sunrat Posted March 23, 2016 Share Posted March 23, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3526-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond March 23, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libmatroska CVE ID : CVE-2015-8792 It was discovered that libmatroska, an extensible open standard audio/video container format, incorrectly processed EBML lacing. By providing maliciously crafted input, an attacker could use this flaw to force some leakage of information located in the process heap memory. For the oldstable distribution (wheezy), this problem has been fixed in version 1.3.0-2+deb7u1. For the stable distribution (jessie), this problem has been fixed in version 1.4.1-2+deb8u1. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 1.4.4-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3528-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond March 23, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pidgin-otr CVE ID : CVE-2015-8833 Stefan Sperling discovered that pidgin-otr, a Pidgin plugin implementing Off-The-Record messaging, contained a use-after-free bug. This could be used by a malicious remote user to intentionally crash the application, thus causing a denial-of-service. For the stable distribution (jessie), this problem has been fixed in version 4.0.1-1+deb8u1. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 4.0.2-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3529-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 23, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : redmine CVE ID : CVE-2015-8474 CVE-2015-8346 CVE-2015-8473 CVE-2015-8537 Multiple vulnerabilities have been found in Redmine, a project management web application, which may result in information disclosure. For the stable distribution (jessie), these problems have been fixed in version 3.0~20140825-8~deb8u2. For the testing distribution (stretch), these problems have been fixed in version 3.2.0-1. For the unstable distribution (sid), these problems have been fixed in version 3.2.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted March 24, 2016 Share Posted March 24, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3527-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond March 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : inspircd CVE ID : CVE-2015-8702 It was discovered that inspircd, an IRC daemon, incorrectly handled PTR lookups of connecting users. This flaw allowed a remote attacker to crash the application by setting up malformed DNS records, thus causing a denial-of-service, For the oldstable distribution (wheezy), this problem has been fixed in version 2.0.5-1+deb7u2. For the stable distribution (jessie), this problem has been fixed in version 2.0.17-1+deb8u1. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 2.0.20-1. Link to comment Share on other sites More sharing options...
sunrat Posted March 25, 2016 Share Posted March 25, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3530-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat6 CVE ID : CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033 CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174 CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 Multiple security vulnerabilities have been fixed in the Tomcat servlet and JSP engine, which may result on bypass of security manager restrictions, information disclosure, denial of service or session fixation. For the oldstable distribution (wheezy), these problems have been fixed in version 6.0.45+dfsg-1~deb7u1. Link to comment Share on other sites More sharing options...
sunrat Posted March 27, 2016 Share Posted March 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3531-1 security@debian.org https://www.debian.org/security/ Michael Gilbert March 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromum-browser CVE ID : CVE-2016-1646 CVE-2016-1647 CVE-2016-1648 CVE-2016-1649 CVE-2016-1650 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1646 Wen Xu discovered an out-of-bounds read issue in the v8 library. CVE-2016-1647 A use-after-free issue was discovered. CVE-2016-1648 A use-after-free issue was discovered in the handling of extensions. CVE-2016-1649 lokihardt discovered a buffer overflow issue in the Almost Native Graphics Layer Engine (ANGLE) library. CVE-2016-1650 The chrome development team found and fixed various issues during internal auditing. Also multiple issues were fixed in the v8 javascript library, version 4.9.385.33. For the stable distribution (jessie), these problems have been fixed in version 49.0.2623.108-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 49.0.2623.108-1. Link to comment Share on other sites More sharing options...
sunrat Posted March 27, 2016 Share Posted March 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3532-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : quagga CVE ID : CVE-2016-2342 Debian Bug : 819179 Kostya Kortchinsky discovered a stack-based buffer overflow vulnerability in the VPNv4 NLRI parser in bgpd in quagga, a BGP/OSPF/RIP routing daemon. A remote attacker can exploit this flaw to cause a denial of service (daemon crash), or potentially, execution of arbitrary code, if bgpd is configured with BGP peers enabled for VPNv4. For the oldstable distribution (wheezy), this problem has been fixed in version 0.99.22.4-1+wheezy2. For the stable distribution (jessie), this problem has been fixed in version 0.99.23.1-1+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted March 29, 2016 Share Posted March 29, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3533-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openvswitch CVE ID : CVE-2016-2074 Kashyap Thimmaraju and Bhargava Shastry discovered a remotely triggerable buffer overflow vulnerability in openvswitch, a production quality, multilayer virtual switch implementation. Specially crafted MPLS packets could overflow the buffer reserved for MPLS labels in an OVS internal data structure. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially, execution of arbitrary code. For the stable distribution (jessie), this problem has been fixed in version 2.3.0+git20140819-3+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 2.3.0+git20140819-4. Link to comment Share on other sites More sharing options...
