sunrat Posted November 17, 2017 Share Posted November 17, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4040-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 17, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2017-11352 CVE-2017-11640 CVE-2017-12431 CVE-2017-12640 CVE-2017-12877 CVE-2017-12983 CVE-2017-13134 CVE-2017-13139 CVE-2017-13144 CVE-2017-13758 CVE-2017-13769 CVE-2017-14224 CVE-2017-14607 CVE-2017-14682 CVE-2017-14989 CVE-2017-15277 CVE-2017-16546 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. For the oldstable distribution (jessie), these problems have been fixed in version 8:6.8.9.9-5+deb8u11. Link to comment Share on other sites More sharing options...
sunrat Posted November 19, 2017 Share Posted November 19, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4041-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : procmail CVE ID : CVE-2017-16844 Debian Bug : 876511 Jakub Wilk reported a heap-based buffer overflow vulnerability in procmail's formail utility when processing specially-crafted email headers. A remote attacker could use this flaw to cause formail to crash, resulting in a denial of service or data loss. For the oldstable distribution (jessie), this problem has been fixed in version 3.22-24+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 3.22-25+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4042-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libxml-libxml-perl CVE ID : CVE-2017-10672 Debian Bug : 866676 A use-after-free vulnerability was discovered in XML::LibXML, a Perl interface to the libxml2 library, allowing an attacker to execute arbitrary code by controlling the arguments to a replaceChild() call. For the oldstable distribution (jessie), this problem has been fixed in version 2.0116+dfsg-1+deb8u2. For the stable distribution (stretch), this problem has been fixed in version 2.0128+dfsg-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted November 22, 2017 Share Posted November 22, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4043-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba CVE ID : CVE-2017-14746 CVE-2017-15275 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-14746 Yihan Lian and Zhibin Hu of Qihoo 360 GearTeam discovered a use-after-free vulnerability allowing a client to compromise a SMB server via malicious SMB1 requests. CVE-2017-15275 Volker Lendecke of SerNet and the Samba team discovered that Samba is prone to a heap memory information leak, where server allocated heap memory may be returned to the client without being cleared. For the oldstable distribution (jessie), these problems have been fixed in version 2:4.2.14+dfsg-0+deb8u9. For the stable distribution (stretch), these problems have been fixed in version 2:4.5.12+dfsg-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4044-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez November 21, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : swauth CVE ID : CVE-2017-16613 Debian Bug : 882314 A vulnerability has been discovered in swauth, an authentication system for Swift, a distributed virtual object store used in Openstack. The authentication token for an user is saved in clear text to the log file, which could enable an attacker with access to the logs to bypass the authentication provided by swauth. For the stable distribution (stretch), this problem has been fixed in version 1.2.0-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4045-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 21, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vlc CVE ID : CVE-2017-9300 CVE-2017-10699 Several vulnerabilities have been found in VLC, the VideoLAN project's media player. Processing malformed media files could lead to denial of service and potentially the execution of arbitrary code. For the oldstable distribution (jessie), these problems have been fixed in version 2.2.7-1~deb8u1. For the stable distribution (stretch), these problems have been fixed in version 2.2.7-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted November 22, 2017 Share Posted November 22, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4046-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond November 22, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libspring-ldap-java CVE ID : CVE-2017-8028 Tobias Schneider discovered that libspring-ldap-java, a Java library for Spring-based applications using the Lightweight Directory Access Protocol, would under some circumstances allow authentication with a correct username but an arbitrary password. For the oldstable distribution (jessie), this problem has been fixed in version 1.3.1.RELEASE-5+deb8u1. We recommend that you upgrade your libspring-ldap-java packages. For the detailed security status of libspring-ldap-java please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libspring-ldap-java Link to comment Share on other sites More sharing options...
