Jump to content

Bruno

Recommended Posts

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3421-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

December 16, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : grub2

CVE ID : CVE-2015-8370

Debian Bug : 807614

 

Hector Marco and Ismael Ripoll, from Cybersecurity UPV Research Group,

found an integer underflow vulnerability in Grub2, a popular bootloader.

A local attacker can bypass the Grub2 authentication by inserting a

crafted input as username or password.

 

More information:

http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.99-27+deb7u3.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.02~beta2-22+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.02~beta2-33.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3423-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

December 16, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cacti

CVE ID : CVE-2015-8369

Debian Bug : 807599

 

Several SQL injection vulnerabilities have been discovered in Cacti, an

RRDTool frontend written in PHP. Specially crafted input can be used by

an attacker in the rra_id value of the graph.php script to execute

arbitrary SQL commands on the database.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 0.8.8a+dfsg-5+deb7u7.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.8.8b+dfsg-8+deb8u3.

 

For the testing distribution (stretch), this problem has been fixed

in version 0.8.8f+ds1-3.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.8.8f+ds1-3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3424-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 16, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : subversion

CVE ID : CVE-2015-5343

 

Ivan Zhakov discovered an integer overflow in mod_dav_svn, which allows

an attacker with write access to the server to execute arbitrary code or

cause a denial of service.

 

The oldstable distribution (wheezy) is not affected.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.8.10-6+deb8u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.9.3-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3337-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 17, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gdk-pixbuf

CVE ID : CVE-2015-4491

 

The patch applied for gdk-pixbuf to fix CVE-2015-4491 in DSA 3337-1 was

incomplete. This update corrects that problem. For reference the

original advisory text follows.

 

Gustavo Grieco discovered a heap overflow in the processing of BMP images

which may result in the execution of arbitrary code if a malformed image

is opened.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.26.1-1+deb7u3.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.31.1-2+deb8u4.

 

For the testing distribution (stretch), this problem has been fixed

in version 2.31.7-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.31.7-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3425-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

December 17, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tryton-server

CVE ID : CVE-2015-0861

 

Cédric Krier discovered a vulnerability in the server-side of Tryton, an

application framework written in Python. An aunthenticated malicious

user can write arbitrary values in record fields due missed checks of

access permissions when multiple records are written.

 

The oldstable distribution (wheezy) is not affected.

 

For the stable distribution (jessie), this problem has been fixed in

version 3.4.0-3+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.8.1-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3426-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 17, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2013-7446 CVE-2015-7799 CVE-2015-7833 CVE-2015-8104

CVE-2015-8374 CVE-2015-8543

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a privilege escalation, denial of service, information leak

or data loss.

 

CVE-2013-7446

 

Dmitry Vyukov discovered that a particular sequence of valid

operations on local (AF_UNIX) sockets can result in a

use-after-free. This may be used to cause a denial of service

(crash) or possibly for privilege escalation.

 

CVE-2015-7799

 

It was discovered that a user granted access to /dev/ppp can cause a

denial of service (crash) by passing invalid parameters to the

PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.

 

CVE-2015-7833

 

Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a

flaw in the processing of certain USB device descriptors in the

usbvision driver. An attacker with physical access to the system can

use this flaw to crash the system. This was partly fixed by the

changes listed in DSA 3396-1.

 

CVE-2015-8104

 

Jan Beulich reported a guest to host denial-of-service flaw

affecting the KVM hypervisor running on AMD processors. A malicious

guest can trigger an infinite stream of "debug" (#DB) exceptions

causing the processor microcode to enter an infinite loop where the

core never receives another interrupt. This leads to a panic of the

host kernel.

 

CVE-2015-8374

 

It was discovered that Btrfs did not correctly implement truncation

of compressed inline extents. This could lead to an information

leak, if a file is truncated and later made readable by other users.

Additionally, it could cause data loss. This has been fixed for the

stable distribution (jessie) only.

 

CVE-2015-8543

 

It was discovered that a local user permitted to create raw sockets

could cause a denial-of-service by specifying an invalid protocol

number for the socket. The attacker must have the CAP_NET_RAW

capability in their user namespace. This has been fixed for the

stable distribution (jessie) only.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 3.2.73-2+deb7u1. In addition, this update contains several

changes originally targeted for the upcoming Wheezy point release.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.16.7-ckt20-1+deb8u1. In addition, this update contains several

changes originally targeted for the upcoming Jessie point release.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3427-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 18, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : blueman

CVE ID : not yet available

 

It was discovered that the Mechanism plugin of Blueman, a graphical

Bluetooth manager, allows local privilege escalation.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.23-1+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.99~alpha1-1+deb8u1.

 

For the unstable distribution (sid), this problem will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3428-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 18, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tomcat8

CVE ID : CVE-2014-7810

 

It was discovered that malicious web applications could use the

Expression Language to bypass protections of a Security Manager as

expressions were evaluated within a privileged code section.

 

For the stable distribution (jessie), this problem has been fixed in

version 8.0.14-1+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 8.0.21-2.

 

For the unstable distribution (sid), this problem has been fixed in

version 8.0.21-2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3429-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 21, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : foomatic-filters

CVE ID : CVE-2015-8327 CVE-2015-8560

Debian Bug : 806886 807993

 

Michal Kowalczyk and Adam Chester discovered that missing input

sanitising in the foomatic-rip print filter might result in the

execution of arbitrary commands.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 4.0.17-1+deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.0.17-5+deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 4.0.17-7.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3430-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 23, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libxml2

CVE ID : CVE-2015-1819 CVE-2015-5312 CVE-2015-7497 CVE-2015-7498

CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942

CVE-2015-8035 CVE-2015-8241 CVE-2015-8317

Debian Bug : 782782 782985 783010 802827 803942 806384

 

Several vulnerabilities were discovered in libxml2, a library providing

support to read, modify and write XML and HTML files. A remote attacker

could provide a specially crafted XML or HTML file that, when processed

by an application using libxml2, would cause that application to use an

excessive amount of CPU, leak potentially sensitive information, or

crash the application.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 2.8.0+dfsg1-7+wheezy5.

