sunrat Posted July 2, 2016 Share Posted July 2, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3612-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 01, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gimp CVE ID : CVE-2016-4994 Debian Bug : 828179 Shmuel H discovered that GIMP, the GNU Image Manipulation Program, is prone to a use-after-free vulnerability in the channel and layer properties parsing process when loading a XCF file. An attacker can take advantage of this flaw to potentially execute arbitrary code with the privileges of the user running GIMP if a specially crafted XCF file is processed. For the stable distribution (jessie), this problem has been fixed in version 2.8.14-1+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 3, 2016 Share Posted July 3, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3613-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 02, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvirt CVE ID : CVE-2016-5008 Vivian Zhang and Christoph Anton Mitterer discovered that setting an empty VNC password does not work as documented in Libvirt, a virtualisation abstraction library. When the password on a VNC server is set to the empty string, authentication on the VNC server will be disabled, allowing any user to connect, despite the documentation declaring that setting an empty password for the VNC server prevents all client connections. With this update the behaviour is enforced by setting the password expiration to "now". For the stable distribution (jessie), this problem has been fixed in version 1.2.9-9+deb8u3. For the unstable distribution (sid), this problem has been fixed in version 2.0.0-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3615-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 02, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2016-5350 CVE-2016-5351 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5359 Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP, SPOOLS, IEEE 802.11, UMTS FP, USB, Toshiba, CoSine, NetScreen, WBXML which could result in denial of service or potentially the execution of arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u7. For the testing distribution (stretch), these problems have been fixed in version 2.0.4+gdd7746e-1. For the unstable distribution (sid), these problems have been fixed in version 2.0.4+gdd7746e-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3614-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 02, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat7 CVE ID : CVE-2016-3092 The TERASOLUNA Framework Development Team discovered a denial of service vulnerability in Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications. A remote attacker can take advantage of this flaw by sending file upload requests that cause the HTTP server using the Apache Commons Fileupload library to become unresponsive, preventing the server from servicing other requests. Apache Tomcat uses a package renamed copy of Apache Commons FileUpload to implement the file upload requirements of the Servlet specification and is therefore also vulnerable to the denial of service vulnerability. For the stable distribution (jessie), this problem has been fixed in version 7.0.56-3+deb8u3. For the testing distribution (stretch), this problem has been fixed in version 7.0.70-1. For the unstable distribution (sid), this problem has been fixed in version 7.0.70-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 5, 2016 Share Posted July 5, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3616-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2014-9904 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6130 Debian Bug : 828914 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2014-9904 It was discovered that the snd_compress_check_input function used in the ALSA subsystem does not properly check for an integer overflow, allowing a local user to cause a denial of service. CVE-2016-5728 Pengfei Wang discovered a race condition in the MIC VOP driver that could allow a local user to obtain sensitive information from kernel memory or cause a denial of service. CVE-2016-5828 Cyril Bur and Michael Ellerman discovered a flaw in the handling of Transactional Memory on powerpc systems allowing a local user to cause a denial of service (kernel crash) or possibly have unspecified other impact, by starting a transaction, suspending it, and then calling any of the exec() class system calls. CVE-2016-5829 A heap-based buffer overflow vulnerability was found in the hiddev driver, allowing a local user to cause a denial of service or, potentially escalate their privileges. CVE-2016-6130 Pengfei Wang discovered a flaw in the S/390 character device drivers potentially leading to information leak with /dev/sclp. Additionally this update fixes a regression in the ebtables facility (#828914) that was introduced in DSA-3607-1. For the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt25-2+deb8u3. Link to comment Share on other sites More sharing options...
sunrat Posted July 6, 2016 Share Posted July 6, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3617-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 06, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : horizon CVE ID : CVE-2015-3219 CVE-2016-4428 Two cross-site scripting vulnerabilities have been found in Horizon, a web application to control an OpenStack cloud. For the stable distribution (jessie), these problems have been fixed in version 2014.1.3-7+deb8u2. For the testing distribution (stretch), these problems have been fixed in version 3:9.0.1-2. For the unstable distribution (sid), these problems have been fixed in version 3:9.0.1-2. Link to comment Share on other sites More sharing options...
sunrat Posted July 15, 2016 Share Posted July 15, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3618-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 14, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.23, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.23 For the stable distribution (jessie), these problems have been fixed in version 5.6.23+dfsg-0+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 7.0.8-1 of the php7.0 source package. Link to comment Share on other sites More sharing options...
