sunrat Posted October 27, 2016 Share Posted October 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3699-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : virtualbox Upstream support for the 4.3 release series has ended and since no information is available which would allow backports of isolated security fixes, security support for virtualbox in jessie needed to be ended as well. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ - ------------------------------------------------------------------------- Debian Security Advisory DSA-3701-1 security@debian.org https://www.debian.org/security/ Florian Weimer October 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nginx CVE ID : CVE-2016-1247 Dawid Golunski reported the nginx web server packages in Debian suffered from a privilege escalation vulnerability (www-data to root) due to the way log files are handled. This security update changes ownership of the /var/log/nginx directory root. In addition, /var/log/nginx has to be made accessible to local users, and local users may be able to read the log files themselves local until the next logrotate invocation. For the stable distribution (jessie), this problem has been fixed in version 1.6.2-5+deb8u3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3700-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : asterisk CVE ID : CVE-2015-3008 CVE-2016-2232 CVE-2016-2316 CVE-2016-7551 Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in denial of service or incorrect certificate validation. For the stable distribution (jessie), these problems have been fixed in version 1:11.13.1~dfsg-2+deb8u1. For the unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted October 29, 2016 Share Posted October 29, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3701-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 28, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nginx Debian Bug : 842276 The update for nginx issued as DSA-3701-1 to address CVE-2016-1247 introduced a packaging issue, which prevents nginx from being reinstalled or upgraded to a subsequent release. Updated packages are now available to address this problem. For reference, the original advisory text follows. Dawid Golunski reported the nginx web server packages in Debian suffered from a privilege escalation vulnerability (www-data to root) due to the way log files are handled. This security update changes ownership of the /var/log/nginx directory root. In addition, /var/log/nginx has to be made accessible to local users, and local users may be able to read the log files themselves local until the next logrotate invocation. For the stable distribution (jessie), this problem has been fixed in version 1.6.2-5+deb8u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3691-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 28, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript Debian Bug : 840691 The update for ghostscript issued as DSA-3691-1 caused regressions for certain Postscript document viewers (evince, zathura). Updated packages are now available to address this problem. For reference, the original advisory text follows. Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or information disclosure if a specially crafted Postscript file is processed. For the stable distribution (jessie), this problem has been fixed in version 9.06~dfsg-2+deb8u4. Link to comment Share on other sites More sharing options...
sunrat Posted November 2, 2016 Share Posted November 2, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3702-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 01, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tar CVE ID : CVE-2016-6321 Debian Bug : 842339 Harry Sintonen discovered that GNU tar does not properly handle member names containing '..', thus allowing an attacker to bypass the path names specified on the command line and replace files and directories in the target directory. For the stable distribution (jessie), this problem has been fixed in version 1.27.1-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1.29b-1.1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3703-1 security@debian.org https://www.debian.org/security/ Florian Weimer November 01, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bind9 CVE ID : CVE-2016-8864 Debian Bug : 842858 Tony Finch and Marco Davids reported an assertion failure in BIND, a DNS server implementation, which causes the server process to terminate. This denial-of-service vulnerability is related to a defect in the processing of responses with DNAME records from authoritative servers and primarily affects recursive resolvers. For the stable distribution (jessie), this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u8. Link to comment Share on other sites More sharing options...