 

For the stable distribution (jessie), these problems have been fixed in

version 2.9.1+dfsg1-5+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 2.9.3+dfsg1-1 or earlier versions.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.9.3+dfsg1-1 or earlier versions.

Link to comment
Share on other sites

  • 2 weeks later...

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3431-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 01, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ganeti

CVE ID : CVE-2015-7944 CVE-2015-7945

 

Pierre Kim discovered two vulnerabilities in the restful API of Ganeti,

a virtual server cluster management tool. SSL parameter negotiation

could result in denial of service and the DRBD secret could leak.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 2.5.2-1+deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 2.12.4-1+deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.15.2-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3432-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 01, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icedove

CVE ID : CVE-2015-7201 CVE-2015-7205 CVE-2015-7212 CVE-2015-7213

CVE-2015-7214

 

Multiple security issues have been found in Icedove, Debian's version of

the Mozilla Thunderbird mail client: Multiple memory safety errors,

integer overflows, buffer overflows and other implementation errors may

lead to the execution of arbitrary code or denial of service.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 38.5.0-1~deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 38.5.0-1~deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 38.5.0esr-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 38.5.0esr-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3433-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 02, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

CVE ID : CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299

CVE-2015-5330 CVE-2015-7540 CVE-2015-8467

 

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,

print, and login server for Unix. The Common Vulnerabilities and

Exposures project identifies the following issues:

 

CVE-2015-3223

 

Thilo Uttendorfer of Linux Information Systems AG discovered that a

malicious request can cause the Samba LDAP server to hang, spinning

using CPU. A remote attacker can take advantage of this flaw to

mount a denial of service.

 

CVE-2015-5252

 

Jan "Yenya" Kasprzak and the Computer Systems Unit team at Faculty

of Informatics, Masaryk University discovered that insufficient

symlink verification could allow data access outside an exported

share path.

 

CVE-2015-5296

 

Stefan Metzmacher of SerNet discovered that Samba does not ensure

that signing is negotiated when creating an encrypted client

connection to a server. This allows a man-in-the-middle attacker to

downgrade the connection and connect using the supplied credentials

as an unsigned, unencrypted connection.

 

CVE-2015-5299

 

It was discovered that a missing access control check in the VFS

shadow_copy2 module could allow unauthorized users to access

snapshots.

 

CVE-2015-5330

 

Douglas Bagnall of Catalyst discovered that the Samba LDAP server

is vulnerable to a remote memory read attack. A remote attacker can

obtain sensitive information from daemon heap memory by sending

crafted packets and then either read an error message, or a

database value.

 

CVE-2015-7540

 

It was discovered that a malicious client can send packets that

cause the LDAP server provided by the AD DC in the samba daemon

process to consume unlimited memory and be terminated.

 

CVE-2015-8467

 

Andrew Bartlett of the Samba Team and Catalyst discovered that a

Samba server deployed as an AD DC can expose Windows DCs in the same

domain to a denial of service via the creation of multiple machine

accounts. This issue is related to the MS15-096 / CVE-2015-2535

security issue in Windows.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 2:3.6.6-6+deb7u6. The oldstable distribution (wheezy) is only

affected by CVE-2015-5252, CVE-2015-5296 and CVE-2015-5299.

 

For the stable distribution (jessie), these problems have been fixed in

version 2:4.1.17+dfsg-2+deb8u1. The fixes for CVE-2015-3223 and

CVE-2015-5330 required an update to ldb 2:1.1.17-2+deb8u1 to correct the

defects.

 

For the unstable distribution (sid), these problems have been fixed in

version 2:4.1.22+dfsg-1. The fixes for CVE-2015-3223 and CVE-2015-5330

required an update to ldb 2:1.1.24-1 to correct the defects.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3434-1 security@debian.org

https://www.debian.org/security/ Ben Hutchings

January 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2015-7513 CVE-2015-7550 CVE-2015-8543 CVE-2015-8550

CVE-2015-8551 CVE-2015-8552 CVE-2015-8569 CVE-2015-8575

CVE-2015-8709

Debian Bug : 808293 808602 808953 808973

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a privilege escalation, denial of service or information

leak.

 

CVE-2015-7513

 

It was discovered that a local user permitted to use the x86 KVM

subsystem could configure the PIT emulation to cause a denial of

service (crash).

 

CVE-2015-7550

 

Dmitry Vyukov discovered a race condition in the keyring subsystem

that allows a local user to cause a denial of service (crash).

 

CVE-2015-8543

 

It was discovered that a local user permitted to create raw sockets

could cause a denial-of-service by specifying an invalid protocol

number for the socket. The attacker must have the CAP_NET_RAW

capability.

 

CVE-2015-8550

 

Felix Wilhelm of ERNW discovered that the Xen PV backend drivers

may read critical data from shared memory multiple times. This

flaw can be used by a guest kernel to cause a denial of service

(crash) on the host, or possibly for privilege escalation.

 

CVE-2015-8551 / CVE-2015-8552

 

Konrad Rzeszutek Wilk of Oracle discovered that the Xen PCI

backend driver does not adequately validate the device state when

a guest configures MSIs. This flaw can be used by a guest kernel

to cause a denial of service (crash or disk space exhaustion) on

the host.

 

CVE-2015-8569

 

Dmitry Vyukov discovered a flaw in the PPTP sockets implementation

that leads to an information leak to local users.