sunrat Posted March 30, 2016 Share Posted March 30, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3534-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 29, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dhcpcd CVE ID : CVE-2012-6698 CVE-2012-6699 CVE-2012-6700 Guido Vranken discovered several vulnerabilities in dhcpcd, a DHCP client, which may result in denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 1:3.2.3-11+deb7u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3535-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 29, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : kamailio CVE ID : CVE-2016-2385 Stelios Tsampas discovered a buffer overflow in the Kamailio SIP proxy which might result in the execution of arbitrary code. For the stable distribution (jessie), this problem has been fixed in version 4.2.0-2+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 4.3.4-2. For the unstable distribution (sid), this problem has been fixed in version 4.3.4-2. Link to comment Share on other sites More sharing options...
sunrat Posted April 1, 2016 Share Posted April 1, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3536-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond March 31, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libstruts1.2-java CVE ID : CVE-2015-0899 It was discovered that libstruts1.2-java, a Java framework for MVC applications, contains a bug in its multi-page validation code. This allows input validation to be bypassed, even if MPV is not used directly. For the oldstable distribution (wheezy), this problem has been fixed in version 1.2.9-5+deb7u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3537-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond March 31, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imlib2 CVE ID : CVE-2014-9762 CVE-2014-9763 CVE-2014-9764 Several vulnerabilities were discovered in imlib2, an image manipulation library. CVE-2014-9762 A segmentation fault could occur when opening GIFs without a colormap. CVE-2014-9763 Several divisions by zero, resulting in a program crash, could occur when handling PNM files. CVE-2014-9764 A segmentation fault could occur when opening GIFs with feh. For the oldstable distribution (wheezy), these problems have been fixed in version 1.4.5-1+deb7u1. For the stable distribution (jessie), these problems have been fixed in version 1.4.6-2+deb8u1. For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 1.4.7-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3538-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond March 31, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libebml CVE ID : CVE-2015-8789 CVE-2015-8790 CVE-2015-8791 Several vulnerabilities were discovered in libebml, a library for manipulating Extensible Binary Meta Language files. CVE-2015-8789 Context-dependent attackers could trigger a use-after-free vulnerability by providing a maliciously crafted EBML document. CVE-2015-8790 Context-dependent attackers could obtain sensitive information from the process' heap memory by using a maliciously crafted UTF-8 string. CVE-2015-8791 Context-dependent attackers could obtain sensitive information from the process' heap memory by using a maliciously crafted length value in an EBML id. For the oldstable distribution (wheezy), these problems have been fixed in version 1.2.2-2+deb7u1. For the stable distribution (jessie), these problems have been fixed in version 1.3.0-2+deb8u1. For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 1.3.3-1. Link to comment Share on other sites More sharing options...
sunrat Posted April 2, 2016 Share Posted April 2, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3539-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 02, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : srtp CVE ID : CVE-2015-6360 Debian Bug : 807698 Randell Jesup and the Firefox team discovered that srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol (SRTP), does not properly handle RTP header CSRC count and extension header length. A remote attacker can exploit this vulnerability to crash an application linked against libsrtp, resulting in a denial of service. For the oldstable distribution (wheezy), this problem has been fixed in version 1.4.4+20100615~dfsg-2+deb7u2. For the stable distribution (jessie), this problem has been fixed in version 1.4.5~20130609~dfsg-1.1+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted April 4, 2016 Share Posted April 4, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3540-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lhasa CVE ID : CVE-2016-2347 Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed. For the oldstable distribution (wheezy), this problem has been fixed in version 0.0.7-2+deb7u1. For the stable distribution (jessie), this problem has been fixed in version 0.2.0+git3fe46-1+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 0.3.1-1. For the unstable distribution (sid), this problem has been fixed in version 0.3.1-1. Link to comment Share on other sites More sharing options...
