in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 2.06-1+deb7u1. For the testing distribution (jessie), this problem has been fixed in version 2.08-1. For the unstable distribution (sid), this problem has been fixed in version 2.08-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2996-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff August 03, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2014-1544 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. For the stable distribution (wheezy), these problems have been fixed in version 24.7.0-1~deb7u1. For the unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted August 6, 2014 Share Posted August 6, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2997-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 05, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : reportbug CVE ID : CVE-2014-0479 Jakub Wilk discovered a remote command execution flaw in reportbug, a tool to report bugs in the Debian distribution. A man-in-the-middle attacker could put shell metacharacters in the version number allowing arbitrary code execution with the privileges of the user running reportbug. For the stable distribution (wheezy), this problem has been fixed in version 6.4.4+deb7u1. For the testing distribution (jessie), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 6.5.0+nmu1. Link to comment Share on other sites More sharing options...
sunrat Posted August 7, 2014 Share Posted August 7, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2998-1 security@debian.org http://www.debian.org/security/ Raphael Geissert August 07, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-5139 Multiple vulnerabilities have been identified in OpenSSL, a Secure Sockets Layer toolkit, that may result in denial of service (application crash, large memory consumption), information leak, protocol downgrade. Additionally, a buffer overrun affecting only applications explicitly set up for SRP has been fixed (CVE-2014-3512). Detailed descriptions of the vulnerabilities can be found at: https://www.openssl.org/news/secadv_20140806.txt It's important that you upgrade the libssl1.0.0 package and not just the openssl package. All applications linked to openssl need to be restarted. You can use the "checkrestart" tool from the debian-goodies package to detect affected programs. Alternatively, you may reboot your system. For the stable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u12. For the testing distribution (jessie), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 1.0.1i-1. Link to comment Share on other sites More sharing options...
sunrat Posted August 10, 2014 Share Posted August 10, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2999-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : drupal7 CVE ID : not yet available A denial of service vulnerability was discovered in Drupal, a fully-featured content management framework. A remote attacker could exploit this flaw to cause CPU and memory exhaustion and the site's database to reach the maximum number of open connections, leading to the site becoming unavailable or unresponsive. More information can be found at https://www.drupal.org/SA-CORE-2014-004 For the stable distribution (wheezy), this problem has been fixed in version 7.14-2+deb7u6. For the testing distribution (jessie), this problem has been fixed in version 7.31-1. For the unstable distribution (sid), this problem has been fixed in - ------------------------------------------------------------------------- Debian Security Advisory DSA-3000-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : krb5 CVE ID : CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 Debian Bug : 753624 753625 755520 755521 757416 Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-4341 An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI application session can cause a program crash due to invalid memory references when attempting to read beyond the end of a buffer. CVE-2014-4342 An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI application session can cause a program crash due to invalid memory references when reading beyond the end of a buffer or by causing a null pointer dereference. CVE-2014-4343 An unauthenticated remote attacker with the ability to spoof packets appearing to be from a GSSAPI acceptor can cause a double-free condition in GSSAPI initiators (clients) which are using the SPNEGO mechanism, by returning a different underlying mechanism than was proposed by the initiator. A remote attacker could exploit this flaw to cause an application crash or potentially execute arbitrary code. CVE-2014-4344 An unauthenticated or partially authenticated remote attacker can cause a NULL dereference and application crash during a SPNEGO negotiation by sending an empty token as the second or later context token from initiator to acceptor. CVE-2014-4345 When kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow). For the stable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u2. For the unstable distribution (sid), these problems have been fixed in version 1.12.1+dfsg-7. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3001-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 09, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wordpress CVE ID : not yet available Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure. More information can be found in the upstream advisory at https://wordpress.org/news/2014/08/wordpress-3-9-2/ For the stable distribution (wheezy), these problems have been fixed in version 3.6.1+dfsg-1~deb7u4. For the unstable distribution (sid), these problems have been fixed in version 3.9.2+dfsg-1. Link to comment Share on other sites More sharing options...
