Jump to content

Bruno

Recommended Posts

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3971-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 13, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tcpdump

CVE ID : CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543

CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896

CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900

CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986

CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990

CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994

CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998

CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002

CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006

CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010

CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014

CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018

CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022

CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026

CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030

CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034

CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038

CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042

CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046

CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050

CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054

CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689

CVE-2017-13690 CVE-2017-13725

Debian Bug : 867718 873804 873805 873806

 

Several vulnerabilities have been discovered in tcpdump, a command-line

network traffic analyzer. These vulnerabilities might result in denial

of service or, potentially, execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 4.9.2-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.9.2-1~deb9u1.

 

For the testing distribution (buster), these problems have been fixed

in version 4.9.2-1 or earlier versions.

 

For the unstable distribution (sid), these problems have been fixed in

version 4.9.2-1 or earlier versions.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3972-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 13, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bluez

CVE ID : CVE-2017-1000250

Debian Bug : 875633

 

An information disclosure vulnerability was discovered in the Service

Discovery Protocol (SDP) in bluetoothd, allowing a proximate attacker to

obtain sensitive information from bluetoothd process memory, including

Bluetooth encryption keys.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 5.23-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 5.43-2+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3973-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

September 14, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wordpress-shibboleth

CVE ID : CVE-2017-14313

Debian Bug : 874416

 

A cross-site-scripting vulnerability has been discovered in the login

form of the Shibboleth identity provider module for Wordpress.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.4-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.4-2+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3974-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

September 15, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tomcat8

CVE ID : CVE-2017-7674 CVE-2017-7675

Debian Bug : 802312

 

Two issues were discovered in the Tomcat servlet and JSP engine.

 

CVE-2017-7674

 

Rick Riemer discovered that the Cross-Origin Resource Sharing

filter did not add a Vary header indicating possible different

responses, which could lead to cache poisoning.

 

CVE-2017-7675 (stretch only)

 

Markus Dörschmidt found that the HTTP/2 implementation bypassed

some security checks, thus allowing an attacker to conduct

directory traversal attacks by using specially crafted URLs.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 8.0.14-1+deb8u11.

 

For the stable distribution (stretch), these problems have been fixed in

version 8.5.14-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3975-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

September 15, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : emacs25

CVE ID : CVE-2017-14482

 

Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code

execution when rendering text/enriched MIME data (e.g. when using

Emacs-based mail clients).

 

For the stable distribution (stretch), this problem has been fixed in

version 25.1+1-4+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3976-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 17, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : freexl

CVE ID : CVE-2017-2923 CVE-2017-2924

Debian Bug : 875690 875691

 

Marcin 'Icewall' Noga of Cisco Talos discovered two vulnerabilities in

freexl, a library to read Microsoft Excel spreadsheets, which might

result in denial of service or the execution of arbitrary code if a

malformed Excel file is opened.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.0.0g-1+deb8u4.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.0.2-2+deb9u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.0.4-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3977-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 18, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : newsbeuter

CVE ID : CVE-2017-14500

Debian Bug : 876004

 

It was discovered that podbeuter, the podcast fetcher in newsbeuter, a

text-mode RSS feed reader, did not properly escape the name of the media

enclosure (the podcast file), allowing a remote attacker to run an

arbitrary shell command on the client machine. This is only exploitable

if the file is also played in podbeuter.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.8-2+deb8u2.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.9-5+deb9u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.9-7.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3978-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

September 18, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gdk-pixbuf

CVE ID : CVE-2017-2862

Debian Bug : 874552

 

Marcin Noga discovered a buffer overflow in the JPEG loader of the GDK

Pixbuf library, which may result in the execution of arbitrary code if

a malformed file is opened.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.31.1-2+deb8u6.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.36.5-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3979-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

September 19, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : pyjwt

CVE ID : CVE-2017-11424

 

It was discovered that PyJWT, a Python implementation of JSON Web Token

performed insufficient validation of some public key types, which could

allow a remote attacker to craft JWTs from scratch.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 0.2.1-1+deb8u2.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.4.2-1+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3980-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 20, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : apache2

CVE ID : CVE-2017-9798

Debian Bug : 876109

 

Hanno Boeck discovered that incorrect parsing of Limit directives of

.htaccess files by the Apache HTTP Server could result in memory

disclosure.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.4.10-10+deb8u11.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.4.25-3+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3981-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 20, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2017-7518 CVE-2017-7558 CVE-2017-10661 CVE-2017-11600

CVE-2017-12134 CVE-2017-12146 CVE-2017-12153 CVE-2017-12154

CVE-2017-14106 CVE-2017-14140 CVE-2017-14156 CVE-2017-14340

CVE-2017-14489 CVE-2017-14497 CVE-2017-1000111 CVE-2017-1000112

CVE-2017-1000251 CVE-2017-1000252 CVE-2017-1000370 CVE-2017-1000371

CVE-2017-1000380

Debian Bug : 866511 875881

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to privilege escalation, denial of service or information

leaks.

 

CVE-2017-7518

 

Andy Lutomirski discovered that KVM is prone to an incorrect debug

exception (#DB) error occurring while emulating a syscall

instruction. A process inside a guest can take advantage of this

flaw for privilege escalation inside a guest.

 

CVE-2017-7558 (stretch only)

 

Stefano Brivio of Red Hat discovered that the SCTP subsystem is

prone to a data leak vulnerability due to an out-of-bounds read

flaw, allowing to leak up to 100 uninitialized bytes to userspace.

 

CVE-2017-10661 (jessie only)

 

Dmitry Vyukov of Google reported that the timerfd facility does

not properly handle certain concurrent operations on a single file

descriptor. This allows a local attacker to cause a denial of

service or potentially execute arbitrary code.

 

CVE-2017-11600

 

Bo Zhang reported that the xfrm subsystem does not properly

validate one of the parameters to a netlink message. Local users

with the CAP_NET_ADMIN capability can use this to cause a denial

of service or potentially to execute arbitrary code.

 

CVE-2017-12134 / #866511 / XSA-229

 

Jan H. Schoenherr of Amazon discovered that when Linux is running

in a Xen PV domain on an x86 system, it may incorrectly merge

block I/O requests. A buggy or malicious guest may trigger this

bug in dom0 or a PV driver domain, causing a denial of service or

potentially execution of arbitrary code.