sunrat Posted July 16, 2016 Share Posted July 16, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3619-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libgd2 CVE ID : CVE-2016-5116 CVE-2016-5766 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161 CVE-2016-6214 Debian Bug : 829014 829062 829694 Several vulnerabilities were discovered in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using the libgd2 library (application crash), or potentially to execute arbitrary code with the privileges of the user running the application. For the stable distribution (jessie), these problems have been fixed in version 2.1.0-5+deb8u4. For the unstable distribution (sid), these problems have been fixed in version 2.2.2-29-g3c2b605-1 or earlier. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3620-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pidgin CVE ID : CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368 CVE-2016-2369 CVE-2016-2370 CVE-2016-2371 CVE-2016-2372 CVE-2016-2373 CVE-2016-2374 CVE-2016-2375 CVE-2016-2376 CVE-2016-2377 CVE-2016-2378 CVE-2016-2380 CVE-2016-4323 Yves Younan of Cisco Talos discovered several vulnerabilities in the MXit protocol support in pidgin, a multi-protocol instant messaging client. A remote attacker can take advantage of these flaws to cause a denial of service (application crash), overwrite files, information disclosure, or potentially to execute arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 2.11.0-0+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 2.11.0-1. For the unstable distribution (sid), these problems have been fixed in version 2.11.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 19, 2016 Share Posted July 19, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3621-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-connector-java CVE ID : CVE-2015-2575 A vulnerability was discovered in mysql-connector-java, a Java database (JDBC) driver for MySQL, which may result in unauthorized update, insert or delete access to some MySQL Connectors accessible data as well as read access to a subset of MySQL Connectors accessible data. The vulnerability was addressed by upgrading mysql-connector-java to the new upstream version 5.1.39, which includes additional changes, such as bug fixes, new features, and possibly incompatible changes. Please see the MySQL Connector/J Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/connector-j/5.1/en/news-5-1.html http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL For the stable distribution (jessie), this problem has been fixed in version 5.1.39-1~deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3622-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2016-6186 It was discovered that Django, a high-level Python web development framework, is prone to a cross-site scripting vulnerability in the admin's add/change related popup. For the stable distribution (jessie), this problem has been fixed in version 1.7.7-1+deb8u5. Link to comment Share on other sites More sharing options...
sunrat Posted July 21, 2016 Share Posted July 21, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3623-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 20, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apache2 CVE ID : CVE-2016-5387 Scott Geary of VendHQ discovered that the Apache HTTPD server used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. For the stable distribution (jessie), this problem has been fixed in version 2.4.10-10+deb8u5. Link to comment Share on other sites More sharing options...
sunrat Posted July 22, 2016 Share Posted July 22, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3624-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 21, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.50. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html For the stable distribution (jessie), these problems have been fixed in version 5.5.50-0+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 22, 2016 Share Posted July 22, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3625-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond July 22, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : squid3 CVE ID : CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 Debian Bug : 823968 Several security issues have been discovered in the Squid caching proxy. CVE-2016-4051: CESG and Yuriy M. Kaminskiy discovered that Squid cachemgr.cgi was vulnerable to a buffer overflow when processing remotely supplied inputs relayed through Squid. CVE-2016-4052: CESG discovered that a buffer overflow made Squid vulnerable to a Denial of Service (DoS) attack when processing ESI responses. CVE-2016-4053: CESG found that Squid was vulnerable to public information disclosure of the server stack layout when processing ESI responses. CVE-2016-4054: CESG discovered that Squid was vulnerable to remote code execution when processing ESI responses. CVE-2016-4554: Jianjun Chen found that Squid was vulnerable to a header smuggling attack that could lead to cache poisoning and to bypass of same-origin security policy in Squid and some client browsers. CVE-2016-4555, CVE-2016-4556: "bfek-18" and "@vftable" found that Squid was vulnerable to a Denial of Service (DoS) attack when processing ESI responses, due to incorrect pointer handling and reference counting. For the stable distribution (jessie), these problems have been fixed in version 3.4.8-6+deb8u3. For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 3.5.19-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 25, 2016 Share Posted July 25, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3626-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssh CVE ID : CVE-2016-6210 Debian Bug : 831902 Eddie Harari reported that the OpenSSH SSH daemon allows user enumeration through timing differences when trying to authenticate users. When sshd tries to authenticate a non-existing user, it will pick up a fixed fake password structure with a hash based on the Blowfish algorithm. If real users passwords are hashed using SHA256/SHA512, then a remote attacker can take advantage of this flaw by sending large passwords, receiving shorter response times from the server for non-existing users. For the stable distribution (jessie), this problem has been fixed in version 1:6.7p1-5+deb8u3. For the unstable distribution (sid), this problem has been fixed in version 1:7.2p2-6. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3627-1 security@debian.org https://www.debian.org/security/ Thijs Kinkhorst July 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : phpmyadmin CVE ID : CVE-2016-1927 CVE-2016-2039 CVE-2016-2040 CVE-2016-2041 CVE-2016-2560 CVE-2016-2561 CVE-2016-5099 CVE-2016-5701 CVE-2016-5705 CVE-2016-5706 CVE-2016-5731 CVE-2016-5733 CVE-2016-5739 Several vulnerabilities have been fixed in phpMyAdmin, the web-based MySQL administration interface. CVE-2016-1927 The suggestPassword function relied on a non-secure random number generator which makes it easier for remote attackers to guess generated passwords via a brute-force approach. CVE-2016-2039 CSRF token values were generated by a non-secure random number genrator, which allows remote attackers to bypass intended access restrictions by predicting a value. CVE-2016-2040 Multiple cross-site scripting (XSS) vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML. CVE-2016-2041 phpMyAdmin does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences. CVE-2016-2560 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML. CVE-2016-2561 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML. CVE-2016-5099 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML. CVE-2016-5701 For installations running on plain HTTP, phpMyAdmin allows remote attackers to conduct BBCode injection attacks against HTTP sessions via a crafted URI. CVE-2016-5705 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML. CVE-2016-5706 phpMyAdmin allows remote attackers to cause a denial of service (resource consumption) via a large array in the scripts parameter. CVE-2016-5731 A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML. CVE-2016-5733 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML. CVE-2016-5739 A specially crafted Transformation could leak information which a remote attacker could use to perform cross site request forgeries. For the stable distribution (jessie), these problems have been fixed in version 4:4.2.12-2+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 4:4.6.3-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 25, 2016 Share Posted July 25, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : perl CVE ID : CVE-2016-1238 CVE-2016-6185 Debian Bug : 829578 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-1238 John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory (which might be changed to another directory without the user realising) and potentially leading to privilege escalation, as demonstrated in Debian with certain combinations of installed packages. The problem relates to Perl loading modules from the includes directory array ("@INC") in which the last element is the current directory ("."). That means that, when "perl" wants to load a module (during first compilation or during lazy loading of a module in run- time), perl will look for the module in the current directory at the end, since '.' is the last include directory in its array of include directories to seek. The issue is with requiring libraries that are in "." but are not otherwise installed. With this update several modules which are known to be vulnerable are updated to not load modules from current directory. Additionally the update allows configurable removal of "." from @INC in /etc/perl/sitecustomize.pl for a transitional period. It is recommended to enable this setting if the possible breakage for a specific site has been evaluated. Problems in packages provided in Debian resulting from the switch to the removal of '.' from @INC should be reported to the Perl maintainers at perl@packages.debian.org . It is planned to switch to the default removal of '.' in @INC in a subsequent update to perl via a point release if possible, and in any case for the upcoming stable release Debian 9 (stretch). CVE-2016-6185 It was discovered that XSLoader, a core module from Perl to dynamically load C libraries into Perl code, could load shared library from incorrect location. XSLoader uses caller() information to locate the .so file to load. This can be incorrect if XSLoader::load() is called in a string eval. An attacker can take advantage of this flaw to execute arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 5.20.2-3+deb8u6. Additionally this update includes the following updated packages to address optional module loading vulnerabilities related to CVE-2016-1238, or to address build failures which occur when '.' is removed from @INC: - cdbs 0.4.130+deb8u1 - debhelper 9.20150101+deb8u2 - devscripts 2.15.3+deb8u1 - exim4 4.84.2-2+deb8u1 - libintl-perl 1.23-1+deb8u1 - libmime-charset-perl 1.011.1-1+deb8u2 - libmime-encwords-perl 1.014.3-1+deb8u1 - libmodule-build-perl 0.421000-2+deb8u1 - libnet-dns-perl 0.81-2+deb8u1 - libsys-syslog-perl 0.33-1+deb8u1 - libunicode-linebreak-perl 0.0.20140601-2+deb8u2 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3629-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ntp CVE ID : CVE-2015-7974 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8158 CVE-2016-1547 CVE-2016-1548 CVE-2016-1550 CVE-2016-2516 CVE-2016-2518 Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs: CVE-2015-7974 Matt Street discovered that insufficient key validation allows impersonation attacks between authenticated peers. CVE-2015-7977 / CVE-2015-7978 Stephen Gray discovered that a NULL pointer dereference and a buffer overflow in the handling of "ntpdc reslist" commands may result in denial of service. CVE-2015-7979 Aanchal Malhotra discovered that if NTP is configured for broadcast mode, an attacker can send malformed authentication packets which break associations with the server for other broadcast clients. CVE-2015-8138 Matthew van Gundy and Jonathan Gardner discovered that missing validation of origin timestamps in ntpd clients may result in denial of service. CVE-2015-8158 Jonathan Gardner discovered that missing input sanitising in ntpq may result in denial of service. CVE-2016-1547 Stephen Gray and Matthew van Gundy discovered that incorrect handling of crypto NAK packets my result in denial of service. CVE-2016-1548 Jonathan Gardner and Miroslav Lichvar discovered that ntpd clients could be forced to change from basic client/server mode to interleaved symmetric mode, preventing time synchronisation. CVE-2016-1550 Matthew van Gundy, Stephen Gray and Loganaden Velvindron discovered that timing leaks in the the packet authentication code could result in recovery of a message digest. CVE-2016-2516 Yihan Lian discovered that duplicate IPs on "unconfig" directives will trigger an assert. CVE-2016-2518 Yihan Lian discovered that an OOB memory access could potentially crash ntpd. For the stable distribution (jessie), these problems have been fixed in version 1:4.2.6.p5+dfsg-7+deb8u2. For the testing distribution (stretch), these problems have been fixed in version 1:4.2.8p7+dfsg-1. For the unstable distribution (sid), these problems have been fixed in version 1:4.2.8p7+dfsg-1. Link to comment Share on other sites More sharing options...