sunrat Posted August 11, 2014 Share Posted August 11, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3002-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff August 10, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2014-5161 CVE-2014-5162 CVE-2014-5163 CVE-2014-5164 CVE-2014-5165 Multiple vulnerabilities were discovered in the dissectors for Catapult DCT2000, IrDA, GSM Management, RLC ASN.1 BER, which could result in denial of service. For the stable distribution (wheezy), these problems have been fixed in version 1.8.2-5wheezy11. For the unstable distribution (sid), these problems will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3003-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff August 10, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libav CVE ID : CVE-2011-3934 CVE-2011-3935 CVE-2011-3946 CVE-2013-0848 CVE-2013-0851 CVE-2013-0852 CVE-2013-0860 CVE-2013-0868 CVE-2013-3672 CVE-2013-3674 CVE-2014-2263 Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15 For the stable distribution (wheezy), these problems have been fixed in version 6:0.8.15-1. For the unstable distribution (sid), these problems will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3004-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff August 11, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : kde4libs CVE ID : CVE-2014-5033 Sebastian Krahmer discovered that Kauth used Policykit insecurely by relying on the process ID. This could result in privilege escalation. For the stable distribution (wheezy), this problem has been fixed in version 4:4.8.4-4+deb7u1. For the testing distribution (jessie), this problem has been fixed in version 4:4.13.3-2. For the unstable distribution (sid), this problem has been fixed in version 4:4.13.3-2. Link to comment Share on other sites More sharing options...
sunrat Posted August 12, 2014 Share Posted August 12, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2984-2 security@debian.org http://www.debian.org/security/ Raphael Geissert August 11, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : acpi-support Debian Bug : 755969 It was discovered that the acpi-support update for DSA-2984-1 would make a laptop's power button forcibly shut the system down, instead of triggering the configured action (usually suspend to RAM). This only affects systems using the gnome-settings-daemon. For reference, the original advisory follows. CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script. For the stable distribution (wheezy), this problem has been fixed in version 0.140-5+deb7u2. For the testing distribution (jessie), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 0.142-3. Link to comment Share on other sites More sharing options...
sunrat Posted August 15, 2014 Share Posted August 15, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3005-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 14, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gpgme1.0 CVE ID : CVE-2014-3564 Debian Bug : 756651 Tomas Trnka discovered a heap-based buffer overflow within the gpgsm status handler of GPGME, a library designed to make access to GnuPG easier for applications. An attacker could use this issue to cause an application using GPGME to crash (denial of service) or possibly to execute arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 1.2.0-1.4+deb7u1. For the testing distribution (jessie), this problem has been fixed in version 1.5.1-1. For the unstable distribution (sid), this problem has been fixed in version 1.5.1-1. Link to comment Share on other sites More sharing options...
sunrat Posted August 19, 2014 Share Posted August 19, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3006-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff August 18, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2013-1432 CVE-2013-1442 CVE-2013-2076 CVE-2013-2077 CVE-2013-2078 CVE-2013-2194 CVE-2013-2195 CVE-2013-2196 CVE-2013-2211 CVE-2013-4329 CVE-2013-4355 CVE-2013-4361 CVE-2013-4368 CVE-2013-4494 CVE-2013-4553 CVE-2014-1950 CVE-2014-2599 CVE-2014-3124 CVE-2014-4021 Multiple security issues have been discovered in the Xen virtualisation solution which may result in information leaks or denial of service. For the stable distribution (wheezy), these problems have been fixed in version 4.1.4-3+deb7u2. For the unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted August 21, 2014 Share Posted August 21, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3007-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff August 20, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cacti CVE ID : CVE-2014-5025 CVE-2014-5026 CVE-2014-5027 CVE-2014-5261 CVE-2014-5262 Multiple security issues (cross-site scripting, missing input sanitising and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems. For the stable distribution (wheezy), these problems have been fixed in version 0.8.8a+dfsg-5+deb7u4. For the unstable distribution (sid), these problems have been fixed in version 0.8.8b+dfsg-8. Link to comment Share on other sites More sharing options...