sunrat Posted November 23, 2017 Share Posted November 23, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4047-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 23, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : otrs2 CVE ID : CVE-2017-15864 CVE-2017-16664 Two vulnerabilities were discovered in the Open Ticket Request System which could result in disclosure of database credentials or the execution of arbitrary shell commands by logged-in agents. For the oldstable distribution (jessie), these problems have been fixed in version 3.3.18-1+deb8u2. For the stable distribution (stretch), these problems have been fixed in version 5.0.16-1+deb9u3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4048-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 23, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-7 CVE ID : CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in impersonation of Kerberos services, denial of service, sandbox bypass or HTTP header injection. For the oldstable distribution (jessie), these problems have been fixed in version 7u151-2.6.11-2~deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted November 27, 2017 Share Posted November 27, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4049-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 27, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ffmpeg CVE ID : CVE-2017-15186 CVE-2017-15672 CVE-2017-16840 Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. For the stable distribution (stretch), these problems have been fixed in version 7:3.2.9-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted November 30, 2017 Share Posted November 30, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4050-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 28, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-15597 Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, information leaks, privilege escalation or the execution of arbitrary code. For the oldstable distribution (jessie) a separate update will be released. For the stable distribution (stretch), these problems have been fixed in version 4.8.2+xsa245-0+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4051-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez November 29, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : curl CVE ID : CVE-2017-8816 CVE-2017-8817 Two vulnerabilities were discovered in cURL, an URL transfer library. CVE-2017-8816 Alex Nichols discovered a buffer overrun flaw in the NTLM authentication code which can be triggered on 32bit systems where an integer overflow might occur when calculating the size of a memory allocation. CVE-2017-8817 Fuzzing by the OSS-Fuzz project led to the discovery of a read out of bounds flaw in the FTP wildcard function in libcurl. A malicious server could redirect a libcurl-based client to an URL using a wildcard pattern, triggering the out-of-bound read. For the oldstable distribution (jessie), these problems have been fixed in version 7.38.0-4+deb8u8. For the stable distribution (stretch), these problems have been fixed in version 7.52.1-5+deb9u3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4052-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 29, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bzr CVE ID : CVE-2017-14176 Debian Bug : 874429 Adam Collard discovered that Bazaar, an easy to use distributed version control system, did not correctly handle maliciously constructed bzr+ssh URLs, allowing a remote attackers to run an arbitrary shell command. For the oldstable distribution (jessie), this problem has been fixed in version 2.6.0+bzr6595-6+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 2.7.0+bzr6619-7+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 2, 2017 Share Posted December 2, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4053-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 30, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : exim4 CVE ID : CVE-2017-16943 CVE-2017-16944 Debian Bug : 882648 882671 Several vulnerabilities have been discovered in Exim, a mail transport agent. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-16943 A use-after-free vulnerability was discovered in Exim's routines responsible for parsing mail headers. A remote attacker can take advantage of this flaw to cause Exim to crash, resulting in a denial of service, or potentially for remote code execution. CVE-2017-16944 It was discovered that Exim does not properly handle BDAT data headers allowing a remote attacker to cause Exim to crash, resulting in a denial of service. For the stable distribution (stretch), these problems have been fixed in version 4.89-2+deb9u2. Default installations disable advertising the ESMTP CHUNKING extension and are not affected by these issues. Link to comment Share on other sites More sharing options...
