securitybreach Posted November 1, 2015 Share Posted November 1, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3388-1 security@debian.org https://www.debian.org/security/ Kurt Roeckx November 01, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ntp CVE ID : CVE-2014-9750 CVE-2014-9751 CVE-2015-3405 CVE-2015-5146 CVE-2015-5194 CVE-2015-5195 CVE-2015-5219 CVE-2015-5300 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7850 CVE-2015-7852 CVE-2015-7855 CVE-2015-7871 Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs: CVE-2015-5146 A flaw was found in the way ntpd processed certain remote configuration packets. An attacker could use a specially crafted package to cause ntpd to crash if: * ntpd enabled remote configuration * The attacker had the knowledge of the configuration password * The attacker had access to a computer entrusted to perform remote configuration Note that remote configuration is disabled by default in NTP. CVE-2015-5194 It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands. CVE-2015-5195 It was found that ntpd exits with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) is referenced by the statistics or filegen configuration command CVE-2015-5219 It was discovered that sntp program would hang in an infinite loop when a crafted NTP packet was received, related to the conversion of the precision value in the packet to double. CVE-2015-5300 It was found that ntpd did not correctly implement the -g option: Normally, ntpd exits with a message to the system log if the offset exceeds the panic threshold, which is 1000 s by default. This option allows the time to be set to any value without restriction; however, this can happen only once. If the threshold is exceeded after that, ntpd will exit with a message to the system log. This option can be used with the -q and -x options. ntpd could actually step the clock multiple times by more than the panic threshold if its clock discipline doesn't have enough time to reach the sync state and stay there for at least one update. If a man-in-the-middle attacker can control the NTP traffic since ntpd was started (or maybe up to 15-30 minutes after that), they can prevent the client from reaching the sync state and force it to step its clock by any amount any number of times, which can be used by attackers to expire certificates, etc. This is contrary to what the documentation says. Normally, the assumption is that an MITM attacker can step the clock more than the panic threshold only once when ntpd starts and to make a larger adjustment the attacker has to divide it into multiple smaller steps, each taking 15 minutes, which is slow. CVE-2015-7691, CVE-2015-7692, CVE-2015-7702 It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. Receipt of these packets can cause ntpd to crash. CVE-2015-7701 A memory leak flaw was found in ntpd's CRYPTO_ASSOC. If ntpd is configured to use autokey authentication, an attacker could send packets to ntpd that would, after several days of ongoing attack, cause it to run out of memory. CVE-2015-7703 Miroslav Lichvar of Red Hat found that the :config command can be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process (immediately) or the current estimated drift of the system clock (in hourly intervals). For example: ntpq -c ':config pidfile /tmp/ntp.pid' ntpq -c ':config driftfile /tmp/ntp.drift' In Debian ntpd is configured to drop root privileges, which limits the impact of this issue. CVE-2015-7704 If ntpd as an NTP client receives a Kiss-of-Death (KoD) packet from the server to reduce its polling rate, it doesn't check if the originate timestamp in the reply matches the transmit timestamp from its request. An off-path attacker can send a crafted KoD packet to the client, which will increase the client's polling interval to a large value and effectively disable synchronization with the server. CVE-2015-7850 An exploitable denial of service vulnerability exists in the remote configuration functionality of the Network Time Protocol. A specially crafted configuration file could cause an endless loop resulting in a denial of service. An attacker could provide a the malicious configuration file to trigger this vulnerability. CVE-2015-7852 A potential off by one vulnerability exists in the cookedprint functionality of ntpq. A specially crafted buffer could cause a buffer overflow potentially resulting in null byte being written out of bounds. CVE-2015-7855 It was found that NTP's decodenetnum() would abort with an assertion failure when processing a mode 6 or mode 7 packet containing an unusually long data value where a network address was expected. This could allow an authenticated attacker to crash ntpd. CVE-2015-7871 An error handling logic error exists within ntpd that manifests due to improper error condition handling associated with certain crypto-NAK packets. An unauthenticated, off-path attacker can force ntpd processes on targeted servers to peer with time sources of the attacker's choosing by transmitting symmetric active crypto-NAK packets to ntpd. This attack bypasses the authentication typically required to establish a peer association and allows an attacker to make arbitrary changes to system time. For the oldstable distribution (wheezy), these problems have been fixed in version 1:4.2.6.p5+dfsg-2+deb7u6. For the stable distribution (jessie), these problems have been fixed in version 1:4.2.6.p5+dfsg-7+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 1:4.2.8p4+dfsg-3. For the unstable distribution (sid), these problems have been fixed in version 1:4.2.8p4+dfsg-3. We recommend that you upgrade your ntp packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWNo/RAAoJEBDCk7bDfE42AakP/i8yAUHEguJRRKG/57ikoDsY