sunrat Posted November 3, 2016 Share Posted November 3, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3704-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : memcached CVE ID : CVE-2016-8704 CVE-2016-8705 CVE-2016-8706 Debian Bug : 842811 842812 842814 Aleksandar Nikolic of Cisco Talos discovered several integer overflow vulnerabilities in memcached, a high-performance memory object caching system. A remote attacker can take advantage of these flaws to cause a denial of service (daemon crash), or potentially to execute arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 1.4.21-1.1+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted November 4, 2016 Share Posted November 4, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3705-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini November 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : curl CVE ID : CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 Several vulnerabilities were discovered in cURL, an URL transfer library: CVE-2016-8615 It was discovered that a malicious HTTP server could inject new cookies for arbitrary domains into a cookie jar. CVE-2016-8616 It was discovered that when re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. CVE-2016-8617 It was discovered that on systems with 32-bit addresses in userspace (e.g. x86, ARM, x32), the output buffer size value calculated in the base64 encode function would wrap around if input size was at least 1GB of data, causing an undersized output buffer to be allocated. CVE-2016-8618 It was discovered that the curl_maprintf() function could be tricked into doing a double-free due to an unsafe size_t multiplication on systems using 32 bit size_t variables. CVE-2016-8619 It was discovered that that the Kerberos implementation could be tricked into doing a double-free when reading one of the length fields from a socket. CVE-2016-8620 It was discovered that the curl tool's "globbing" feature could write to invalid memory areas when parsing invalid ranges. CVE-2016-8621 It was discovered that the function curl_getdate could read out of bounds when parsing invalid date strings. CVE-2016-8622 It was discovered that the URL percent-encoding decode function would return a signed 32bit integer variable as length, even though it allocated a destination buffer larger than 2GB, which would lead to a out-of-bounds write. CVE-2016-8623 It was discovered that libcurl could access an already-freed memory area due to concurrent access to shared cookies. This could lead to a denial of service or disclosure of sensitive information. CVE-2016-8624 It was discovered that curl wouldn't parse the authority component of a URL correctly when the host name part ends with a '#' character, and could be tricked into connecting to a different host. For the stable distribution (jessie), these problems have been fixed in version 7.38.0-4+deb8u5. For the unstable distribution (sid), these problems have been fixed in version 7.51.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted November 7, 2016 Share Posted November 7, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3706-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2016-5584 CVE-2016-7440 Debian Bug : 841050 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.53, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-53.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html For the stable distribution (jessie), these problems have been fixed in version 5.5.53-0+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3707-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2016-5542 CVE-2016-5554 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service. For the stable distribution (jessie), this problem has been fixed in version 7u111-2.6.7-2~deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3708-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mat CVE ID : not yet available Debian Bug : 826101 Hartmut Goebel discovered that MAT, a toolkit to anonymise/remove metadata from files did not remove metadata from images embededed in PDF documents. For the stable distribution (jessie), this problem has been fixed in version 0.5.2-3+deb8u1. This update disables PDF support in MAT entirely. Link to comment Share on other sites More sharing options...
sunrat Posted November 11, 2016 Share Posted November 11, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3709-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 08, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libxslt CVE ID : CVE-2016-4738 Debian Bug : 842570 Nick Wellnhofer discovered that the xsltFormatNumberConversion function in libxslt, an XSLT processing runtime library, does not properly check for a zero byte terminating the pattern string. This flaw can be exploited to leak a couple of bytes after the buffer that holds the pattern string. For the stable distribution (jessie), this problem has been fixed in version 1.1.28-2+deb8u2. For the testing distribution (stretch), this problem has been fixed in version 1.1.29-2. For the unstable distribution (sid), this problem has been fixed in version 1.1.29-2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3710-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 10, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pillow CVE ID : CVE-2016-9189 CVE-2016-9190 Cris Neckar discovered multiple vulnerabilities in Pillow, a Python imaging library, which may result in the execution of arbitrary code or information disclosure if a malformed image file is processed. For the stable distribution (jessie), these problems have been fixed in version 2.6.1-2+deb8u3. For the testing distribution (stretch), these problems have been fixed in version 3.4.2-1. For the unstable distribution (sid), these problems have been fixed in version 3.4.2-1. Link to comment Share on other sites More sharing options...
sunrat Posted November 12, 2016 Share Posted November 12, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3711-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mariadb-10.0 CVE ID : CVE-2016-3492 CVE-2016-5584 CVE-2016-5616 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6663 CVE-2016-7440 CVE-2016-8283 Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.28. Please see the MariaDB 10.0 Release Notes for further details: https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ For the stable distribution (jessie), these problems have been fixed in version 10.0.28-0+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 10.0.28-1. For the unstable distribution (sid), these problems have been fixed in version 10.0.28-1. Link to comment Share on other sites More sharing options...