sunrat Posted August 24, 2014 Share Posted August 24, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3008-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 21, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-3538 It was discovered that the original fix for CVE-2013-7345 did not sufficiently address the problem. A remote attacker could still cause a denial of service (CPU consumption) via a specially-crafted input file that triggers backtracking during processing of an awk regular expression rule. CVE-2014-3587 It was discovered that the CDF parser of the fileinfo module does not properly process malformed files in the Composite Document File (CDF) format, leading to crashes. CVE-2014-3597 It was discovered that the original fix for CVE-2014-4049 did not completely address the issue. A malicious server or man-in-the-middle attacker could cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record. CVE-2014-4670 It was discovered that PHP incorrectly handled certain SPL Iterators. A local attacker could use this flaw to cause PHP to crash, resulting in a denial of service. For the stable distribution (wheezy), these problems have been fixed in version 5.4.4-14+deb7u13. In addition, this update contains several bugfixes originally targeted for the upcoming Wheezy point release. For the unstable distribution (sid), these problems will be fied soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2940-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff Aug 21, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libstruts1.2-java CVE ID : CVE-2014-0114 It was discovered that missing access checks in the Struts ActionForm object could result in the execution of arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 1.2.9-5+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 1.2.9-9. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3008-2 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 21, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670 This update corrects a packaging error for the packages released in DSA-3008-1. The new sessionclean script used in the updated cronjob in /etc/cron.d/php5 was not installed into the php5-common package. No other changes are introduced. For reference, the original advisory text follows. Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-3538 It was discovered that the original fix for CVE-2013-7345 did not sufficiently address the problem. A remote attacker could still cause a denial of service (CPU consumption) via a specially-crafted input file that triggers backtracking during processing of an awk regular expression rule. CVE-2014-3587 It was discovered that the CDF parser of the fileinfo module does not properly process malformed files in the Composite Document File (CDF) format, leading to crashes. CVE-2014-3597 It was discovered that the original fix for CVE-2014-4049 did not completely address the issue. A malicious server or man-in-the-middle attacker could cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record. CVE-2014-4670 It was discovered that PHP incorrectly handled certain SPL Iterators. A local attacker could use this flaw to cause PHP to crash, resulting in a denial of service. For the stable distribution (wheezy), these problems have been fixed in version 5.4.4-14+deb7u13. In addition, this update contains several bugfixes originally targeted for the upcoming Wheezy point release. For the unstable distribution (sid), these problems will be fied soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3009-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff August 21, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-imaging CVE ID : CVE-2014-3589 Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed. For the stable distribution (wheezy), this problem has been fixed in version 1.1.7-4+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 2.5.3-1 of the pillow source package. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3010-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 22, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483 Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-0480 Florian Apolloner discovered that in certain situations, URL reversing could generate scheme-relative URLs which could unexpectedly redirect a user to a different host, leading to phishing attacks. CVE-2014-0481 David Wilson reported a file upload denial of service vulnerability. Django's file upload handling in its default configuration may degrade to producing a huge number of `os.stat()` system calls when a duplicate filename is uploaded. A remote attacker with the ability to upload files can cause poor performance in the upload handler, eventually causing it to become very slow. CVE-2014-0482 David Greisen discovered that under some circumstances, the use of the RemoteUserMiddleware middleware and the RemoteUserBackend authentication backend could result in one user receiving another user's session, if a change to the REMOTE_USER header occurred without corresponding logout/login actions. CVE-2014-0483 Collin Anderson discovered that it is possible to reveal any field's data by modifying the "popup" and "to_field" parameters of the query string on an admin change form page. A user with access to the admin interface, and with sufficient knowledge of model structure and the appropriate URLs, could construct popup views which would display the values of non-relationship fields, including fields the application developer had not intended to expose in such a fashion. For the stable distribution (wheezy), these problems have been fixed in version 1.4.5-1+deb7u8. For the unstable distribution (sid), these problems have been fixed in version 1.6.6-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3011-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 23, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mediawiki CVE ID : CVE-2014-5241 CVE-2014-5243 Debian Bug : 752622 758510 It was discovered that MediaWiki, a website engine for collaborative work, is vulnerable to JSONP injection in Flash (CVE-2014-5241) and clickjacking between OutputPage and ParserOutput (CVE-2014-5243). The vulnerabilities are addressed by upgrading MediaWiki to the new upstream version 1.19.18, which includes additional changes. For the stable distribution (wheezy), these problems have been fixed in version 1:1.19.18+dfsg-0+deb7u1. For the unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted August 29, 2014 Share Posted August 29, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3012-1 security@debian.org http://www.debian.org/security/ Florian Weimer August 27, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : eglibc CVE ID : CVE-2014-5119 Tavis Ormandy discovered a heap-based buffer overflow in the transliteration module loading code in eglibc, Debian's version of the GNU C Library. As a result, an attacker who can supply a crafted destination character set argument to iconv-related character conversation functions could achieve arbitrary code execution. This update removes support of loadable gconv transliteration modules. Besides the security vulnerability, the module loading code had functionality defects which prevented it from working for the intended purpose. For the stable distribution (wheezy), this problem has been fixed in version 2.13-38+deb7u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3013-1 security@debian.org http://www.debian.org/security/ Florian Weiemr August 27, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : s3ql CVE ID : CVE-2014-0485 Nikolaus Rath discovered that s3ql, a file system for online data storage, used the pickle functionality of the Python programming language in an unsafe way. As a result, a malicious storage backend or man-in-the-middle attacker was able execute arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 1.11.1-3+deb7u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3014-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso August 28, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : squid3 CVE ID : CVE-2014-3609 Debian Bug : 759509 Matthew Daley discovered that Squid3, a fully featured web proxy cache, did not properly perform input validation in request parsing. A remote attacker could use this flaw to mount a denial of service by sending crafted Range requests. For the stable distribution (wheezy), this problem has been fixed in version 3.1.20-2.2+deb7u2. For the unstable distribution (sid), this problem will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted September 1, 2014 Share Posted September 1, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2987-2 security@debian.org http://www.debian.org/security/ Florian Weimer August 31, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 The previous security update for OpenJDK 7, DSA-2987-1, introduced a regression due to an overly strict bytecode verifier. As a result, legitimate bytecode which is produced by some non-Java languages would no longer run. For the stable distribution (wheezy), this problem has been fixed in version 7u65-2.5.1-5~deb7u1. Link to comment Share on other sites More sharing options...
sunrat Posted September 12, 2014 Share Posted September 12, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3015-1 security@debian.org http://www.debian.org/security/ Florian Weimer September 01, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lua5.1 CVE ID : CVE-2014-5461 A heap-based overflow vulnerability was found in the way Lua, a simple, extensible, embeddable programming language, handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution. For the stable distribution (wheezy), this problem has been fixed in version 5.1.5-4+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 5.1.5-7. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3016-1 security@debian.org http://www.debian.org/security/ Florian Weimer September 01, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lua5.2 CVE ID : CVE-2014-5461 A heap-based overflow vulnerability was found in the way Lua, a simple, extensible, embeddable programming language, handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution. For the stable distribution (wheezy), this problem has been fixed in version 5.2.1-3+deb7u1. For the testing distribution (jessie), this problem has been fixed in version 5.2.3-1. For the unstable distribution (sid), this problem has been fixed in version 5.2.3-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3017-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst September 2, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php-cas CVE ID : CVE-2014-4172 Debian Bug : 759718 Marvin S. Addison discovered that Jasig phpCAS, a PHP library for the CAS authentication protocol, did not encode tickets before adding them to an URL, creating a possibility for cross site scripting. For the stable distribution (wheezy), this problem has been fixed in version 1.3.1-4+deb7u1. The unstable distribution (sid) will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3018-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff September 03, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : iceweasel CVE ID : CVE-2014-1562 CVE-2014-1567 Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. For the stable distribution (wheezy), these problems have been fixed in version 24.8.0esr-1~deb7u1. For the unstable distribution (sid), these problems have been fixed in version 31.1.0esr-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3019-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso September 04, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : procmail CVE ID : CVE-2014-3618 Debian Bug : 704675 760443 Boris 'pi' Piwinger and Tavis Ormandy reported a heap overflow vulnerability in procmail's formail utility when processing specially-crafted email headers. A remote attacker could use this flaw to cause formail to crash, resulting in a denial of service or data loss, or possibly execute arbitrary code. For the stable distribution (wheezy), this problem has been fixed in version 3.22-20+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 3.22-22. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3021-1 security@debian.org http://www.debian.org/security/ Luciano Bello September 09, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : file CVE ID : CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538 CVE-2014-3587 Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash. For the stable distribution (wheezy), these problems have been fixed in version 5.11-2+deb7u4. For the testing distribution (jessie), these problems have been fixed in version file 1:5.19-2. For the unstable distribution (sid), these problems have been fixed in version file 1:5.19-2. Link to comment Share on other sites More sharing options...