 

This issue can be mitigated by disabling merges on the underlying

back-end block devices, e.g.:

echo 2 > /sys/block/nvme0n1/queue/nomerges

 

CVE-2017-12146 (stretch only)

 

Adrian Salido of Google reported a race condition in access to the

"driver_override" attribute for platform devices in sysfs. If

unprivileged users are permitted to access this attribute, this

might allow them to gain privileges.

 

CVE-2017-12153

 

bo Zhang reported that the cfg80211 (wifi) subsystem does not

properly validate the parameters to a netlink message. Local users

with the CAP_NET_ADMIN capability (in any user namespace with a

wifi device) can use this to cause a denial of service.

 

CVE-2017-12154

 

Jim Mattson of Google reported that the KVM implementation for

Intel x86 processors did not correctly handle certain nested

hypervisor configurations. A malicious guest (or nested guest in a

suitable L1 hypervisor) could use this for denial of service.

 

CVE-2017-14106

 

Andrey Konovalov discovered that a user-triggerable division by

zero in the tcp_disconnect() function could result in local denial

of service.

 

CVE-2017-14140

 

Otto Ebeling reported that the move_pages() system call performed

insufficient validation of the UIDs of the calling and target

processes, resulting in a partial ASLR bypass. This made it easier

for local users to exploit vulnerabilities in programs installed

with the set-UID permission bit set.

 

CVE-2017-14156

 

"sohu0106" reported an information leak in the atyfb video driver.

A local user with access to a framebuffer device handled by this

driver could use this to obtain sensitive information.

 

CVE-2017-14340

 

Richard Wareing discovered that the XFS implementation allows the

creation of files with the "realtime" flag on a filesystem with no

realtime device, which can result in a crash (oops). A local user

with access to an XFS filesystem that does not have a realtime

device can use this for denial of service.

 

CVE-2017-14489

 

ChunYu Wang of Red Hat discovered that the iSCSI subsystem does not

properly validate the length of a netlink message, leading to

memory corruption. A local user with permission to manage iSCSI

devices can use this for denial of service or possibly to execute

arbitrary code.

 

CVE-2017-14497 (stretch only)

 

Benjamin Poirier of SUSE reported that vnet headers are not

properly handled within the tpacket_rcv() function in the raw

packet (af_packet) feature. A local user with the CAP_NET_RAW

capability can take advantage of this flaw to cause a denial of

service (buffer overflow, and disk and memory corruption) or have

other impact.

 

CVE-2017-1000111

 

Andrey Konovalov of Google reported a race condition in the raw

packet (af_packet) feature. Local users with the CAP_NET_RAW

capability can use this for denial of service or possibly to

execute arbitrary code.

 

CVE-2017-1000112

 

Andrey Konovalov of Google reported a race condition flaw in the

UDP Fragmentation Offload (UFO) code. A local user can use this

flaw for denial of service or possibly to execute arbitrary code.

 

CVE-2017-1000251 / #875881

 

Armis Labs discovered that the Bluetooth subsystem does not

properly validate L2CAP configuration responses, leading to a

stack buffer overflow. This is one of several vulnerabilities

dubbed "Blueborne". A nearby attacker can use this to cause a

denial of service or possibly to execute arbitrary code on a

system with Bluetooth enabled.

 

CVE-2017-1000252 (stretch only)

 

Jan H. Schoenherr of Amazon reported that the KVM implementation

for Intel x86 processors did not correctly validate interrupt

injection requests. A local user with permission to use KVM could

use this for denial of service.

 

CVE-2017-1000370

 

The Qualys Research Labs reported that a large argument or

environment list can result in ASLR bypass for 32-bit PIE binaries.

 

CVE-2017-1000371

 

The Qualys Research Labs reported that a large argument

orenvironment list can result in a stack/heap clash for 32-bit

PIE binaries.

 

CVE-2017-1000380

 

Alexander Potapenko of Google reported a race condition in the ALSA

(sound) timer driver, leading to an information leak. A local user

with permission to access sound devices could use this to obtain

sensitive information.

 

Debian disables unprivileged user namespaces by default, but if they

are enabled (via the kernel.unprivileged_userns_clone sysctl) then

CVE-2017-11600, CVE-2017-14497 and CVE-2017-1000111 can be exploited

by any local user.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 3.16.43-2+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.9.30-2+deb9u5.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3982-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 21, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : perl

CVE ID : CVE-2017-12837 CVE-2017-12883

Debian Bug : 875596 875597

 

Multiple vulnerabilities were discovered in the implementation of the

Perl programming language. The Common Vulnerabilities and Exposures

project identifies the following problems:

 

CVE-2017-12837

 

Jakub Wilk reported a heap buffer overflow flaw in the regular

expression compiler, allowing a remote attacker to cause a denial of

service via a specially crafted regular expression with the

case-insensitive modifier.

 

CVE-2017-12883

 

Jakub Wilk reported a buffer over-read flaw in the regular

expression parser, allowing a remote attacker to cause a denial of

service or information leak.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 5.20.2-3+deb8u9.

 

For the stable distribution (stretch), these problems have been fixed in

version 5.24.1-3+deb9u2.

 

For the testing distribution (buster), these problems have been fixed

in version 5.26.0-8.

 

For the unstable distribution (sid), these problems have been fixed in

version 5.26.0-8.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3983-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

September 22, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

CVE ID : CVE-2017-12150 CVE-2017-12151 CVE-2017-12163

 

Multiple security issues have been discoverd in Samba, a SMB/CIFS file,

print, and login server for Unix:

 

CVE-2017-12150

 

Stefan Metzmacher discovered multiple code paths where SMB signing

was not enforced.

 

CVE-2017-12151

 

Stefan Metzmacher discovered that tools using libsmbclient did not

enforce encryption when following DFS redirects, which could allow a

man-in-the-middle attacker to read or modify connections which were

meant to be encrypted.

 

CVE-2017-12163

 

Yihan Lian and Zhibin Hu discovered that insufficient range checks

in the processing of SMB1 write requests could result in disclosure

of server memory.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2:4.2.14+dfsg-0+deb8u8.

