Jump to content

Bruno

Recommended Posts

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2972-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

July 06, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2014-4699

 

Andy Lutomirski discovered that the ptrace syscall was not verifying the

RIP register to be valid in the ptrace API on x86_64 processors. An

unprivileged user could use this flaw to crash the kernel (resulting in

denial of service) or for privilege escalation.

 

For the stable distribution (wheezy), this problem has been fixed in

version 3.2.60-1+deb7u1. In addition, this update contains several

bugfixes originally targeted for the upcoming Wheezy point release.

 

For the unstable distribution (sid), this problem will be fixed soon.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2973-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 07, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : vlc

CVE ID : CVE-2013-1868 CVE-2013-1954 CVE-2013-4388

 

Multiple buffer overflows have been found in the VideoLAN media player.

Processing malformed subtitles or movie files could lead to denial of

service and potentially the execution of arbitrary code.

 

For the stable distribution (wheezy), these problems have been fixed in

version 2.0.3-5+deb7u1.

 

For the testing distribution (jessie), these problems have been fixed in

version 2.1.0-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.1.0-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2974-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

July 08, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480

CVE-2014-3487 CVE-2014-3515 CVE-2014-4721

 

Several vulnerabilities were found in PHP, a general-purpose scripting

language commonly used for web application development. The Common

Vulnerabilities and Exposures project identifies the following problems:

 

CVE-2014-0207

 

Francisco Alonso of the Red Hat Security Response Team reported an

incorrect boundary check in the cdf_read_short_sector() function.

 

CVE-2014-3478

 

Francisco Alonso of the Red Hat Security Response Team discovered a

flaw in the way the truncated pascal string size in the mconvert()

function is computed.

 

CVE-2014-3479

 

Francisco Alonso of the Red Hat Security Response Team reported an

incorrect boundary check in the cdf_check_stream_offset() function.

 

CVE-2014-3480

 

Francisco Alonso of the Red Hat Security Response Team reported an

insufficient boundary check in the cdf_count_chain() function.

 

CVE-2014-3487

 

Francisco Alonso of the Red Hat Security Response Team discovered an

incorrect boundary check in the cdf_read_property_info() funtion.

 

CVE-2014-3515

 

Stefan Esser discovered that the ArrayObject and the

SPLObjectStorage unserialize() handler do not verify the type of

unserialized data before using it. A remote attacker could use this

flaw to execute arbitrary code.

 

CVE-2014-4721

 

Stefan Esser discovered a type confusion issue affecting phpinfo(),

which might allow an attacker to obtain sensitive information from

process memory.

 

For the stable distribution (wheezy), these problems have been fixed in

version 5.4.4-14+deb7u12. In addition, this update contains several

bugfixes originally targeted for the upcoming Wheezy point release.

 

For the testing distribution (jessie), these problems have been fixed in

version 5.6.0~rc2+dfsg-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 5.6.0~rc2+dfsg-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2975-1 security@debian.org

http://www.debian.org/security/ Thijs Kinkhorst

July 09, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : phpmyadmin

CVE ID : CVE-2013-4995 CVE-2013-4996 CVE-2013-5002 CVE-2013-5003

CVE-2014-1879

 

Several vulnerabilities have been discovered in phpMyAdmin, a tool to

administer MySQL over the web. The Common Vulnerabilities and Exposures

project identifies the following problems:

 

CVE-2013-4995

 

Authenticatd users could inject arbitrary web script or HTML

via a crafted SQL query.

 

CVE-2013-4996

 

Cross site scripting was possible via a crafted logo URL in

the navigation panel or a crafted entry in the Trusted Proxy list.

 

CVE-2013-5002

 

Authenticated users could inject arbitrary web script or HTML

via a crafted pageNumber value in Schema Export.

 

CVE-2013-5003

 

Authenticated users could execute arbitrary SQL commands as

the phpMyAdmin 'control user' via the scale parameter PMD PDF

export and the pdf_page_number parameter in Schema Export.

 

CVE-2014-1879

 

Authenticated users could inject arbitrary web script or HTML

via a crafted file name in the Import function.

 

For the stable distribution (wheezy), these problems have been fixed in

version 4:3.4.11.1-2+deb7u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 4:4.2.5-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2976-1 security@debian.org

http://www.debian.org/security/ Florian Weimer

July 10, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : eglibc

CVE ID : CVE-2014-0475

 

Stephane Chazelas discovered that the GNU C library, glibc, processed

".." path segments in locale-related environment variables, possibly

allowing attackers to circumvent intended restrictions, such as

ForceCommand in OpenSSH, assuming that they can supply crafted locale

settings.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.13-38+deb7u3.

 

This update also includes changes previously scheduled for the next

wheezy point release as version 2.13-38+deb7u2. See the Debian

changelog for details.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2977-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 11, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libav

CVE ID : CVE-2014-4609

 

Don A. Baley discovered an integer overflow in the lzo compression

handler which could result in the execution of arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 6:0.8.13-1.

 

For the testing distribution (jessie), this problem has been fixed in

version 6:10.2-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 6:10.2-1.

 

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2978-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 11, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libxml2

CVE ID : CVE-2014-0191

 

Daniel P. Berrange discovered a denial of service vulnerability in

libxml2 entity substitution.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.8.0+dfsg1-7+wheezy1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.9.1+dfsg1-4.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2765-2 security@debian.org

http://www.debian.org/security/ Thijs Kinkhorst

July 16, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : davfs2

Vulnerability : privilege escalation

Problem type : remote

Debian-specific: no

CVE ID : CVE-2013-4362

Debian Bug : 723034

 

The update released for davfs2 in DSA 2765 had a version number for

Debian 7 "wheezy" that sorts lower than the version in Debian 6

"squeeze", causing problems on upgrades. This update makes a package

of davfs2 in wheezy available which corrects only the version number.