sunrat Posted November 14, 2016 Share Posted November 14, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3712-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 13, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : terminology CVE ID : CVE-2015-8971 Nicolas Braud-Santoni discovered that incorrect sanitising of character escape sequences in the Terminology terminal emulator may result in the execution of arbitrary commands. For the stable distribution (jessie), this problem has been fixed in version 0.7.0-1+deb8u1. For the unstable distribution (sid), this problem will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted November 15, 2016 Share Posted November 15, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3713-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-bad0.10 CVE ID : not yet available Chris Evans discovered that the GStreamer 0.10 plugin to decode NES Sound Format files allowed the execution of arbitrary code. Further details can be found in his advisory at http://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-compromising-linux-desktop.html For the stable distribution (jessie), this problem has been fixed in version 0.10.23-7.4+deb8u1. The unstable distribution (sid) no longer contains Gstreamer 0.10. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3715-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : moin CVE ID : CVE-2016-7146 CVE-2016-7148 CVE-2016-9119 Debian Bug : 844338 844340 844341 Several cross-site scripting vulnerabilities were discovered in moin, a Python clone of WikiWiki. A remote attacker can conduct cross-site scripting attacks via the GUI editor's attachment dialogue (CVE-2016-7146), the AttachFile view (CVE-2016-7148) and the GUI editor's link dialogue (CVE-2016-9119). For the stable distribution (jessie), these problems have been fixed in version 1.9.8-1+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted November 16, 2016 Share Posted November 16, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3714-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : akonadi Debian Bug : 843534 In some configurations the MySQL storage backend for Akonadi, an extensible cross-desktop Personal Information Management (PIM) storage service failed to start after applying the MySQL 5.5.53 security upgrade. This update extends the /etc/akonadi/mysql-global.conf configuration file to restore compatibility (version 1.13.0-2+deb8u2). - ------------------------------------------------------------------------- Debian Security Advisory DSA-3716-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 16, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2016-5290 CVE-2016-5291 CVE-2016-5296 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 CVE-2016-9074 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or bypass of the same-origin policy. Also, a man-in-the-middle attack in the addon update mechanism has been fixed. For the stable distribution (jessie), these problems have been fixed in version 45.5.0esr-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 45.5.0esr-1 and version 50.0-1 of the firefox source package. Link to comment Share on other sites More sharing options...
sunrat Posted November 18, 2016 Share Posted November 18, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3717-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-bad1.0 / gst-plugins-bad0.10 CVE ID : not yet available Chris Evans discovered that the GStreamer plugin to decode VMware screen capture files allowed the execution of arbitrary code. For the stable distribution (jessie), this problem has been fixed in version 1.4.4-2.1+deb8u1 of gst-plugins-bad1.0 and version 0.10.23-7.4+deb8u2 of gst-plugins-bad0.10. For the unstable distribution (sid), this problem has been fixed in version 1.10.1-1 of gst-plugins-bad1.0. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3718-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : drupal7 CVE ID : not yet available Multiple vulnerabilities has been found in the Drupal content management framework. For additional information, please refer to the upstream a dvisory at https://www.drupal.org/SA-CORE-2016-005 For the stable distribution (jessie), this problem has been fixed in version 7.32-1+deb8u8. For the unstable distribution (sid), this problem has been fixed in version 7.52-1. Link to comment Share on other sites More sharing options...
sunrat Posted November 21, 2016 Share Posted November 21, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3719-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond November 21, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for DCERPC, AllJoyn, DTN, and OpenFlow, that could lead to various crashes, denial-of-service, or execution of arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u10. For the unstable distribution (sid), these problems have been fixed in version 2.2.2+g9c5aae3-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3720-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat8 CVE ID : CVE-2016-0762 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 Debian Bug : 840685 Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrites, and potentially escalation of privileges. For the stable distribution (jessie), these problems have been fixed in version 8.0.14-1+deb8u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3721-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat7 CVE ID : CVE-2016-0762 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 Debian Bug : 841655 842662 842663 842664 842665 842666 Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in possible timing attacks to determine valid user names, bypass of the SecurityManager, disclosure of system properties, unrestricted access to global resources, arbitrary file overwrites, and potentially escalation of privileges. For the stable distribution (jessie), these problems have been fixed in version 7.0.56-3+deb8u5. Link to comment Share on other sites More sharing options...