sunrat Posted July 27, 2016 Share Posted July 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3630-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libgd2 CVE ID : CVE-2016-6207 Secunia Research at Flexera Software discovered an integer overflow vulnerability within the _gdContributionsAlloc() function in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of this flaw to cause a denial-of-service against an application using the libgd2 library. For the stable distribution (jessie), this problem has been fixed in version 2.1.0-5+deb8u6. For the unstable distribution (sid), this problem has been fixed in version 2.2.2-43-g22cba39-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3631-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2016-5385 CVE-2016-5399 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.24, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.24 For the stable distribution (jessie), these problems have been fixed in version 5.6.24+dfsg-0+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 7.0.9-1 of the php7.0 source package. Link to comment Share on other sites More sharing options...
sunrat Posted July 28, 2016 Share Posted July 28, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3632-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mariadb-10.0 CVE ID : CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.26. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/ For the stable distribution (jessie), these problems have been fixed in version 10.0.26-0+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 10.0.26-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3633-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2015-8338 CVE-2016-4480 CVE-2016-4962 CVE-2016-5242 CVE-2016-6258 Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-8338 Julien Grall discovered that Xen on ARM was susceptible to denial of service via long running memory operations. CVE-2016-4480 Jan Beulich discovered that incorrect page table handling could result in privilege escalation inside a Xen guest instance. CVE-2016-4962 Wei Liu discovered multiple cases of missing input sanitising in libxl which could result in denial of service. CVE-2016-5242 Aaron Cornelius discovered that incorrect resource handling on ARM systems could result in denial of service. CVE-2016-6258 Jeremie Boutoille discovered that incorrect pagetable handling in PV instances could result in guest to host privilege escalation. For the stable distribution (jessie), these problems have been fixed in version 4.4.1-9+deb8u6. For the unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted July 30, 2016 Share Posted July 30, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3635-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 29, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libdbd-mysql-perl CVE ID : CVE-2014-9906 CVE-2015-8949 Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl DBI driver for the MySQL database server. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql (application crash), or potentially to execute arbitrary code with the privileges of the user running the application. For the stable distribution (jessie), these problems have been fixed in version 4.028-2+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3636-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond July 30, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : collectd CVE ID : CVE-2016-6254 Debian Bug : 832507 832577 Emilien Gaspar discovered that collectd, a statistics collection and monitoring daemon, incorrectly processed incoming network packets. This resulted in a heap overflow, allowing a remote attacker to either cause a DoS via application crash, or potentially execute arbitrary code. Additionally, security researchers at Columbia University and the University of Virginia discovered that collectd failed to verify a return value during initialization. This meant the daemon could sometimes be started without the desired, secure settings. For the stable distribution (jessie), this problem has been fixed in version 5.4.1-6+deb8u1. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 5.5.2-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3634-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond July 30, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : redis CVE ID : CVE-2013-7458 Debian Bug : 832460 It was discovered that redis, a persistent key-value database, did not properly protect redis-cli history files: they were created by default with world-readable permissions. Users and systems administrators may want to proactively change permissions on existing ~/rediscli_history files, instead of waiting for the updated redis-cli to do so the next time it is run. For the stable distribution (jessie), this problem has been fixed in version 2:2.8.17-1+deb8u5. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 2:3.2.1-4. Link to comment Share on other sites More sharing options...