 

For reference, the original advisory follows.

 

Davfs2, a filesystem client for WebDAV, calls the function system()

insecurely while is setuid root. This might allow a privilege escalation.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.4.6-1.1+wheezy1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2979-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 17, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : fail2ban

CVE ID : CVE-2013-7176 CVE-2013-7177

 

Two vulnerabilities were discovered in Fail2ban, a solution to ban hosts

that cause multiple authentication errors. When using Fail2ban to monitor

Postfix or Cyrus IMAP logs, improper input validation in log parsing

could enable a remote attacker to trigger an IP ban on arbitrary

addresses, resulting in denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 0.8.6-3wheezy3.

 

For the testing distribution (jessie), these problems have been fixed in

version 0.8.11-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 0.8.11-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2980-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 17, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-6

CVE ID : CVE-2014-2490 CVE-2014-4209 CVE-2014-4216 CVE-2014-4218

CVE-2014-4219 CVE-2014-4244 CVE-2014-4252 CVE-2014-4262

CVE-2014-4263 CVE-2014-4266 CVE-2014-4268

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in the execution

of arbitrary code, breakouts of the Java sandbox, information disclosure

or denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 6b32-1.13.4-1~deb7u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2981-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

July 18, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : polarssl

CVE ID : CVE-2014-4911

Debian Bug : 754655

 

A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS

library, which can be exploited by a remote unauthenticated attacker to

mount a denial of service against PolarSSL servers that offer GCM

ciphersuites. Potentially clients are affected too if a malicious server

decides to execute the denial of service attack against its clients.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.2.9-1~deb7u3.

 

For the testing distribution (jessie), this problem has been fixed in

version 1.3.7-2.1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.3.7-2.1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2982-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 19, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ruby-activerecord-3.2

CVE ID : CVE-2014-3482 CVE-2014-3483

 

Sean Griffin discovered two vulnerabilities in the PostgreSQL adapter

for Active Record which could lead to SQL injection.

 

For the stable distribution (wheezy), these problems have been fixed in

version 3.2.6-5+deb7u1. Debian provides two variants of "Ruby on Rails"

in Wheezy (2.3 and 3.2). Support for the 2.3 variants had to be ceased

at this point. This affects the following source packages:

ruby-actionmailer-2.3, ruby-actionpack-2.3 ruby-activerecord-2.3,

ruby-activeresource-2.3, ruby-activesupport-2.3 and ruby-rails-2.3. The

version of Redmine in Wheezy still requires 2.3, you can use an updated

version from backports.debian.org which is compatible with rails 3.2.

 

For the unstable distribution (sid), these problems have been fixed in

version 3.2.19-1 of the rails-3.2 source package.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2983-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 20, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : drupal7

CVE ID : not yet available

 

Multiple security issues have been discovered in the Drupal content

management system, ranging from denial of service to cross-site

scripting. More information can be found at

https://www.drupal.org/SA-CORE-2014-003

 

For the stable distribution (wheezy), this problem has been fixed in

version 7.14-2+deb7u5.

 

For the testing distribution (jessie), this problem has been fixed in

version 7.29-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 7.29-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2984-1 security@debian.org

http://www.debian.org/security/ Luciano Bello

July 22, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : acpi-support

CVE ID : CVE-2014-1419

 

CESG discovered a root escalation flaw in the acpi-support package. An

unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment

variable to run arbitrary commands as root user via the policy-funcs

script.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.140-5+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 0.142-2.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.142-2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2985-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

July 22, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mysql-5.5

CVE ID : CVE-2014-2494 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260

Debian Bug : 754941

 

Several issues have been discovered in the MySQL database server. The

vulnerabilities are addressed by upgrading MySQL to the new upstream

version 5.5.38. Please see the MySQL 5.5 Release Notes and Oracle's

Critical Patch Update advisory for further details:

 

http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-38.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

 

For the stable distribution (wheezy), these problems have been fixed in

version 5.5.38-0+wheezy1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2986-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 23, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iceweasel

CVE ID : CVE-2014-1544 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556

CVE-2014-1557

 

Multiple security issues have been found in Iceweasel, Debian's version

of the Mozilla Firefox web browser: Multiple memory safety errors and

use-after-frees may lead to the execution of arbitrary code or denial

of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 24.7.0esr-1~deb7u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 31.0-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2987-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 23, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2014-2483 CVE-2014-2490 CVE-2014-4209 CVE-2014-4216

CVE-2014-4218 CVE-2014-4219 CVE-2014-4221 CVE-2014-4223

CVE-2014-4244 CVE-2014-4252 CVE-2014-4262 CVE-2014-4263

CVE-2014-4264 CVE-2014-4266 CVE-2014-4268

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in the execution of

arbitrary code, breakouts of the Java sandbox, information disclosure or

denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 7u65-2.5.1-2~deb7u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 7u65-2.5.1-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2988-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

July 24, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : transmission

CVE ID : CVE-2014-4909

 

Ben Hawkes discovered that incorrect handling of peer messages in the

Transmission bittorrent client could result in denial of service or the

execution of arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.52-3+nmu2.

 

For the unstable distribution (sid), this problem will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2989-1 security@debian.org

http://www.debian.org/security/ Stefan Fritsch

July 24, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : apache2

CVE ID : CVE-2014-0118 CVE-2014-0226 CVE-2014-0231

 

Several security issues were found in the Apache HTTP server.