ANh1FWZGgXgsHfEzo0oTxmrHagSmVBVxQm7lTUC0Z9iu9Jt58V53ROf14ONdYPFJ I+hboT4dFsaFkPxNZ6gGdiS74bEil2xiUYz7W24/8Z2bD3P6pO9cRXuHa/N0bD1h pgzrJxRdOT3JKuJ/o7UX6XBRuxCKr9iC67BAtax0qDNj6jhZ9akMNLsbkxd5lZG4 QUtmmCrXk6MlsPp/Ckn9HId3rtqhdgYOc2yhkfZvwW1X/yMN3v+VIeWukM4yjw9T DLgiQZGhxLgZGYjGagRbnq94MJZDk02we0yxLqMlrjsrtp047b4tzuIesAwek5cw BblJauI7N2nWg7C31bQrW9IT1ndK5ScXWTEsCYQwYCFckWhr58ypfUQXS6YptRfd NKFHRBrHUnCf/7ANvVwewNjo13eeYfkK/dw4zHBXRlXP6b+CgX8sO3LRpiKVqy5j m43xGv5JL4PNLV5s6RHl5NB0kQNPzNBd6/Ef5GLr7XUWXkxz2aH5VLeTVaWlg2dp xcU/IM/dJ/8033ryKGqOpEhCVOfsG0jCVvnlggyWLIaOgqi5UQalGwNChGWtiKqI eZC+XMR3ZIYdOWjSkBRP2yPdIpfiXQe9n6qnzOSd98NsdnjfGoROPeUnNGo5gJh0 Lel5K+Jr+hVi/HyapP+X =MnQO -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 1, 2015 Share Posted November 1, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3381-2 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 1, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, or denial of service. The jessie update in DSA 3381 was built incorrectly, we apologise for the inconvenience. In addition the version number in jessie-security was lower than in wheezy-security which could result in upgrade problems during distribution updates. This has been fixed in 7u85-2.6.1-6~deb8u1. We recommend that you upgrade your openjdk-7 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWNo9FAAoJEBDCk7bDfE423BUQALuKRlj1xBZ7dMPulMDMq0JM z2Gd5lUCzJWJbXA6Y3UNotgGaF/fjbtw4uTZMRPT++P4S+HUM6W2FKSSvLv1Siha UP8FSNJaXpPTbYdfHJ0UlFyY2PuP7cwAYEglrZXbsf7mjn7fIlpMiV1IiEuyRFrf mYu3iaTgLI/BiPHbs/gBMB8YkXwPj+XjttAuhyhegDgDGHC3JNvpmGBcUAT4iLjb 31PvfJxfUH+ri+JryazNB6QH1vOI8qVLc/2Liwvqu13V4tpQFZHnMFvLpabic5c0 etR18Pieb60pAeAhmBRWP9JSDjZZ10MXh+/az8Q3tq+YK+io0lbTlc6BbUUKaS52 oD+bw+3HEOT5kAh/79ZSlzesHlbIBiy/WXVkNsUucGQWWAzqUPw4ma3+gyM0W7O9 yG1uOx1Yzrcq77mGpah/Jk3hyo3UtgdQX3on7qzWXfgwd/mlbOt4QRn1p138/aFX b+dx2oxQRj5icfI8uHhBiakw0KC62O+j4E+P36NfmE32r8BehD37wFOR+BkTfk1c OUSwm57gyhMw6Se6LqtNuC8yW+1TnivR7dbu271W/WQIeD3NROp8yvn5KWD/BB2k IjFVTM/wXrN50gRn2eCeCVSH3aplbQ9R/znkRjRbgZa19mUM+DPS1BOMHIXQKrWf I6VlEofVxzpb7np2j4dI =Wu2G -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 1, 2015 Share Posted November 1, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3389-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 01, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : elasticsearch Security support for elasticsearch in jessie is hereby discontinued. The project no longer releases information on fixed security issues which allow backporting them to released versions of Debian and actively discourages from doing so. elasticsearch will also be removed from Debian stretch (the next stable Debian release), but will continue to remain in unstable and available in jessie-backports. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWNo9RAAoJEBDCk7bDfE427Q0P/3X7V87H/M4pP656r0VMNI3l wck4p4oOvRcUPPE/HgZXpu9QoxFejqc4CilRqRPNVWAljoYlEKQDbO/8ioxRSkEO aaVvZgVr0UgkrBrUisF69W87tVpj1mKCQL9Kw2HdRsVTFhWRZe2MiAhQeFBuOVNq rKM8Q5SnGAOe5FEe6aY+6g5nw/pLet5C2fw2WirW1SWsD3pP1AkcZoIRIfP6R2qc Olu+N/j3fzMpIGr8IlOu2YR/MO9zwT2v6q0EZ9aM6ewEBwqC2Kldu3CdBZB2D8gH 3vXR0N12ZtXpl5yj23VAj8WFSUBitrTdmqP/WCwqp2mhXeuVuNpUAVJGeYzLF1Ve z4fIoSS7wQOTTIagzwZqn40Op3+PuJh9G+Sz+X1gGMOMm9h/62sY2dOTgB4Dpx/y St9DABmhMrm0+Eb6Wd+6U6ZNB6vYKTl93R4/cHdnVtmVuVjNGr2pSmgFN/wMxM5L n0MD9K7knPyS0ngwjX+Zz/O4X7IqziHvPjp9rOXN2U9kO55Eeo739xBcxHfpg9Cp Cyp2fPfSX5dBJVUD+y3ELjmgR+NdSbmKGMqLzsXngfu2DjvLUp/KMs5K10ReLBa4 MDXs/KH4LcRfKkbVkcjEUlAc+MqEDleZzO+IZS0r5ZnFXhuAtM3MMzQbaPMCXP2G wRBPlKsMOPvfkyzAEtdE =Z43V -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 2, 2015 Share Posted November 2, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3390-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 02, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2015-7835 It was discovered that the code to validate level 2 page table entries is bypassed when certain conditions are satisfied. A malicious PV guest administrator can take advantage of this flaw to gain privileges via a crafted superpage mapping. For the oldstable distribution (wheezy), this problem has been fixed in version 4.1.4-3+deb7u9. For the stable distribution (jessie), this problem has been fixed in version 4.4.1-9+deb8u2. We recommend that you upgrade your xen packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIbBAEBCgAGBQJWN6naAAoJEAVMuPMTQ89EJAUP+PTxbDcXdaWsxi1IHoF+JIBs y0IpdchA/L2QWQ57bcG2Uv2Z0fHsFprLNX6WNWz1rOSCXMdwYDDDtecmg4l1oRl2 ozmCg0Zy3KbuG83dBZNKcdAFuOPpccpuxy2uc93z63Xcb9hcmUrrXTtG+jcNvOKN mqWzp33ttqGBljP8EoK/yIy/P1jp8G4o3EoXAplkCQEoICHqCpiAbSU+AnHRxRcN wGcQHOMiBtld/Neu0+NSwzBQvpt2pEmtCPFHysc3+VHrTaYRlEXzhlMNet+klqQe wmrhAZUkW1FuMpcwAjXwQZ4S9kjvEGbsyacefAd6qWBzUhCJx8Lcz/ZvuXvZEmYk Xvu+sEqnWfQwUPefBejbEuC1TLQnYrmOrhBE1CwgoiVJEDiqPJ+Srd8llk5oueur omyJOS/gVQrSeQKaAeOhkCq4PTLUXS8V+BOHLDCQgXqfeS6FXvkKCL5g1dZsCM3W W9AeynQ//rtcJoehhcFxBge4rx/0g4OMrOyxWgXovvchDi3fAYQSIBz+JyjVDJiP VmOyo0eRSlOt2qFMlHtQGbAF44iUW+/aAejSp9Edp99apfbc6umGOhW6httEOoAZ LR68eq24PrJ8RkEyUjvpdHd4DE5T4YBPNPS19wb6Av3m5NQe9ySrVGPGHCmUbres SoSSlICiOGueda089nU= =zS7s -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 2, 2015 Share Posted November 2, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3355-2 security@debian.org https://www.debian.org/security/ Alessandro Ghedini November 02, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvdpau Debian Bug : 802625 The previous update for libvdpau, DSA-3355-1, introduced a regression in the stable distribution (jessie) causing a segmentation fault when the DRI_PRIME environment variable is set. For reference, the original advisory text follows. Florian Weimer of Red Hat Product Security discovered that libvdpau, the