 

For the stable distribution (stretch), these problems have been fixed in

version 2:4.5.8+dfsg-2+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3984-1 security@debian.org

https://www.debian.org/security/ Florian Weimer

September 26, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : git

Debian Bug : 876854

 

joernchen discovered that the git-cvsserver subcommand of Git, a

distributed version control system, suffers from a shell command

injection vulnerability due to unsafe use of the Perl backtick

operator. The git-cvsserver subcommand is reachable from the

git-shell subcommand even if CVS support has not been configured

(however, the git-cvs package needs to be installed).

 

In addition to fixing the actual bug, this update removes the

cvsserver subcommand from git-shell by default. Refer to the updated

documentation for instructions how to reenable in case this CVS

functionality is still needed.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1:2.1.4-2.1+deb8u5.

 

For the stable distribution (stretch), this problem has been fixed in

version 1:2.11.0-3+deb9u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:2.14.2-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3985-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

September 28, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2017-5111 CVE-2017-5112 CVE-2017-5113 CVE-2017-5114

CVE-2017-5115 CVE-2017-5116 CVE-2017-5117 CVE-2017-5118

CVE-2017-5119 CVE-2017-5120 CVE-2017-5121 CVE-2017-5122

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2017-5111

 

Luat Nguyen discovered a use-after-free issue in the pdfium library.

 

CVE-2017-5112

 

Tobias Klein discovered a buffer overflow issue in the webgl

library.

 

CVE-2017-5113

 

A buffer overflow issue was discovered in the skia library.

 

CVE-2017-5114

 

Ke Liu discovered a memory issue in the pdfium library.

 

CVE-2017-5115

 

Marco Giovannini discovered a type confusion issue in the v8

javascript library.

 

CVE-2017-5116

 

Guang Gong discovered a type confusion issue in the v8 javascript

library.

 

CVE-2017-5117

 

Tobias Klein discovered an uninitialized value in the skia library.

 

CVE-2017-5118

 

WenXu Wu discovered a way to bypass the Content Security Policy.

 

CVE-2017-5119

 

Another uninitialized value was discovered in the skia library.

 

CVE-2017-5120

 

Xiaoyin Liu discovered a way downgrade HTTPS connections during

redirection.

 

CVE-2017-5121

 

Jordan Rabet discovered an out-of-bounds memory access in the v8

javascript library.

 

CVE-2017-5122

 

Choongwoo Han discovered an out-of-bounds memory access in the v8

javascript library.

 

For the stable distribution (stretch), these problems have been fixed in

version 61.0.3163.100-1~deb9u1.

 

For the testing distribution (buster), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 61.0.3163.100-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3986-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 29, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ghostscript

CVE ID : CVE-2017-9611 CVE-2017-9612 CVE-2017-9726 CVE-2017-9727

CVE-2017-9739 CVE-2017-9835 CVE-2017-11714

Debian Bug : 869907 869910 869913 869915 869916 869917 869977

 

Several vulnerabilities were discovered in Ghostscript, the GPL

PostScript/PDF interpreter, which may result in denial of service if a

specially crafted Postscript file is processed.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 9.06~dfsg-2+deb8u6.

 

For the stable distribution (stretch), these problems have been fixed in

version 9.20~dfsg-3.2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3987-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

September 29, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814

CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824

 

Several security issues have been found in the Mozilla Firefox web

browser: Multiple memory safety errors, use-after-frees, buffer

overflows and other implementation errors may lead to the execution of

arbitrary code, denial of service, cross-site scripting or bypass of

the phishing and malware protection feature.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 52.4.0esr-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 52.4.0esr-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3988-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 30, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libidn2-0

CVE ID : CVE-2017-14062

Debian Bug : 873902

 

An integer overflow vulnerability was discovered in decode_digit() in

libidn2-0, the GNU library for Internationalized Domain Names (IDNs),

allowing a remote attacker to cause a denial of service against an

application using the library (application crash).

 

For the oldstable distribution (jessie), this problem has been fixed

in version 0.10-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 0.16-1+deb9u1.

 

For the testing distribution (buster), this problem has been fixed

in version 2.0.2-4.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.0.2-4.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3989-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

October 02, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dnsmasq

CVE ID : CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494

CVE-2017-14495 CVE-2017-14496

 

Felix Wilhelm, Fermin J. Serna, Gabriel Campana, Kevin Hamacher, Ron

Bowes and Gynvael Coldwind of the Google Security Team discovered

several vulnerabilities in dnsmasq, a small caching DNS proxy and

DHCP/TFTP server, which may result in denial of service, information

leak or the execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2.72-3+deb8u2.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.76-5+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3990-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 03, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : asterisk

CVE ID : CVE-2017-14603

 

Klaus-Peter Junghann discovered that insufficient validation of RTCP

packets in Asterisk may result in an information leak. Please see the

upstream advisory at

http://downloads.asterisk.org/pub/security/AST-2017-008.html for

additional details.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1:11.13.1~dfsg-2+deb8u4.

 

For the stable distribution (stretch), this problem has been fixed in

version 1:13.14.1~dfsg-2+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3991-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 03, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : qemu

CVE ID : CVE-2017-9375 CVE-2017-12809 CVE-2017-13672 CVE-2017-13711

CVE-2017-14167

 

Multiple vulnerabilities were found in in qemu, a fast processor emulator:

 

CVE-2017-9375

 

Denial of service via memory leak in USB XHCI emulation.

 

CVE-2017-12809

 

Denial of service in the CDROM device drive emulation.

 

CVE-2017-13672

 

Denial of service in VGA display emulation.

 

CVE-2017-13711

 

Denial of service in SLIRP networking support.

 

CVE-2017-14167

 

Incorrect validation of multiboot headers could result in the

execution of arbitrary code.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:2.8+dfsg-6+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3992-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

October 06, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : curl

CVE ID : CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000254

Debian Bug : 871554 871555 877671

 

Several vulnerabilities have been discovered in cURL, an URL transfer

library. The Common Vulnerabilities and Exposures project identifies the

following problems:

 

CVE-2017-1000100

 

Even Rouault reported that cURL does not properly handle long file

names when doing an TFTP upload. A malicious HTTP(S) server can take

advantage of this flaw by redirecting a client using the cURL

library to a crafted TFTP URL and trick it to send private memory

contents to a remote server over UDP.