 

CVE-2014-0118

 

The DEFLATE input filter (inflates request bodies) in mod_deflate

allows remote attackers to cause a denial of service (resource

consumption) via crafted request data that decompresses to a much

larger size.

 

CVE-2014-0226

 

A race condition was found in mod_status. An attacker able to

access a public server status page on a server could send carefully

crafted requests which could lead to a heap buffer overflow,

causing denial of service, disclosure of sensitive information, or

potentially the execution of arbitrary code.

 

CVE-2014-0231

 

A flaw was found in mod_cgid. If a server using mod_cgid hosted

CGI scripts which did not consume standard input, a remote attacker

could cause child processes to hang indefinitely, leading to denial

of service.

 

 

For the stable distribution (wheezy), these problems have been fixed in

version 2.2.22-13+deb7u3.

 

For the testing distribution (jessie), these problems will be fixed in

version 2.4.10-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.4.10-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2990-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

July 27, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cups

CVE ID : CVE-2014-3537 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031

 

It was discovered that the web interface in CUPS, the Common UNIX

Printing System, incorrectly validated permissions on rss files and

directory index files. A local attacker could possibly use this issue

to bypass file permissions and read arbitrary files, possibly leading

to a privilege escalation.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.5.3-5+deb7u4.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.7.4-2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2991-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

July 27, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : modsecurity-apache

CVE ID : CVE-2013-5705

 

Martin Holst Swende discovered a flaw in the way chunked requests are

handled in ModSecurity, an Apache module whose purpose is to tighten the

Web application security. A remote attacker could use this flaw to

bypass intended mod_security restrictions by using chunked transfer

coding with a capitalized Chunked value in the Transfer-Encoding HTTP

header, allowing to send requests containing content that should have

been removed by mod_security.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.6.6-6+deb7u2.

 

For the testing distribution (jessie), this problem has been fixed in

version 2.7.7-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.7.7-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2992-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

July 29, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2014-3534 CVE-2014-4667 CVE-2014-4943

Debian Bug : 728705

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a denial of service or privilege escalation:

 

CVE-2014-3534

 

Martin Schwidefsky of IBM discovered that the ptrace subsystem does

not properly sanitize the psw mask value. On s390 systems, an

unprivileged local user could use this flaw to set address space

control bits to kernel space combination and thus gain read/write

access to kernel memory.

 

CVE-2014-4667

 

Gopal Reddy Kodudula of Nokia Siemens Networks discovered that the

sctp_association_free function does not properly manage a certain

backlog value, which allows remote attackers to cause a denial of

service (socket outage) via a crafted SCTP packet.

 

CVE-2014-4943

 

Sasha Levin discovered a flaw in the Linux kernel's point-to-point

protocol (PPP) when used with the Layer Two Tunneling Protocol

(L2TP). An unprivileged local user could use this flaw for privilege

escalation.

 

For the stable distribution (wheezy), these problems have been fixed in

version 3.2.60-1+deb7u3.

 

For the unstable distribution (sid), these problems have been fixed in

version 3.14.13-2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2993-1 security@debian.org

http://www.debian.org/security/ Peter Palfrader

July 31, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tor

CVE ID : CVE-2014-5117

 

Several issues have been discovered in Tor, a connection-based

low-latency anonymous communication system, resulting in information

leaks.

 

o Relay-early cells could be used by colluding relays on the network to

tag user circuits and so deploy traffic confirmation attacks

[CVE-2014-5117]. The updated version emits a warning and drops the

circuit upon receiving inbound relay-early cells, preventing this

specific kind of attack. Please consult the following advisory for

more details about this issue:

 

https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack

 

o A bug in the bounds-checking in the 32-bit curve25519-donna

implementation could cause incorrect results on 32-bit

implementations when certain malformed inputs were used along with a

small class of private ntor keys. This flaw does not currently

appear to allow an attacker to learn private keys or impersonate a

Tor server, but it could provide a means to distinguish 32-bit Tor

implementations from 64-bit Tor implementations.

 

The following additional security-related improvements have been

implemented:

 

o As a client, the new version will effectively stop using CREATE_FAST

cells. While this adds computational load on the network, this

approach can improve security on connections where Tor's circuit

handshake is stronger than the available TLS connection security

levels.

 

o Prepare clients to use fewer entry guards by honoring the consensus

parameters. The following article provides some background:

 

https://blog.torproject.org/blog/improving-tors-anonymity-changing-guard-parameters

 

For the stable distribution (wheezy), these problems have been fixed in

version 0.2.4.23-1~deb7u1.

 

For the testing distribution (jessie) and the unstable distribution

(sid), these problems have been fixed in version 0.2.4.23-1.

 

For the experimental distribution, these problems have been fixed in

version 0.2.5.6-alpha-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2994-1 security@debian.org

http://www.debian.org/security/ Raphael Geissert

July 31, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : nss

CVE ID : CVE-2013-1741 CVE-2013-5606 CVE-2014-1491 CVE-2014-1492

 

Several vulnerabilities have been discovered in nss, the Mozilla Network

Security Service library:

 

CVE-2013-1741

 

Runaway memset in certificate parsing on 64-bit computers leading to

a crash by attempting to write 4Gb of nulls.

 

CVE-2013-5606

 

Certificate validation with the verifylog mode did not return

validation errors, but instead expected applications to determine

the status by looking at the log.

 

CVE-2014-1491

 

Ticket handling protection mechanisms bypass due to the lack of

restriction of public values in Diffie-Hellman key exchanges.