sunrat Posted December 3, 2017 Share Posted December 3, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4054-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 03, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tor CVE ID : CVE-2017-8819 CVE-2017-8820 CVE-2017-8821 CVE-2017-8822 CVE-2017-8823 Multiple vulnerabilities have been found in Tor, a connection-based low-latency anonymous communication system. For the oldstable distribution (jessie), these problems have been fixed in version 0.2.5.16-1. For the stable distribution (stretch), these problems have been fixed in version 0.2.9.14-1. Link to comment Share on other sites More sharing options...
sunrat Posted December 8, 2017 Share Posted December 8, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4055-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 07, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : heimdal CVE ID : CVE-2017-17439 Debian Bug : 878144 Michael Eder and Thomas Kittel discovered that Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos, did not correctly handle ASN.1 data. This would allow an unauthenticated remote attacker to cause a denial of service (crash of the KDC daemon) by sending maliciously crafted packets. For the stable distribution (stretch), this problem has been fixed in version 7.1.0+dfsg-13+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4056-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond December 07, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nova CVE ID : CVE-2017-16239 Debian Bug : 882009 George Shuklin from servers.com discovered that Nova, a cloud computing fabric controller, did not correctly enforce its image- or hosts-filters. This allowed an authenticated user to bypass those filters by simply rebuilding an instance. For the stable distribution (stretch), this problem has been fixed in version 2:14.0.0-4+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 8, 2017 Share Posted December 8, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4057-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 08, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : erlang CVE ID : CVE-2017-1000385 It was discovered that the TLS server in Erlang is vulnerable to an adaptive chosen ciphertext attack against RSA keys. For the oldstable distribution (jessie), this problem has been fixed in version 1:17.3-dfsg-4+deb8u2. For the stable distribution (stretch), this problem has been fixed in version 1:19.2.1+dfsg-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4058-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 08, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : optipng CVE ID : CVE-2017-16938 CVE-2017-1000229 Debian Bug : 878839 882032 Two vulnerabilities were discovered in optipng, an advanced PNG optimizer, which may result in denial of service or the execution of arbitrary code if a malformed file is processed. For the oldstable distribution (jessie), these problems have been fixed in version 0.7.5-1+deb8u2. For the stable distribution (stretch), these problems have been fixed in version 0.7.6-1+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4059-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 08, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libxcursor CVE ID : CVE-2017-16612 Debian Bug : 883792 It was discovered that libXcursor, a X cursor management library, is prone to several heap overflows when parsing malicious files. An attacker can take advantage of these flaws for arbitrary code execution, if a user is tricked into processing a specially crafted cursor file. For the oldstable distribution (jessie), these problems have been fixed in version 1:1.1.14-1+deb8u1. For the stable distribution (stretch), these problems have been fixed in version 1:1.1.14-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 9, 2017 Share Posted December 9, 2017 New update versions for Stretch and Jessie. Open the News links for a full list of updated packages. ------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 9: 9.3 released press@debian.org December 9th, 2017 https://www.debian.org/News/2017/2017120902 ------------------------------------------------------------------------ The Debian project is pleased to announce the third update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list ------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 8: 8.10 released press@debian.org December 9th, 2017 https://www.debian.org/News/2017/20171209 ------------------------------------------------------------------------ The Debian project is pleased to announce the tenth update of its oldstable distribution Debian 8 (codename "jessie"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 8 but only updates some of the packages included. There is no need to throw away old "jessie" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Link to comment Share on other sites More sharing options...