 

CVE-2017-1000101

 

Brian Carpenter and Yongji Ouyang reported that cURL contains a flaw

in the globbing function that parses the numerical range, leading to

an out-of-bounds read when parsing a specially crafted URL.

 

CVE-2017-1000254

 

Max Dymond reported that cURL contains an out-of-bounds read flaw in

the FTP PWD response parser. A malicious server can take advantage

of this flaw to effectively prevent a client using the cURL library

to work with it, causing a denial of service.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 7.38.0-4+deb8u6.

 

For the stable distribution (stretch), these problems have been fixed in

version 7.52.1-5+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3993-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 06, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tor

CVE ID : CVE-2017-0380

 

It was discovered that the Tor onion service could leak sensitive

information to log files if the "SafeLogging" option is set to "0".

 

The oldstable distribution (jessie) is not affected.

 

For the stable distribution (stretch), this problem has been fixed in

version 0.2.9.12-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3994-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

October 07, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : nautilus

CVE ID : CVE-2017-14604

Debian Bug : 860268

 

Christian Boxdörfer discovered a vulnerability in the handling of

FreeDesktop.org .desktop files in Nautilus, a file manager for the GNOME

desktop environment. An attacker can craft a .desktop file intended to run

malicious commands but displayed as a innocuous document file in Nautilus. An

user would then trust it and open the file, and Nautilus would in turn execute

the malicious content. Nautilus protection of only trusting .desktop files with

executable permission can be bypassed by shipping the .desktop file inside a

tarball.

 

For the oldstable distribution (jessie), this problem has not been fixed yet.

 

For the stable distribution (stretch), this problem has been fixed in

version 3.22.3-1+deb9u1.

 

For the testing distribution (buster), this problem has been fixed

in version 3.26.0-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.26.0-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3995-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 10, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libxfont

CVE ID : CVE-2017-13720 CVE-2017-13722

 

Two vulnerabilities were found in libXfont, the X11 font rasterisation

library, which could result in denial of service or memory disclosure.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:1.5.1-1+deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:2.0.1-3+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3996-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 10, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ffmpeg

CVE ID : CVE-2017-14054 CVE-2017-14055 CVE-2017-14056

CVE-2017-14057 CVE-2017-14058 CVE-2017-14059

CVE-2017-14169 CVE-2017-14170 CVE-2017-14171

CVE-2017-14222 CVE-2017-14223 CVE-2017-14225

CVE-2017-14767

 

Several vulnerabilities have been discovered in the FFmpeg multimedia

framework, which could result in denial of service or potentially the

execution of arbitrary code if malformed Real, MV, RL2, ASF, Apple HLS,

Phantom Cine, MXF, NSV, MOV or RTP H.264 files/streams are processed.

 

For the stable distribution (stretch), these problems have been fixed in

version 7:3.2.8-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3997-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

October 10, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wordpress

CVE ID : CVE-2017-14718 CVE-2017-14719 CVE-2017-14720 CVE-2017-14721

CVE-2017-14722 CVE-2017-14723 CVE-2017-14724 CVE-2017-14725

CVE-2017-14726 CVE-2017-14990

Debian Bug : 876274 877629

 

Several vulnerabilities were discovered in Wordpress, a web blogging tool.

They would allow remote attackers to exploit path-traversal issues, perform SQL

injections and various cross-site scripting attacks.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 4.1+dfsg-1+deb8u15.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.7.5+dfsg-2+deb9u1.

 

For the testing distribution (buster), these problems have been fixed

in version 4.8.2+dfsg-2.

 

For the unstable distribution (sid), these problems have been fixed in

version 4.8.2+dfsg-2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3998-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

October 11, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : nss

CVE ID : CVE-2017-7805

 

Martin Thomson discovered that nss, the Mozilla Network Security Service

library, is prone to a use-after-free vulnerability in the TLS 1.2

implementation when handshake hashes are generated. A remote attacker

can take advantage of this flaw to cause an application using the nss

library to crash, resulting in a denial of service, or potentially to

execute arbitrary code.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2:3.26-1+debu8u3.

 

For the stable distribution (stretch), this problem has been fixed in

version 2:3.26.2-1.1+deb9u1.

 

For the testing distribution (buster), this problem has been fixed

in version 2:3.33-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2:3.33-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3999-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

October 16, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wpa

CVE ID : CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080

CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087

CVE-2017-13088

 

Mathy Vanhoef of the imec-DistriNet research group of KU Leuven discovered

multiple vulnerabilities in the WPA protocol, used for authentication in

wireless networks. Those vulnerabilities applies to both the access point

(implemented in hostapd) and the station (implemented in wpa_supplicant).

 

An attacker exploiting the vulnerabilities could force the vulnerable system to

reuse cryptographic session keys, enabling a range of cryptographic attacks

against the ciphers used in WPA1 and WPA2.

 

More information can be found in the researchers's paper, Key Reinstallation

Attacks: Forcing Nonce Reuse in WPA2.

 

CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

CVE-2017-13078: reinstallation of the group key in the Four-way handshake

CVE-2017-13079: reinstallation of the integrity group key in the Four-way

handshake

CVE-2017-13080: reinstallation of the group key in the Group Key handshake

CVE-2017-13081: reinstallation of the integrity group key in the Group Key

handshake

CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation

Request and reinstalling the pairwise key while processing it

CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey

(TPK) key in the TDLS handshake

CVE-2017-13087: reinstallation of the group key (GTK) when processing a

Wireless Network Management (WNM) Sleep Mode Response frame

CVE-2017-13088: reinstallation of the integrity group key (IGTK) when

processing a Wireless Network Management (WNM) Sleep Mode

Response frame

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2.3-1+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 2:2.4-1+deb9u1.

 

For the testing distribution (buster), these problems have been fixed

in version 2:2.4-1.1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2:2.4-1.1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4000-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 17, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xorg-server

CVE ID : CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12179

CVE-2017-12180 CVE-2017-12181 CVE-2017-12182 CVE-2017-12183

CVE-2017-12184 CVE-2017-12185 CVE-2017-12186 CVE-2017-12187

CVE-2017-13721 CVE-2017-13723

 

Several vulnerabilities have been discovered in the X.Org X server. An

attacker who's able to connect to an X server could cause a denial of

service or potentially the execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2:1.16.4-1+deb8u2.