sunrat Posted August 1, 2016 Share Posted August 1, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3637-1 security@debian.org https://www.debian.org/security/ Michael Gilbert July 31, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2016-1704 CVE-2016-1705 CVE-2016-1706 CVE-2016-1707 CVE-2016-1708 CVE-2016-1709 CVE-2016-1710 CVE-2016-1711 CVE-2016-5127 CVE-2016-5128 CVE-2016-5129 CVE-2016-5130 CVE-2016-5131 CVE-2016-5132 CVE-2016-5133 CVE-2016-5134 CVE-2016-5135 CVE-2016-5136 CVE-2016-5137 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1704 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1705 The chrome development team found and fixed various issues during internal auditing. CVE-2016-1706 Pinkie Pie discovered a way to escape the Pepper Plugin API sandbox. CVE-2016-1707 xisigr discovered a URL spoofing issue. CVE-2016-1708 Adam Varsan discovered a use-after-free issue. CVE-2016-1709 ChenQin a buffer overflow issue in the sfntly library. CVE-2016-1710 Mariusz Mlynski discovered a same-origin bypass. CVE-2016-1711 Mariusz Mlynski discovered another same-origin bypass. CVE-2016-5127 cloudfuzzer discovered a use-after-free issue. CVE-2016-5128 A same-origin bypass issue was discovered in the v8 javascript library. CVE-2016-5129 Jeonghoon Shin discovered a memory corruption issue in the v8 javascript library. CVE-2016-5130 Widih Matar discovered a URL spoofing issue. CVE-2016-5131 Nick Wellnhofer discovered a use-after-free issue in the libxml2 library. CVE-2016-5132 Ben Kelly discovered a same-origin bypass. CVE-2016-5133 Patch Eudor discovered an issue in proxy authentication. CVE-2016-5134 Paul Stone discovered an information leak in the Proxy Auto-Config feature. CVE-2016-5135 ShenYeYinJiu discovered a way to bypass the Content Security Policy. CVE-2016-5136 Rob Wu discovered a use-after-free issue. CVE-2016-5137 Xiaoyin Liu discovered a way to discover whether an HSTS web side had been visited. For the stable distribution (jessie), these problems have been fixed in version 52.0.2743.82-1~deb8u1. For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 52.0.2743.82-1. Link to comment Share on other sites More sharing options...
sunrat Posted August 4, 2016 Share Posted August 4, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3638-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini August 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : curl CVE ID : CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 Several vulnerabilities were discovered in cURL, an URL transfer library: CVE-2016-5419 Bru Rom discovered that libcurl would attempt to resume a TLS session even if the client certificate had changed. CVE-2016-5420 It was discovered that libcurl did not consider client certificates when reusing TLS connections. CVE-2016-5421 Marcelo Echeverria and Fernando Muñoz discovered that libcurl was vulnerable to a use-after-free flaw. For the stable distribution (jessie), these problems have been fixed in version 7.38.0-4+deb8u4. For the unstable distribution (sid), these problems have been fixed in version 7.50.1-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3639-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wordpress CVE ID : CVE-2015-8834 CVE-2016-5832 CVE-2016-5834 CVE-2016-5835 CVE-2016-5837 CVE-2016-5838 CVE-2016-5839 Several vulnerabilities were discovered in wordpress, a web blogging tool, which could allow remote attackers to compromise a site via cross-site scripting, bypass restrictions, obtain sensitive revision-history information, or mount a denial of service. For the stable distribution (jessie), these problems have been fixed in version 4.1+dfsg-1+deb8u9. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3640-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2016-2830 CVE-2016-2836 CVE-2016-2837 CVE-2016-2838 CVE-2016-5252 CVE-2016-5254 CVE-2016-5258 CVE-2016-5259 CVE-2016-5262 CVE-2016-5263 CVE-2016-5264 CVE-2016-5265 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code, cross-site scriping, information disclosure and bypass of the same-origin policy. For the stable distribution (jessie), these problems have been fixed in version 45.3.0esr-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 45.3.0esr-1 for firefox-esr and 48.0-1 for firefox. Link to comment Share on other sites More sharing options...
sunrat Posted August 5, 2016 Share Posted August 5, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3641-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2016-3458 CVE-2016-3500 CVE-2016-3508 CVE-2016-3550 CVE-2016-3606 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service. For the stable distribution (jessie), these problems have been fixed in version 7u111-2.6.7-1~deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 6, 2016 Share Posted August 6, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3642-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond August 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lighttpd CVE ID : CVE-2016-1000212 Debian Bug : 832571 Dominic Scheirlinck and Scott Geary of Vend reported insecure behavior in the lighttpd web server. Lighttpd assigned Proxy header values from client requests to internal HTTP_PROXY environment variables, allowing remote attackers to carry out Man in the Middle (MITM) attacks or initiate connections to arbitrary hosts. For the stable distribution (jessie), this problem has been fixed in version 1.4.35-4+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3643-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 06, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : kde4libs CVE ID : CVE-2016-6232 Debian Bug : 832620 Andreas Cord-Landwehr discovered that kde4libs, the core libraries for all KDE 4 applications, do not properly handle the extraction of archives with "../" in the file paths. A remote attacker can take advantage of this flaw to overwrite files outside of the extraction folder, if a user is tricked into extracting a specially crafted archive. For the stable distribution (jessie), this problem has been fixed in version 4:4.14.2-5+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 4:4.14.22-2. Link to comment Share on other sites More sharing options...