 

CVE-2014-1492

 

Incorrect IDNA domain name matching for wildcard certificates could

allow specially-crafted invalid certificates to be considered as

valid.

 

For the stable distribution (wheezy), these problems have been fixed in

version 2:3.14.5-1+deb7u1.

 

For the testing distribution (jessie), and the unstable distribution (sid),

these problems have been fixed in version 2:3.16-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2995-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 03, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lzo2

CVE ID : CVE-2014-4607

Debian Bug : 752861

 

Don A. Bailey from Lab Mouse Security discovered an integer overflow

flaw in the way the lzo library decompressed certain archives compressed

with the LZO algorithm. An attacker could create a specially crafted

LZO-compressed input that, when decompressed by an application using the

lzo library, would cause that application to crash or, potentially,

execute arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.06-1+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 2.08-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.08-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2996-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

August 03, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icedove

CVE ID : CVE-2014-1544 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556

CVE-2014-1557

 

Multiple security issues have been found in Icedove, Debian's version of

the Mozilla Thunderbird mail and news client: Multiple memory safety

errors and use-after-frees may lead to the execution of arbitrary code

or denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 24.7.0-1~deb7u1.

 

For the unstable distribution (sid), these problems will be fixed soon.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2997-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 05, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : reportbug

CVE ID : CVE-2014-0479

 

Jakub Wilk discovered a remote command execution flaw in reportbug, a

tool to report bugs in the Debian distribution. A man-in-the-middle

attacker could put shell metacharacters in the version number allowing

arbitrary code execution with the privileges of the user running

reportbug.

 

For the stable distribution (wheezy), this problem has been fixed in

version 6.4.4+deb7u1.

 

For the testing distribution (jessie), this problem will be fixed soon.

 

For the unstable distribution (sid), this problem has been fixed in

version 6.5.0+nmu1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2998-1 security@debian.org

http://www.debian.org/security/ Raphael Geissert

August 07, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508

CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512

CVE-2014-5139

 

Multiple vulnerabilities have been identified in OpenSSL, a Secure

Sockets Layer toolkit, that may result in denial of service

(application crash, large memory consumption), information leak,

protocol downgrade. Additionally, a buffer overrun affecting only

applications explicitly set up for SRP has been fixed (CVE-2014-3512).

 

Detailed descriptions of the vulnerabilities can be found at:

https://www.openssl.org/news/secadv_20140806.txt

 

It's important that you upgrade the libssl1.0.0 package and not just

the openssl package.

 

All applications linked to openssl need to be restarted. You can use

the "checkrestart" tool from the debian-goodies package to detect

affected programs. Alternatively, you may reboot your system.

 

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.0.1e-2+deb7u12.

 

For the testing distribution (jessie), these problems will be fixed

soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.0.1i-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2999-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 09, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : drupal7

CVE ID : not yet available

 

A denial of service vulnerability was discovered in Drupal, a

fully-featured content management framework. A remote attacker could

exploit this flaw to cause CPU and memory exhaustion and the site's

database to reach the maximum number of open connections, leading to the

site becoming unavailable or unresponsive. More information can be found

at https://www.drupal.org/SA-CORE-2014-004

 

For the stable distribution (wheezy), this problem has been fixed in

version 7.14-2+deb7u6.

 

For the testing distribution (jessie), this problem has been fixed in

version 7.31-1.

 

For the unstable distribution (sid), this problem has been fixed in

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3000-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 09, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : krb5

CVE ID : CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344

CVE-2014-4345

Debian Bug : 753624 753625 755520 755521 757416

 

Several vulnerabilities were discovered in krb5, the MIT implementation

of Kerberos. The Common Vulnerabilities and Exposures project identifies

the following problems:

 

CVE-2014-4341

 

An unauthenticated remote attacker with the ability to inject

packets into a legitimately established GSSAPI application session

can cause a program crash due to invalid memory references when

attempting to read beyond the end of a buffer.

 

CVE-2014-4342

 

An unauthenticated remote attacker with the ability to inject

packets into a legitimately established GSSAPI application session

can cause a program crash due to invalid memory references when

reading beyond the end of a buffer or by causing a null pointer

dereference.

 

CVE-2014-4343

 

An unauthenticated remote attacker with the ability to spoof packets

appearing to be from a GSSAPI acceptor can cause a double-free

condition in GSSAPI initiators (clients) which are using the SPNEGO

mechanism, by returning a different underlying mechanism than was

proposed by the initiator. A remote attacker could exploit this flaw

to cause an application crash or potentially execute arbitrary code.

 

CVE-2014-4344

 

An unauthenticated or partially authenticated remote attacker can

cause a NULL dereference and application crash during a SPNEGO

negotiation by sending an empty token as the second or later context

token from initiator to acceptor.

 

CVE-2014-4345

 

When kadmind is configured to use LDAP for the KDC database, an

authenticated remote attacker can cause it to perform an

out-of-bounds write (buffer overflow).

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.10.1+dfsg-5+deb7u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.12.1+dfsg-7.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3001-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 09, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wordpress

CVE ID : not yet available

 

Multiple security issues have been discovered in Wordpress, a web

blogging tool, resulting in denial of service or information disclosure.

More information can be found in the upstream advisory at

https://wordpress.org/news/2014/08/wordpress-3-9-2/

 

For the stable distribution (wheezy), these problems have been fixed in

version 3.6.1+dfsg-1~deb7u4.