VDPAU wrapper library, did not properly validate environment variables, allowing local attackers to gain additional privileges. For the stable distribution (jessie), this problem has been fixed in version 0.8-3+deb8u2. We recommend that you upgrade your libvdpau packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJWN7kdAAoJEK+lG9bN5XPLcBAP/inR777OEQH20M/uOAETje90 SwAEEF+dXW3A4EhJFCpr5EuFqbLtEnicxdTrCgKAtAIqeKmzcjcppOdaIa+EPJCY mgi3nJaUzuU1RyDeDs8UrQosRBWdpbenpAmc0xpACYkHaSxz9BTjxx3xp8P3JPnQ 3hrNebH7WX+lg0Sit1ArCOqBkziXunZz2LSgKMyfw26oYb9wsLNInYapE+GbG1UC qRfJoqzZv1GvMCCKvrw+MgFeWjbqeSVITpptWDo5Uh9r93BphJ1QM6RYZmoSsiEU CsplCaRyriVCM2Dt+TdLXw0lBhozkTw/UkloIKJ0Zp03xtI+QYke6wHtiVBVcnKN qDAiWeukowvgie9xdju4MSghkDqIi1aUNkHMhn3OBhX9IzT23UtFpeocHWgl5zyv ziph8l5N71y/sAh4OZS1N7hRtFs8IFzIGvqnYU8rhiiJALgd9G0QNJfEeV/2/29J LFkpJiq3KQapQgpGra1BLncHtn8qfbDS6aXAncnwHkWCxgM8TexgdqMm3axRwjO/ oovOWooqb7329UN2XsVumuiNO6Pk9uD90wCEkG6+IR+mW0A27icXKGoKTlWu2tU4 bj7II5HoQnqyO9aOUsFblh+CpGmGm37UQ261Ji5dWpkghBQBmiNR2SFU+1A9MfR/ QzKXOK8eDz2uIGFrAGG1 =ktpf -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 3, 2015 Share Posted November 3, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3391-1 security@debian.org https://www.debian.org/security/ Florian Weimer November 03, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php-horde Debian Bug : 803641 It was discovered that the web-based administration interface in the Horde Application Framework did not guard against Cross-Site Request Forgery (CSRF) attacks. As a result, other, malicious web pages could cause Horde applications to perform actions as the Horde user. The oldstable distribution (wheezy) did not contain php-horde packages. For the stable distribution (jessie), this problem has been fixed in version 5.2.1+debian0-2+deb8u2. For the testing distribution (stretch) and the unstable distribution (sid), this problem has been fixed in version 5.2.8+debian0-1. We recommend that you upgrade your php-horde packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJWOStoAAoJEL97/wQC1SS+MHEIAJ2sxGyD96tbSiN0TkkYy6VZ SmjY9xuw7VE1fDJippuyI3uSWpcg7X1Lp4lZaoa5kNYpbEwTQBAqAlsW7G5sanqt LguF01ds1w1is4Tw796ukdT12nGY/DFo/t3DwbS+F0DIpZkvR2cNCHIVvw4Uu1mh Mtr9mQe0oyPshxJoZmsjPSJW3JAlM9PE47YfvgNhONVFFl+95MMcjCzg2boRhl4k fSS5S2mcZ/C8fRxUHdcywmZ/wE7NReIqBZPRptMWew2oWAENDrtCCGiqIxzoCwnT s75dtELRXfneQ70bkTZnIyLQZKVDN+1YO9nGaOgCdoyxoT8r+hBuuXnmAtEP3H8= =PQ4n -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 4, 2015 Share Posted November 4, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3392-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond November 04, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : freeimage CVE ID : CVE-2015-0852 Debian Bug : 797165 Pengsu Cheng discovered that FreeImage, a library for graphic image formats, contained multiple integer underflows that could lead to a denial of service: remote attackers were able to trigger a crash by supplying a specially crafted image. For the oldstable distribution (wheezy), this problem has been fixed in version 3.15.1-1.1. For the stable distribution (jessie), this problem has been fixed in version 3.15.4-4.2. For the testing distribution (stretch) and unstable distribution (sid), this problem has been fixed in version 3.15.4-6. We recommend that you upgrade your freeimage packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCgAGBQJWOc9cAAoJEBC+iYPz1Z1kC/UH/AhAe5MJ9NSS9wT95K5qhe/Z m4FKLdGDzGqWY82DhWyNYVTTeKit44rR70HnMQ4Ekj/s0SmOyXDAwhE5FR0lLnhW MM5U4Ub3Zhms3uQdayo8tKmlW3eS7lS5w6rpXk0406TVfSy23XUf8C9rjcIVruYS IBa1ROapH2pfo/LwFVwS3fm+ZzQ6M105WV1/TJEXG4sRCLKku470WPr8sDFGgWdZ 7UcdA1q8WbhGaELHI1Z7P86ycuz3hUTO9CzeYgUlcNBCOH27Uo4NiDQ5rOSHIY8N qWLiE8eIlBqn+9Nyr+JcQ1t/mvAI1aAZAfL0w3MUNQ+IPTG6Cx3mbrKTUw5jaLA= =klen -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 5, 2015 Share Posted November 5, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3394-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 05, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libreoffice CVE ID : CVE-2015-4551 CVE-2015-5212 CVE-2015-5213 CVE-2015-5214 Multiple vulnerabilities have been discovered in LibreOffice, a full-featured office productivity: CVE-2015-4551 Federico Scrinzi discovered an information leak in the handling of ODF documents. Quoting from https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/: The LinkUpdateMode feature controls whether documents inserted into Writer or Calc via links will either not get updated, or prompt to update, or automatically update, when the parent document is loaded. The configuration of this option was stored in the document. That flawed approach enabled documents to be crafted with links to plausible targets on the victims host computer. The contents of those automatically inserted after load links can be concealed in hidden sections and retrieved by the attacker if the document is saved and returned to sender, or via http requests if the user has selected lower security settings for that document. CVE-2015-5212 A buffer overflow in parsing the printer setup information in ODF documents may result in the execution of arbitrary code. CVE-2015-5213 / CVE-2015-5214 A buffer overflow and an integer oect memory management in parsing Microsoft Word documents may result in the execution of arbitrary code. For the oldstable distribution (wheezy), these problems have been fixed in version 1:3.5.4+dfsg2-0+deb7u5. For the stable distribution (jessie), these problems have been fixed in version 1:4.3.3-2+deb8u2. For the testing distribution (stretch), these problems have been fixed in version 1:5.0.2-1. For the unstable distribution (sid), these problems have been fixed in version 