sunrat Posted December 11, 2017 Share Posted December 11, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4060-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 09, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2017-11408 CVE-2017-13766 CVE-2017-17083 CVE-2017-17084 CVE-2017-17085 It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for CIP Safety, IWARP_MPA, NetBIOS, Profinet I/O and AMQP, which result in denial of dervice or the execution of arbitrary code. For the oldstable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u12. For the stable distribution (stretch), these problems have been fixed in version 2.2.6+g32dac6a-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4061-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. For the oldstable distribution (jessie), these problems have been fixed in version 1:52.5.0-1~deb8u1. For the stable distribution (stretch), these problems have been fixed in version 1:52.5.0-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4062-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2017-7843 It discovered that the Private Browsing mode in the Mozilla Firefox web browser allowed to fingerprint a user across multiple sessions via IndexedDB. For the oldstable distribution (jessie), this problem has been fixed in version 52.5.2esr-1~deb8u1. For the stable distribution (stretch), this problem has been fixed in version 52.5.2esr-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 12, 2017 Share Posted December 12, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4063-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 11, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pdns-recursor CVE ID : CVE-2017-15120 Toshifumi Sakaguchi discovered that PowerDNS Recursor, a high-performance resolving name server was susceptible to denial of service via a crafted CNAME answer. The oldstable distribution (jessie) is not affected. For the stable distribution (stretch), this problem has been fixed in version 4.0.4-1+deb9u3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4064-1 security@debian.org https://www.debian.org/security/ Michael Gilbert December 12, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426 CVE-2017-15427 Several vulnerabilities have been discovered in the chromium web browser. CVE-2017-15407 Ned Williamson discovered an out-of-bounds write issue. CVE-2017-15408 Ke Liu discovered a heap overflow issue in the pdfium library. CVE-2017-15409 An out-of-bounds write issue was discovered in the skia library. CVE-2017-15410 Luat Nguyen discovered a use-after-free issue in the pdfium library. CVE-2017-15411 Luat Nguyen discovered a use-after-free issue in the pdfium library. CVE-2017-15413 Gaurav Dewan discovered a type confusion issue. CVE-2017-15415 Viktor Brange discovered an information disclosure issue. CVE-2017-15416 Ned Williamson discovered an out-of-bounds read issue. CVE-2017-15417 Max May discovered an information disclosure issue in the skia library. CVE-2017-15418 Kushal Arvind Shah discovered an uninitialized value in the skia library. CVE-2017-15419 Jun Kokatsu discoved an information disclosure issue. CVE-2017-15420 WenXu Wu discovered a URL spoofing issue. CVE-2017-15423 Greg Hudson discovered an issue in the boringssl library. CVE-2017-15424 Khalil Zhani discovered a URL spoofing issue. CVE-2017-15425 xisigr discovered a URL spoofing issue. CVE-2017-15426 WenXu Wu discovered a URL spoofing issue. CVE-2017-15427 Junaid Farhan discovered an issue with the omnibox. For the stable distribution (stretch), these problems have been fixed in version 63.0.3239.84-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 18, 2017 Share Posted December 18, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4065-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 17, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl1.0 CVE ID : CVE-2017-3737 CVE-2017-3738 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2017-3737 David Benjamin of Google reported that OpenSSL does not properly handle SSL_read() and SSL_write() while being invoked in an error state, causing data to be passed without being decrypted or encrypted directly from the SSL/TLS record layer. CVE-2017-3738 It was discovered that OpenSSL contains an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. Details can be found in the upstream advisory: https://www.openssl.org/news/secadv/20171207.txt For the stable distribution (stretch), these problems have been fixed in version 1.0.2l-2+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4066-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 17, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : otrs2 CVE ID : CVE-2017-16854 CVE-2017-16921 Two vulnerabilities were discovered in the Open Ticket Request System which could result in information disclosure or the execution of arbitrary shell commands by logged-in agents. For the oldstable distribution (jessie), these problems have been fixed in version 3.3.18-1+deb8u3. For the stable distribution (stretch), these problems have been fixed in version 5.0.16-1+deb9u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4067-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 17, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openafs CVE ID : CVE-2017-17432 It was discovered that malformed jumbogram packets could result in denial of service against OpenAFS, an implementation of the Andrew distributed file system. For the oldstable distribution (jessie), this problem has been fixed in version 1.6.9-2+deb8u6. This update also provides corrections for CVE-2016-4536 and CVE-2016-9772. For the stable distribution (stretch), this problem has been fixed in version 1.6.20-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4068-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 17, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rsync CVE ID : CVE-2017-16548 CVE-2017-17433 CVE-2017-17434 Debian Bug : 880954 883665 883667 Several vulnerabilities were discovered in rsync, a fast, versatile, remote (and local) file-copying tool, allowing a remote attacker to bypass intended access restrictions or cause a denial of service. For the oldstable distribution (jessie), these problems have been fixed in version 3.1.1-3+deb8u1. For the stable distribution (stretch), these problems have been fixed in version 3.1.2-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 21, 2017 Share Posted December 21, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4069-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 20, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : otrs2 CVE ID : CVE-2017-17476 Debian Bug : 884801 Francesco Sirocco discovered a flaw in otrs2, the Open Ticket Request System, which could result in session information disclosure when cookie support is disabled. A remote attacker can take advantage of this flaw to take over an agent's session if the agent is tricked into clicking a link in a specially crafted mail. For the oldstable distribution (jessie), this problem has been fixed in version 3.3.18-1+deb8u4. For the stable distribution (stretch), this problem has been fixed in version 5.0.16-1+deb9u5. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4070-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 21, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : enigmail CVE ID : not yet available Multiple vulnerabilities were discovered in Enigmail, an OpenPGP extension for Thunderbird, which could result in a loss of confidentiality, faked signatures, plain text leaks and denial of service. Additional information can be found under https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf For the oldstable distribution (jessie), this problem has been fixed in version 2:1.9.9-1~deb8u1. For the stable distribution (stretch), this problem has been fixed in version 2:1.9.9-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4071-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 21, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : sensible-utils CVE ID : CVE-2017-17512 Debian Bug : 881767 Gabriel Corona reported that sensible-browser from sensible-utils, a collection of small utilities used to sensibly select and spawn an appropriate browser, editor or pager, does not validate strings before launching the program specified by the BROWSER environment variable, potentially allowing a remote attacker to conduct argument-injection attacks if a user is tricked into processing a specially crafted URL. For the oldstable distribution (jessie), this problem has been fixed in version 0.0.9+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 0.0.9+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4072-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 21, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bouncycastle CVE ID : CVE-2017-13098 Hanno Boeck, Juraj Somorovsky and Craig Young discovered that the TLS implementation in Bouncy Castle is vulnerable to an adaptive chosen ciphertext attack against RSA keys. For the stable distribution (stretch), this problem has been fixed in version 1.56-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 26, 2017 Share Posted December 26, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4073-1 security@debian.org https://www.debian.org/security/ Ben Hutchings December 23, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2017-8824 CVE-2017-16538 CVE-2017-16644 CVE-2017-16995 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-17712 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17807 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-1000407 CVE-2017-1000410 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-8824 Mohamed Ghannam discovered that the DCCP implementation did not correctly manage resources when a socket is disconnected and reconnected, potentially leading to a use-after-free. A local user could use this for denial of service (crash or data corruption) or possibly for privilege escalation. On systems that do not already have the dccp module loaded, this can be mitigated by disabling it: echo >> /etc/modprobe.d/disable-dccp.conf install dccp false CVE-2017-16538 Andrey Konovalov reported that the dvb-usb-lmedm04 media driver did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash). CVE-2017-16644 Andrey Konovalov reported that the hdpvr media driver did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash). CVE-2017-16995 Jann Horn discovered that the Extended BPF verifier did not correctly model the behaviour of 32-bit load instructions. A local user can use this for privilege escalation. CVE-2017-17448 Kevin Cernekee discovered that the netfilter subsystem allowed users with the CAP_NET_ADMIN capability in any user namespace, not just the root namespace, to enable and disable connection tracking helpers. This could lead to denial of service, violation of network security policy, or have other impact. CVE-2017-17449 Kevin Cernekee discovered that the netlink subsystem allowed users with the CAP_NET_ADMIN capability in any user namespace to monitor netlink traffic in all net namespaces, not just those owned by that user namespace. This could lead to exposure of sensitive information. CVE-2017-17450 Kevin Cernekee discovered that the xt_osf module allowed users with the CAP_NET_ADMIN capability in any user namespace to modify the global OS fingerprint list. CVE-2017-17558 Andrey Konovalov reported that that USB core did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation. CVE-2017-17712 Mohamed Ghannam discovered a race condition in the IPv4 raw socket implementation. A local user could use this to obtain sensitive information from the kernel. CVE-2017-17741 Dmitry Vyukov reported that the KVM implementation for x86 would over-read data from memory when emulating an MMIO write if the kvm_mmio tracepoint was enabled. A guest virtual machine might be able to use this to cause a denial of service (crash). CVE-2017-17805 It was discovered that some implementations of the Salsa20 block cipher did not correctly handle zero-length input. A local user could use this to cause a denial of service (crash) or possibly have other security impact. CVE-2017-17806 It was discovered that the HMAC implementation could be used with an underlying hash algorithm that requires a key, which was not intended. A local user could use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation. CVE-2017-17807 Eric Biggers discovered that the KEYS subsystem lacked a check for write permission when adding keys to a process's default keyring. A local user could use this to cause a denial of service or to obtain sensitive information. CVE-2017-17862 Alexei Starovoitov discovered that the Extended BPF verifier ignored unreachable code, even though it would still be processed by JIT compilers. This could possibly be used by local users for denial of service. It also increases the severity of bugs in determining unreachable code. CVE-2017-17863 Jann Horn discovered that the Extended BPF verifier did not correctly model pointer arithmetic on the stack frame pointer. A local user can use this for privilege escalation. CVE-2017-17864 Jann Horn discovered that the Extended BPF verifier could fail to detect pointer leaks from conditional code. A local user could use this to obtain sensitive information in order to exploit other vulnerabilities. CVE-2017-1000407 Andrew Honig reported that the KVM implementation for Intel processors allowed direct access to host I/O port 0x80, which is not generally safe. On some systems this allows a guest VM to cause a denial of service (crash) of the host. CVE-2017-1000410 Ben Seri reported that the Bluetooth subsystem did not correctly handle short EFS information elements in L2CAP messages. An attacker able to communicate over Bluetooth could use this to obtain sensitive information from the kernel. The various problems in the Extended BPF verifier can be mitigated by disabling use of Extended BPF by unprivileged users: sysctl kernel.unprivileged_bpf_disabled=1 Debian disables unprivileged user namespaces by default, but if they are enabled (via the kernel.unprivileged_userns_clone sysctl) then CVE-2017-17448 can be exploited by any local user. For the stable distribution (stretch), these problems have been fixed in version 4.9.65-3+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 29, 2017 Share Posted December 29, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4074-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 28, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2017-12877 CVE-2017-16546 CVE-2017-17499 CVE-2017-17504 CVE-2017-17879 This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed. For the stable distribution (stretch), these problems have been fixed in version 8:6.9.7.4+dfsg-11+deb9u4. Link to comment Share on other sites More sharing options...