sunrat Posted August 8, 2016 Share Posted August 8, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3644-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 08, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : fontconfig CVE ID : CVE-2016-5384 Debian Bug : 833570 Tobias Stoeckmann discovered that cache files are insufficiently validated in fontconfig, a generic font configuration library. An attacker can trigger arbitrary free() calls, which in turn allows double free attacks and therefore arbitrary code execution. In combination with setuid binaries using crafted cache files, this could allow privilege escalation. For the stable distribution (jessie), this problem has been fixed in version 2.11.0-6.3+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 2.11.0-6.5. Link to comment Share on other sites More sharing options...
sunrat Posted August 10, 2016 Share Posted August 10, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3645-1 security@debian.org https://www.debian.org/security/ Michael Gilbert August 09, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2016-5139 CVE-2016-5140 CVE-2016-5141 CVE-2016-5142 CVE-2016-5143 CVE-2016-5144 Several vulnerabilites have been discovered in the chromium web browser. CVE-2016-5139 GiWan Go discovered a use-after-free issue in the pdfium library. CVE-2016-5140 Ke Liu discovered a use-after-free issue in the pdfium library. CVE-2016-5141 Sergey Glazunov discovered a URL spoofing issue. CVE-2016-5142 Sergey Glazunov discovered a use-after-free issue. CVE-2016-5143 Gregory Panakkal discovered an issue in the developer tools. CVE-2016-5144 Gregory Panakkal discovered another issue in the developer tools. CVE-2016-5146 The chrome development team found and fixed various issues during internal auditing. For the stable distribution (jessie), these problems have been fixed in version 52.0.2743.116-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 52.0.2743.116-1. Link to comment Share on other sites More sharing options...
sunrat Posted August 11, 2016 Share Posted August 11, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3646-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : postgresql-9.4 CVE ID : CVE-2016-5423 CVE-2016-5424 Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system. CVE-2016-5423 Karthikeyan Jambu Rajaraman discovered that nested CASE-WHEN expressions are not properly evaluated, potentially leading to a crash or allowing to disclose portions of server memory. CVE-2016-5424 Nathan Bossart discovered that special characters in database and role names are not properly handled, potentially leading to the execution of commands with superuser privileges, when a superuser executes pg_dumpall or other routine maintenance operations. For the stable distribution (jessie), these problems have been fixed in version 9.4.9-0+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3647-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-2818 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), this problem has been fixed in version 1:45.2.0-1~deb8u1. For the testing distribution (stretch), this problem has been fixed in version 1:45.2.0-2. For the unstable distribution (sid), this problem has been fixed in version 1:45.2.0-2. Link to comment Share on other sites More sharing options...
sunrat Posted August 13, 2016 Share Posted August 13, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3648-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 Multiple vulnerabilities were discovered in the dissectors for NDS, PacketBB, WSP, MMSE, RLC, LDSS, RLC and OpenFlow, which could result in denial of service or the execution of arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u8. For the testing distribution (stretch), these problems have been fixed in version 2.0.5+ga3be9c6-1. For the unstable distribution (sid), these problems have been fixed in version 2.0.5+ga3be9c6-1. Link to comment Share on other sites More sharing options...