1:5.0.2-1. We recommend that you upgrade your libreoffice packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWO6QVAAoJEBDCk7bDfE42Sb4QAJ9pxAmvkInFVRYwKtNd71fz vNJ20YHRYouaoIyuoxUZmx27euObg56QFqp5ni+QmobMTYprL8AUIkhUQzNCPC6A T6CVDOGi+3UQMP3a6XByAtaeVceJOT/YxRKBxP2VGCxeIUAOmrQgKwPLcR2mwpii hSSmqTeYibEsD0M+f51qvIuEPtodzr4DsYrYysJtOEgzq2XN5gRQmbI2QTI2haQp 3tYO+ylCfsQGHy/5cTwpJ3xILefXel7q1K+N5LuEJrsVXuxUFiKvWWzqS/ZpcG5s CuiSOOYByTZw3ACIU9GV6jMkj8aOH7XwzQhYOJlTmuY/rpo0qbaP8IW9T9BiGRmB AZjZujGNGsc8WIedkLRdA/oSCNPfVQ8O1+19xMU05zBct6gpqQ+yhtDEM7s8M8LN 2pjG03eEW42NhEk+giz41hyHbAPCMqG3xA+ZChQTeK7/rW4LV48J1N6OF65AN4uQ a5KLjuvTkENDBNvb+3Qo2dqk7IdPIQ0h2DVVxW2z/7DucWpc1ausEJFz93IWWzOM /CjyL8svtEeEUFiLGc03cUlCSIu4ljs3FAiC50FqIsGQ0dyFhzSuCwTY+p+m1ecI bEB1Jhzo6zt7WXeBm+O9zWhx7Z5dG6XttR3KgduYZumgWGdX70rP756xjFY5br5l 5lc81kD970Ob7+P+Jz1i =/yq0 -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 6, 2015 Share Posted November 6, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3393-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 04, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : iceweasel CVE ID : CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 38.4.0esr-1~deb7u1. For the stable distribution (jessie), these problems have been fixed in version 38.4.0esr-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 38.4.0esr-1. We recommend that you upgrade your iceweasel packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWOlFJAAoJEBDCk7bDfE42diMP/2VK0dXZdknI+7WYm9mzRxv2 raQdxvB3tCehPKCsxLcpE11l2qLOAyBqguJC4SKqCsda1fSmkmftYvW21UTuRX55 5eaiceYKaKys8if2BxZiKMA7h9w3aGS6G1p4Bp7ld2s3tgDqSvrtxppowVY6/f5D od+DSzyl0qv1AzGHnscF+ThrooisC2LJSNZSHo67v97eruAPT14ohvOhU7zaf4tM nesRes7MhleHUsEWySYZDi3yQIe2+c/F6OnKeZ9dxCVBnKtUUpCqaGGfiktsunRm 5s3oieTiLXRg5wj61VY0pTdLCS1ji2GSd6J7fNfL2kIuZyai04mpzdVrtzFFLpgV xQ/IJQwTnqzA/zwhFEKdwVkRV1ZQUUCjnsNqZb3RghixrrFW7+Z09BpO63hfCP5X k3GkIv43I78XiC5Kwl2xaSgSZY1t4smN2SsVGWkrOXMcLXJDQJvzGTr+LMvbrv2z 6tEBaCID0gLgSbuEb6TCc0vXlSaKr7iD9zl4HZeMegEoMiu91cRvc1zl4mMidnvX Boc6uT2aVtdvFoEwtruxP+DYFa/p3yIsu8DgrzvFTMOh/OS1kXcEbXBsKaorcJyq 9fHHEhRYVm7e78KI9wLT1lljmnm3dGKwcdBVRWY7pq1tKJUp51d8k/5kntihVEoc 4H0p5gbleUYsnHHjlTQr =6psN -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 6, 2015 Share Posted November 6, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3395-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 06, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : krb5 CVE ID : CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 Debian Bug : 803083 803084 803088 Several vulnerabilities were discovered in krb5, the MIT implementation of Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-2695 It was discovered that applications which call gss_inquire_context() on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, leading to a process crash. CVE-2015-2696 It was discovered that applications which call gss_inquire_context() on a partially-established IAKERB context can cause the GSS-API library to read from a pointer using the wrong type, leading to a process crash. CVE-2015-2697 It was discovered that the build_principal_va() function incorrectly handles input strings. An authenticated attacker can take advantage of this flaw to cause a KDC to crash using a TGS request with a large realm field beginning with a null byte. For the oldstable distribution (wheezy), these problems have been fixed in version 1.10.1+dfsg-5+deb7u4. For the stable distribution (jessie), these problems have been fixed in version 1.12.1+dfsg-19+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 1.13.2+dfsg-3. For the unstable distribution (sid), these problems have been fixed in version 1.13.2+dfsg-3. We recommend that you upgrade your krb5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWPQNaAAoJEAVMuPMTQ89EYEkQAJBm5hBqyHJaJI9Pr1ZgrUd/ X8LKuhhak0T9R5uxh+3OunBKsmIU3bFZmljSHTGLpqD+L08kLA+ydRHHlP48fvQk enBzWYPUB4r0X3Ys/AoW0BzfA1ZSYaG8qSnwY5i0jyVPs7KOBATnHmj+Lv+btarB YmzIAq2SZza+pvMEyrZMRArkAzM33LFySNTcdzBz7MVvNq7yK3D0OdGJJVR6A13P vQ+yBNMbcXljOIi+amisqC5DD9lNfq84JeK8TKJC0qrURDsGzD8OLJ+VSUubeULF fYBxMn074RFxic2BtOp2Ns92zc0+PkCgu719amfFjSJ7UvSKRl5lVCBS5Tpq1V4l /besADZ9XqhxHgcAHPZl2Qclsy4ocoe/pcJtAacLMeKUBhPLPZdmJMDSxnsjK4Gf FugumQ5KeMV1hHLqWio7HDHlnynsJHdWJW65m6b1FyEj8IvW7aYBxELlkHRz393L B6VDjVsbu1rfHYGiTvReJNGJgDHoBRn6Oxw/t1h35/GC5jTsvRmYXeKnkNNq1O5h rSWOs+gTcCNDWOMJyc4690GG56FEuApidav9bcumzHXZYFH9lWstNmsFPX4wCshI RnfgPzrjd8fhQ+PLVD79pV4wXibbAuDf0MakCUTjY96nG5E/G5DnDNYUKh65/E3C v+AxuiDjbZ4j0vHn4Bv0 =FU4r -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 9, 2015 Share Posted November 9, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3386-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 09, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : unzip Debian Bug : 804595 The update for unzip issued as DSA-3386-1 introduced a regression when extracting 0-byte files. Updated packages are now available to address this regression. For the oldstable distribution (wheezy), this problem has been fixed in version 6.0-8+deb7u5. For the stable distribution (jessie), this problem has been fixed in version 6.0-16+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 6.0-20. We recommend that you upgrade your unzip packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWQRdxAAoJEAVMuPMTQ89EzUkP/0/3Llq2nGOqaYk02mZFy5cs DK/iRRTdEmXxkY5H4Nhhc9Zcz8Mv63pqVX/VDf2WdSgGl8otLSwbRrNirXFMpExv vboEQhXXHW7//h4HME85FX6sEkg8m+niU0lYiXJsA3jUgWOTQUUcrmR7LWusCG/X AUn123vIvU+wJd/EqPWSowZ3j+SgIYy19zcbvZPiHrMvLNPTt0wDu2ltq422LquL ccq+tjaQc8wajX4ycg3JMX6dsGbBsNq0K8M71T56o4fa62bVan1xvwiowSya1T9J OQiw3KhlMpDgda8ETq31P4GJzTyr3KSjbcgnYELWB1jLnEqXSf49YKiUoJdVZlYn Dh8NeR9NvKlMFId7EZmYPvep9Kw0/POCD+MorWGUEyIi48Rl3YzWaFN2+9t0j+iY 