sunrat Posted December 30, 2017 Share Posted December 30, 2017 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4075-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 29, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2017-7826 CVE-2017-7828 CVE-2017-7829 CVE-2017-7830 CVE-2017-7846 CVE-2017-7847 CVE-2017-7848 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service, information disclosure or spoofing of sender's email addresses. For the oldstable distribution (jessie), these problems have been fixed in version 1:52.5.2-2~deb8u1. For the stable distribution (stretch), these problems have been fixed in version 1:52.5.2-2~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4076-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 30, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : asterisk CVE ID : CVE-2017-16671 CVE-2017-16672 CVE-2017-17090 CVE-2017-17664 Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in denial of service, information disclosure and potentially the execution of arbitrary code. For the oldstable distribution (jessie), these problems have been fixed in version 1:11.13.1~dfsg-2+deb8u5. For the stable distribution (stretch), these problems have been fixed in version 1:13.14.1~dfsg-2+deb9u3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4077-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 30, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gimp CVE ID : CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 CVE-2017-17787 CVE-2017-17788 CVE-2017-17789 Debian Bug : 884836 884837 884862 884925 884927 885347 Several vulnerabilities were discovered in GIMP, the GNU Image Manipulation Program, which could result in denial of service (application crash) or potentially the execution of arbitrary code if malformed files are opened. For the oldstable distribution (jessie), these problems have been fixed in version 2.8.14-1+deb8u2. For the stable distribution (stretch), these problems have been fixed in version 2.8.18-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 8, 2018 Share Posted January 8, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4078-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez January 04, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. This specific attack has been named Meltdown and is addressed in the Linux kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table Isolation, enforcing a near complete separation of the kernel and userspace address maps and preventing the attack. This solution might have a performance impact, and can be disabled at boot time by passing `pti=off' to the kernel command line. We also identified a regression for ancient userspaces using the vsyscall interface, for example chroot and containers using (e)glibc 2.13 and older, including those based on Debian 7 or RHEL/CentOS 6. This regression will be fixed in a later update. The other vulnerabilities (named Spectre) published at the same time are not addressed in this update and will be fixed in a later update. For the oldstable distribution (jessie), this problem will be fixed in a separate update. For the stable distribution (stretch), this problem has been fixed in version 4.9.65-3+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4079-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 07, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : poppler CVE ID : CVE-2017-9406 CVE-2017-9408 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 CVE-2017-14517 CVE-2017-14518 CVE-2017-14519 CVE-2017-14520 CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565 Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed. For the oldstable distribution (jessie), these problems have been fixed in version 0.26.5-2+deb8u2. For the stable distribution (stretch), these problems have been fixed in version 0.48.0-2+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 9, 2018 Share Posted January 9, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4080-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php7.0 CVE ID : CVE-2017-11144 CVE-2017-11145 CVE-2017-11628 CVE-2017-12932 CVE-2017-12933 CVE-2017-12934 CVE-2017-16642 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11144 Denial of service in openssl extension due to incorrect return value check of OpenSSL sealing function CVE-2017-11145 Out-of-bounds read in wddx_deserialize() CVE-2017-11628 Buffer overflow in PHP INI parsing API CVE-2017-12932 / CVE-2017-12934 Use-after-frees during unserialisation CVE-2017-12933 Buffer overread in finish_nested_data() CVE-2017-16642 Out-of-bounds read in timelib_meridian() For the stable distribution (stretch), these problems have been fixed in version 7.0.27-0+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4081-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2017-11142 CVE-2017-11143 CVE-2017-11144 CVE-2017-11145 CVE-2017-11628 CVE-2017-12933 CVE-2017-16642 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11142 Denial of service via overly long form variables CVE-2017-11143 Invalid free() in wddx_deserialize() CVE-2017-11144 Denial of service in openssl extension due to incorrect return value check of OpenSSL sealing function. CVE-2017-11145 Out-of-bounds read in wddx_deserialize() CVE-2017-11628 Buffer overflow in PHP INI parsing API CVE-2017-12933 Buffer overread in finish_nested_data() CVE-2017-16642 Out-of-bounds read in timelib_meridian() For the oldstable distribution (jessie), these problems have been fixed in version 5.6.33+dfsg-0+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4082-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 09, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2017-5754 CVE-2017-8824 CVE-2017-15868 CVE-2017-16538 CVE-2017-16939 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17807 CVE-2017-1000407 CVE-2017-1000410 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to read memory from arbitrary addresses, including from the kernel and all other processes running on the system. This specific attack has been named Meltdown and is addressed in the Linux kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table Isolation, enforcing a near complete separation of the kernel and userspace address maps and preventing the attack. This solution might have a performance impact, and can be disabled at boot time by passing `pti=off' to the kernel command line. CVE-2017-8824 Mohamed Ghannam discovered that the DCCP implementation did not correctly manage resources when a socket is disconnected and reconnected, potentially leading to a use-after-free. A local user could use this for denial of service (crash or data corruption) or possibly for privilege escalation. On systems that do not already have the dccp module loaded, this can be mitigated by disabling it: echo >> /etc/modprobe.d/disable-dccp.conf install dccp false CVE-2017-15868 Al Viro found that the Bluebooth Network Encapsulation Protocol (BNEP) implementation did not validate the type of the second socket passed to the