 

For the unstable distribution (sid), these problems have been fixed in

version 3.9.2+dfsg-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3002-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

August 10, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wireshark

CVE ID : CVE-2014-5161 CVE-2014-5162 CVE-2014-5163 CVE-2014-5164

CVE-2014-5165

 

Multiple vulnerabilities were discovered in the dissectors for Catapult

DCT2000, IrDA, GSM Management, RLC ASN.1 BER, which could result in

denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.8.2-5wheezy11.

 

For the unstable distribution (sid), these problems will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3003-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

August 10, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libav

CVE ID : CVE-2011-3934 CVE-2011-3935 CVE-2011-3946 CVE-2013-0848

CVE-2013-0851 CVE-2013-0852 CVE-2013-0860 CVE-2013-0868

CVE-2013-3672 CVE-2013-3674 CVE-2014-2263

 

Several security issues have been corrected in multiple demuxers and

decoders of the libav multimedia library. A full list of the changes is

available at

http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15

 

 

For the stable distribution (wheezy), these problems have been fixed in

version 6:0.8.15-1.

 

For the unstable distribution (sid), these problems will be fixed soon.

 

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3004-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

August 11, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : kde4libs

CVE ID : CVE-2014-5033

 

Sebastian Krahmer discovered that Kauth used Policykit insecurely by

relying on the process ID. This could result in privilege escalation.

 

For the stable distribution (wheezy), this problem has been fixed in

version 4:4.8.4-4+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 4:4.13.3-2.

 

For the unstable distribution (sid), this problem has been fixed in

version 4:4.13.3-2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2984-2 security@debian.org

http://www.debian.org/security/ Raphael Geissert

August 11, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : acpi-support

Debian Bug : 755969

 

It was discovered that the acpi-support update for DSA-2984-1 would

make a laptop's power button forcibly shut the system down, instead of

triggering the configured action (usually suspend to RAM). This only

affects systems using the gnome-settings-daemon.

 

For reference, the original advisory follows.

 

CESG discovered a root escalation flaw in the acpi-support package. An

unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment

variable to run arbitrary commands as root user via the policy-funcs

script.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.140-5+deb7u2.

 

For the testing distribution (jessie), this problem will be fixed soon.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.142-3.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3005-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 14, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gpgme1.0

CVE ID : CVE-2014-3564

Debian Bug : 756651

 

Tomas Trnka discovered a heap-based buffer overflow within the gpgsm

status handler of GPGME, a library designed to make access to GnuPG

easier for applications. An attacker could use this issue to cause an

application using GPGME to crash (denial of service) or possibly to

execute arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.2.0-1.4+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 1.5.1-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.5.1-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3006-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

August 18, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xen

CVE ID : CVE-2013-1432 CVE-2013-1442 CVE-2013-2076 CVE-2013-2077

CVE-2013-2078 CVE-2013-2194 CVE-2013-2195 CVE-2013-2196

CVE-2013-2211 CVE-2013-4329 CVE-2013-4355 CVE-2013-4361

CVE-2013-4368 CVE-2013-4494 CVE-2013-4553 CVE-2014-1950

CVE-2014-2599 CVE-2014-3124 CVE-2014-4021

 

Multiple security issues have been discovered in the Xen virtualisation

solution which may result in information leaks or denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 4.1.4-3+deb7u2.

 

For the unstable distribution (sid), these problems will be fixed soon.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3007-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

August 20, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cacti

CVE ID : CVE-2014-5025 CVE-2014-5026 CVE-2014-5027 CVE-2014-5261

CVE-2014-5262

 

Multiple security issues (cross-site scripting, missing input sanitising

and SQL injection) have been discovered in Cacti, a web interface for

graphing of monitoring systems.

 

For the stable distribution (wheezy), these problems have been fixed in

version 0.8.8a+dfsg-5+deb7u4.

 

For the unstable distribution (sid), these problems have been fixed in

version 0.8.8b+dfsg-8.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3008-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 21, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670

 

Several vulnerabilities were found in PHP, a general-purpose scripting

language commonly used for web application development. The Common

Vulnerabilities and Exposures project identifies the following problems:

 

CVE-2014-3538

 

It was discovered that the original fix for CVE-2013-7345 did not

sufficiently address the problem. A remote attacker could still

cause a denial of service (CPU consumption) via a specially-crafted

input file that triggers backtracking during processing of an awk

regular expression rule.

 

CVE-2014-3587

 

It was discovered that the CDF parser of the fileinfo module does

not properly process malformed files in the Composite Document File

(CDF) format, leading to crashes.

 

CVE-2014-3597

 

It was discovered that the original fix for CVE-2014-4049 did not

completely address the issue. A malicious server or

man-in-the-middle attacker could cause a denial of service (crash)

and possibly execute arbitrary code via a crafted DNS TXT record.

 

CVE-2014-4670

 

It was discovered that PHP incorrectly handled certain SPL

Iterators. A local attacker could use this flaw to cause PHP to

crash, resulting in a denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 5.4.4-14+deb7u13. In addition, this update contains several

bugfixes originally targeted for the upcoming Wheezy point release.

 

For the unstable distribution (sid), these problems will be fied soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2940-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

Aug 21, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libstruts1.2-java

CVE ID : CVE-2014-0114

 

It was discovered that missing access checks in the Struts ActionForm

object could result in the execution of arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.2.9-5+deb7u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.2.9-9.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3008-2 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 21, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2014-3538 CVE-2014-3587 CVE-2014-3597 CVE-2014-4670

 

This update corrects a packaging error for the packages released in

DSA-3008-1. The new sessionclean script used in the updated cronjob in

/etc/cron.d/php5 was not installed into the php5-common package. No

other changes are introduced. For reference, the original advisory text

follows.