8aEolm3TL/CliHq5nrFsBwq2JYldrCJG0id7EgtlWtDvnBDms1Q/hBT3cyZWdaBI mZ/VO7MHmsZ8Ipg74hEQVT+nSMoF5YsO4uMF1ylMzYEDRPa6/eM93wUPkZdfV9/h Ex5xIyYtnIOyC40uAsF6yis4kOlYXa4Bvdx9UQ5n1CLLquB+4XBBUvMMswepUwv4 KG6pXhfEEDzrK0agL1NRnXvMhxCBccSPv+AFakV5mJIqG7YlIzlFcwmon7H5mHd5 dFH8rj+R2ISnWUc1sGDl =h0yH -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 10, 2015 Share Posted November 10, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3396-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 10, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2015-5307 CVE-2015-7833 CVE-2015-7872 CVE-2015-7990 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service. CVE-2015-5307 Ben Serebrin from Google discovered a guest to host denial of service flaw affecting the KVM hypervisor. A malicious guest can trigger an infinite stream of "alignment check" (#AC) exceptions causing the processor microcode to enter an infinite loop where the core never receives another interrupt. This leads to a panic of the host kernel. CVE-2015-7833 Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a flaw in the processing of certain USB device descriptors in the usbvision driver. An attacker with physical access to the system can use this flaw to crash the system. CVE-2015-7872 Dmitry Vyukov discovered a vulnerability in the keyrings garbage collector allowing a local user to trigger a kernel panic. CVE-2015-7990 It was discovered that the fix for CVE-2015-6937 was incomplete. A race condition when sending a message on unbound socket can still cause a NULL pointer dereference. A remote attacker might be able to cause a denial of service (crash) by sending a crafted packet. For the oldstable distribution (wheezy), these problems have been fixed in version 3.2.68-1+deb7u6. For the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt11-1+deb8u6. We recommend that you upgrade your linux packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWQaXfAAoJEAVMuPMTQ89ExbwP/jOoRqC06ghZHt0L85pdDG/T 3mkgcNeO8kDqwm4hqOpIq4oZJY+LwnSWoLYSJp2OodIEEw3qdhNcDmQZqrOdn+lU lDQtVVjd13io5vHE+R8/a03ChhUlVhQv40hQE0rALjYvdKYvn+JszZFwnAPe1pjc qnRafMEy8N2/lMWPDuxmdavzg7J8nXmxWKS1jW5a6PxrHyrLe1nAEc68iG51P6bF HQ8kbyWZFkD/hZ4al3dQCTLfmrFuRxf/Bv/L6EgLUCQT7IsBreASaqAE7tbpRm4I AI3nx9Yu6F4HnMdHDQZCUTgMJEYBDcJREMmqgwnUWIsKbdiyGBwWDGU9qsa0yQWP RcFxbH64C0HdB8gVKNj0qfTgF0P50ChIdpohs/IN5WCJ7SADfr61Rv6gHID1j38e YhyKV4qf/WPtYtr9524pkrhC07Znnk802m8wJgMacBVM2PTs/mxz75hZU/k3yRUN oyVL5nWUJSJBMnD+PoHaFnlit8FcJj6WS6iQUJ18Y/UOt4QWqZZgv3TjdIJmAUeg fJJjnlCMZHquUaUQ7W03LuFXKgrMnCwuWq53rCbzp5+/CkhRIuY5OylrSfh3JQi6 yckyHk/LF1XD4jgVPvpXv5OhFfsr5tZvN+V3UKmeigzUQr91XgO1ccu/AZ3igs5q MSXijRFylMzZsEHh+FUY =aHKu -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 10, 2015 Share Posted November 10, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3397-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 10, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wpa CVE ID : CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 CVE-2015-5310 CVE-2015-5314 CVE-2015-5315 CVE-2015-5316 CVE-2015-8041 Debian Bug : 787371 787372 787373 795740 804707 804708 804710 Several vulnerabilities have been discovered in wpa_supplicant and hostapd. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-4141 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WPS UPnP function with HTTP chunked transfer encoding which may result in a denial of service. CVE-2015-4142 Kostya Kortchinsky of the Google Security Team discovered a vulnerability in the WMM Action frame processing which may result in a denial of service. CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 Kostya Kortchinsky of the Google Security Team discovered that EAP-pwd payload is not properly validated which may result in a denial of service. CVE-2015-5310 Jouni Malinen discovered a flaw in the WMM Sleep Mode Response frame processing. A remote attacker can take advantage of this flaw to mount a denial of service. CVE-2015-5314 CVE-2015-5315 Jouni Malinen discovered a flaw in the handling of EAP-pwd messages which may result in a denial of service. CVE-2015-5316 Jouni Malinen discovered a flaw in the handling of EAP-pwd Confirm messages which may result in a denial of service. CVE-2015-8041 Incomplete WPS and P2P NFC NDEF record payload length validation may result in a denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 1.0-3+deb7u3. The oldstable distribution (wheezy) is only affected by CVE-2015-4141, CVE-2015-4142, CVE-2015-4143 and CVE-2015-8041. For the stable distribution (jessie), these problems have been fixed in version 2.3-1+deb8u3. We recommend that you upgrade your wpa packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWQk59AAoJEAVMuPMTQ89EfRoQAI2Hzz2IVjv2/Vqs+Eb1jN7s B1YeIISf83YOoSLXk1AdFp1irWIJR/1USKjlP3jm7Iedjz/nTqEr8k+4mjtaf1ap QVj07KUhmQYWJqxqCtrOYh5FKMgwZ6pDGbZaU7W9dV0NTyaQ9Yfi7rz2qf87zKlg rB66pMheTQVKwb60z2SLkRCzYxwcneVNt1k2YDymP4vthyjqDD3Hr/xkNQmOpYxD ZZBUVdj2VszBrvQI/7X1zb36viQrTSY/LtiL7V+ouQRQW2iRItHV6UgisKTxqLrc mxFHO910KexOYUlClShvy+uxPcNEFciY+WXJWk6C/vnWn3kgCePEMfHKnmyqpRHX /cpv/tClt9fbkv8pd+pdFKvDT4nUeRkKMvjA788nhB0JsAUpJBV2zM1/OqnqSpEy AkKJpBrAva63k44vrBSpMLQeZph3O4XQxVxd3GQUbnqff/QgfNdt3IZKejieEtr9 aGB9MEbACObsHfJMsyMKTas4wHjUjttli9dv1EjAo+l76uVwqsSsCjkd3hpwGTAa RfPtr406t8S6mJHUHiAnVGBaDRFLNj+GN4VUI03TY1xV+SryDDwvvNt6mqLPwYGQ DrkzMvNdpbZeeAZx4Lktwk3VHHqctpSWxh26+hZu/1gSn2fJt4IBAnuvR7U61L/s dmbD9IrwgfWdrmSOe/8e =oQsm -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 12, 2015 Share Posted November 12, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3395-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 12, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : krb5 CVE ID : CVE-2015-2697 Debian Bug : 803088 Marc Deslauriers reported that the update for krb5 issued as DSA-3395-1 did not contain the patch to address CVE-2015-2697 for the packages built for the oldstable distribution (wheezy). Updated packages are now available to address this issue. For reference, the relevant part of the original advisory text follows. CVE-2015-2697 It was discovered that the build_principal_va() function incorrectly handles input strings. An authenticated attacker can take advantage of this flaw to cause a KDC to crash using a TGS request with a large realm field beginning with a null byte. For the oldstable distribution (wheezy), this problem has been fixed in version 1.10.1+dfsg-5+deb7u6. We recommend that you upgrade your krb5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWRP8BAAoJEAVMuPMTQ89EOYkQAJapOzRZJJ9R2X8CEl2oDzC3 It0qbSVMU3YwTtwLmHzgwSf1XmlVDRP9+bRURmK7rqERoLdeGLEEHXOoi5i4I80m fJT2uleuMGPWiYvLRb/aFWMdgd+tNDcmrFX0YQVYuyNPO5ixOuusIKE1Sihbcx+T j/haOd5t+HStYbi2667ph5p8xlwykmONEUjkRY/6CE5D/SR8sfnFZARQ8iD8ug2u J6nvXFHnvQuU0xmDr/jDPH0pAhF3Ntvm9Tl0RHpkQ6MIfe0DS2yGs1TXtQSVSY8u 0vgejWbXqSwXr5VjsB6KcZ83PjsSYyaCsLy3zq8dC00yuCGUyG59chlvFqm3+Hhv sjXlA38DobsxkiFT3cIXJLGjzIcz3fcMKFy2kaBikPSkxDQKfj1a8OgMoK9ojCF0 kYdhLaO4pVEJDQeTMyxscQVZwy5O//hicNJvfYSTWbwOvcxGWnBri/hS89Ct4KQI JoBXYsa1OOCH5PGD5CW/uVmFw+KtQnK59eg3CdMthlIfIDV4RYXBq6SuG+oVPfbF 6Q2mKwmyBunBi0cltcAo7vUUJUZQeiLpwq6kl3UxpbZMDqsJ+rbW8z33sNTZj2WG imCG6Xjt2GThyRB2m8cyKLFlJJ+SQZGBOEW3/155/s/2h5uUxr2VKYzMWt5vWZe4 NuNKx1P9QVemIc0qcQNb =/WpO -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 14, 2015 Share Posted November 14, 2015 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3208-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 14, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : freexl The update for freexl issued as DSA-3208-1 introduced a regression when handling certain Microsoft Excel spreadsheets files. Updated packages are now available to address this regression. For reference the original advisory text follows. Jodie Cunningham discovered multiple vulnerabilities in freexl, a library to read Microsoft Excel spreadsheets, which might result in denial of service or the execution of arbitrary code if a malformed Excel file is opened. For the oldstable distribution (wheezy), this problem has been fixed in version 1.0.0b-1+deb7u3. For the stable distribution (jessie), this problem has been fixed in version 1.0.0g-1+deb8u3. We recommend that you upgrade your freexl packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWR0exAAoJEAVMuPMTQ89E3OMP/3t0dIqxOodj8kL/WrMFbRBz bIAPBU50Jbv3SpgZNa3CkT4gjvWgEA79RsF0obepqYf/5h05FC8Kpvic7hUYsVj3 4FYk1KNCvYP67+UIpu5pe0hV2w9OGMJmVZWI4qUVjxIHenhHbv4WAEoa2vGk7wlk QQAQfmRepiy6i6pEZX7VGbsQsLkBKzWQl8T7NJrxbrT35fM2hmQin93gJzLMGWFQ YyLzvtPxs4FBkKbGTESSbtLkhtHq2Tnax+GqZsPkT2NVtOm8qXEqaw+Tnx/Hopjp eVqB0uvdkFFSZx8wFlqUCVFHLun/03KRKz3foGDCB1eAL4jODfFZV37vaJ182Exp EqJuDdYoUyGWM2ikr8cEP4+OsHEXeDeUiZPkU9Hr+1FSF2AUHWvIqB+RqNTJZF+E 5aGBO/HJBFxf4Z1fZVmTqpgdjl1Wqi77pPmqfvNA27YpBGjVCzqtfEB6c8HHdRDS viIEmE//E2pquOyrqU3noFBTcAlddvreKjkWo3y+DOHGSS7JLL8FUVM9amnPOmpn vbID6vVKJvTk8NyeZoHsGxRh3GgVHauI+9wV7yUSWItxQM2Jubd1eYKfgmqi0u9i a4L+ADDaQW4Gvd9NqLZ/si5YOvEEysQjqXdHpIE58wxivU9x/XJ6Zu/OraCKGf1a DXiRuF3RQlIV6agMYiuQ =RGyz -----END PGP SIGNATURE----- Link to comment Share on other sites More sharing options...
securitybreach Posted November 16, 2015 Share Posted November 16, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3398-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez November 16, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : strongswan CVE ID : CVE-2015-8023 Tobias Brunner found an authentication bypass vulnerability in strongSwan, an IKE/IPsec suite. Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without providing valid credentials. It's possible to recognize such attacks by looking at the server logs. The following log message would be seen during the client authentication: EAP method EAP_MSCHAPV2 succeeded, no MSK established For the oldstable distribution (wheezy), this problem has been fixed in version 4.5.2-1.5+deb7u8. For the stable distribution (jessie), this problem has been fixed in version 5.2.1-6+deb8u2. For the testing distribution (stretch), this problem has been fixed in version 5.3.3-3. For the unstable distribution (sid), this problem has been fixed in version 5.3.3-3. Link to comment Share on other sites More sharing options...
securitybreach Posted November 18, 2015 Share Posted November 18, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3399-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 18, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libpng CVE ID : CVE-2015-7981 CVE-2015-8126 Debian Bug : 803078 805113 Several vulnerabilities have been discovered in the libpng PNG library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-7981 Qixue Xiao discovered an out-of-bounds read vulnerability in the png_convert_to_rfc1123 function. A remote attacker can potentially take advantage of this flaw to cause disclosure of information from process memory. CVE-2015-8126 Multiple buffer overflows were discovered in the png_set_PLTE and png_get_PLTE functions. A remote attacker can take advantage of this flaw to cause a denial of service (application crash) via a small bit-depth value in an IHDR (image header) chunk in a PNG image. For the oldstable distribution (wheezy), these problems have been fixed in version 1.2.49-1+deb7u1. For the stable distribution (jessie), these problems have been fixed in version 1.2.50-2+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 1.2.54-1. Link to comment Share on other sites More sharing options...