 

CVE-2015-8575

 

David Miller discovered a flaw in the Bluetooth SCO sockets

implementation that leads to an information leak to local users.

 

CVE-2015-8709

 

Jann Horn discovered a flaw in the permission checks for use of

the ptrace feature. A local user who has the CAP_SYS_PTRACE

capability within their own user namespace could use this flaw for

privilege escalation if a more privileged process ever enters that

user namespace. This affects at least the LXC system.

 

In addition, this update fixes some regressions in the previous update:

 

#808293

 

A regression in the UDP implementation prevented freeradius and

some other applications from receiving data.

 

#808602 / #808953

 

A regression in the USB XHCI driver prevented use of some devices

in USB 3 SuperSpeed ports.

 

#808973

 

A fix to the radeon driver interacted with an existing bug to

cause a crash at boot when using some AMD/ATI graphics cards.

This issue only affects wheezy.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 3.2.73-2+deb7u2. The oldstable distribution (wheezy) is not

affected by CVE-2015-8709.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.16.7-ckt20-1+deb8u2. CVE-2015-8543 was already fixed in

version 3.16.7-ckt20-1+deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 4.3.3-3 or earlier.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3435-1 security@debian.org

https://www.debian.org/security/ Laszlo Boszormenyi (GCS)

January 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : git

CVE ID : CVE-2015-7545

 

Blake Burkhart discovered that the Git git-remote-ext helper incorrectly

handled recursive clones of git repositories. A remote attacker could

possibly use this issue to execute arbitary code by injecting commands

via crafted URLs.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1:1.7.10.4-1+wheezy2.

 

For the stable distribution (jessie), this problem has been fixed in

version 1:2.1.4-2.1+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 1:2.6.1-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:2.6.1-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3436-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 08, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2015-7575

 

Karthikeyan Bhargavan and Gaetan Leurent at INRIA discovered a flaw in

the TLS 1.2 protocol which could allow the MD5 hash function to be used

for signing ServerKeyExchange and Client Authentication packets during a

TLS handshake. A man-in-the-middle attacker could exploit this flaw to

conduct collision attacks to impersonate a TLS server or an

authenticated TLS client.

 

More information can be found at

https://www.mitls.org/pages/attacks/SLOTH

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.0.1e-2+deb7u19.

 

For the stable distribution (jessie), the testing distribution (stretch)

and the unstable distribution (sid), this issue was already addressed in

version 1.0.1f-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3437-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 09, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gnutls26

CVE ID : CVE-2015-7575

 

Karthikeyan Bhargavan and Gaetan Leurent at INRIA discovered a flaw in

the TLS 1.2 protocol which could allow the MD5 hash function to be used

for signing ServerKeyExchange and Client Authentication packets during a

TLS handshake. A man-in-the-middle attacker could exploit this flaw to

conduct collision attacks to impersonate a TLS server or an

authenticated TLS client.

 

More information can be found at

https://www.mitls.org/pages/attacks/SLOTH

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.12.20-8+deb7u5.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3439-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 10, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : prosody

CVE ID : CVE-2016-1231 CVE-2016-1232

 

Two vulnerabilities were discovered in Prosody, a lightweight

Jabber/XMPP server. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2016-1231

 

Kim Alvefur discovered a flaw in Prosody's HTTP file-serving module

that allows it to serve requests outside of the configured public

root directory. A remote attacker can exploit this flaw to access

private files including sensitive data. The default configuration

does not enable the mod_http_files module and thus is not

vulnerable.

 

CVE-2016-1232

 

Thijs Alkemade discovered that Prosody's generation of the secret

token for server-to-server dialback authentication relied upon a

weak random number generator that was not cryptographically secure.

A remote attacker can take advantage of this flaw to guess at

probable values of the secret key and impersonate the affected

domain to other servers on the network.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 0.8.2-4+deb7u3.

 

For the stable distribution (jessie), these problems have been fixed in

version 0.9.7-2+deb8u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3438-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

January 09, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xscreensaver

CVE ID : CVE-2015-8025

Debian Bug : 802914

 

It was discovered that unplugging one of the monitors in a multi-monitor

setup can cause xscreensaver to crash. Someone with physical access to

a machine could use this problem to bypass a locked session.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 5.15-3+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 5.30-1+deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, this problem

has been fixed in version 5.34-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3441-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 11, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : perl

CVE ID : CVE-2015-8607

Debian Bug : 810719

 

David Golden of MongoDB discovered that File::Spec::canonpath() in Perl

returned untainted strings even if passed tainted input. This defect

undermines taint propagation, which is sometimes used to ensure that

unvalidated user input does not reach sensitive code.

 

The oldstable distribution (wheezy) is not affected by this problem.

 

For the stable distribution (jessie), this problem has been fixed in

version 5.20.2-3+deb8u2.

 

For the unstable distribution (sid), this problem will be fixed soon.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3442-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

January 13, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : isc-dhcp

CVE ID : CVE-2015-8605

Debian Bug : 810875

 

It was discovered that a maliciously crafted packet can crash any of

the isc-dhcp applications. This includes the DHCP client, relay, and

server application. Only IPv4 setups are affected.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 4.2.2.dfsg.1-5+deb70u8.

 

For the stable distribution (jessie), this problem has been fixed in

version 4.3.1-6+deb8u2.

 

For the testing (stretch) and unstable (sid) distributions, this

problem will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3443-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 13, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libpng

CVE ID : CVE-2015-8472 CVE-2015-8540

Debian Bug : 807112 807694

 

Several vulnerabilities have been discovered in the libpng PNG library.

The Common Vulnerabilities and Exposures project identifies the

following problems:

 

CVE-2015-8472

 

It was discovered that the original fix for CVE-2015-8126 was

incomplete and did not detect a potential overrun by applications

using png_set_PLTE directly. A remote attacker can take advantage of

this flaw to cause a denial of service (application crash).