sunrat Posted April 6, 2016 Share Posted April 6, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3541-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond April 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : roundcube CVE ID : CVE-2015-8770 High-Tech Bridge Security Research Lab discovered that Roundcube, a webmail client, contained a path traversal vulnerability. This flaw could be exploited by an attacker to access sensitive files on the server, or even execute arbitrary code. For the oldstable distribution (wheezy), this problem has been fixed in version 0.7.2-9+deb7u2. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 1.1.4+dfsg.1-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3542-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mercurial CVE ID : CVE-2016-3068 CVE-2016-3069 CVE-2016-3630 Debian Bug : 819504 Several vulnerabilities have been discovered in Mercurial, a distributed version control system. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-3068 Blake Burkhart discovered that Mercurial allows URLs for Git subrepositories that could result in arbitrary code execution on clone. CVE-2016-3069 Blake Burkhart discovered that Mercurial allows arbitrary code execution when converting Git repositories with specially crafted names. CVE-2016-3630 It was discovered that Mercurial does not properly perform bounds- checking in its binary delta decoder, which may be exploitable for remote code execution via clone, push or pull. For the oldstable distribution (wheezy), these problems have been fixed in version 2.2.2-4+deb7u2. For the stable distribution (jessie), these problems have been fixed in version 3.1.2-2+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 3.7.3-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3543-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : oar CVE ID : CVE-2016-1235 Emmanuel Thome discovered that missing sanitising in the oarsh command of OAR, a software used to manage jobs and resources of HPC clusters, could result in privilege escalation. For the oldstable distribution (wheezy), this problem has been fixed in version 2.5.2-3+deb7u1. For the stable distribution (jessie), this problem has been fixed in version 2.5.4-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 2.5.7-1. Link to comment Share on other sites More sharing options...
sunrat Posted April 9, 2016 Share Posted April 9, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3544-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2016-2512 CVE-2016-2513 Debian Bug : 816434 Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2512 Mark Striemer discovered that some user-supplied redirect URLs containing basic authentication credentials are incorrectly handled, potentially allowing a remote attacker to perform a malicious redirect or a cross-site scripting attack. CVE-2016-2513 Sjoerd Job Postmus discovered that Django allows user enumeration through timing difference on password hasher work factor upgrades. For the oldstable distribution (wheezy), these problems have been fixed in version 1.4.5-1+deb7u16. For the stable distribution (jessie), these problems have been fixed in version 1.7.7-1+deb8u4. For the testing distribution (stretch), these problems have been fixed in version 1.9.4-1. For the unstable distribution (sid), these problems have been fixed in version 1.9.4-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3545-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cgit CVE ID : CVE-2016-1899 CVE-2016-1900 CVE-2016-1901 Debian Bug : 812411 Several vulnerabilities were discovered in cgit, a fast web frontend for git repositories written in C. A remote attacker can take advantage of these flaws to perform cross-site scripting, header injection or denial of service attacks. For the stable distribution (jessie), these problems have been fixed in version 0.10.2.git2.0.1-3+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 0.12.0.git2.7.0-1 or earlier. For the unstable distribution (sid), these problems have been fixed in version 0.12.0.git2.7.0-1 or earlier. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3546-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : optipng CVE ID : CVE-2016-2191 Hans Jerry Illikainen discovered that missing input sanitising in the BMP processing code of the optipng PNG optimiser may result in denial of service or the execution of arbitrary code if a malformed file is processed. For the oldstable distribution (wheezy), this problem has been fixed in version 0.6.4-1+deb7u2. This update also fixes CVE-2015-7801, which was originally targeted for a wheezy point update. For the stable distribution (jessie), this problem has been fixed in version 0.7.5-1+deb8u1. For the unstable distribution (sid), this problem will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted April 12, 2016 Share Posted April 12, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3547-1 security@debian.org https://www.debian.org/security/ Luciano Bello April 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick Debian Bug : 811308 Several vulnerabilities were discovered in Imagemagick, a program suite for image manipulation. This update fixes a large number of potential security problems such as null-pointer access and buffer-overflows that might lead to memory leaks or denial of service. Any of these security problems have a CVE number assigned. For the oldstable distribution (wheezy), this problem has been fixed in version 8:6.7.7.10-5+deb7u4. For the stable distribution (jessie), this problem was already fixed in version 8:6.8.9.9-5+deb8u1, in the last point release. Link to comment Share on other sites More sharing options...
sunrat Posted April 13, 2016 Share Posted April 13, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3485-2 security@debian.org https://www.debian.org/security/ Sebastien Delafond April 12, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : didiwiki Debian Bug : 818708 The update for didiwiki issued as DSA-3485-1 introduced a regression that caused a large number of valid pages to not be accessible anymore. This occurred mostly for pages whose names started with non-ascii characters. For the oldstable distribution (wheezy), this problem has been fixed in version 0.5-11+deb7u2. For the stable distribution (jessie), this problem has been fixed in version 0.5-11+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 0.5-13. Link to comment Share on other sites More sharing options...