 

Several vulnerabilities were found in PHP, a general-purpose scripting

language commonly used for web application development. The Common

Vulnerabilities and Exposures project identifies the following problems:

 

CVE-2014-3538

 

It was discovered that the original fix for CVE-2013-7345 did not

sufficiently address the problem. A remote attacker could still

cause a denial of service (CPU consumption) via a specially-crafted

input file that triggers backtracking during processing of an awk

regular expression rule.

 

CVE-2014-3587

 

It was discovered that the CDF parser of the fileinfo module does

not properly process malformed files in the Composite Document File

(CDF) format, leading to crashes.

 

CVE-2014-3597

 

It was discovered that the original fix for CVE-2014-4049 did not

completely address the issue. A malicious server or

man-in-the-middle attacker could cause a denial of service (crash)

and possibly execute arbitrary code via a crafted DNS TXT record.

 

CVE-2014-4670

 

It was discovered that PHP incorrectly handled certain SPL

Iterators. A local attacker could use this flaw to cause PHP to

crash, resulting in a denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 5.4.4-14+deb7u13. In addition, this update contains several

bugfixes originally targeted for the upcoming Wheezy point release.

 

For the unstable distribution (sid), these problems will be fied soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3009-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

August 21, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-imaging

CVE ID : CVE-2014-3589

 

Andrew Drake discovered that missing input sanitising in the icns decoder

of the Python Imaging Library could result in denial of service if a

malformed image is processed.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.1.7-4+deb7u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.5.3-1 of the pillow source package.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3010-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 22, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-django

CVE ID : CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483

 

Several vulnerabilities were discovered in Django, a high-level Python

web development framework. The Common Vulnerabilities and Exposures

project identifies the following problems:

 

CVE-2014-0480

 

Florian Apolloner discovered that in certain situations, URL

reversing could generate scheme-relative URLs which could

unexpectedly redirect a user to a different host, leading to

phishing attacks.

 

CVE-2014-0481

 

David Wilson reported a file upload denial of service vulnerability.

Django's file upload handling in its default configuration may

degrade to producing a huge number of `os.stat()` system calls when

a duplicate filename is uploaded. A remote attacker with the ability

to upload files can cause poor performance in the upload handler,

eventually causing it to become very slow.

 

CVE-2014-0482

 

David Greisen discovered that under some circumstances, the use of

the RemoteUserMiddleware middleware and the RemoteUserBackend

authentication backend could result in one user receiving another

user's session, if a change to the REMOTE_USER header occurred

without corresponding logout/login actions.

 

CVE-2014-0483

 

Collin Anderson discovered that it is possible to reveal any field's

data by modifying the "popup" and "to_field" parameters of the query

string on an admin change form page. A user with access to the admin

interface, and with sufficient knowledge of model structure and the

appropriate URLs, could construct popup views which would display

the values of non-relationship fields, including fields the

application developer had not intended to expose in such a fashion.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.4.5-1+deb7u8.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.6.6-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3011-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 23, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mediawiki

CVE ID : CVE-2014-5241 CVE-2014-5243

Debian Bug : 752622 758510

 

It was discovered that MediaWiki, a website engine for collaborative

work, is vulnerable to JSONP injection in Flash (CVE-2014-5241) and

clickjacking between OutputPage and ParserOutput (CVE-2014-5243). The

vulnerabilities are addressed by upgrading MediaWiki to the new upstream

version 1.19.18, which includes additional changes.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1:1.19.18+dfsg-0+deb7u1.

 

For the unstable distribution (sid), these problems will be fixed soon.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3012-1 security@debian.org

http://www.debian.org/security/ Florian Weimer

August 27, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : eglibc

CVE ID : CVE-2014-5119

 

Tavis Ormandy discovered a heap-based buffer overflow in the

transliteration module loading code in eglibc, Debian's version of the

GNU C Library. As a result, an attacker who can supply a crafted

destination character set argument to iconv-related character

conversation functions could achieve arbitrary code execution.

 

This update removes support of loadable gconv transliteration modules.

Besides the security vulnerability, the module loading code had

functionality defects which prevented it from working for the intended

purpose.

 

For the stable distribution (wheezy), this problem has been fixed in

version 2.13-38+deb7u4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3013-1 security@debian.org

http://www.debian.org/security/ Florian Weiemr

August 27, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : s3ql

CVE ID : CVE-2014-0485

 

Nikolaus Rath discovered that s3ql, a file system for online data

storage, used the pickle functionality of the Python programming

language in an unsafe way. As a result, a malicious storage backend

or man-in-the-middle attacker was able execute arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.11.1-3+deb7u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3014-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

August 28, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : squid3

CVE ID : CVE-2014-3609

Debian Bug : 759509

 

Matthew Daley discovered that Squid3, a fully featured web proxy cache,

did not properly perform input validation in request parsing. A remote

attacker could use this flaw to mount a denial of service by sending

crafted Range requests.

 

For the stable distribution (wheezy), this problem has been fixed in

version 3.1.20-2.2+deb7u2.

 

For the unstable distribution (sid), this problem will be fixed soon.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-2987-2 security@debian.org

http://www.debian.org/security/ Florian Weimer

August 31, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

 

The previous security update for OpenJDK 7, DSA-2987-1, introduced a

regression due to an overly strict bytecode verifier. As a result,

legitimate bytecode which is produced by some non-Java languages would

no longer run.

 

For the stable distribution (wheezy), this problem has been fixed in

version 7u65-2.5.1-5~deb7u1.

Link to comment
Share on other sites

  • 2 weeks later...