 

CVE-2015-8540

 

Xiao Qixue and Chen Yu discovered a flaw in the png_check_keyword

function. A remote attacker can potentially take advantage of this

flaw to cause a denial of service (application crash).

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.2.49-1+deb7u2.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.2.50-2+deb8u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3444-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 13, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wordpress

CVE ID : CVE-2016-1564

Debian Bug : 810325

 

Crtc4L discovered a cross-site scripting vulnerability in wordpress, a

web blogging tool, allowing a remote authenticated administrator to

compromise the site.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 3.6.1+dfsg-1~deb7u9.

 

For the stable distribution (jessie), this problem has been fixed in

version 4.1+dfsg-1+deb8u7.

 

For the unstable distribution (sid), this problem has been fixed in

version 4.4.1+dfsg-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3445-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 13, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : pygments

CVE ID : CVE-2015-8557

Debian Bug : 802828

 

Javantea discovered that pygments, a generic syntax highlighter, is

prone to a shell injection vulnerability allowing a remote attacker to

execute arbitrary code via shell metacharacters in a font name.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.5+dfsg-1+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.0.1+dfsg-1.1+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 2.0.1+dfsg-2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3446-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

January 14, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssh

CVE ID : CVE-2016-0777 CVE-2016-0778

Debian bug : 810984

 

The Qualys Security team discovered two vulnerabilities in the roaming

code of the OpenSSH client (an implementation of the SSH protocol

suite).

 

SSH roaming enables a client, in case an SSH connection breaks

unexpectedly, to resume it at a later time, provided the server also

supports it.

 

The OpenSSH server doesn't support roaming, but the OpenSSH client

supports it (even though it's not documented) and it's enabled by

default.

 

CVE-2016-0777

 

An information leak (memory disclosure) can be exploited by a rogue

SSH server to trick a client into leaking sensitive data from the

client memory, including for example private keys.

 

CVE-2016-0778

 

A buffer overflow (leading to file descriptor leak), can also be

exploited by a rogue SSH server, but due to another bug in the code

is possibly not exploitable, and only under certain conditions (not

the default configuration), when using ProxyCommand, ForwardAgent or

ForwardX11.

 

This security update completely disables the roaming code in the OpenSSH

client.

 

It is also possible to disable roaming by adding the (undocumented)

option 'UseRoaming no' to the global /etc/ssh/ssh_config file, or to the

user configuration in ~/.ssh/config, or by passing -oUseRoaming=no on

the command line.

 

Users with passphrase-less privates keys, especially in non interactive

setups (automated jobs using ssh, scp, rsync+ssh etc.) are advised to

update their keys if they have connected to an SSH server they don't

trust.

 

More details about identifying an attack and mitigations will be

available in the Qualys Security Advisory.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1:6.0p1-4+deb7u3.

 

For the stable distribution (jessie), these problems have been fixed in

version 1:6.7p1-5+deb8u1.

 

For the testing distribution (stretch) and unstable distribution (sid), these

problems will be fixed in a later version.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3431-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 14, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ganeti

Debian Bug : 810850

 

The update for ganeti issued as DSA-3431-1 causes the gnt-instance info

command to fail for all instances of type DRBD. Updated packages are now

available to address this regression. For reference the original

advisory text follows.

 

Pierre Kim discovered two vulnerabilities in the restful API of Ganeti,

a virtual server cluster management tool. SSL parameter negotiation

could result in denial of service and the DRBD secret could leak.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.5.2-1+deb7u2.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.12.4-1+deb8u3.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3447-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 17, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tomcat7

CVE ID : CVE-2014-7810

 

It was discovered that malicious web applications could use the

Expression Language to bypass protections of a Security Manager as

expressions were evaluated within a privileged code section.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 7.0.28-4+deb7u3. This update also provides fixes for

CVE-2013-4444, CVE-2014-0075, CVE-2014-0099, CVE-2014-0227 and

CVE-2014-0230, which were all fixed for the stable distribution (jessie)

already.

 

For the stable distribution (jessie), this problem has been fixed in

version 7.0.56-3+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 7.0.61-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 7.0.61-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3448-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 19, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2013-4312 CVE-2015-7566 CVE-2015-8767 CVE-2016-0723

CVE-2016-0728

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a privilege escalation or denial-of-service.

 

CVE-2013-4312

 

Tetsuo Handa discovered that it is possible for a process to open

far more files than the process' limit leading to denial-of-service

conditions.

 

CVE-2015-7566

 

Ralf Spenneberg of OpenSource Security reported that the visor

driver crashes when a specially crafted USB device without bulk-out

endpoint is detected.

 

CVE-2015-8767

 

An SCTP denial-of-service was discovered which can be triggered by a

local attacker during a heartbeat timeout event after the 4-way

handshake.

 

CVE-2016-0723

 

A use-after-free vulnerability was discovered in the TIOCGETD ioctl.

A local attacker could use this flaw for denial-of-service.

 

CVE-2016-0728

 

The Perception Point research team discovered a use-after-free

vulnerability in the keyring facility, possibly leading to local

privilege escalation.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.16.7-ckt20-1+deb8u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3449-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 19, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bind9

CVE ID : CVE-2015-8704

 

It was discovered that specific APL RR data could trigger an INSIST

failure in apl_42.c and cause the BIND DNS server to exit, leading to a

denial-of-service.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u9.