sunrat Posted August 18, 2016 Share Posted August 18, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3649-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gnupg CVE ID : CVE-2016-6313 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. A first analysis on the impact of this bug for GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information. For the stable distribution (jessie), this problem has been fixed in version 1.4.18-7+deb8u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3650-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 17, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libgcrypt20 CVE ID : CVE-2016-6313 Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. A first analysis on the impact of this bug for GnuPG shows that existing RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely that the private key can be predicted from other public information. For the stable distribution (jessie), this problem has been fixed in version 1.6.3-2+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted August 26, 2016 Share Posted August 26, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3651-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rails CVE ID : CVE-2016-6316 Debian Bug : 834155 Andrew Carpenter of Critical Juncture discovered a cross-site scripting vulnerability affecting Action View in rails, a web application framework written in Ruby. Text declared as "HTML safe" will not have quotes escaped when used as attribute values in tag helpers. For the stable distribution (jessie), this problem has been fixed in version 2:4.1.8-1+deb8u4. For the unstable distribution (sid), this problem has been fixed in version 2:4.2.7.1-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3652-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 Debian Bugs : 832885 832887 832888 832968 833003 832474 832475 832464 832465 832467 832457 832461 832469 832482 832483 832504 832633 832776 832780 832787 832789 823750 832455 832478 832480 832506 832785 832793 832942 832944 832890 833044 833043 833042 831034 833099 833101 827643 833812 833744 833743 833735 833732 833730 834183 834501 834163 834504 This updates fixes many vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum, PDB, DDS, DCM, EXIF, RGF or BMP files are processed. For the stable distribution (jessie), these problems have been fixed in version 8:6.8.9.9-5+deb8u4. For the unstable distribution (sid), these problems will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3653-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : flex CVE ID : CVE-2016-6354 Debian Bug : 832768 Alexander Sulfrian discovered a buffer overflow in the yy_get_next_buffer() function generated by Flex, which may result in denial of service and potentially the execution of code if operating on data from untrusted sources. Affected applications need to be rebuild. bogofilter will be rebuild against the updated flex in a followup update. Further affected applications should be reported at the bug referenced above. For the stable distribution (jessie), this problem has been fixed in version 2.5.39-8+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 2.6.1-1. For the unstable distribution (sid), this problem has been fixed in version 2.6.1-1. Link to comment Share on other sites More sharing options...
sunrat Posted August 27, 2016 Share Posted August 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3654-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond August 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : quagga CVE ID : CVE-2016-4036 CVE-2016-4049 Debian Bug : 822787 835223 Two vulnerabilities were discovered in quagga, a BGP/OSPF/RIP routing daemon. CVE-2016-4036 Tamás Németh discovered that sensitive configuration files in /etc/quagga were world-readable despite containing sensitive information. CVE-2016-4049 Evgeny Uskov discovered that a bgpd instance handling many peers could be crashed by a malicious user when requesting a route dump. For the stable distribution (jessie), these problems have been fixed in version 0.99.23.1-1+deb8u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3655-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mupdf CVE ID : CVE-2016-6265 CVE-2016-6525 Debian Bug : 832031 833417 Two vulnerabilities were discovered in MuPDF, a lightweight PDF viewer. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-6265 Marco Grassi discovered a use-after-free vulnerability in MuPDF. An attacker can take advantage of this flaw to cause an application crash (denial-of-service), or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is processed. CVE-2016-6525 Yu Hong and Zheng Jihong discovered a heap overflow vulnerability within the pdf_load_mesh_params function, allowing an attacker to cause an application crash (denial-of-service), or potentially to execute arbitrary code with the privileges of the user running MuPDF, if a specially crafted PDF file is processed. For the stable distribution (jessie), these problems have been fixed in version 1.5-1+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 30, 2016 Share Posted August 30, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3656-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 30, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tryton-server CVE ID : CVE-2016-1241 CVE-2016-1242 Two vulnerabilities have been discovered in the server for the Tryton application platform, which may result in information disclosure of password hashes or file contents. For the stable distribution (jessie), these problems have been fixed in version 3.4.0-3+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 4.0.4-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3657-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 30, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libarchive CVE ID : CVE-2015-8916 CVE-2015-8917 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8925 CVE-2015-8926 CVE-2015-8928 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-4300 CVE-2016-4302 CVE-2016-4809 CVE-2016-5844 Hanno Boeck and Marcin Noga discovered multiple vulnerabilities in libarchive; processing malformed archives may result in denial of service or the execution of arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 3.1.2-11+deb8u2. For the testing distribution (stretch), these problems have been fixed in version 3.2.1-1. For the unstable distribution (sid), these problems have been fixed in version 3.2.1-1. Link to comment Share on other sites More sharing options...
sunrat Posted September 3, 2016 Share Posted September 3, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3658-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 01, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libidn CVE ID : CVE-2015-8948 CVE-2016-6261 CVE-2016-6263 Hanno Boeck discovered multiple vulnerabilities in libidn, the GNU library for Internationalized Domain Names (IDNs), allowing a remote attacker to cause a denial of service against an application using the libidn library (application crash). For the stable distribution (jessie), these problems have been fixed in version 1.29-1+deb8u2. For the testing distribution (stretch), these problems have been fixed in version 1.33-1. For the unstable distribution (sid), these problems have been fixed in version 1.33-1. Link to comment Share on other sites More sharing options...