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3015-1 security@debian.org

http://www.debian.org/security/ Florian Weimer

September 01, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lua5.1

CVE ID : CVE-2014-5461

 

A heap-based overflow vulnerability was found in the way Lua, a

simple, extensible, embeddable programming language, handles varargs

functions with many fixed parameters called with few arguments,

leading to application crashes or, potentially, arbitrary code

execution.

 

For the stable distribution (wheezy), this problem has been fixed in

version 5.1.5-4+deb7u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 5.1.5-7.

 

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3016-1 security@debian.org

http://www.debian.org/security/ Florian Weimer

September 01, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lua5.2

CVE ID : CVE-2014-5461

 

A heap-based overflow vulnerability was found in the way Lua, a

simple, extensible, embeddable programming language, handles varargs

functions with many fixed parameters called with few arguments,

leading to application crashes or, potentially, arbitrary code

execution.

 

For the stable distribution (wheezy), this problem has been fixed in

version 5.2.1-3+deb7u1.

 

For the testing distribution (jessie), this problem has been fixed in

version 5.2.3-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 5.2.3-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3017-1 security@debian.org

http://www.debian.org/security/ Thijs Kinkhorst

September 2, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php-cas

CVE ID : CVE-2014-4172

Debian Bug : 759718

 

Marvin S. Addison discovered that Jasig phpCAS, a PHP library for the

CAS authentication protocol, did not encode tickets before adding them

to an URL, creating a possibility for cross site scripting.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.3.1-4+deb7u1.

 

The unstable distribution (sid) will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3018-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

September 03, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iceweasel

CVE ID : CVE-2014-1562 CVE-2014-1567

 

Multiple security issues have been found in Iceweasel, Debian's version

of the Mozilla Firefox web browser: Multiple memory safety errors and

use-after-frees may lead to the execution of arbitrary code or denial

of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 24.8.0esr-1~deb7u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 31.1.0esr-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3019-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

September 04, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : procmail

CVE ID : CVE-2014-3618

Debian Bug : 704675 760443

 

Boris 'pi' Piwinger and Tavis Ormandy reported a heap overflow

vulnerability in procmail's formail utility when processing

specially-crafted email headers. A remote attacker could use this flaw

to cause formail to crash, resulting in a denial of service or data

loss, or possibly execute arbitrary code.

 

For the stable distribution (wheezy), this problem has been fixed in

version 3.22-20+deb7u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.22-22.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3021-1 security@debian.org

http://www.debian.org/security/ Luciano Bello

September 09, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : file

CVE ID : CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478

CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538

CVE-2014-3587

 

Multiple security issues have been found in file, a tool to determine

a file type. These vulnerabilities allow remote attackers to cause a

denial of service, via resource consumption or application crash.

 

For the stable distribution (wheezy), these problems have been fixed in

version 5.11-2+deb7u4.

 

For the testing distribution (jessie), these problems have been fixed in

version file 1:5.19-2.

 

For the unstable distribution (sid), these problems have been fixed in

version file 1:5.19-2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3020-1 security@debian.org

http://www.debian.org/security/ Raphael Geissert

September 10, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : acpi-support

CVE ID : CVE-2014-0484

 

During a review for EDF, Raphael Geissert discovered that the

acpi-support package did not properly handle data obtained from a

user's environment. This could lead to program malfunction or allow a

local user to escalate privileges to the root user due to a programming

error.

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.140-5+deb7u3.

 

For the testing distribution (jessie), and the unstable distribution (sid)

this problem will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3022-1 security@debian.org

http://www.debian.org/security/ Yves-Alexis Perez

September 10, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : curl

CVE ID : CVE-2014-3613 CVE-2014-3620

 

Two vulnerabilities have been discovered in cURL, an URL transfer

library. They can be use to leak cookie information:

 

CVE-2014-3613

 

By not detecting and rejecting domain names for partial literal IP

addresses properly when parsing received HTTP cookies, libcurl can

be fooled to both sending cookies to wrong sites and into allowing

arbitrary sites to set cookies for others.

 

CVE-2014-3620

 

libcurl wrongly allows cookies to be set for Top Level Domains

(TLDs), thus making them apply broader than cookies are allowed.

This can allow arbitrary sites to set cookies that then would get

sent to a different and unrelated site or domain.

 

For the stable distribution (wheezy), these problems have been fixed in

version 7.26.0-1+wheezy10.

 

For the testing distribution (jessie), these problems have been fixed in

version 7.38.0-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 7.38.0-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3021-2 security@debian.org

http://www.debian.org/security/ Luciano Bello

September 10, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : file

CVE ID : CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478

CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538

CVE-2014-3587

 

This update corrects DSA 3021-1, which introduced a regression in the

detection of a some "Composite Document Files" (CDF), marking them look

as corrupted, with the error: "Can't expand summary_info".

 

On additional information, 5.11-2+deb7u4 changed the detection of

certain text files in the same way php5 did this in 5.4.4-14+deb7u13.

Since the new output is more accurate and this change also restored

the better detection as seen in the squeeze version of file, this is

not being reverted.

 

For reference, the original advisory text follows:

 

Multiple security issues have been found in file, a tool to determine

a file type. These vulnerabilities allow remote attackers to cause a

denial of service, via resource consumption or application crash.

 

For the stable distribution (wheezy), these problems have been fixed in

version 5.11-2+deb7u5.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3024-1 security@debian.org

http://www.debian.org/security/ Thijs Kinkhorst

September 11, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gnupg

CVE ID : CVE-2014-5270

Debian Bug : 725411

 

Genkin, Pipman and Tromer discovered a side-channel attack on Elgamal

encryption subkeys (CVE-2014-5270).