 

For the stable distribution (jessie), this problem has been fixed in

version 1:9.9.5.dfsg-9+deb8u5.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3450-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 20, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ecryptfs-utils

CVE ID : CVE-2016-1572

 

Jann Horn discovered that the setuid-root mount.ecryptfs_private helper

in the ecryptfs-utils would mount over any target directory that the

user owns, including a directory in procfs. A local attacker could use

this flaw to escalate his privileges.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 99-1+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 103-5+deb8u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3451-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

January 20, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : fuse

CVE ID : CVE-2016-1233

 

Jann Horn discovered a vulnerability in the fuse (Filesystem in

Userspace) package in Debian. The fuse package ships an udev rules

adjusting permissions on the related /dev/cuse character device, making

it world writable.

 

This permits a local, unprivileged attacker to create an

arbitrarily-named character device in /dev and modify the memory of any

process that opens it and performs an ioctl on it.

 

This in turn might allow a local, unprivileged attacker to escalate to

root privileges.

 

For the oldstable distribution (wheezy), the fuse package is not affected.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.9.3-15+deb8u2.

 

For the testing distribution (stretch), this problem has been fixed

in version 2.9.5-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.9.5-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3452-1 security@debian.org

https://www.debian.org/security/ Ben Hutchings

January 23, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : claws-mail

CVE ID : CVE-2015-8614

 

"DrWhax" of the Tails project reported that Claws Mail is missing

range checks in some text conversion functions. A remote attacker

could exploit this to run arbitrary code under the account of a user

that receives a message from them using Claws Mail.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 3.8.1-2+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 3.11.1-3+deb8u1.

Link to comment
Share on other sites

------------------------------------------------------------------------

The Debian Project https://www.debian.org/

Updated Debian 8: 8.3 released press@debian.org

January 23rd, 2016 https://www.debian.org/News/2016/20160123

------------------------------------------------------------------------

 

 

The Debian project is pleased to announce the third update of its stable

distribution Debian 8 (codename "jessie"). This update mainly adds

corrections for security problems to the stable release, along with a

few adjustments for serious problems. Security advisories were published

separately and are referenced where applicable.

 

Please note that this update does not constitute a new version of Debian

8 but only updates some of the packages included. There is no need to

throw away old "jessie" CDs or DVDs but only to update via an up-to-date

Debian mirror after an installation, to cause any out of date packages

to be updated.

 

Those who frequently install updates from security.debian.org won't have

to update many packages and most updates from security.debian.org are

included in this update.

 

New installation media and CD and DVD images containing updated packages

will be available soon at the regular locations.

 

Upgrading to this revision online is usually done by pointing the

aptitude (or apt) package tool (see the sources.list(5) manual page) to

one of Debian's many FTP or HTTP mirrors. A comprehensive list of

mirrors is available at:

 

https://www.debian.org/mirror/list

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3453-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 25, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mariadb-10.0

CVE ID : CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597

CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608

CVE-2016-0609 CVE-2016-0616 CVE-2016-2047

 

Several issues have been discovered in the MariaDB database server. The

vulnerabilities are addressed by upgrading MariaDB to the new upstream

version 10.0.23. Please see the MariaDB 10.0 Release Notes for further

details:

 

https://mariadb.com/kb/en/mariadb/mariadb-10023-release-notes/

 

For the stable distribution (jessie), these problems have been fixed in

version 10.0.23-0+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 10.0.23-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 10.0.23-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3454-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : virtualbox

CVE ID : CVE-2015-5307 CVE-2015-8104 CVE-2016-0495 CVE-2016-0592

 

Multiple vulnerabilities have been discovered in VirtualBox, an x86

virtualisation solution.

 

Upstream support for the 4.1 release series has ended and since no

information is available which would allow backports of isolated security

fixes, security support for virtualbox in wheezy/oldstable needed to be

ended as well.

If you use virtualbox with externally procured VMs (e.g. through vagrant)

we advise you to update to Debian jessie.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.3.36-dfsg-1+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 5.0.14-dfsg-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 5.0.14-dfsg-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3455-1 security@debian.org

https://www.debian.org/security/ Alessandro Ghedini

January 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : curl

CVE ID : CVE-2016-0755

 

Isaac Boukris discovered that cURL, an URL transfer library, reused

NTLM-authenticated proxy connections without properly making sure that

the connection was authenticated with the same credentials as set for

the new transfer. This could lead to HTTP requests being sent over the

connection authenticated as a different user.

 

For the stable distribution (jessie), this problem has been fixed in

version 7.38.0-4+deb8u3.

 

For the unstable distribution (sid), this problem has been fixed in

version 7.47.0-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3456-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

January 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2015-6792 CVE-2016-1612 CVE-2016-1613 CVE-2016-1614

CVE-2016-1615 CVE-2016-1616 CVE-2016-1617 CVE-2016-1618

CVE-2016-1619 CVE-2016-1620

 

Several vulnerabilities were discovered in the chromium web browser.

 

CVE-2015-6792

 

An issue was found in the handling of MIDI files.

 

CVE-2016-1612

 

cloudfuzzer discovered a logic error related to receiver

compatibility in the v8 javascript library.

 

CVE-2016-1613

 

A use-after-free issue was discovered in the pdfium library.

 

CVE-2016-1614

 

Christoph Diehl discovered an information leak in Webkit/Blink.

 

CVE-2016-1615

 

Ron Masas discovered a way to spoof URLs.

 

CVE-2016-1616

 

Luan Herrera discovered a way to spoof URLs.

 

CVE-2016-1617

 

jenuis discovered a way to discover whether an HSTS web site had

been visited.

 

CVE-2016-1618

 

Aaron Toponce discovered the use of weak random number generator.

 

CVE-2016-1619

 

Keve Nagy discovered an out-of-bounds-read issue in the pdfium library.

 

CVE-2016-1620

 

The chrome 48 development team found and fixed various issues

during internal auditing. Also multiple issues were fixed in

the v8 javascript library, version 4.7.271.17.