 

For the stable distribution (stretch), these problems have been fixed in

version 2:1.19.2-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4001-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

October 19, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : yadifa

CVE ID : CVE-2017-14339

Debian Bug : 876315

 

It was discovered that YADIFA, an authoritative DNS server, did not

sufficiently check its input. This allowed a remote attacker to cause

a denial-of-service by forcing the daemon to enter an infinite loop.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.2.3-1+deb9u1.

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4002-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

October 19, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mysql-5.5

CVE ID : CVE-2017-10268 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384

Debian Bug : 878402

 

Several issues have been discovered in the MySQL database server. The

vulnerabilities are addressed by upgrading MySQL to the new upstream

version 5.5.58, which includes additional changes, such as performance

improvements, bug fixes, new features, and possibly incompatible

changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical

Patch Update advisory for further details:

 

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-58.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

 

For the oldstable distribution (jessie), these problems have been fixed

in version 5.5.58-0+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4003-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

October 19, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libvirt

CVE ID : CVE-2017-1000256

Debian Bug : 878799

 

Daniel P. Berrange reported that Libvirt, a virtualisation abstraction

library, does not properly handle the default_tls_x509_verify (and

related) parameters in qemu.conf when setting up TLS clients and servers

in QEMU, resulting in TLS clients for character devices and disk devices

having verification turned off and ignoring any errors while validating

the server certificate.

 

More informations in https://security.libvirt.org/2017/0002.html .

 

For the stable distribution (stretch), this problem has been fixed in

version 3.0.0-4+deb9u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.8.0-3.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4004-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

October 20, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : jackson-databind

CVE ID : CVE-2017-7525

Debian Bug : 870848

 

Liao Xinxi discovered that jackson-databind, a Java library used to

parse JSON and other data formats, did not properly validate user

input before attemtping deserialization. This allowed an attacker to

perform code execution by providing maliciously crafted input.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.4.2-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.8.6-1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4005-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 20, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjfx

CVE ID : CVE-2017-10086 CVE-2017-10114

 

Two unspecified vulnerabilities were discovered in OpenJFX, a rich client

application platform for Java.

 

For the stable distribution (stretch), these problems have been fixed in

version 8u141-b14-3~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4006-1 security@debian.org

https://www.debian.org/security/

October 24, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mupdf

CVE ID : CVE-2017-14685 CVE-2017-14686 CVE-2017-14687 CVE-2017-15587

Debian Bug : 877379 879055

 

Multiple vulnerabilities have been found in MuPDF, a PDF file viewer, which

may result in denial of service or the execution of arbitrary code.

 

CVE-2017-14685, CVE-2017-14686, and CVE-2017-14687

 

WangLin discovered that a crafted .xps file can crash MuPDF and

potentially execute arbitrary code in several ways, since the

application makes unchecked assumptions on the entry format.

 

CVE-2017-15587

 

Terry Chia and Jeremy Heng discovered an integer overflow that can

cause arbitrary code execution via a crafted .pdf file.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.9a+ds1-4+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4007-1 security@debian.org

https://www.debian.org/security/ Alessandro Ghedini

October 27, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : curl

CVE ID : CVE-2017-1000257

 

Brian Carpenter, Geeknik Labs and 0xd34db347 discovered that cURL, an URL

transfer library, incorrectly parsed an IMAP FETCH response with size 0,

leading to an out-of-bounds read.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 7.38.0-4+deb8u7.

 

For the stable distribution (stretch), this problem has been fixed in

version 7.52.1-5+deb9u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 7.56.1-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4008-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 28, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wget

CVE ID : CVE-2017-13089 CVE-2017-13090

 

Antti Levomaeki, Christian Jalio, Joonas Pihlaja and Juhani Eronen

discovered two buffer overflows in the HTTP protocol handler of the Wget

download tool, which could result in the execution of arbitrary code

when connecting to a malicious HTTP server.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.16-1+deb8u4.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.18-5+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4009-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 29, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : shadowsocks-libev

CVE ID : CVE-2017-15924

 

Niklas Abel discovered that insufficient input sanitising in the the

ss-manager component of shadowsocks-libev, a lightweight socks5 proxy,

could result in arbitrary shell command execution.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.6.3+ds-3+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4010-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

October 30, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : git-annex

CVE ID : CVE-2017-12976

Debian Bug : 873088

 

It was discovered that git-annex, a tool to manage files with git

without checking their contents in, did not correctly handle

maliciously constructed ssh:// URLs. This allowed an attacker to run

an arbitrary shell command.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 5.20141125+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 6.20170101-1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4011-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

October 30, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : quagga

CVE ID : CVE-2017-16227

Debian Bug : 879474

 

It was discovered that the bgpd daemon in the Quagga routing suite does

not properly calculate the length of multi-segment AS_PATH UPDATE

messages, causing bgpd to drop a session and potentially resulting in

loss of network connectivity.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 0.99.23.1-1+deb8u4.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.1.1-3+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4013-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

October 31, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjpeg2

CVE ID : CVE-2016-1628 CVE-2016-5152 CVE-2016-5157 CVE-2016-9118

CVE-2016-10504 CVE-2017-14039 CVE-2017-14040

CVE-2017-14041 CVE-2017-14151 CVE-2017-14152

 

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression /

decompression library, may result in denial of service or the execution

of arbitrary code if a malformed JPEG 2000 file is processed.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2.1.0-2+deb8u3.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.1.2-1.1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4014-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 01, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : thunderbird

CVE ID : CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814

CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824

 

Multiple security issues have been found in Thunderbird, which may lead

to the execution of arbitrary code or denial of service.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:52.4.0-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:52.4.0-1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4015-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 02, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-8

CVE ID : CVE-2017-10274 CVE-2017-10281 CVE-2017-10285

CVE-2017-10295 CVE-2017-10345 CVE-2017-10346

CVE-2017-10347 CVE-2017-10348 CVE-2017-10349

CVE-2017-10350 CVE-2017-10355 CVE-2017-10356

CVE-2017-10357 CVE-2017-10388

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in impersonation

of Kerberos services, denial of service, sandbox bypass or HTTP header

injection.