securitybreach Posted November 20, 2015 Share Posted November 20, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3400-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lxc CVE ID : CVE-2015-1335 Debian Bug : 800471 Roman Fiedler discovered a directory traversal flaw in LXC, the Linux Containers userspace tools. A local attacker with access to a LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container. For the stable distribution (jessie), this problem has been fixed in version 1:1.0.6-6+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted November 22, 2015 Share Posted November 22, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3401-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 22, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2015-4871 It was discovered that rebinding a receiver of a direct method handle may allow a protected method to be accessed. For the oldstable distribution (wheezy), this problem has been fixed in version 7u91-2.6.3-1~deb7u1. For the stable distribution (jessie), this problem has been fixed in version 7u91-2.6.3-1~deb8u1. For the unstable distribution (sid), this problem has been fixed in version 7u91-2.6.3-1. 1 Link to comment Share on other sites More sharing options...
sunrat Posted November 24, 2015 Share Posted November 24, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3402-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 24, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : symfony CVE ID : CVE-2015-8124 CVE-2015-8125 Several vulnerabilities have been discovered in symfony, a framework to create websites and web applications. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8124 The RedTeam Pentesting GmbH team discovered a session fixation vulnerability within the "Remember Me" login feature, allowing an attacker to impersonate the victim towards the web application if the session id value was previously known to the attacker. CVE-2015-8125 Several potential remote timing attack vulnerabilities were discovered in classes from the Symfony Security component and in the legacy CSRF implementation from the Symfony Form component. For the stable distribution (jessie), these problems have been fixed in version 2.3.21+dfsg-4+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 2.7.7+dfsg-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3403-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 24, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libcommons-collections3-java This update backports changes from the commons-collections 3.2.2 release which disable the deserialisation of the functors classes unless the system property org.apache.commons.collections.enableUnsafeSerialization is set to 'true'. This fixes a vulnerability in unsafe applications deserialising objects from untrusted sources without sanitising the input data. Classes considered unsafe are: CloneTransformer, ForClosure, InstantiateFactory, InstantiateTransformer, InvokerTransformer, PrototypeCloneFactory, PrototypeSerializationFactory and WhileClosure. For the oldstable distribution (wheezy), this problem has been fixed in version 3.2.1-5+deb7u1. For the stable distribution (jessie), this problem has been fixed in version 3.2.1-7+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 3.2.2-1. For the unstable distribution (sid), this problem has been fixed in version 3.2.2-1. Link to comment Share on other sites More sharing options...
sunrat Posted November 25, 2015 Share Posted November 25, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3404-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 25, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2015-8213 Ryan Butterfield discovered a vulnerability in the date template filter in python-django, a high-level Python web development framework. A remote attacker can take advantage of this flaw to obtain any secret in the application's settings. For the oldstable distribution (wheezy), this problem has been fixed in version 1.4.5-1+deb7u14. For the stable distribution (jessie), this problem has been fixed in version 1.7.7-1+deb8u3. For the unstable distribution (sid), this problem has been fixed in version 1.8.7-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3405-1 security@debian.org https://www.debian.org/security/ Florian Weimer November 25, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : smokeping CVE ID : CVE-2015-0859 Tero Marttila discovered that the Debian packaging for smokeping installed it in such a way that the CGI implementation of Apache httpd (mod_cgi) passed additional arguments to the smokeping_cgi program, potentially leading to arbitrary code execution in response to crafted HTTP requests. For the oldstable distribution (wheezy), this problem has been fixed in version 2.6.8-2+deb7u1. For the stable distribution (jessie), this problem has been fixed in version 2.6.9-1+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3406-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 25, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nspr CVE ID : CVE-2015-7183 It was discovered that incorrect memory allocation in the NetScape Portable Runtime library might result in denial of service or the execution of arbitrary code. For the oldstable distribution (wheezy), this problem has been fixed in version 2:4.9.2-1+deb7u3. For the stable distribution (jessie), this problem has been fixed in version 2:4.10.7-1+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 2:4.10.10-1. For the unstable distribution (sid), this problem has been fixed in version 2:4.10.10-1. Link to comment Share on other sites More sharing options...
sunrat Posted November 27, 2015 Share Posted November 27, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3407-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 26, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dpkg CVE ID : CVE-2015-0860 Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg, the Debian package management system. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafted Debian binary package (.deb) in the old style Debian binary package format. This update also includes updated translations and additional bug fixes. For the oldstable distribution (wheezy), this problem has been fixed in version 1.16.17. For the stable distribution (jessie), this problem has been fixed in version 1.17.26. Link to comment Share on other sites More sharing options...
sunrat Posted December 1, 2015 Share Posted December 1, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3408-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 01, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gnutls26 CVE ID : CVE-2015-8313 It was discovered that GnuTLS, a library implementing the TLS and SSL protocols, incorrectly validates the first byte of padding in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. For the oldstable distribution (wheezy), this problem has been fixed in version 2.12.20-8+deb7u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3409-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 01, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : putty CVE ID : CVE-2015-5309 A memory-corrupting integer overflow in the handling of the ECH (erase characters) control sequence was discovered in PuTTY's terminal emulator. A remote attacker can take advantage of this flaw to mount a denial of service or potentially to execute arbitrary code. For the oldstable distribution (wheezy), this problem has been fixed in version 0.62-9+deb7u3. For the stable distribution (jessie), this problem has been fixed in version 0.63-10+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 0.66-1. For the unstable distribution (sid), this problem has been fixed in version 0.66-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 2, 2015 Share Posted December 2, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3410-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 01, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2015-4473 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 38.4.0-1~deb7u1. For the stable distribution (jessie), these problems have been fixed in version 38.4.0-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 38.4.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 3, 2015 Share Posted December 3, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3411-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 02, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cups-filters CVE ID : CVE-2015-8327 Michal Kowalczyk discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands. The oldstable distribution (wheezy) is not affected. For the stable distribution (jessie), this problem has been fixed in version 1.0.61-5+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 1.2.0-1. : CVE-2015-8327 Michal Kowalczyk discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands. The oldstable distribution (wheezy) is not affected. For the stable distribution (jessie), this problem has been fixed in version 1.0.61-5+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 1.2.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 8, 2015 Share Posted December 8, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3412-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 03, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : redis CVE ID : CVE-2015-8080 Debian Bug : 804419 Luca Bruno discovered an integer overflow flaw leading to a stack-based buffer overflow in redis, a persistent key-value database. A remote attacker can use this flaw to cause a denial of service (application crash). For the stable distribution (jessie), this problem has been fixed in version 2:2.8.17-1+deb8u3. For the testing distribution (stretch), this problem has been fixed in version 2:3.0.5-4. For the unstable distribution (sid), this problem has been fixed in version 2:3.0.5-4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3413-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 04, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-3194 Loic Jonas Etienne of Qnective AG discovered that the signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. A remote attacker can exploit this flaw to crash any certificate verification operation and mount a denial of service attack. CVE-2015-3195 Adam Langley of Google/BoringSSL discovered that OpenSSL will leak memory when presented with a malformed X509_ATTRIBUTE structure. CVE-2015-3196 A race condition flaw in the handling of PSK identify hints was discovered, potentially leading to a double free of the identify hint data. For the oldstable distribution (wheezy), these problems have been fixed in version 1.0.1e-2+deb7u18. For the stable distribution (jessie), these problems have been fixed in version 1.0.1k-3+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 1.0.2e-1 or earlier. Link to comment Share on other sites More sharing options...