 

In addition, this update hardens GnuPG's behaviour when treating

keyserver responses; GnuPG now filters keyserver responses to only

accepts those keyid's actually requested by the user.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.4.12-7+deb7u6.

 

For the testing (jessie) and unstable distribution (sid), this

problem has been fixed in version 1.4.18-4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3023-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

September 11, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bind9

CVE ID : CVE-2014-0591

Debian Bug : 735190

 

Jared Mauch reported a denial of service flaw in the way BIND, a DNS

server, handled queries for NSEC3-signed zones. A remote attacker could

use this flaw against an authoritative name server that served

NCES3-signed zones by sending a specially crafted query, which, when

processed, would cause named to crash.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1:9.8.4.dfsg.P1-6+nmu2+deb7u2.

 

For the testing distribution (jessie), this problem has been fixed in

version 1:9.9.5.dfsg-2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:9.9.5.dfsg-2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3025-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

September 16, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : apt

CVE ID : CVE-2014-0487 CVE-2014-0488 CVE-2014-0489 CVE-2014-0490

 

It was discovered that APT, the high level package manager, does not

properly invalidate unauthenticated data (CVE-2014-0488), performs

incorrect verification of 304 replies (CVE-2014-0487), does not perform

the checksum check when the Acquire::GzipIndexes option is used

(CVE-2014-0489) and does not properly perform validation for binary

packages downloaded by the apt-get download command (CVE-2014-0490).

 

For the stable distribution (wheezy), these problems have been fixed in

version 0.9.7.9+deb7u3.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.0.9.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3026-1 security@debian.org

http://www.debian.org/security/ Florian Weimer

September 16, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dbus

CVE ID : CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638

CVE-2014-3639

 

Alban Crequy and Simon McVittie discovered several vulnerabilities in

the D-Bus message daemon.

 

CVE-2014-3635

 

On 64-bit platforms, file descriptor passing could be abused by

local users to cause heap corruption in the dbus-daemon crash,

leading to a crash, or potentially to arbitrary code execution.

 

CVE-2014-3636

 

A denial-of-service vulnerability in dbus-daemon allowed local

attackers to prevent new connections to dbus-daemon, or disconnect

existing clients, by exhausting descriptor limits.

 

CVE-2014-3637

 

Malicious local users could create D-Bus connections to

dbus-daemon which could not be terminated by killing the

participating processes, resulting in a denial-of-service

vulnerability.

 

CVE-2014-3638

 

dbus-daemon suffered from a denial-of-service vulnerability in the

code which tracks which messages expect a reply, allowing local

attackers to reduce the performance of dbus-daemon.

 

CVE-2014-3639

 

dbus-daemon did not properly reject malicious connections from

local users, resulting in a denial-of-service vulnerability.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.6.8-1+deb7u4.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.8.8-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3027-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

September 17, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libav

CVE ID : CVE-2013-7020

 

Several security issues have been corrected in multiple demuxers and

decoders of the libav multimedia library. A full list of the changes is

available at

http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.15

 

For the stable distribution (wheezy), this problem has been fixed in

version 6:0.8.16-1.

 

For the testing distribution (jessie), this problem has been fixed in

version 6:11~alpha2-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 6:11~alpha2-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3028-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

September 17, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icedove

CVE ID : CVE-2014-1562 CVE-2014-1567

 

Multiple security issues have been found in Icedove, Debian's version of

the Mozilla Thunderbird mail and news client: Multiple memory safety

errors and use-after-frees may lead to the execution of arbitrary code

or denial of service.

 

For the stable distribution (wheezy), these problems have been fixed in

version 24.8.0-1~deb7u1.

 

For the unstable distribution (sid), these problems will be fixed soon.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3025-2 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

September 18, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : apt

Debian Bug : 762079

 

The previous update for apt, DSA-3025-1, introduced a regression when

file:/// sources are used and those are on a different partition than

the apt state directory. This update fixes the regression.

 

For reference, the original advisory follows.

 

It was discovered that APT, the high level package manager, does not

properly invalidate unauthenticated data (CVE-2014-0488), performs

incorrect verification of 304 replies (CVE-2014-0487), does not perform

the checksum check when the Acquire::GzipIndexes option is used

(CVE-2014-0489) and does not properly perform validation for binary

packages downloaded by the apt-get download command (CVE-2014-0490).

 

For the stable distribution (wheezy), this problem has been fixed in

version 0.9.7.9+deb7u4.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.0.9.1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3029-1 security@debian.org

http://www.debian.org/security/ Salvatore Bonaccorso

September 20, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : nginx

CVE ID : CVE-2014-3616

Debian Bug : 761940

 

Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was

possible to reuse cached SSL sessions in unrelated contexts, allowing

virtual host confusion attacks in some configurations by an attacker in

a privileged network position.

 

For the stable distribution (wheezy), this problem has been fixed in

version 1.2.1-2.2+wheezy3.

 

For the testing distribution (jessie), this problem has been fixed in

version 1.6.2-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.6.2-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3030-1 security@debian.org

http://www.debian.org/security/ Moritz Muehlenhoff

September 20, 2014 http://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mantis

CVE ID : CVE-2014-1608 CVE-2014-1609

 

Multiple SQL injection vulnerabilities have been discovered in the Mantis

bug tracking system.

 

For the stable distribution (wheezy), these problems have been fixed in

version 1.2.11-1.2+deb7u1.

Link to comment
Share on other sites

×
×
  • Create New...