 

For the stable distribution (stretch), these problems have been fixed in

version 8u151-b12-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4016-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 03, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : irssi

CVE ID : CVE-2017-10965 CVE-2017-10966 CVE-2017-15227 CVE-2017-15228

CVE-2017-15721 CVE-2017-15722 CVE-2017-15723

Debian Bug : 867598 879521

 

Multiple vulnerabilities have been discovered in Irssi, a terminal based

IRC client. The Common Vulnerabilities and Exposures project identifies

the following problems:

 

CVE-2017-10965

 

Brian 'geeknik' Carpenter of Geeknik Labs discovered that Irssi does

not properly handle receiving messages with invalid time stamps. A

malicious IRC server can take advantage of this flaw to cause Irssi

to crash, resulting in a denial of service.

 

CVE-2017-10966

 

Brian 'geeknik' Carpenter of Geeknik Labs discovered that Irssi is

susceptible to a use-after-free flaw triggered while updating the

internal nick list. A malicious IRC server can take advantage of

this flaw to cause Irssi to crash, resulting in a denial of service.

 

CVE-2017-15227

 

Joseph Bisch discovered that while waiting for the channel

synchronisation, Irssi may incorrectly fail to remove destroyed

channels from the query list, resulting in use after free conditions

when updating the state later on. A malicious IRC server can take

advantage of this flaw to cause Irssi to crash, resulting in a

denial of service.

 

CVE-2017-15228

 

Hanno Boeck reported that Irssi does not properly handle installing

themes with unterminated colour formatting sequences, leading to a

denial of service if a user is tricked into installing a specially

crafted theme.

 

CVE-2017-15721

 

Joseph Bisch discovered that Irssi does not properly handle

incorrectly formatted DCC CTCP messages. A malicious IRC server can

take advantage of this flaw to cause Irssi to crash, resulting in a

denial of service.

 

CVE-2017-15722

 

Joseph Bisch discovered that Irssi does not properly verify Safe

channel IDs. A malicious IRC server can take advantage of this flaw

to cause Irssi to crash, resulting in a denial of service.

 

CVE-2017-15723

 

Joseph Bisch reported that Irssi does not properly handle overlong

nicks or targets resulting in a NULL pointer dereference when

splitting the message and leading to a denial of service.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 0.8.17-1+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.0.2-1+deb9u3. CVE-2017-10965 and CVE-2017-10966 were already

fixed in an earlier point release.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4017-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 03, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl1.0

CVE ID : CVE-2017-3735 CVE-2017-3736

 

Multiple vulnerabilities have been discovered in OpenSSL, a Secure

Sockets Layer toolkit. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2017-3735

 

It was discovered that OpenSSL is prone to a one-byte buffer

overread while parsing a malformed IPAddressFamily extension in an

X.509 certificate.

 

Details can be found in the upstream advisory:

https://www.openssl.org/news/secadv/20170828.txt

 

CVE-2017-3736

 

It was discovered that OpenSSL contains a carry propagation bug in

the x86_64 Montgomery squaring procedure.

 

Details can be found in the upstream advisory:

https://www.openssl.org/news/secadv/20171102.txt

 

For the stable distribution (stretch), these problems have been fixed in

version 1.0.2l-2+deb9u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.0.2m-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4018-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 04, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2017-3735 CVE-2017-3736

 

Multiple vulnerabilities have been discovered in OpenSSL, a Secure

Sockets Layer toolkit. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2017-3735

 

It was discovered that OpenSSL is prone to a one-byte buffer

overread while parsing a malformed IPAddressFamily extension in an

X.509 certificate.

 

Details can be found in the upstream advisory:

https://www.openssl.org/news/secadv/20170828.txt

 

CVE-2017-3736

 

It was discovered that OpenSSL contains a carry propagation bug in

the x86_64 Montgomery squaring procedure.

 

Details can be found in the upstream advisory:

https://www.openssl.org/news/secadv/20171102.txt

 

For the oldstable distribution (jessie), CVE-2017-3735 has been fixed in

version 1.0.1t-1+deb8u7. The oldstable distribution is not affected by

CVE-2017-3736.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.1.0f-3+deb9u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.1.0g-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4019-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 05, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imagemagick

CVE ID : CVE-2017-9500 CVE-2017-11446 CVE-2017-11523 CVE-2017-11533

CVE-2017-11535 CVE-2017-11537 CVE-2017-11639 CVE-2017-11640

CVE-2017-12428 CVE-2017-12431 CVE-2017-12432 CVE-2017-12434

CVE-2017-12587 CVE-2017-12640 CVE-2017-12671 CVE-2017-13139

CVE-2017-13140 CVE-2017-13141 CVE-2017-13142 CVE-2017-13143

CVE-2017-13144 CVE-2017-13145

Debian Bug : 870526 870491 870116 870111 870109 870106 870119

870105 870065 870014 869210 870067 870012 869834

869830 869827 868950 869728 869712 869715 869713 867778

 

This update fixes several vulnerabilities in imagemagick: Various memory

handling problems and cases of missing or incomplete input sanitising may

result in denial of service, memory disclosure or the execution of

arbitrary code if malformed image files are processed.

 

For the stable distribution (stretch), this problem has been fixed in

version 8:6.9.7.4+dfsg-11+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4020-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

November 05, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2017-5124 CVE-2017-5125 CVE-2017-5126 CVE-2017-5127

CVE-2017-5128 CVE-2017-5129 CVE-2017-5131 CVE-2017-5132

CVE-2017-5133 CVE-2017-15386 CVE-2017-15387 CVE-2017-15388

CVE-2017-15389 CVE-2017-15390 CVE-2017-15391 CVE-2017-15392

CVE-2017-15393 CVE-2017-15394 CVE-2017-15395 CVE-2017-15396

 

Several vulnerabilities have been discovered in the chromium web browser.

 

In addition, this message serves as an annoucment that security support for

chromium in the oldstable release (jessie), Debian 8, is now discontinued.