sunrat Posted November 22, 2016 Share Posted November 22, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3722-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 22, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vim CVE ID : CVE-2016-1248 Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. For the stable distribution (jessie), this problem has been fixed in version 2:7.4.488-7+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted November 25, 2016 Share Posted November 25, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3723-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-good1.0 CVE ID : CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 Debian Bug : 845375 Chris Evans discovered that the GStreamer 1.0 plugin used to decode files in the FLIC format allowed execution of arbitrary code. Further details can be found in his advisory at https://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-advancing-exploitation.html For the stable distribution (jessie), these problems have been fixed in version 1.4.4-2+deb8u2. For the unstable distribution (sid), these problems have been fixed in version 1.10.1-2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3724-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-good0.10 CVE ID : CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 Chris Evans discovered that the GStreamer 0.10 plugin used to decode files in the FLIC format allowed execution of arbitrary code. Further details can be found in his advisory at https://scarybeastsecurity.blogspot.de/2016/11/0day-exploit-advancing-exploitation.html This update removes the insecure FLIC file format plugin. For the stable distribution (jessie), these problems have been fixed in version 0.10.31-3+nmu4+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted November 28, 2016 Share Posted November 28, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3726-1 security@debian.org https://www.debian.org/security/ Luciano Bello November 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2016-7799 CVE-2016-7906 CVE-2016-8677 Debian Bug : #840437 #845195 #845196 #845198 #845202 #845206 #845212 #845213 #845242 #845243 #845244 #845246 #840435 Several issues have been discovered in ImageMagick, a popular set of programs and libraries for image manipulation. These issues include several problems in memory handling that can result in a denial of service attack or in execution of arbitrary code by an attacker with control on the image input. For the stable distribution (jessie), these problems have been fixed in version 8:6.8.9.9-5+deb8u6. For the unstable distribution (sid), these problems have been fixed in version 8:6.9.6.5+dfsg-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3725-1 security@debian.org https://www.debian.org/security/ Luciano Bello November 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icu CVE ID : CVE-2014-9911 CVE-2015-2632 CVE-2015-4844 CVE-2016-0494 CVE-2016-6293 CVE-2016-7415 Debian Bug : 838694 Several vulnerabilities were discovered in the International Components for Unicode (ICU) library. CVE-2014-9911 Michele Spagnuolo discovered a buffer overflow vulnerability which might allow remote attackers to cause a denial of service or possibly execute arbitrary code via crafted text. CVE-2015-2632 An integer overflow vulnerability might lead into a denial of service or disclosure of portion of application memory if an attacker has control on the input file. CVE-2015-4844 Buffer overflow vulnerabilities might allow an attacker with control on the font file to perform a denial of service attacker or, possibly, execute arbitrary code. CVE-2016-0494 Integer signedness issues were introduced as part of the CVE-2015-4844 fix. CVE-2016-6293 A buffer overflow might allow an attacker to perform a denial of service or disclosure of portion of application memory. CVE-2016-7415 A stack-based buffer overflow might allow an attacker with control on the locale string to perform a denial of service and, possibly, execute arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 52.1-8+deb8u4. For the unstable distribution (sid), these problems have been fixed in version 57.1-5. Link to comment Share on other sites More sharing options...
sunrat Posted December 1, 2016 Share Posted December 1, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3727-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond November 30, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : hdf5 CVE ID : CVE-2016-4330 CVE-2016-4331 CVE-2016-4332 CVE-2016-4333 Debian Bug : 845301 Cisco Talos discovered that hdf5, a file format and library for storing scientific data, contained several vulnerabilities that could lead to arbitrary code execution when handling untrusted data. For the stable distribution (jessie), these problems have been fixed in version 1.8.13+docs-15+deb8u1. For the testing distribution (stretch) and unstable distribution (sid), these problems have been fixed in version 1.10.0-patch1+docs-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 2, 2016 Share Posted December 2, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3728-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 01, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2016-9079 A use-after-free vulnerability in the SVG Animation was discovered in the Mozilla Firefox web browser, allowing a remote attacker to cause a denial of service (application crash) or execute arbitrary code, if a user is tricked into opening a specially crafted website. For the stable distribution (jessie), this problem has been fixed in version 45.5.1esr-1~deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 8, 2016 Share Posted December 8, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3729-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 07, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2016-7777 CVE-2016-9379 CVE-2016-9380 CVE-2016-9382 CVE-2016-9383 CVE-2016-9385 CVE-2016-9386 Debian Bug : 845663 845664 845665 845668 845670 Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7777 (XSA-190) Jan Beulich from SUSE discovered that Xen does not properly honor CR0.TS and CR0.EM for x86 HVM guests, potentially allowing guest users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it. CVE-2016-9379, CVE-2016-9380 (XSA-198) Daniel Richman and Gabor Szarka of the Cambridge University Student-Run Computing Facility discovered that pygrub, the boot loader emulator, fails to quote (or sanity check) its results when reporting them to its caller. A malicious guest administrator can take advantage of this flaw to cause an information leak or denial of service. CVE-2016-9382 (XSA-192) Jan Beulich of SUSE discovered that Xen does not properly handle x86 task switches to VM86 mode. A unprivileged guest process can take advantage of this flaw to crash the guest or, escalate its privileges to that of the guest operating system. CVE-2016-9383 (XSA-195) George Dunlap of Citrix discovered that the Xen x86 64-bit bit test instruction emulation is broken. A malicious guest can take advantage of this flaw to modify arbitrary memory, allowing for arbitrary code execution, denial of service (host crash), or information leaks. CVE-2016-9385 (XSA-193) Andrew Cooper of Citrix discovered that Xen's x86 segment base write emulation lacks canonical address checks. A malicious guest administrator can take advantage of this flaw to crash the host, leading to a denial of service. CVE-2016-9386 (XSA-191) Andrew Cooper of Citrix discovered that x86 null segments are not always treated as unusable. An unprivileged guest user program may be able to elevate its privilege to that of the guest operating system. For the stable distribution (jessie), these problems have been fixed in version 4.4.1-9+deb8u8. Link to comment Share on other sites More sharing options...