sunrat Posted April 15, 2016 Share Posted April 15, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3548-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba CVE ID : CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-5370 Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to denial of service (crashes and high cpu consumption) and man-in-the-middle attacks. CVE-2016-2110 Stefan Metzmacher of SerNet and the Samba Team discovered that the feature negotiation of NTLMSSP does not protect against downgrade attacks. CVE-2016-2111 When Samba is configured as domain controller, it allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information. This flaw corresponds to the same vulnerability as CVE-2015-0005 for Windows, discovered by Alberto Solino from Core Security. CVE-2016-2112 Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can downgrade LDAP connections to avoid integrity protection. CVE-2016-2113 Stefan Metzmacher of SerNet and the Samba Team discovered that man-in-the-middle attacks are possible for client triggered LDAP connections and ncacn_http connections. CVE-2016-2114 Stefan Metzmacher of SerNet and the Samba Team discovered that Samba does not enforce required smb signing even if explicitly configured. CVE-2016-2115 Stefan Metzmacher of SerNet and the Samba Team discovered that SMB connections for IPC traffic are not integrity-protected. CVE-2016-2118 Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can intercept any DCERPC traffic between a client and a server in order to impersonate the client and obtain the same privileges as the authenticated user account. For the oldstable distribution (wheezy), these problems have been fixed in version 2:3.6.6-6+deb7u9. The oldstable distribution is not affected by CVE-2016-2113 and CVE-2016-2114. For the stable distribution (jessie), these problems have been fixed in version 2:4.2.10+dfsg-0+deb8u1. The issues were addressed by upgrading to the new upstream version 4.2.10, which includes additional changes and bugfixes. The depending libraries ldb, talloc, tdb and tevent required as well an update to new upstream versions for this update. For the unstable distribution (sid), these problems have been fixed in version 2:4.3.7+dfsg-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3548-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 14, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba Debian Bug : 820947 The upgrade to Samba 4.2 issued as DSA-3548-1 introduced a packaging regression causing an additional dependency on the samba binary package for the samba-libs, samba-common-bin, python-samba and samba-vfs-modules binary packages. Updated packages are now available to address this problem. For the stable distribution (jessie), this problem has been fixed in version 2:4.2.10+dfsg-0+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted April 15, 2016 Share Posted April 15, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3548-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba CVE ID : CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-5370 Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to denial of service (crashes and high cpu consumption) and man-in-the-middle attacks. CVE-2016-2110 Stefan Metzmacher of SerNet and the Samba Team discovered that the feature negotiation of NTLMSSP does not protect against downgrade attacks. CVE-2016-2111 When Samba is configured as domain controller, it allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information. This flaw corresponds to the same vulnerability as CVE-2015-0005 for Windows, discovered by Alberto Solino from Core Security. CVE-2016-2112 Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can downgrade LDAP connections to avoid integrity protection. CVE-2016-2113 Stefan Metzmacher of SerNet and the Samba Team discovered that man-in-the-middle attacks are possible for client triggered LDAP connections and ncacn_http connections. CVE-2016-2114 Stefan Metzmacher of SerNet and the Samba Team discovered that Samba does not enforce required smb signing even if explicitly configured. CVE-2016-2115 Stefan Metzmacher of SerNet and the Samba Team discovered that SMB connections for IPC traffic are not integrity-protected. CVE-2016-2118 Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can intercept any DCERPC traffic between a client and a server in order to impersonate the client and obtain the same privileges as the authenticated user account. For the oldstable distribution (wheezy), these problems have been fixed in version 2:3.6.6-6+deb7u9. The oldstable distribution is not affected by CVE-2016-2113 and CVE-2016-2114. For the stable distribution (jessie), these problems have been fixed in version 2:4.2.10+dfsg-0+deb8u1. The issues were addressed by upgrading to the new upstream version 4.2.10, which includes additional changes and bugfixes. The depending libraries ldb, talloc, tdb and tevent required as well an update to new upstream versions for this update. For the unstable distribution (sid), these problems have been fixed in version 2:4.3.7+dfsg-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3548-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 14, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba Debian Bug : 820947 The upgrade to Samba 4.2 issued as DSA-3548-1 introduced a packaging regression causing an additional dependency on the samba binary package for the samba-libs, samba-common-bin, python-samba and samba-vfs-modules binary packages. Updated packages are now available to address this problem. For the stable distribution (jessie), this problem has been fixed in version 2:4.2.10+dfsg-0+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted April 16, 2016 Share Posted April 16, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3549-1 security@debian.org https://www.debian.org/security/ Michael Gilbert April 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2016-1651 CVE-2016-1652 CVE-2016-1653 CVE-2016-1654 CVE-2016-1655 CVE-2016-1657 CVE-2016-1658 CVE-2016-1659 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1651 An out-of-bounds read issue was discovered in the pdfium library. CVE-2016-1652 A cross-site scripting issue was discovered in extension bindings. CVE-2016-1653 Choongwoo Han discovered an out-of-bounds write issue in the v8 javascript library. CVE-2016-1654 Atte Kettunen discovered an uninitialized memory read condition. CVE-2016-1655 Rob Wu discovered a use-after-free issue related to extensions. CVE-2016-1657 Luan Herrera discovered a way to spoof URLs. CVE-2016-1658 Antonio Sanso discovered an information leak related to extensions. CVE-2016-1659 The chrome development team found and fixed various issues during internal auditing. For the stable distribution (jessie), these problems have been fixed in version 50.0.2661.75-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 50.0.2661.75-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3550-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssh CVE ID : CVE-2015-8325 Shayan Sadigh discovered a vulnerability in OpenSSH: If PAM support is enabled and the sshd PAM configuration is configured to read user- specified environment variables and the "UseLogin" option is enabled, a local user may escalate her privileges to root. In Debian "UseLogin" is not enabled by default. For the oldstable distribution (wheezy), this problem has been fixed in version 6.0p1-4+deb7u4. For the stable distribution (jessie), this problem has been fixed in version 6.7p1-5+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 1:7.2p2-3. Link to comment Share on other sites More sharing options...
sunrat Posted April 17, 2016 Share Posted April 17, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3551-1 security@debian.org https://www.debian.org/security/ Florian Weimer April 16, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : fuseiso CVE ID : CVE-2015-8836 CVE-2015-8837 Debian Bug : 779047 It was discovered that fuseiso, a user-space implementation of the ISO 9660 file system based on FUSE, contains several vulnerabilities. CVE-2015-8836 A stack-based buffer overflow may allow attackers who can trick a user into mounting a crafted ISO 9660 file system to cause a denial of service (crash), or, potentially, execute arbitrary code. CVE-2015-8837 An integer overflow leads to a heap-based buffer overflow, which allows an attacker (who can trick a user into mounting a crafted ISO 9660 file system) to cause a denial of service (crash), or, potentially, execute arbitrary code. For the oldstable distribution (wheezy), these problems have been fixed in version 20070708-3+deb7u1. The stable distribution (jessie) does not contain fuseiso packages. For the unstable distribution (sid), these problems have been fixed in version 20070708-3.2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3552-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat7 CVE ID : CVE-2015-5174 CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706 CVE-2016-0714 CVE-2016-0763 Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections and bypass of the SecurityManager. For the oldstable distribution (wheezy), these problems have been fixed in version 7.0.28-4+deb7u4. This update also fixes CVE-2014-0119 and CVE-2014-0096. For the stable distribution (jessie), these problems have been fixed in version 7.0.56-3+deb8u2. For the testing distribution (stretch), these problems have been fixed in version 7.0.68-1. For the unstable distribution (sid), these problems have been fixed in version 7.0.68-1. Link to comment Share on other sites More sharing options...
sunrat Posted April 23, 2016 Share Posted April 23, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3554-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 21, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2016-3158 CVE-2016-3159 CVE-2016-3960 Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-3158, CVE-2016-3159 (XSA-172) Jan Beulich from SUSE discovered that Xen does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors. A malicious domain can take advantage of this flaw to obtain address space usage and timing information, about another domain, at a fairly low rate. CVE-2016-3960 (XSA-173) Ling Liu and Yihan Lian of the Cloud Security Team, Qihoo 360 discovered an integer overflow in the x86 shadow pagetable code. A HVM guest using shadow pagetables can cause the host to crash. A PV guest using shadow pagetables (i.e. being migrated) with PV superpages enabled (which is not the default) can crash the host, or corrupt hypervisor memory, potentially leading to privilege escalation. For the stable distribution (jessie), these problems have been fixed in version 4.4.1-9+deb8u5. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3553-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond April 22, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : varnish CVE ID : CVE-2015-8852 Debian Bug : 783510 Régis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies. For the oldstable distribution (wheezy), this problem has been fixed in version 3.0.2-2+deb7u2. Link to comment Share on other sites More sharing options...