 

For the stable distribution (jessie), these problems have been fixed in

version 48.0.2564.82-1~deb8u1.

 

For the testing distribution (stretch), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 48.0.2564.82-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3457-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iceweasel

CVE ID : CVE-2015-7575 CVE-2016-1930 CVE-2016-1935

 

Multiple security issues have been found in Iceweasel, Debian's version

of the Mozilla Firefox web browser: Multiple memory safety errors and a

buffer overflow may lead to the execution of arbitrary code. In addition

the bundled NSS crypto library addresses the SLOTH attack on TLS 1.2.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 38.6.0esr-1~deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 38.6.0esr-1~deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 44.0-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3458-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2015-7575 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466

CVE-2016-0483 CVE-2016-0494

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in breakouts of

the Java sandbox, information disclosur, denial of service and insecure

cryptography.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 7u95-2.6.4-1~deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 7u95-2.6.4-1~deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 7u95-2.6.4-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3459-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 28, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mysql-5.5

CVE ID : CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597

CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608

CVE-2016-0609 CVE-2016-0616

Debian Bug : 811428

 

Several issues have been discovered in the MySQL database server. The

vulnerabilities are addressed by upgrading MySQL to the new upstream

version 5.5.47. Please see the MySQL 5.5 Release Notes and Oracle's

Critical Patch Update advisory for further details:

 

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-47.html

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 5.5.47-0+deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 5.5.47-0+deb8u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3460-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

January 30, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : privoxy

CVE ID : CVE-2016-1982 CVE-2016-1983

 

It was discovered that privoxy, a web proxy with advanced filtering

capabilities, contained invalid reads that could enable a remote

attacker to crash the application, thus causing a Denial of Service.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 3.0.19-2+deb7u3.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.0.21-7+deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, these

problems have been fixed in version 3.0.24-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3462-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

January 30, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : radicale

CVE ID : CVE-2015-8747 CVE-2015-8748

Debian Bug : 809920

 

Two vulnerabilities were fixed in radicale, a CardDAV/CalDAV server.

 

CVE-2015-8747

 

The (not configured by default and not available on Wheezy)

multifilesystem storage backend allows read and write access to

arbitrary files (still subject to the DAC permissions of the user

the radicale server is running as).

 

CVE-2015-8748

 

If an attacker is able to authenticate with a user name like `.*',

he can bypass read/write limitations imposed by regex-based rules,

including the built-in rules `owner_write' (read for everybody,

write for the calendar owner) and `owner_only' (read and write for

the the calendar owner).

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 0.7-1.1+deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 0.9-1+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 1.1.1-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.1.1-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3461-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

January 30, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : freetype

CVE ID : CVE-2014-9674

Debian Bug : 777656

 

Mateusz Jurczyk discovered multiple vulnerabilities in

Freetype. Opening malformed fonts may result in denial of service or

the execution of arbitrary code.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.4.9-1.1+deb7u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3463-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 31, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : prosody

CVE ID : CVE-2016-0756

 

It was discovered that insecure handling of dialback keys may allow

a malicious XMPP server to impersonate another server.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 0.8.2-4+deb7u4.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.9.7-2+deb8u3.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.9.10-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3464-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 31, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : rails

CVE ID : CVE-2015-3226 CVE-2015-3227 CVE-2015-7576 CVE-2015-7577

CVE-2015-7581 CVE-2016-0751 CVE-2016-0752 CVE-2016-0753

 

Multiple security issues have been discovered in the Rails on Rails web

application development framework, which may result in denial of service,

cross-site scripting, information disclosure or bypass of input

validation.

 

For the stable distribution (jessie), these problems have been fixed in

version 2:4.1.8-1+deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2:4.2.5.1-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3465-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 02, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-6

CVE ID : CVE-2015-7575 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466

CVE-2016-0483 CVE-2016-0494

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in breakouts of

the Java sandbox, information disclosur, denial of service and insecure

cryptography.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 6b38-1.13.10-1~deb7u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3466-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 04, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : krb5

CVE ID : CVE-2015-8629 CVE-2015-8630 CVE-2015-8631

Debian Bug : 813126 813127 813296

 

Several vulnerabilities were discovered in krb5, the MIT implementation

of Kerberos. The Common Vulnerabilities and Exposures project identifies

the following problems:

 

CVE-2015-8629

 

It was discovered that an authenticated attacker can cause kadmind

to read beyond the end of allocated memory by sending a string

without a terminating zero byte. Information leakage may be possible

for an attacker with permission to modify the database.

 

CVE-2015-8630

 

It was discovered that an authenticated attacker with permission to

modify a principal entry can cause kadmind to dereference a null

pointer by supplying a null policy value but including KADM5_POLICY

in the mask.

 

CVE-2015-8631

 

It was discovered that an authenticated attacker can cause kadmind

to leak memory by supplying a null principal name in a request which

uses one. Repeating these requests will eventually cause kadmind to

exhaust all available memory.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.10.1+dfsg-5+deb7u7. The oldstable distribution (wheezy) is

not affected by CVE-2015-8630.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.12.1+dfsg-19+deb8u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3467-1 security@debian.org

https://www.debian.org/security/ Laszlo Boszormenyi (GCS)

February 06, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tiff

CVE ID : CVE-2015-8665 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782

CVE-2015-8783 CVE-2015-8784

Debian Bug : 808968 809021

 

Several vulnerabilities have been found in tiff, a Tag Image File Format

library. Multiple out-of-bounds read and write flaws could cause an

application using the tiff library to crash.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 4.0.2-6+deb7u5.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.0.3-12.3+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 4.0.6-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 4.0.6-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3468-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

February 06, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : polarssl

CVE ID : CVE-2015-5291 CVE-2015-8036

Debian Bug : 801413

 

It was discovered that polarssl, a library providing SSL and TLS

support, contained two heap-based buffer overflows that could allow a

remote attacker to trigger denial of service (via application crash)

or arbitrary code execution.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.2.9-1~deb7u6.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.3.9-2.1+deb8u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3469-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

February 08, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : qemu

CVE ID : CVE-2015-7295 CVE-2015-7504 CVE-2015-7512 CVE-2015-8345

CVE-2015-8504 CVE-2015-8558 CVE-2015-8743 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922

Debian Bug : 799452 806373 806741 806742 808130 808144 810519 810527 811201

 

Several vulnerabilities were discovered in qemu, a full virtualization

solution on x86 hardware.