sunrat Posted December 12, 2016 Share Posted December 12, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3730-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-5290 CVE-2016-5291 CVE-2016-5296 CVE-2016-5297 CVE-2016-9066 CVE-2016-9074 CVE-2016-9079 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, same-origin policy bypass issues, integer overflows, buffer overflows and use-after-frees may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), these problems have been fixed in version 1:45.5.1-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 1:45.5.1-1 or earlier. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3731-1 security@debian.org https://www.debian.org/security/ Michael Gilbert December 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188 CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-5192 CVE-2016-5193 CVE-2016-5194 CVE-2016-5198 CVE-2016-5199 CVE-2016-5200 CVE-2016-5201 CVE-2016-5202 CVE-2016-5203 CVE-2016-5204 CVE-2016-5205 CVE-2016-5206 CVE-2016-5207 CVE-2016-5208 CVE-2016-5209 CVE-2016-5210 CVE-2016-5211 CVE-2016-5212 CVE-2016-5213 CVE-2016-5214 CVE-2016-5215 CVE-2016-5216 CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5220 CVE-2016-5221 CVE-2016-5222 CVE-2016-5223 CVE-2016-5224 CVE-2016-5225 CVE-2016-5226 CVE-2016-9650 CVE-2016-9651 CVE-2016-9652 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5181 A cross-site scripting issue was discovered. CVE-2016-5182 Giwan Go discovered a heap overflow issue. CVE-2016-5183 A use-after-free issue was discovered in the pdfium library. CVE-2016-5184 Another use-after-free issue was discovered in the pdfium library. CVE-2016-5185 cloudfuzzer discovered a use-after-free issue in Blink/Webkit. CVE-2016-5186 Abdulrahman Alqabandi discovered an out-of-bounds read issue in the developer tools. CVE-2016-5187 Luan Herrera discovered a URL spoofing issue. CVE-2016-5188 Luan Herrera discovered that some drop down menus can be used to hide parts of the user interface. CVE-2016-5189 xisigr discovered a URL spoofing issue. CVE-2016-5190 Atte Kettunen discovered a use-after-free issue. CVE-2016-5191 Gareth Hughes discovered a cross-site scripting issue. CVE-2016-5192 haojunhou@gmail.com discovered a same-origin bypass. CVE-2016-5193 Yuyang Zhou discovered a way to pop open a new window. CVE-2016-5194 The chrome development team found and fixed various issues during internal auditing. CVE-2016-5198 Tencent Keen Security Lab discovered an out-of-bounds memory access issue in the v8 javascript library. CVE-2016-5199 A heap corruption issue was discovered in the ffmpeg library. CVE-2016-5200 Choongwoo Han discovered an out-of-bounds memory access issue in the v8 javascript library. CVE-2016-5201 Rob Wu discovered an information leak. CVE-2016-5202 The chrome development team found and fixed various issues during internal auditing. CVE-2016-5203 A use-after-free issue was discovered in the pdfium library. CVE-2016-5204 Mariusz Mlynski discovered a cross-site scripting issue in SVG image handling. CVE-2016-5205 A cross-site scripting issue was discovered. CVE-2016-5206 Rob Wu discovered a same-origin bypass in the pdfium library. CVE-2016-5207 Mariusz Mlynski discovered a cross-site scripting issue. CVE-2016-5208 Mariusz Mlynski discovered another cross-site scripting issue. CVE-2016-5209 Giwan Go discovered an out-of-bounds write issue in Blink/Webkit. CVE-2016-5210 Ke Liu discovered an out-of-bounds write in the pdfium library. CVE-2016-5211 A use-after-free issue was discovered in the pdfium library. CVE-2016-5212 Khalil Zhani discovered an information disclosure issue in the developer tools. CVE-2016-5213 Khalil Zhani discovered a use-after-free issue in the v8 javascript library. CVE-2016-5214 Jonathan Birch discovered a file download protection bypass. CVE-2016-5215 Looben Yang discovered a use-after-free issue. CVE-2016-5216 A use-after-free issue was discovered in