sunrat Posted September 5, 2016 Share Posted September 5, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3653-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : flex CVE ID : CVE-2016-6354 Debian Bug : 832768 835542 It was reported that the update for flex as released in DSA-3653-1 did not completely address CVE-2016-6354 as intended due to problems in the patch handling and regenerated files during the build. Additionally a regression was introduced, causing new warnings when compiling flex generated code. Updated packages are now available to address these problems. For reference, the relevant part of the original advisory text follows. Alexander Sulfrian discovered a buffer overflow in the yy_get_next_buffer() function generated by Flex, which may result in denial of service and potentially the execution of code if operating on data from untrusted sources. Affected applications need to be rebuild. For the stable distribution (jessie), this problem has been fixed in version 2.5.39-8+deb8u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3659-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2016-5696 CVE-2016-6136 CVE-2016-6480 CVE-2016-6828 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. CVE-2016-5696 Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, and Srikanth V. Krishnamurthy of the University of California, Riverside; and Lisa M. Marvel of the United States Army Research Laboratory discovered that Linux's implementation of the TCP Challenge ACK feature results in a side channel that can be used to find TCP connections between specific IP addresses, and to inject messages into those connections. Where a service is made available through TCP, this may allow remote attackers to impersonate another connected user to the server or to impersonate the server to another connected user. In case the service uses a protocol with message authentication (e.g. TLS or SSH), this vulnerability only allows denial of service (connection failure). An attack takes tens of seconds, so short-lived TCP connections are also unlikely to be vulnerable. This may be mitigated by increasing the rate limit for TCP Challenge ACKs so that it is never exceeded: sysctl net.ipv4.tcp_challenge_ack_limit=1000000000 CVE-2016-6136 Pengfei Wang discovered that the audit subsystem has a 'double-fetch' or 'TOCTTOU' bug in its handling of special characters in the name of an executable. Where audit logging of execve() is enabled, this allows a local user to generate misleading log messages. CVE-2016-6480 Pengfei Wang discovered that the aacraid driver for Adaptec RAID controllers has a 'double-fetch' or 'TOCTTOU' bug in its validation of 'FIB' messages passed through the ioctl() system call. This has no practical security impact in current Debian releases. CVE-2016-6828 Marco Grassi reported a 'use-after-free' bug in the TCP implementation, which can be triggered by local users. The security impact is unclear, but might include denial of service or privilege escalation. For the stable distribution (jessie), these problems have been fixed in version 3.16.36-1+deb8u1. In addition, this update contains several changes originally targeted for the upcoming jessie point release. Link to comment Share on other sites More sharing options...
sunrat Posted September 6, 2016 Share Posted September 6, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3660-1 security@debian.org https://www.debian.org/security/ Michael Gilbert September 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2016-5147 CVE-2016-5148 CVE-2016-5149 CVE-2016-5150 CVE-2016-5151 CVE-2016-5152 CVE-2016-5153 CVE-2016-5154 CVE-2016-5155 CVE-2016-5156 CVE-2016-5157 CVE-2016-5158 CVE-2016-5159 CVE-2016-5160 CVE-2016-5161 CVE-2016-5162 CVE-2016-5163 CVE-2016-5164 CVE-2016-5165 CVE-2016-5166 CVE-2016-5167 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5147 A cross-site scripting issue was discovered. CVE-2016-5148 Another cross-site scripting issue was discovered. CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling. CVE-2016-5150 A use-after-free issue was discovered in Blink/Webkit. CVE-2016-5151 A use-after-free issue was discovered in the pdfium library. CVE-2016-5152 GiWan Go discovered a heap overflow issue in the pdfium library. CVE-2016-5153 Atte Kettunen discovered a use-after-destruction issue. CVE-2016-5154 A heap overflow issue was discovered in the pdfium library. CVE-2016-5155 An address bar spoofing issue was discovered. CVE-2016-5156 jinmo123 discovered a use-after-free issue. CVE-2016-5157 A heap overflow issue was discovered in the pdfium library. CVE-2016-5158 GiWan Go discovered a heap overflow issue in the pdfium library. CVE-2016-5159 GiWan Go discovered another heap overflow issue in the pdfium library. CVE-2016-5160 @l33terally discovered an extensions resource bypass. CVE-2016-5161 A type confusion issue was discovered. CVE-2016-5162 Nicolas Golubovic discovered an extensions resource bypass. CVE-2016-5163 Rafay Baloch discovered an address bar spoofing issue. CVE-2016-5164 A cross-site scripting issue was discovered in the developer tools. CVE-2016-5165 Gregory Panakkal discovered a script injection issue in the developer tools. CVE-2016-5166 Gregory Panakkal discovered an issue with the Save Page As feature. CVE-2016-5167 The chrome development team found and fixed various issues during internal auditing. For the stable distribution (jessie), these problems have been fixed in version 53.0.2785.89-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 53.0.2785.89-1. Link to comment Share on other sites More sharing options...
Recommended Posts