 

CVE-2015-7295

 

Jason Wang of Red Hat Inc. discovered that the Virtual Network

Device support is vulnerable to denial-of-service (via resource

exhaustion), that could occur when receiving large packets.

 

CVE-2015-7504

 

Qinghao Tang of Qihoo 360 Inc. and Ling Liu of Qihoo 360 Inc.

discovered that the PC-Net II ethernet controller is vulnerable to

a heap-based buffer overflow that could result in

denial-of-service (via application crash) or arbitrary code

execution.

 

CVE-2015-7512

 

Ling Liu of Qihoo 360 Inc. and Jason Wang of Red Hat Inc.

discovered that the PC-Net II ethernet controller is vulnerable to

a buffer overflow that could result in denial-of-service (via

application crash) or arbitrary code execution.

 

CVE-2015-8345

 

Qinghao Tang of Qihoo 360 Inc. discovered that the eepro100

emulator contains a flaw that could lead to an infinite loop when

processing Command Blocks, eventually resulting in

denial-of-service (via application crash).

 

CVE-2015-8504

 

Lian Yihan of Qihoo 360 Inc. discovered that the VNC display

driver support is vulnerable to an arithmetic exception flaw that

could lead to denial-of-service (via application crash).

 

CVE-2015-8558

 

Qinghao Tang of Qihoo 360 Inc. discovered that the USB EHCI

emulation support contains a flaw that could lead to an infinite

loop during communication between the host controller and a device

driver. This could lead to denial-of-service (via resource

exhaustion).

 

CVE-2015-8743

 

Ling Liu of Qihoo 360 Inc. discovered that the NE2000 emulator is

vulnerable to an out-of-bound read/write access issue, potentially

resulting in information leak or memory corruption.

 

CVE-2016-1568

 

Qinghao Tang of Qihoo 360 Inc. discovered that the IDE AHCI

emulation support is vulnerable to a use-after-free issue, that

could lead to denial-of-service (via application crash) or

arbitrary code execution.

 

CVE-2016-1714

 

Donghai Zhu of Alibaba discovered that the Firmware Configuration

emulation support is vulnerable to an out-of-bound read/write

access issue, that could lead to denial-of-service (via

application crash) or arbitrary code execution.

 

CVE-2016-1922

 

Ling Liu of Qihoo 360 Inc. discovered that 32-bit Windows guests

support is vulnerable to a null pointer dereference issue, that

could lead to denial-of-service (via application crash).

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.1.2+dfsg-6a+deb7u12.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3470-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

February 08, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : qemu-kvm

CVE ID : CVE-2015-7295 CVE-2015-7504 CVE-2015-7512 CVE-2015-8345

CVE-2015-8504 CVE-2015-8558 CVE-2015-8743 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922

Debian Bug : 799452 806373 806741 806742 808130 808144 810519 810527 811201

 

Several vulnerabilities were discovered in qemu-kvm, a full

virtualization solution on x86 hardware.

 

CVE-2015-7295

 

Jason Wang of Red Hat Inc. discovered that the Virtual Network

Device support is vulnerable to denial-of-service (via resource

exhaustion), that could occur when receiving large packets.

 

CVE-2015-7504

 

Qinghao Tang of Qihoo 360 Inc. and Ling Liu of Qihoo 360 Inc.

discovered that the PC-Net II ethernet controller is vulnerable to

a heap-based buffer overflow that could result in

denial-of-service (via application crash) or arbitrary code

execution.

 

CVE-2015-7512

 

Ling Liu of Qihoo 360 Inc. and Jason Wang of Red Hat Inc.

discovered that the PC-Net II ethernet controller is vulnerable to

a buffer overflow that could result in denial-of-service (via

application crash) or arbitrary code execution.

 

CVE-2015-8345

 

Qinghao Tang of Qihoo 360 Inc. discovered that the eepro100

emulator contains a flaw that could lead to an infinite loop when

processing Command Blocks, eventually resulting in

denial-of-service (via application crash).

 

CVE-2015-8504

 

Lian Yihan of Qihoo 360 Inc. discovered that the VNC display

driver support is vulnerable to an arithmetic exception flaw that

could lead to denial-of-service (via application crash).

 

CVE-2015-8558

 

Qinghao Tang of Qihoo 360 Inc. discovered that the USB EHCI

emulation support contains a flaw that could lead to an infinite

loop during communication between the host controller and a device

driver. This could lead to denial-of-service (via resource

exhaustion).

 

CVE-2015-8743

 

Ling Liu of Qihoo 360 Inc. discovered that the NE2000 emulator is

vulnerable to an out-of-bound read/write access issue, potentially

resulting in information leak or memory corruption.

 

CVE-2016-1568

 

Qinghao Tang of Qihoo 360 Inc. discovered that the IDE AHCI

emulation support is vulnerable to a use-after-free issue, that

could lead to denial-of-service (via application crash) or

arbitrary code execution.