BNEPCONNADD ioctl(), which could lead to memory corruption. A local user with the CAP_NET_ADMIN capability can use this for denial of service (crash or data corruption) or possibly for privilege escalation. CVE-2017-16538 Andrey Konovalov reported that the dvb-usb-lmedm04 media driver did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash). CVE-2017-16939 Mohamed Ghannam reported (through Beyond Security's SecuriTeam Secure Disclosure program) that the IPsec (xfrm) implementation did not correctly handle some failure cases when dumping policy information through netlink. A local user with the CAP_NET_ADMIN capability can use this for denial of service (crash or data corruption) or possibly for privilege escalation. CVE-2017-17448 Kevin Cernekee discovered that the netfilter subsystem allowed users with the CAP_NET_ADMIN capability in any user namespace, not just the root namespace, to enable and disable connection tracking helpers. This could lead to denial of service, violation of network security policy, or have other impact. CVE-2017-17449 Kevin Cernekee discovered that the netlink subsystem allowed users with the CAP_NET_ADMIN capability in any user namespace to monitor netlink traffic in all net namespaces, not just those owned by that user namespace. This could lead to exposure of sensitive information. CVE-2017-17450 Kevin Cernekee discovered that the xt_osf module allowed users with the CAP_NET_ADMIN capability in any user namespace to modify the global OS fingerprint list. CVE-2017-17558 Andrey Konovalov reported that that USB core did not correctly handle some error conditions during initialisation. A physically present user with a specially designed USB device can use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation. CVE-2017-17741 Dmitry Vyukov reported that the KVM implementation for x86 would over-read data from memory when emulating an MMIO write if the kvm_mmio tracepoint was enabled. A guest virtual machine might be able to use this to cause a denial of service (crash). CVE-2017-17805 Dmitry Vyukov reported that the KVM implementation for x86 would over-read data from memory when emulating an MMIO write if the kvm_mmio tracepoint was enabled. A guest virtual machine might be able to use this to cause a denial of service (crash). CVE-2017-17806 It was discovered that the HMAC implementation could be used with an underlying hash algorithm that requires a key, which was not intended. A local user could use this to cause a denial of service (crash or memory corruption), or possibly for privilege escalation. CVE-2017-17807 Eric Biggers discovered that the KEYS subsystem lacked a check for write permission when adding keys to a process's default keyring. A local user could use this to cause a denial of service or to obtain sensitive information. CVE-2017-1000407 Andrew Honig reported that the KVM implementation for Intel processors allowed direct access to host I/O port 0x80, which is not generally safe. On some systems this allows a guest VM to cause a denial of service (crash) of the host. CVE-2017-1000410 Ben Seri reported that the Bluetooth subsystem did not correctly handle short EFS information elements in L2CAP messages. An attacker able to communicate over Bluetooth could use this to obtain sensitive information from the kernel. For the oldstable distribution (jessie), these problems have been fixed in version 3.16.51-3+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 12, 2018 Share Posted January 12, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4083-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond January 11, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : poco CVE ID : CVE-2017-1000472 Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files. For the oldstable distribution (jessie), this problem has been fixed in version 1.3.6p1-5+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 1.7.6+dfsg1-5+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 13, 2018 Share Posted January 13, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4084-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond January 12, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gifsicle CVE ID : CVE-2017-1000421 It was discovered that gifsicle, a tool for manipulating GIF image files, contained a flaw that could lead to arbitrary code execution. For the oldstable distribution (jessie), this problem has been fixed in version 1.86-1+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 1.88-3+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4085-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 12, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xmltooling CVE ID : CVE-2018-0486 Philip Huppert discovered the Shibboleth service provider is vulnerable to impersonation attacks and information disclosure due to mishandling of DTDs in the XMLTooling XML parsing library. For additional details please refer to the upstream advisory at https://shibboleth.net/community/advisories/secadv_20180112.txt For the oldstable distribution (jessie), this problem has been fixed in version 1.5.3-2+deb8u2. The stable distribution (stretch) is not affected. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4086-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libxml2 CVE ID : CVE-2017-15412 Debian Bug : 883790 Nick Wellnhofer discovered that certain function calls inside XPath predicates can lead to use-after-free and double-free errors when executed by libxml2's XPath engine via an XSLT transformation. For the oldstable distribution (jessie), this problem has been fixed in version 2.9.1+dfsg1-5+deb8u6. For the stable distribution (stretch), this problem has been fixed in version 2.9.4+dfsg1-2.2+deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted January 15, 2018 Share Posted January 15, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4087-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : transmission CVE ID : not yet available Tavis Ormandy discovered a vulnerability in the Transmission BitTorrent client; insecure RPC handling between the Transmission daemon and the client interface(s) may result in the execution of arbitrary code if a user visits a malicious website while Transmission is running. For the oldstable distribution (jessie), this problem has been fixed in version 2.84-0.2+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 2.92-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4088-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 15, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gdk-pixbuf CVE ID : CVE-2017-1000422 It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened. For the oldstable distribution (jessie), this problem has been fixed in version 2.31.1-2+deb8u7. For the stable distribution (stretch), this problem has been fixed in version 2.36.5-2+deb9u2. In addition this update provides fixes for CVE-2017-6312, CVE-2017-6313 and CVE-2017-6314. Link to comment Share on other sites More sharing options...