sunrat Posted April 24, 2016 Share Posted April 24, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3555-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini April 23, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imlib2 CVE ID : CVE-2011-5326 CVE-2014-9771 CVE-2016-3993 CVE-2016-3994 CVE-2016-4024 Debian Bug : 639414 785369 819818 820206 821732 Several vulnerabilities were discovered in imlib2, an image manipulation library. CVE-2011-5326 Kevin Ryde discovered that attempting to draw a 2x1 radi ellipse results in a floating point exception. CVE-2014-9771 It was discovered that an integer overflow could lead to invalid memory reads and unreasonably large memory allocations. CVE-2016-3993 Yuriy M. Kaminskiy discovered that drawing using coordinates from an untrusted source could lead to an out-of-bound memory read, which in turn could result in an application crash. CVE-2016-3994 Jakub Wilk discovered that a malformed image could lead to an out-of-bound read in the GIF loader, which may result in an application crash or information leak. CVE-2016-4024 Yuriy M. Kaminskiy discovered an integer overflow that could lead to an insufficient heap allocation and out-of-bound memory write. For the oldstable distribution (wheezy), these problems have been fixed in version 1.4.5-1+deb7u2. For the stable distribution (jessie), these problems have been fixed in version 1.4.6-2+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 1.4.8-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3556-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libgd2 CVE ID : CVE-2016-3074 Debian Bug : 822242 Hans Jerry Illikainen discovered that libgd2, a library for programmatic graphics creation and manipulation, suffers of a signedness vulnerability which may result in a heap overflow when processing specially crafted compressed gd2 data. A remote attacker can take advantage of this flaw to cause an application using the libgd2 library to crash, or potentially, to execute arbitrary code with the privileges of the user running the application. For the oldstable distribution (wheezy), this problem has been fixed in version 2.0.36~rc1~dfsg-6.1+deb7u2. For the stable distribution (jessie), this problem has been fixed in version 2.1.0-5+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 2.1.1-4.1. Link to comment Share on other sites More sharing options...
sunrat Posted April 26, 2016 Share Posted April 26, 2016 ------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Security support for Wheezy handed over to the LTS team press@debian.org April 25th, 2016 https://www.debian.org/News/2016/20160425 ------------------------------------------------------------------------ As of 25 April, one year after the release of Debian 8, alias "Jessie", and nearly three years after the release of Debian 7, alias "Wheezy", regular security support for Wheezy comes to an end. The Debian Long Term Support (LTS) [1] Team will take over security support. 1: https://wiki.debian.org/LTS/ Information for users --------------------- Wheezy LTS will be supported from 26 April 2016 to 31 May 2018. For Debian 7 Wheezy LTS there will be no requirement to add a separate wheezy-lts suite to your sources.list any more and your current setup will continue to work without further changes. For how to use Debian Long Term Support please read LTS/Using [2]. 2: https://wiki.debian.org/LTS/Using Important information and changes regarding Wheezy LTS can be found at LTS/Wheezy [3]. 3: https://wiki.debian.org/LTS/Wheezy Most notably OpenJDK 7 will be made the new Java default JRE/JDK on 26 June 2016 to ensure full security support until Wheezy LTS reaches its end-of-life. You should also subscribe to the announcement mailing list [4] for security updates for Wheezy LTS. 4: https://lists.debian.org/debian-lts-announce/ A few packages are not covered by the Wheezy LTS support. These can be detected by installing the debian-security-support [5] package. If debian-security-support detects an unsupported package which is critical to you, please get in touch with <debian-lts@lists.debian.org>. 5: https://tracker.debian.org/pkg/debian-security-support Link to comment Share on other sites More sharing options...