the pdfium library. CVE-2016-5217 Rob Wu discovered a condition where data was not validated by the pdfium library. CVE-2016-5218 Abdulrahman Alqabandi discovered a URL spoofing issue. CVE-2016-5219 Rob Wu discovered a use-after-free issue in the v8 javascript library. CVE-2016-5220 Rob Wu discovered a way to access files on the local system. CVE-2016-5221 Tim Becker discovered an integer overflow issue in the angle library. CVE-2016-5222 xisigr discovered a URL spoofing issue. CVE-2016-5223 Hwiwon Lee discovered an integer overflow issue in the pdfium library. CVE-2016-5224 Roeland Krak discovered a same-origin bypass in SVG image handling. CVE-2016-5225 Scott Helme discovered a Content Security Protection bypass. CVE-2016-5226 Jun Kokatsu discovered a cross-scripting issue. CVE-2016-9650 Jakub Żoczek discovered a Content Security Protection information disclosure. CVE-2016-9651 Guang Gong discovered a way to access private data in the v8 javascript library. CVE-2016-9652 The chrome development team found and fixed various issues during internal auditing. For the stable distribution (jessie), these problems have been fixed in version 55.0.2883.75-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 55.0.2883.75-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 13, 2016 Share Posted December 13, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3732-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 13, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2016-9138 CVE-2016-9933 CVE-2016-9934 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.28, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://secure.php.net/ChangeLog-5.php#5.6.28 For the stable distribution (jessie), these problems have been fixed in version 5.6.28+dfsg-0+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3733-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 13, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apt CVE ID : CVE-2016-1252 Jann Horn of Google Project Zero discovered that APT, the high level package manager, does not properly handle errors when validating signatures on InRelease files. An attacker able to man-in-the-middle HTTP requests to an apt repository that uses InRelease files (clearsigned Release files), can take advantage of this flaw to circumvent the signature of the InRelease file, leading to arbitrary code execution. For the stable distribution (jessie), this problem has been fixed in version 1.0.9.8.4. For the unstable distribution (sid), this problem has been fixed in version 1.4~beta2. Link to comment Share on other sites More sharing options...
sunrat Posted December 14, 2016 Share Posted December 14, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3734-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 14, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2016-9893 CVE-2016-9895 CVE-2016-9897 CVE-2016-9898 CVE-2016-9899 CVE-2016-9900 CVE-2016-9901 CVE-2016-9902 CVE-2016-9904 CVE-2016-9905 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or information leaks. For the stable distribution (jessie), these problems have been fixed in version 45.6.0esr-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 45.6.0esr-1 of firefox-esr and version 50.1.0-1 of firefox. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3735-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : game-music-emu CVE ID : not yet available Chris Evans discovered that incorrect emulation of the SPC700 audio co-processor of the Super Nintendo Entertainment System allows the execution of arbitrary code if a malformed SPC music file is opened. Further information can be found at http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html For the stable distribution (jessie), this problem has been fixed in version 0.5.5-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 0.6.0-4. Link to comment Share on other sites More sharing options...