sunrat Posted January 17, 2018 Share Posted January 17, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4089-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 16, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bind9 CVE ID : CVE-2017-3145 Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server implementation, was improperly sequencing cleanup operations, leading in some cases to a use-after-free error, triggering an assertion failure and crash in named. For the oldstable distribution (jessie), this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u15. For the stable distribution (stretch), this problem has been fixed in version 1:9.10.3.dfsg.P4-12.3+deb9u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4090-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond January 17, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wordpress CVE ID : CVE-2017-9066 CVE-2017-16510 CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094 Debian Bug : 862816 883314 880528 Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injections and various Cross-Side Scripting (XSS) and Server-Side Request Forgery (SSRF) attacks, as well as bypass some access restrictions. For the oldstable distribution (jessie), these problems have been fixed in version 4.1+dfsg-1+deb8u16. For the stable distribution (stretch), these problems have been fixed in version 4.7.5+dfsg-2+deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted January 18, 2018 Share Posted January 18, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4091-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 18, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2018-2562 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.59, which includes additional changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-59.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html For the oldstable distribution (jessie), these problems have been fixed in version 5.5.59-0+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 19, 2018 Share Posted January 19, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4092-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond January 19, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : awstats CVE ID : CVE-2017-1000501 Debian Bug : 885835 The cPanel Security Team discovered that awstats, a log file analyzer, was vulnerable to path traversal attacks. A remote unauthenticated attacker could leverage that to perform arbitrary code execution. For the oldstable distribution (jessie), this problem has been fixed in version 7.2+dfsg-1+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 7.6+dfsg-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 23, 2018 Share Posted January 23, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4093-1 security@debian.org https://www.debian.org/security/ January 21, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openocd CVE ID : CVE-2018-5704 Debian Bug : 887488 Josef Gajdusek discovered that OpenOCD, a JTAG debugger for ARM and MIPS, was vulnerable to Cross Protocol Scripting attacks. An attacker could craft a HTML page that, when visited by a victim running OpenOCD, could execute arbitrary commands on the victims host. This fix also sets the OpenOCD default binding to localhost, instead of every network interfaces. This can be changed with the added "bindto" command argument. For the oldstable distribution (jessie), this problem has been fixed in version 0.8.0-4+deb7u1. For the stable distribution (stretch), this problem has been fixed in version 0.9.0-1+deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4094-1 security@debian.org https://www.debian.org/security/ January 22, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : smarty3 CVE ID : CVE-2017-1000480 Debian Bug : 886460 It was discovered that Smarty, a PHP template engine, was vulnerable to code-injection attacks. An attacker was able to craft a filename in comments that could lead to arbitrary code execution on the host running Smarty. For the oldstable distribution (jessie), this problem has been fixed in version 3.1.21-1+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 3.1.31+20161214.1.c7d42e4+selfpack1-2+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 24, 2018 Share Posted January 24, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4095-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 24, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gcab CVE ID : CVE-2018-5345 Debian Bug : 887776 It was discovered that gcab, a Microsoft Cabinet file manipulation tool, is prone to a stack-based buffer overflow vulnerability when extracting .cab files. An attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running gcab, if a specially crafted .cab file is processed. For the stable distribution (stretch), this problem has been fixed in version 0.7-2+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 27, 2018 Share Posted January 27, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4096-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 25, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, integer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or URL spoofing. For the oldstable distribution (jessie), these problems have been fixed in version 52.6.0esr-1~deb8u1. For the stable distribution (stretch), these problems have been fixed in version 52.6.0esr-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4097-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 25, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : poppler CVE ID : CVE-2017-14929 CVE-2017-1000456 Multiple vulnerabilities were discovered in the poppler PDF rendering library, which could result in denial of service or the execution of arbitrary code if a malformed PDF file is processed. This update also fixes a regression in the handling of Type 3 fonts. For the oldstable distribution (jessie), these problems have been fixed in version 0.26.5-2+deb8u3. For the stable distribution (stretch), these problems have been fixed in version 0.48.0-2+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4098-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini January 26, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : curl CVE ID : CVE-2018-1000005 CVE-2018-1000007 Two vulnerabilities were discovered in cURL, an URL transfer library. CVE-2018-1000005 Zhouyihai Ding discovered an out-of-bounds read in the code handling HTTP/2 trailers. This issue doesn't affect the oldstable distribution (jessie). CVE-2018-1000007 Craig de Stigter discovered that authentication data might be leaked to third parties when following HTTP redirects. For the oldstable distribution (jessie), these problems have been fixed in version 7.38.0-4+deb8u9. For the stable distribution (stretch), these problems have been fixed in version 7.52.1-5+deb9u4. Link to comment Share on other sites More sharing options...
Recommended Posts