sunrat Posted April 27, 2016 Share Posted April 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3557-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643 CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648 CVE-2016-0649 CVE-2016-0650 CVE-2016-0666 CVE-2016-2047 Debian Bug : 821100 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.49. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-48.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html For the stable distribution (jessie), these problems have been fixed in version 5.5.49-0+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3558-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2016-0636 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695 CVE-2016-3425 CVE-2016-3426 CVE-2016-3427 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure. For the stable distribution (jessie), these problems have been fixed in version 7u101-2.6.6-1~deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted April 27, 2016 Share Posted April 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3559-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : iceweasel CVE ID : CVE-2016-2805 CVE-2016-2807 CVE-2016-2808 CVE-2016-2814 Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 38.8.0esr-1~deb7u1. For the stable distribution (jessie), these problems have been fixed in version 38.8.0esr-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 45.1.0esr-1 of the firefox-esr source package and version 46.0-1 of the firefox source package. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3560-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.20, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.20 For the stable distribution (jessie), these problems have been fixed in version 5.6.20+dfsg-0+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted April 29, 2016 Share Posted April 29, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3561-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 29, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : subversion CVE ID : CVE-2016-2167 CVE-2016-2168 Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-2167 Daniel Shahaf and James McCoy discovered that an implementation error in the authentication against the Cyrus SASL library would permit a remote user to specify a realm string which is a prefix of the expected realm string and potentially allowing a user to authenticate using the wrong realm. CVE-2016-2168 Ivan Zhakov of VisualSVN discovered a remotely triggerable denial of service vulnerability in the mod_authz_svn module during COPY or MOVE authorization check. An authenticated remote attacker could take advantage of this flaw to cause a denial of service (Subversion server crash) via COPY or MOVE requests with specially crafted header. For the stable distribution (jessie), these problems have been fixed in version 1.8.10-6+deb8u4. For the unstable distribution (sid), these problems have been fixed in version 1.9.4-1. Link to comment Share on other sites More sharing options...
sunrat Posted May 2, 2016 Share Posted May 2, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3562-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 01, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tardiff CVE ID : CVE-2015-0857 CVE-2015-0858 Several vulnerabilities were discovered in tardiff, a tarball comparison tool. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0857 Rainer Mueller and Florian Weimer discovered that tardiff is prone to shell command injections via shell meta-characters in filenames in tar files or via shell meta-characters in the tar filename itself. CVE-2015-0858 Florian Weimer discovered that tardiff uses predictable temporary directories for unpacking tarballs. A malicious user can use this flaw to overwrite files with permissions of the user running the tardiff command line tool. For the stable distribution (jessie), these problems have been fixed in version 0.1-2+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 0.1-5 and partially in earlier versions. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3563-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 01, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : poppler CVE ID : CVE-2015-8868 It was discovered that a heap overflow in the Poppler PDF library may result in denial of service and potentially the execution of arbitrary code if a malformed PDF file is opened. For the stable distribution (jessie), this problem has been fixed in version 0.26.5-2+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 0.38.0-3. For the unstable distribution (sid), this problem has been fixed in version 0.38.0-3. Link to comment Share on other sites More sharing options...
sunrat Posted May 3, 2016 Share Posted May 3, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3564-1 security@debian.org https://www.debian.org/security/ Michael Gilbert May 02, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2016-1660 CVE-2016-1661 CVE-2016-1662 CVE-2016-1663 CVE-2016-1664 CVE-2016-1665 CVE-2016-1666 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1660 Atte Kettunen discovered an out-of-bounds write issue. CVE-2016-1661 Wadih Matar discovered a memory corruption issue. CVE-2016-1662 Rob Wu discovered a use-after-free issue related to extensions. CVE-2016-1663 A use-after-free issue was discovered in Blink's bindings to V8. CVE-2016-1664 Wadih Matar discovered a way to spoof URLs. CVE-2016-1665 gksgudtjr456 discovered an information leak in the v8 javascript library. CVE-2016-1666 The chrome development team found and fixed various issues during internal auditing. For the stable distribution (jessie), these problems have been fixed in version 50.0.2661.94-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 50.0.2661.94-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3565-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond May 02, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : botan1.10 CVE ID : CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194 CVE-2016-2195 CVE-2016-2849 Debian Bug : 817932 822698 Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, including encryption, authentication, X.509v3 certificates and CRLs. CVE-2015-5726 The BER decoder would crash due to reading from offset 0 of an empty vector if it encountered a BIT STRING which did not contain any data at all. This can be used to easily crash applications reading untrusted ASN.1 