 

CVE-2016-1714

 

Donghai Zhu of Alibaba discovered that the Firmware Configuration

emulation support is vulnerable to an out-of-bound read/write

access issue, that could lead to denial-of-service (via

application crash) or arbitrary code execution.

 

CVE-2016-1922

 

Ling Liu of Qihoo 360 Inc. discovered that 32-bit Windows guests

support is vulnerable to a null pointer dereference issue, that

could lead to denial-of-service (via application crash).

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.1.2+dfsg-6+deb7u12.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3471-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

February 08, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : qemu

CVE ID : CVE-2015-7295 CVE-2015-7504 CVE-2015-7512 CVE-2015-7549

CVE-2015-8345 CVE-2015-8504 CVE-2015-8550 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981

Debian Bug : 799452 806373 806741 806742 808130 808131 808144 808145 809229 809232 810519 810527 811201 812307 809237 809237

 

Several vulnerabilities were discovered in qemu, a full virtualization

solution on x86 hardware.

 

CVE-2015-7295

 

Jason Wang of Red Hat Inc. discovered that the Virtual Network

Device support is vulnerable to denial-of-service, that could

occur when receiving large packets.

 

CVE-2015-7504

 

Qinghao Tang of Qihoo 360 Inc. and Ling Liu of Qihoo 360 Inc.

discovered that the PC-Net II ethernet controller is vulnerable to

a heap-based buffer overflow that could result in

denial-of-service (via application crash) or arbitrary code

execution.

 

CVE-2015-7512

 

Ling Liu of Qihoo 360 Inc. and Jason Wang of Red Hat Inc.

discovered that the PC-Net II ethernet controller is vulnerable to

a buffer overflow that could result in denial-of-service (via

application crash) or arbitrary code execution.

 

CVE-2015-7549

 

Qinghao Tang of Qihoo 360 Inc. and Ling Liu of Qihoo 360

Inc. discovered that the PCI MSI-X emulator is vulnerable to a

null pointer dereference issue, that could lead to

denial-of-service (via application crash).

 

CVE-2015-8345

 

Qinghao Tang of Qihoo 360 Inc. discovered that the eepro100

emulator contains a flaw that could lead to an infinite loop when

processing Command Blocks, eventually resulting in

denial-of-service (via application crash).

 

CVE-2015-8504

 

Lian Yihan of Qihoo 360 Inc. discovered that the VNC display

driver support is vulnerable to an arithmetic exception flaw that

could lead to denial-of-service (via application crash).

 

CVE-2015-8550

 

Felix Wilhelm of ERNW Research that the PV backend drivers are

vulnerable to double fetch vulnerabilities, possibly resulting in

arbitrary code execution.

 

CVE-2015-8558

 

Qinghao Tang of Qihoo 360 Inc. discovered that the USB EHCI

emulation support contains a flaw that could lead to an infinite

loop during communication between the host controller and a device

driver. This could lead to denial-of-service (via resource

exhaustion).

 

CVE-2015-8567 CVE-2015-8568

 

Qinghao Tang of Qihoo 360 Inc. discovered that the vmxnet3 device

emulator could be used to intentionally leak host memory, thus

resulting in denial-of-service.

 

CVE-2015-8613

 

Qinghao Tang of Qihoo 360 Inc. discovered that the SCSI MegaRAID

SAS HBA emulation support is vulnerable to a stack-based buffer

overflow issue, that could lead to denial-of-service (via

application crash).

 

CVE-2015-8619

 

Ling Liu of Qihoo 360 Inc. discovered that the Human Monitor

Interface support is vulnerable to an out-of-bound write access

issue that could result in denial-of-service (via application

crash).

 

CVE-2015-8743

 

Ling Liu of Qihoo 360 Inc. discovered that the NE2000 emulator is

vulnerable to an out-of-bound read/write access issue, potentially

resulting in information leak or memory corruption.

 

CVE-2015-8744

 

The vmxnet3 driver incorrectly processes small packets, which could

result in denial-of-service (via application crash).

 

CVE-2015-8745

 

The vmxnet3 driver incorrectly processes Interrupt Mask Registers,

which could result in denial-of-service (via application crash).

 

CVE-2016-1568

 

Qinghao Tang of Qihoo 360 Inc. discovered that the IDE AHCI

emulation support is vulnerable to a use-after-free issue, that

could lead to denial-of-service (via application crash) or

arbitrary code execution.

 

CVE-2016-1714

 

Donghai Zhu of Alibaba discovered that the Firmware Configuration

emulation support is vulnerable to an out-of-bound read/write

access issue, that could lead to denial-of-service (via

application crash) or arbitrary code execution.

 

CVE-2016-1922

 

Ling Liu of Qihoo 360 Inc. discovered that 32-bit Windows guests

support is vulnerable to a null pointer dereference issue, that

could lead to denial-of-service (via application crash).

 

CVE-2016-1981

 

The e1000 driver is vulnerable to an infinite loop issue that

could lead to denial-of-service (via application crash).

 

For the stable distribution (jessie), these problems have been fixed in

version 1:2.1+dfsg-12+deb8u5a.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3472-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 08, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wordpress

CVE ID : CVE-2016-2221 CVE-2016-2222

Debian Bug : 813697

 

Two vulnerabilities were discovered in wordpress, a web blogging tool.

The Common Vulnerabilities and Exposures project identifies the

following problems:

 

CVE-2016-2221

 

Shailesh Suthar discovered an open redirection vulnerability.

 

CVE-2016-2222

 

Ronni Skansing discovered a server-side request forgery (SSRF)

vulnerability.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 3.6.1+dfsg-1~deb7u10.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.1+dfsg-1+deb8u8.

 

For the unstable distribution (sid), these problems have been fixed in

version 4.4.2+dfsg-1.

Link to comment
Share on other sites

×
×
  • Create New...