sunrat Posted December 11, 2015 Share Posted December 11, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3414-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 09, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2015-3259 CVE-2015-3340 CVE-2015-5307 CVE-2015-6654 CVE-2015-7311 CVE-2015-7812 CVE-2015-7813 CVE-2015-7814 CVE-2015-7969 CVE-2015-7970 CVE-2015-7971 CVE-2015-7972 CVE-2015-8104 Multiple security issues have been found in the Xen virtualisation solution, which may result in denial of service or information disclosure. For the oldstable distribution (wheezy), an update will be provided later. For the stable distribution (jessie), these problems have been fixed in version 4.4.1-9+deb8u3. For the unstable distribution (sid), these problems will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3415-1 security@debian.org https://www.debian.org/security/ Michael Gilbert December 09, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2015-1302 CVE-2015-6764 CVE-2015-6765 CVE-2015-6766 CVE-2015-6767 CVE-2015-6768 CVE-2015-6769 CVE-2015-6770 CVE-2015-6771 CVE-2015-6772 CVE-2015-6773 CVE-2015-6774 CVE-2015-6775 CVE-2015-6776 CVE-2015-6777 CVE-2015-6778 CVE-2015-6779 CVE-2015-6780 CVE-2015-6781 CVE-2015-6782 CVE-2015-6784 CVE-2015-6785 CVE-2015-6786 Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-1302 Rub Wu discovered an information leak in the pdfium library. CVE-2015-6764 Guang Gong discovered an out-of-bounds read issue in the v8 javascript library. CVE-2015-6765 A use-after-free issue was discovered in AppCache. CVE-2015-6766 A use-after-free issue was discovered in AppCache. CVE-2015-6767 A use-after-free issue was discovered in AppCache. CVE-2015-6768 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2015-6769 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2015-6770 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2015-6771 An out-of-bounds read issue was discovered in the v8 javascript library. CVE-2015-6772 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2015-6773 cloudfuzzer discovered an out-of-bounds read issue in the skia library. CVE-2015-6774 A use-after-free issue was found in extensions binding. CVE-2015-6775 Atte Kettunen discovered a type confusion issue in the pdfium library. CVE-2015-6776 Hanno Böck dicovered and out-of-bounds access issue in the openjpeg library, which is used by pdfium. CVE-2015-6777 Long Liu found a use-after-free issue. CVE-2015-6778 Karl Skomski found an out-of-bounds read issue in the pdfium library. CVE-2015-6779 Til Jasper Ullrich discovered that the pdfium library does not sanitize "chrome:" URLs. CVE-2015-6780 Khalil Zhani discovered a use-after-free issue. CVE-2015-6781 miaubiz discovered an integer overflow issue in the sfntly library. CVE-2015-6782 Luan Herrera discovered a URL spoofing issue. CVE-2015-6784 Inti De Ceukelaire discovered a way to inject HTML into serialized web pages. CVE-2015-6785 Michael Ficarra discovered a way to bypass the Content Security Policy. CVE-2015-6786 Michael Ficarra discovered another way to bypass the Content Security Policy. For the stable distribution (jessie), these problems have been fixed in version 47.0.2526.73-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 47.0.2526.73-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 13, 2015 Share Posted December 13, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3416-1 security@debian.org https://www.debian.org/security/ Luciano Bello December 13, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libphp-phpmailer CVE ID : CVE-2015-8476 Debian Bug : 807265 Takeshi Terada discovered a vulnerability in PHPMailer, a PHP library for email transfer, used by many CMSs. The library accepted email addresses and SMTP commands containing line breaks, which can be abused by an attacker to inject messages. For the oldstable distribution (wheezy), this problem has been fixed in version 5.1-1+deb6u11. For the stable distribution (jessie), this problem has been fixed in version 5.2.9+dfsg-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 5.2.14+dfsg-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 15, 2015 Share Posted December 15, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3417-1 security@debian.org https://www.debian.org/security/ Luciano Bello December 14, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bouncycastle CVE ID : CVE-2015-7940 Debian Bug : 802671 Tibor Jager, Jörg Schwenk, and Juraj Somorovsky, from Horst Görtz Institute for IT Security, published a paper in ESORICS 2015 where they describe an invalid curve attack in Bouncy Castle Crypto, a Java library for cryptography. An attacker is able to recover private Elliptic Curve keys from different applications, for example, TLS servers. More information: http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html Practical Invalid Curve Attacks on TLS-ECDH: http://euklid.org/pdf/ECC_Invalid_Curve.pdf For the oldstable distribution (wheezy), this problem has been fixed in version 1.44+dfsg-3.1+deb7u1. For the stable distribution (jessie), this problem has been fixed in version 1.49+dfsg-3+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1.51-2. Link to comment Share on other sites More sharing options...
sunrat Posted December 17, 2015 Share Posted December 17, 2015 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3418-1 security@debian.org https://www.debian.org/security/ Michael Gilbert December 14, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2015-6788 CVE-2015-6789 CVE-2015-6790 CVE-2015-6791 Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-6788 A type confusion issue was discovered in the handling of extensions. CVE-2015-6789 cloudfuzzer discovered a use-after-free issue. CVE-2015-6790 Inti De Ceukelaire discovered a way to inject HTML into serialized web pages. CVE-2015-6791 The chrome 47 development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 javascript library, version 4.7.80.23. For the stable distribution (jessie), these problems have been fixed in version 47.0.2526.80-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 47.0.2526.80-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3419-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 15, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cups-filters CVE ID : CVE-2015-8560 Debian Bug : 807930 Adam Chester discovered that missing input sanitising in the foomatic-rip print filter might result in the execution of arbitrary commands. For the stable distribution (jessie), this problem has been fixed in version 1.0.61-5+deb8u3. For the unstable distribution (sid), this problem has been fixed in version 1.4.0-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3420-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 15, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bind9 CVE ID : CVE-2015-8000 Debian Bug : 808081 It was discovered that the BIND DNS server does not properly handle the parsing of incoming responses, allowing some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. A remote attacker can exploit this flaw to cause a denial of service against servers performing recursive queries. For the oldstable distribution (wheezy), this problem has been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u8. For the stable distribution (jessie), this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3422-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 16, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : iceweasel CVE ID : CVE-2015-7201 CVE-2015-7205 CVE-2015-7210 CVE-2015-7212 CVE-2015-7213 CVE-2015-7214 CVE-2015-7222 Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, integer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, bypass of the same-origin policy or denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 38.5.0esr-1~deb7u2. For the stable distribution (jessie), these problems have been fixed in version 38.5.0esr-1~deb8u2. For the unstable distribution (sid), these problems have been fixed in version 38.5.0esr-1. Link to comment Share on other sites More sharing options...
Recommended Posts