data, but does not seem exploitable for code execution. CVE-2015-5727 The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer. CVE-2015-7827 Use constant time PKCS #1 unpadding to avoid possible side channel attack against RSA decryption CVE-2016-2194 Infinite loop in modular square root algorithm. The ressol function implementing the Tonelli-Shanks algorithm for finding square roots could be sent into a nearly infinite loop due to a misplaced conditional check. This could occur if a composite modulus is provided, as this algorithm is only defined for primes. This function is exposed to attacker controlled input via the OS2ECP function during ECC point decompression. CVE-2016-2195 Fix Heap overflow on invalid ECC point. CVE-2016-2849 Use constant time modular inverse algorithm to avoid possible side channel attack against ECDSA. For the stable distribution (jessie), these problems have been fixed in version 1.10.8-2+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted May 4, 2016 Share Posted May 4, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3566-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini May 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit. CVE-2016-2105 Guido Vranken discovered that an overflow can occur in the function EVP_EncodeUpdate(), used for Base64 encoding, if an attacker can supply a large amount of data. This could lead to a heap corruption. CVE-2016-2106 Guido Vranken discovered that an overflow can occur in the function EVP_EncryptUpdate() if an attacker can supply a large amount of data. This could lead to a heap corruption. CVE-2016-2107 Juraj Somorovsky discovered a padding oracle in the AES CBC cipher implementation based on the AES-NI instruction set. This could allow an attacker to decrypt TLS traffic encrypted with one of the cipher suites based on AES CBC. CVE-2016-2108 David Benjamin from Google discovered that two separate bugs in the ASN.1 encoder, related to handling of negative zero integer values and large universal tags, could lead to an out-of-bounds write. CVE-2016-2109 Brian Carpenter discovered that when ASN.1 data is read from a BIO using functions such as d2i_CMS_bio(), a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory. CVE-2016-2176 Guido Vranken discovered that ASN.1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. This could result in arbitrary stack data being returned in the buffer. Additional information about these issues can be found in the OpenSSL security advisory at https://www.openssl.org/news/secadv/20160503.txt For the stable distribution (jessie), these problems have been fixed in version 1.0.1k-3+deb8u5. For the unstable distribution (sid), these problems have been fixed in version 1.0.2h-1. Link to comment Share on other sites More sharing options...
sunrat Posted May 4, 2016 Share Posted May 4, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3567-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libpam-sshauth CVE ID : CVE-2016-4422 It was discovered that libpam-sshauth, a PAM module to authenticate using an SSH server, does not correctly handle system users. In certain configurations an attacker can take advantage of this flaw to gain root privileges. For the stable distribution (jessie), this problem has been fixed in version 0.3.1-1+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 0.4.1-2. For the unstable distribution (sid), this problem has been fixed in version 0.4.1-2. Link to comment Share on other sites More sharing options...
sunrat Posted May 5, 2016 Share Posted May 5, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3568-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libtasn1-6 CVE ID : CVE-2016-4008 Pascal Cuoq and Miod Vallat discovered that Libtasn1, a library to manage ASN.1 structures, does not correctly handle certain malformed DER certificates. A remote attacker can take advantage of this flaw to cause an application using the Libtasn1 library to hang, resulting in a denial of service. For the stable distribution (jessie), this problem has been fixed in version 4.2-3+deb8u2. For the testing distribution (stretch), this problem has been fixed in version 4.8-1. For the unstable distribution (sid), this problem has been fixed in version 4.8-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3569-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openafs CVE ID : CVE-2015-8312 CVE-2016-2860 Two vulnerabilities were discovered in openafs, an implementation of the distributed filesystem AFS. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8312 Potential denial of service caused by a bug in the pioctl logic allowing a local user to overrun a kernel buffer with a single NUL byte. CVE-2016-2860 Peter Iannucci discovered that users from foreign Kerberos realms can create groups as if they were administrators. For the stable distribution (jessie), these problems have been fixed in version 1.6.9-2+deb8u5. For the testing distribution (stretch), these problems have been fixed in version 1.6.17-1. For the unstable distribution (sid), these problems have been fixed in version 1.6.17-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3570-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mercurial CVE ID : CVE-2016-3105 Blake Burkhart discovered an arbitrary code execution flaw in Mercurial, a distributed version control system, when using the convert extension on Git repositories with specially crafted names. This flaw in particular affects automated code conversion services that allow arbitrary repository names. For the stable distribution (jessie), this problem has been fixed in version 3.1.2-2+deb8u3. For the unstable distribution (sid), this problem has been fixed in version 3.8.1-1. Link to comment Share on other sites More sharing options...
sunrat Posted May 9, 2016 Share Posted May 9, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3571-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 08, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ikiwiki CVE ID : CVE-2016-4561 Simon McVittie discovered a cross-site scripting vulnerability in the error reporting of Ikiwiki, a wiki compiler. This update also hardens ikiwiki's use of imagemagick in the img plugin. For the stable distribution (jessie), this problem has been fixed in version 3.20141016.3. For the unstable distribution (sid), this problem has been fixed in version 3.20160506. Link to comment Share on other sites More sharing options...
Recommended Posts