sunrat Posted September 13, 2014 Share Posted September 13, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3020-1 security@debian.org http://www.debian.org/security/ Raphael Geissert September 10, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : acpi-support CVE ID : CVE-2014-0484 During a review for EDF, Raphael Geissert discovered that the acpi-support package did not properly handle data obtained from a user's environment. This could lead to program malfunction or allow a local user to escalate privileges to the root user due to a programming error. For the stable distribution (wheezy), this problem has been fixed in version 0.140-5+deb7u3. For the testing distribution (jessie), and the unstable distribution (sid) this problem will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3022-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez September 10, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : curl CVE ID : CVE-2014-3613 CVE-2014-3620 Two vulnerabilities have been discovered in cURL, an URL transfer library. They can be use to leak cookie information: CVE-2014-3613 By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. CVE-2014-3620 libcurl wrongly allows cookies to be set for Top Level Domains (TLDs), thus making them apply broader than cookies are allowed. This can allow arbitrary sites to set cookies that then would get sent to a different and unrelated site or domain. For the stable distribution (wheezy), these problems have been fixed in version 7.26.0-1+wheezy10. For the testing distribution (jessie), these problems have been fixed in version 7.38.0-1. For the unstable distribution (sid), these problems have been fixed in version 7.38.0-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3021-2 security@debian.org http://www.debian.org/security/ Luciano Bello September 10, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : file CVE ID : CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538 CVE-2014-3587 This update corrects DSA 3021-1, which introduced a regression in the detection of a some "Composite Document Files" (CDF), marking them look as corrupted, with the error: "Can't expand summary_info". On additional information, 5.11-2+deb7u4 changed the detection of certain text files in the same way php5 did this in 5.4.4-14+deb7u13. Since the new output is more accurate and this change also restored the better detection as seen in the squeeze version of file, this is not being reverted. For reference, the original advisory text follows: Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash. For the stable distribution (wheezy), these problems have been fixed in version 5.11-2+deb7u5. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3024-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst September 11, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gnupg CVE ID : CVE-2014-5270 Debian Bug : 725411 Genkin, Pipman and Tromer discovered a side-channel attack on Elgamal encryption subkeys (CVE-2014-5270). In addition, this update hardens GnuPG's behaviour when treating keyserver responses; GnuPG now filters keyserver responses to only accepts those keyid's actually requested by the user. For the stable distribution (wheezy), this problem has been fixed in version 1.4.12-7+deb7u6. For the testing (jessie) and unstable distribution (sid), this problem has been fixed in version 1.4.18-4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3023-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso September 11, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bind9 CVE ID : CVE-2014-0591 Debian Bug : 735190 Jared Mauch reported a denial of service flaw in the way BIND, a DNS server, handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash. For the stable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u2. For the testing distribution (jessie), this problem has been fixed in version 1:9.9.5.dfsg-2. For the unstable distribution (sid), this problem has been fixed in version 1:9.9.5.dfsg-2. Link to comment Share on other sites More sharing options...