sunrat Posted December 16, 2016 Share Posted December 16, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3736-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 16, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libupnp CVE ID : CVE-2016-6255 CVE-2016-8863 Debian Bug : 831857 842093 Two vulnerabilities were discovered in libupnp, a portable SDK for UPnP devices. CVE-2016-6255 Matthew Garret discovered that libupnp by default allows any user to write to the filesystem of the host running a libupnp-based server application. CVE-2016-8863 Scott Tenaglia discovered a heap buffer overflow vulnerability, that can lead to denial of service or remote code execution. For the stable distribution (jessie), these problems have been fixed in version 1:1.6.19+git20141001-1+deb8u1. For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 1:1.6.19+git20160116-1.2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3737-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 16, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2016-9935 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.29, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.29 For the stable distribution (jessie), this problem has been fixed in version 5.6.29+dfsg-0+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 19, 2016 Share Posted December 19, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3738-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 18, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat7 CVE ID : CVE-2016-6816 CVE-2016-8735 CVE-2016-9774 CVE-2016-9775 Debian Bug : 802312 845385 845393 Multiple security vulnerabilities were discovered in the Tomcat servlet and JSP engine, as well as in its Debian-specific maintainer scripts. Those flaws allowed for privilege escalation, information disclosure, and remote code execution. As part of this update, several regressions stemming from incomplete fixes for previous vulnerabilities were also fixed. For the stable distribution (jessie), these problems have been fixed in version 7.0.56-3+deb8u6. For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 7.0.72-3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3739-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 18, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat8 CVE ID : CVE-2016-6816 CVE-2016-8735 CVE-2016-9774 CVE-2016-9775 Debian Bug : 802312 845385 845393 Multiple security vulnerabilities were discovered in the Tomcat servlet and JSP engine, as well as in its Debian-specific maintainer scripts. Those flaws allowed for privilege escalation, information disclosure, and remote code execution. As part of this update, several regressions stemming from incomplete fixes for previous vulnerabilities were also fixed. For the stable distribution (jessie), these problems have been fixed in version 8.0.14-1+deb8u5. For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 8.5.8-2. Link to comment Share on other sites More sharing options...
sunrat Posted December 21, 2016 Share Posted December 21, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3741-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 20, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tor CVE ID : CVE-2016-1254 Debian Bug : 848847 It was discovered that Tor, a connection-based low-latency anonymous communication system, may read one byte past a buffer when parsing hidden service descriptors. This issue may enable a hostile hidden service to crash Tor clients depending on hardening options and malloc implementation. For the stable distribution (jessie), this problem has been fixed in version 0.2.5.12-4. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 0.2.9.8-2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3742-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 20, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : flightgear CVE ID : CVE-2016-9956 It was discovered that the Flight Gear flight simulator performs insufficient sanitising of Nasal scripts which allows a malicious script to overwrite arbitrary files with the privileges of the user running Flight Gear. For the stable distribution (jessie), this problem has been fixed in version 3.0.0-5+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1:2016.4.3+dfsg-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3743-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 20, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-bottle CVE ID : CVE-2016-9964 Debian Bug : 848392 It was discovered that bottle, a WSGI-framework for the Python programming language, did not properly filter "\r\n" sequences when handling redirections. This allowed an attacker to perform CRLF attacks such as HTTP header injection. For the stable distribution (jessie), this problem has been fixed in version 0.12.7-1+deb8u1. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 0.12.11-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 21, 2016 Share Posted December 21, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3732-2 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 21, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php-ssh2 Debian Bug : 848632 The update for php5 issued as DSA-3732-1 caused segfaults in php-ssh2. Updated packages are now available to correct this issue. For the stable distribution (jessie), this problem has been fixed in version 0.12-3+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 24, 2016 Share Posted December 24, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3744-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libxml2 CVE ID : CVE-2016-4658 CVE-2016-5131 Debian Bug : 840553 840554 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause a denial-of-service against the application, or potentially, the execution of arbitrary code with the privileges of the user running the application. For the stable distribution (jessie), these problems have been fixed in version 2.9.1+dfsg1-5+deb8u4. For the testing distribution (stretch), these problems have been fixed in version 2.9.4+dfsg1-2.1. For the unstable distribution (sid), these problems have been fixed in version 2.9.4+dfsg1-2.1. Link to comment Share on other sites More sharing options...