 

Debian 8 chromium users that desire continued security updates are strongly

encouraged to upgrade now to the current stable release (stretch), Debian 9.

 

An alternative is to switch to the firefox browser, which will continue to

receive security updates in jessie for some time.

 

CVE-2017-5124

 

A cross-site scripting issue was discovered in MHTML.

 

CVE-2017-5125

 

A heap overflow issue was discovered in the skia library.

 

CVE-2017-5126

 

Luat Nguyen discovered a use-after-free issue in the pdfium library.

 

CVE-2017-5127

 

Luat Nguyen discovered another use-after-free issue in the pdfium

library.

 

CVE-2017-5128

 

Omair discovered a heap overflow issue in the WebGL implementation.

 

CVE-2017-5129

 

Omair discovered a use-after-free issue in the WebAudio implementation.

 

CVE-2017-5131

 

An out-of-bounds write issue was discovered in the skia library.

 

CVE-2017-5132

 

Guarav Dewan discovered an error in the WebAssembly implementation.

 

CVE-2017-5133

 

Aleksandar Nikolic discovered an out-of-bounds write issue in the skia

library.

 

CVE-2017-15386

 

WenXu Wu discovered a user interface spoofing issue.

 

CVE-2017-15387

 

Jun Kokatsu discovered a way to bypass the content security policy.

 

CVE-2017-15388

 

Kushal Arvind Shah discovered an out-of-bounds read issue in the skia

library.

 

CVE-2017-15389

 

xisigr discovered a URL spoofing issue.

 

CVE-2017-15390

 

Haosheng Wang discovered a URL spoofing issue.

 

CVE-2017-15391

 

Joao Lucas Melo Brasio discovered a way for an extension to bypass its

limitations.

 

CVE-2017-15392

 

Xiaoyin Liu discovered an error the implementation of registry keys.

 

CVE-2017-15393

 

Svyat Mitin discovered an issue in the devtools.

 

CVE-2017-15394

 

Sam discovered a URL spoofing issue.

 

CVE-2017-15395

 

Johannes Bergman discovered a null pointer dereference issue.

 

CVE-2017-15396

 

Yuan Deng discovered a stack overflow issue in the v8 javascript library.

 

For the oldstable distribution (jessie), security support for chromium has

been discontinued.

 

For the stable distribution (stretch), these problems have been fixed in

version 62.0.3202.75-1~deb9u1.

 

For the testing distribution (buster), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 62.0.3202.75-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4021-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 07, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : otrs2

CVE ID : CVE-2017-14635

 

It was discovered that missing input validation in the Open Ticket

Request System could result in privilege escalation by an agent with

write permissions for statistics.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 3.3.18-1+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 5.0.16-1+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4023-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 07, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : slurm-llnl

CVE ID : CVE-2017-15566

Debian Bug : 880530

 

Ryan Day discovered that the Simple Linux Utility for Resource

Management (SLURM), a cluster resource management and job scheduling

system, does not properly handle SPANK environment variables, allowing a

user permitted to submit jobs to execute code as root during the Prolog

or Epilog. All systems using a Prolog or Epilog script are vulnerable,

regardless of whether SPANK plugins are in use.

 

For the stable distribution (stretch), this problem has been fixed in

version 16.05.9-1+deb9u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 17.02.9-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4024-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

November 08, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2017-15398 CVE-2017-15399

 

Several vulnerabilities have been discovered in the chromium browser.

 

CVE-2017-15398

 

Ned Williamson discovered a stack overflow issue.

 

CVE-2017-15399

 

Zhao Qixun discovered a use-after-free issue in the v8 javascript

library.

 

For the oldstable distribution (jessie), security support for chromium has

been discontinued.

 

For the stable distribution (stretch), these problems have been fixed in

version 62.0.3202.89-1~deb9u1.

 

For the testing distribution (buster), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 62.0.3202.89-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4022-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 07, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libreoffice

CVE ID : CVE-2017-12607 CVE-2017-12608

 

Marcin Noga discovered two vulnerabilities in LibreOffice, which could

result in the execution of arbitrary code if a malformed PPT or DOC

document is opened.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:4.3.3-2+deb8u9.

 

These vulnerabilities were fixed in Libreoffice 5.0.2, so the version

in the stable distribution (stretch) is not affected.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4025-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 08, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libpam4j

CVE ID : CVE-2017-12197

 

It was discovered that libpam4j, a Java library wrapper for the

integration of PAM did not call pam_acct_mgmt() during authentication.

As such a user who has a valid password, but a deactivated or disabled

account could still log in.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.4-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.4-2+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4026-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

November 09, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bchunk

CVE ID : CVE-2017-15953 CVE-2017-15954 CVE-2017-15955

Debian Bug : 880116

 

Wen Bin discovered that bchunk, an application that converts a CD

image in bin/cue format into a set of iso and cdr/wav tracks files,

did not properly check its input. This would allow malicious users to

crash the application or potentially execute arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.2.0-12+deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.2.0-12+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4030-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 09, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : roundcube

CVE ID : CVE-2017-16651

 

A file disclosure vulnerability was discovered in roundcube, a skinnable

AJAX based webmail solution for IMAP servers. An authenticated attacker

can take advantage of this flaw to read roundcube's configuration files.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.2.3+dfsg.1-4+deb9u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.3.3+dfsg.1-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4027-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 09, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : postgresql-9.4

CVE ID : CVE-2017-15098

 

A vulnerabilitiy has been found in the PostgreSQL database system:

Denial of service and potential memory disclosure in the

json_populate_recordset() and jsonb_populate_recordset() functions.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 9.4.15-0+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4028-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 09, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : postgresql-9.6

CVE ID : CVE-2017-15098 CVE-2017-15099

 

Several vulnerabilities have been found in the PostgreSQL database system:

 

CVE-2017-15098

 

Denial of service and potential memory disclosure in the

json_populate_recordset() and jsonb_populate_recordset() functions

 

CVE-2017-15099

 

Insufficient permissions checks in "INSERT ... ON CONFLICT DO UPDATE"

statements.