sunrat Posted September 17, 2014 Share Posted September 17, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3025-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso September 16, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apt CVE ID : CVE-2014-0487 CVE-2014-0488 CVE-2014-0489 CVE-2014-0490 It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data (CVE-2014-0488), performs incorrect verification of 304 replies (CVE-2014-0487), does not perform the checksum check when the Acquire::GzipIndexes option is used (CVE-2014-0489) and does not properly perform validation for binary packages downloaded by the apt-get download command (CVE-2014-0490). For the stable distribution (wheezy), these problems have been fixed in version 0.9.7.9+deb7u3. For the unstable distribution (sid), these problems have been fixed in version 1.0.9. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3026-1 security@debian.org http://www.debian.org/security/ Florian Weimer September 16, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dbus CVE ID : CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon. CVE-2014-3635 On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in the dbus-daemon crash, leading to a crash, or potentially to arbitrary code execution. CVE-2014-3636 A denial-of-service vulnerability in dbus-daemon allowed local attackers to prevent new connections to dbus-daemon, or disconnect existing clients, by exhausting descriptor limits. CVE-2014-3637 Malicious local users could create D-Bus connections to dbus-daemon which could not be terminated by killing the participating processes, resulting in a denial-of-service vulnerability. CVE-2014-3638 dbus-daemon suffered from a denial-of-service vulnerability in the code which tracks which messages expect a reply, allowing local attackers to reduce the performance of dbus-daemon. CVE-2014-3639 dbus-daemon did not properly reject malicious connections from local users, resulting in a denial-of-service vulnerability. For the stable distribution (wheezy), these problems have been fixed in version 1.6.8-1+deb7u4. For the unstable distribution (sid), these problems have been fixed in version 1.8.8-1. Link to comment Share on other sites More sharing options...
sunrat Posted September 18, 2014 Share Posted September 18, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3027-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff September 17, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libav CVE ID : CVE-2013-7020 Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15 For the stable distribution (wheezy), this problem has been fixed in version 6:0.8.16-1. For the testing distribution (jessie), this problem has been fixed in version 6:11~alpha2-1. For the unstable distribution (sid), this problem has been fixed in version 6:11~alpha2-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3028-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff September 17, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2014-1562 CVE-2014-1567 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. For the stable distribution (wheezy), these problems have been fixed in version 24.8.0-1~deb7u1. For the unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted September 19, 2014 Share Posted September 19, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3025-2 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso September 18, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apt Debian Bug : 762079 The previous update for apt, DSA-3025-1, introduced a regression when file:/// sources are used and those are on a different partition than the apt state directory. This update fixes the regression. For reference, the original advisory follows. It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data (CVE-2014-0488), performs incorrect verification of 304 replies (CVE-2014-0487), does not perform the checksum check when the Acquire::GzipIndexes option is used (CVE-2014-0489) and does not properly perform validation for binary packages downloaded by the apt-get download command (CVE-2014-0490). For the stable distribution (wheezy), this problem has been fixed in version 0.9.7.9+deb7u4. For the unstable distribution (sid), this problem has been fixed in version 1.0.9.1. Link to comment Share on other sites More sharing options...
sunrat Posted September 21, 2014 Share Posted September 21, 2014 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3029-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso September 20, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nginx CVE ID : CVE-2014-3616 Debian Bug : 761940 Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was possible to reuse cached SSL sessions in unrelated contexts, allowing virtual host confusion attacks in some configurations by an attacker in a privileged network position. For the stable distribution (wheezy), this problem has been fixed in version 1.2.1-2.2+wheezy3. For the testing distribution (jessie), this problem has been fixed in version 1.6.2-1. For the unstable distribution (sid), this problem has been fixed in version 1.6.2-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3030-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff September 20, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mantis CVE ID : CVE-2014-1608 CVE-2014-1609 Multiple SQL injection vulnerabilities have been discovered in the Mantis bug tracking system. For the stable distribution (wheezy), these problems have been fixed in version 1.2.11-1.2+deb7u1. Link to comment Share on other sites More sharing options...
Recommended Posts