sunrat Posted December 26, 2016 Share Posted December 26, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3745-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : squid3 CVE ID : CVE-2016-10002 Debian Bug : 848493 Saulius Lapinskas from Lithuanian State Social Insurance Fund Board discovered that Squid3, a fully featured web proxy cache, does not properly process responses to If-None-Modified HTTP conditional requests, leading to client-specific Cookie data being leaked to other clients. A remote attacker can take advantage of this flaw to discover private and sensitive information about another clients browsing session. For the stable distribution (jessie), this problem has been fixed in version 3.4.8-6+deb8u4. In addition, this update includes a fix for #819563. For the unstable distribution (sid), this problem has been fixed in version 3.5.23-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3746-1 security@debian.org https://www.debian.org/security/ Luciano Bello December 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : graphicsmagick CVE ID : CVE-2015-8808 CVE-2016-2317 CVE-2016-2318 CVE-2016-3714 CVE-2016-3715 CVE-2016-5118 CVE-2016-5240 CVE-2016-7800 CVE-2016-7996 CVE-2016-7997 CVE-2016-8682 CVE-2016-8683 CVE-2016-8684 CVE-2016-9830 Debian Bug : 814732 825800 847055 Several vulnerabilities have been discovered in GraphicsMagick, a collection of image processing tool, which can cause denial of service attacks, remote file deletion, and remote command execution. This security update removes the full support of PLT/Gnuplot decoder to prevent Gnuplot-shell based shell exploits for fixing the CVE-2016-3714 vulnerability. The undocumented "TMP" magick prefix no longer removes the argument file after it has been read for fixing the CVE-2016-3715 vulnerability. Since the "TMP" feature was originally implemented, GraphicsMagick added a temporary file management subsystem which assures that temporary files are removed so this feature is not needed. Remove support for reading input from a shell command, or writing output to a shell command, by prefixing the specified filename (containing the command) with a '|' for fixing the CVE-2016-5118 vulnerability. CVE-2015-8808 Gustavo Grieco discovered an out of bound read in the parsing of GIF files which may cause denial of service. CVE-2016-2317 Gustavo Grieco discovered a stack buffer overflow and two heap buffer overflows while processing SVG images which may cause denial of service. CVE-2016-2318 Gustavo Grieco discovered several segmentation faults while processing SVG images which may cause denial of service. CVE-2016-5240 Gustavo Grieco discovered an endless loop problem caused by negative stroke-dasharray arguments while parsing SVG files which may cause denial of service. CVE-2016-7800 Marco Grassi discovered an unsigned underflow leading to heap overflow when parsing 8BIM chunk often attached to JPG files which may cause denial of service. CVE-2016-7996 Moshe Kaplan discovered that there is no check that the provided colormap is not larger than 256 entries in the WPG reader which may cause denial of service. CVE-2016-7997 Moshe Kaplan discovered that an assertion is thrown for some files in the WPG reader due to a logic error which may cause denial of service. CVE-2016-8682 Agostino Sarubbo of Gentoo discovered a stack buffer read overflow while reading the SCT header which may cause denial of service. CVE-2016-8683 Agostino Sarubbo of Gentoo discovered a memory allocation failure in the PCX coder which may cause denial of service. CVE-2016-8684 Agostino Sarubbo of Gentoo discovered a memory allocation failure in the SGI coder which may cause denial of service. CVE-2016-9830 Agostino Sarubbo of Gentoo discovered a memory allocation failure in MagickRealloc() function which may cause denial of service. For the stable distribution (jessie), these problems have been fixed in version 1.3.20-3+deb8u2. For the testing distribution (stretch), these problems (with the exception of CVE-2016-9830) have been fixed in version 1.3.25-5. For the unstable distribution (sid), these problems have been fixed in version 1.3.25-6. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3747-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : exim4 CVE ID : CVE-2016-9963 Bjoern Jacke discovered that Exim, Debian's default mail transfer agent, may leak the private DKIM signing key to the log files if specific configuration options are met. For the stable distribution (jessie), this problem has been fixed in version 4.84.2-2+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted December 27, 2016 Share Posted December 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3748-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libcrypto++ CVE ID : CVE-2016-9939 Debian Bug : 848009 Gergely Gábor Nagy from Tresorit discovered that libcrypto++, a C++ cryptographic library, contained a bug in several ASN.1 parsing routines. This would allow an attacker to remotely cause a denial of service. For the stable distribution (jessie), this problem has been fixed in version 5.6.1-6+deb8u3. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 5.6.4-5. Link to comment Share on other sites More sharing options...
sunrat Posted December 30, 2016 Share Posted December 30, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3749-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 29, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dcmtk CVE ID : CVE-2015-8979 Debian Bug : 848830 Gjoko Krstic of Zero Science Labs discovered that dcmtk, a collection of libraries implementing the DICOM standard, did not properly handle the size of data received the network. This could lead to denial-of-service (via application crash) or arbitrary code execution. For the stable distribution (jessie), this problem has been fixed in version 3.6.0-15+deb8u1. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 3.6.1~20160216-2. Link to comment Share on other sites More sharing options...
Recommended Posts