 

For the stable distribution (stretch), these problems have been fixed in

version 9.6.6-0+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4029-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 09, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : postgresql-common

CVE ID : CVE-2017-8806

 

It was discovered that the pg_ctlcluster, pg_createcluster and

pg_upgradecluster commands handled symbolic links insecurely which could

result in local denial of service by overwriting arbitrary files.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 165+deb8u3.

 

For the stable distribution (stretch), this problem has been fixed in

version 181+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4006-2 security@debian.org

https://www.debian.org/security/

November 10, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mupdf

CVE ID : CVE-2017-15587

Debian Bug : 879055

 

It was discovered that the original patch applied for CVE-2017-15587

in DSA-4006-1 was incomplete. Updated packages are now available to

address this problem. For reference, the relevant part of the original

advisory text follows.

 

CVE-2017-15587

 

Terry Chia and Jeremy Heng discovered an integer overflow that can

cause arbitrary code execution via a crafted .pdf file.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.5-1+deb8u3.

 

For the stable distribution (stretch), this problem have been fixed in

version 1.9a+ds1-4+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4031-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 11, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ruby2.3

CVE ID : CVE-2017-0898 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033

Debian Bug : 875928 875931 875936 879231

 

Several vulnerabilities have been discovered in the interpreter for the

Ruby language. The Common Vulnerabilities and Exposures project

identifies the following problems:

 

CVE-2017-0898

 

aerodudrizzt reported a buffer underrun vulnerability in the sprintf

method of the Kernel module resulting in heap memory corruption or

information disclosure from the heap.

 

CVE-2017-0903

 

Max Justicz reported that RubyGems is prone to an unsafe object

deserialization vulnerability. When parsed by an application which

processes gems, a specially crafted YAML formatted gem specification

can lead to remote code execution.

 

CVE-2017-10784

 

Yusuke Endoh discovered an escape sequence injection vulnerability

in the Basic authentication of WEBrick. An attacker can take

advantage of this flaw to inject malicious escape sequences to the

WEBrick log and potentially execute control characters on the

victim's terminal emulator when reading logs.

 

CVE-2017-14033

 

asac reported a buffer underrun vulnerability in the OpenSSL

extension. A remote attacker can take advantage of this flaw to

cause the Ruby interpreter to crash leading to a denial of service.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.3.3-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4032-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 12, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imagemagick

CVE ID : CVE-2017-12983 CVE-2017-13134 CVE-2017-13758

CVE-2017-13769 CVE-2017-14224 CVE-2017-14607

CVE-2017-14682 CVE-2017-14989 CVE-2017-15277

Debian Bug : 873134 873099 878508 878507 876097 878527 876488 878562

878578

 

This update fixes several vulnerabilities in imagemagick: Various memory

handling problems and cases of missing or incomplete input sanitising

may result in denial of service, memory disclosure or the execution of

arbitrary code if malformed GIF, TTF, SVG, TIFF, PCX, JPG or SFW files

are processed.

 

For the stable distribution (stretch), these problems have been fixed in

version 8:6.9.7.4+dfsg-11+deb9u3.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4033-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 13, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : konversation

CVE ID : CVE-2017-15923

Debian Bug : 881586

 

Joseph Bisch discovered that Konversation, an user friendly Internet

Relay Chat (IRC) client for KDE, could crash when parsing certain IRC

color formatting codes.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.5-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.6.2-2+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4034-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 15, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : varnish

CVE ID : CVE-2017-8807

Debian Bug : 881808

 

'shamger' and Carlo Cannas discovered that a programming error in

Varnish, a state of the art, high-performance web accelerator, may

result in disclosure of memory contents or denial of service.

 

See https://varnish-cache.org/security/VSV00002.html for details.

 

For the stable distribution (stretch), this problem has been fixed in

version 5.0.0-7+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4035-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 15, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2017-7826 CVE-2017-7828 CVE-2017-7830

 

Several security issues have been found in the Mozilla Firefox web

browser: Multiple memory safety errors, use-after-frees and other

implementation errors may lead to the execution of arbitrary code, denial

of service or bypass of the same origin policy.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 52.5.0esr-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 52.5.0esr-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4036-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 15, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mediawiki

CVE ID : CVE-2017-8808 CVE-2017-8809 CVE-2017-8810 CVE-2017-8811

CVE-2017-8812 CVE-2017-8814 CVE-2017-8815

 

Multiple security vulnerabilities have been discovered in MediaWiki, a

website engine for collaborative work:

 

CVE-2017-8808

 

Cross-site-scripting with non-standard URL escaping and

$wgShowExceptionDetails disabled.

 

CVE-2017-8809

 

Reflected file download in API.

 

CVE-2017-8810

 

On private wikis the login form didn't distinguish between

login failure due to bad username and bad password.

 

CVE-2017-8811

 

It was possible to mangle HTML via raw message parameter

expansion.

 

CVE-2017-8812

 

id attributes in headlines allowed raw '>'.

 

CVE-2017-8814

 

Language converter could be tricked into replacing text inside tags.

 

CVE-2017-8815

 

Unsafe attribute injection via glossary rules in language converter.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:1.27.4-1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4037-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

November 16, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : jackson-databind

CVE ID : CVE-2017-15095

 

It was discovered that jackson-databind, a Java library used to parse

JSON and other data formats, improperly validated user input prior to

deserializing: following DSA-4004-1 for CVE-2017-7525, an additional

set of classes was identified as unsafe for deserialization.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.4.2-2+deb8u2.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.8.6-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4038-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 16, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : shibboleth-sp2

CVE ID : CVE-2017-16852

Debian Bug : 881857

 

Rod Widdowson of Steading System Software LLP discovered a coding error

in the "Dynamic" metadata plugin of the Shibboleth Service Provider,

causing the plugin to fail configuring itself with the filters provided

and omitting whatever checks they are intended to perform.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.5.3+dfsg-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.6.0+dfsg1-4+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4039-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 16, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : opensaml2

CVE ID : CVE-2017-16853

Debian Bug : 881856

 

Rod Widdowson of Steading System Software LLP discovered a coding error

in the OpenSAML library, causing the DynamicMetadataProvider class to

fail configuring itself with the filters provided and omitting whatever

checks they are intended to perform.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.5.3-2+deb8u2.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.6.0-4+deb9u1.

Link to comment
Share on other sites

×
×
  • Create New...