sunrat Posted November 22, 2018 Share Posted November 22, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4339-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 21, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ceph Debian Bug : 913909 The update for ceph issued as DSA-4339-1 caused a build regression for the i386 builds. Updated packages are now available to address this issue. For reference, the original advisory text follows. Multiple vulnerabilities were discovered in Ceph, a distributed storage and file system: The cephx authentication protocol was susceptible to replay attacks and calculated signatures incorrectly, "ceph mon" did not validate capabilities for pool operations (resulting in potential corruption or deletion of snapshot images) and a format string vulnerability in libradosstriper could result in denial of service. For the stable distribution (stretch), this problem has been fixed in version 10.2.11-2. Link to comment Share on other sites More sharing options...
sunrat Posted November 25, 2018 Share Posted November 25, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4343-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 23, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : liblivemedia CVE ID : CVE-2018-4013 It was discovered that a buffer overflow in liveMedia, a set of C++ libraries for multimedia streaming could result in the execution of arbitrary code when parsing a malformed RTSP stream. For the stable distribution (stretch), this problem has been fixed in version 2016.11.28-1+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4344-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 24, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : roundcube CVE ID : CVE-2018-19206 Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling invalid style tag content. For the stable distribution (stretch), this problem has been fixed in version 1.2.3+dfsg.1-4+deb9u3. Link to comment Share on other sites More sharing options...
sunrat Posted November 27, 2018 Share Posted November 27, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4345-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 27, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba CVE ID : CVE-2018-14629 CVE-2018-16841 CVE-2018-16851 Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-14629 Florian Stuelpner discovered that Samba is vulnerable to infinite query recursion caused by CNAME loops, resulting in denial of service. https://www.samba.org/samba/security/CVE-2018-14629.html CVE-2018-16841 Alex MacCuish discovered that a user with a valid certificate or smart card can crash the Samba AD DC's KDC when configured to accept smart-card authentication. https://www.samba.org/samba/security/CVE-2018-16841.html CVE-2018-16851 Garming Sam of the Samba Team and Catalyst discovered a NULL pointer dereference vulnerability in the Samba AD DC LDAP server allowing a user able to read more than 256MB of LDAP entries to crash the Samba AD DC's LDAP server. https://www.samba.org/samba/security/CVE-2018-16851.html For the stable distribution (stretch), these problems have been fixed in version 2:4.5.12+dfsg-2+deb9u4. Link to comment Share on other sites More sharing options...
sunrat Posted November 29, 2018 Share Posted November 29, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4346-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 27, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript CVE ID : CVE-2018-19409 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477 Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being enabled). This update rebases ghostscript for stretch to the upstream version 9.26 which includes additional changes. For the stable distribution (stretch), these problems have been fixed in version 9.26~dfsg-0+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4347-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 29, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : perl CVE ID : CVE-2018-18311 CVE-2018-18312 CVE-2018-18313 CVE-2018-18314 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-18311 Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input. CVE-2018-18312 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow write during compilation, potentially allowing arbitrary code execution. CVE-2018-18313 Eiichi Tsukata discovered that a crafted regular expression could cause a heap-based buffer overflow read during compilation which leads to information leak. CVE-2018-18314 Jakub Wilk discovered that a specially crafted regular expression could lead to a heap-based buffer overflow. For the stable distribution (stretch), these problems have been fixed in version 5.24.1-3+deb9u5. Link to comment Share on other sites More sharing options...
sunrat Posted December 2, 2018 Share Posted December 2, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4348-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 30, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2018-0732 CVE-2018-0734 CVE-2018-0735 CVE-2018-0737 CVE-2018-5407 Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. For the stable distribution (stretch), these problems have been fixed in version 1.1.0j-1~deb9u1. Going forward, openssl security updates for stretch will be based on the 1.1.0x upstream releases. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4349-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 30, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tiff CVE ID : CVE-2017-11613 CVE-2017-17095 CVE-2018-5784 CVE-2018-7456 CVE-2018-8905 CVE-2018-10963 CVE-2018-17101 CVE-2018-18557 CVE-2018-15209 CVE-2018-16335 Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code if malformed image files are processed. For the stable distribution (stretch), these problems have been fixed in version 4.0.8-2+deb9u4. Link to comment Share on other sites More sharing options...
sunrat Posted December 8, 2018 Share Posted December 8, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4350-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 06, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : policykit-1 CVE ID : CVE-2018-19788 Debian Bug : 915332 It was discovered that incorrect processing of very high UIDs in Policykit, a framework for managing administrative policies and privileges, could result in authentication bypass. For the stable distribution (stretch), this problem has been fixed in version 0.105-18+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4351-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 07, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libphp-phpmailer CVE ID : CVE-2018-19296 Debian Bug : 913912 It was discovered that PHPMailer, a library to send email from PHP applications, is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code. For the stable distribution (stretch), this problem has been fixed in version 5.2.14+dfsg-2.3+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4352-1 security@debian.org https://www.debian.org/security/ Michael Gilbert December 07, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336 CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340 CVE-2018-18341 CVE-2018-18342 CVE-2018-18343 CVE-2018-18344 CVE-2018-18345 CVE-2018-18346 CVE-2018-18347 CVE-2018-18348 CVE-2018-18349 CVE-2018-18350 CVE-2018-18351 CVE-2018-18352 CVE-2018-18353 CVE-2018-18354 CVE-2018-18355 CVE-2018-18356 CVE-2018-18357 CVE-2018-18358 CVE-2018-18359 Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-17480 Guang Gong discovered an out-of-bounds write issue in the v8 javascript library. CVE-2018-17481 Several use-after-free issues were discovered in the pdfium library. CVE-2018-18335 A buffer overflow issue was discovered in the skia library. CVE-2018-18336 Huyna discovered a use-after-free issue in the pdfium library. CVE-2018-18337 cloudfuzzer discovered a use-after-free issue in blink/webkit. CVE-2018-18338 Zhe Jin discovered a buffer overflow issue in the canvas renderer. CVE-2018-18339 cloudfuzzer discovered a use-after-free issue in the WebAudio implementation. CVE-2018-18340 A use-after-free issue was discovered in the MediaRecorder implementation. CVE-2018-18341 cloudfuzzer discovered a buffer overflow issue in blink/webkit. CVE-2018-18342 Guang Gong discovered an out-of-bounds write issue in the v8 javascript library. CVE-2018-18343 Tran Tien Hung discovered a use-after-free issue in the skia library. CVE-2018-18344 Jann Horn discovered an error in the Extensions implementation. CVE-2018-18345 Masato Kinugawa and Jun Kokatsu discovered an error in the Site Isolation feature. CVE-2018-18346 Luan Herrera discovered an error in the user interface. CVE-2018-18347 Luan Herrera discovered an error in the Navigation implementation. CVE-2018-18348 Ahmed Elsobky discovered an error in the omnibox implementation. CVE-2018-18349 David Erceg discovered a policy enforcement error. CVE-2018-18350 Jun Kokatsu discovered a policy enforcement error. CVE-2018-18351 Jun Kokatsu discovered a policy enforcement error. CVE-2018-18352 Jun Kokatsu discovered an error in Media handling. CVE-2018-18353 Wenxu Wu discovered an error in the network authentication implementation. CVE-2018-18354 Wenxu Wu discovered an error related to integration with GNOME Shell. CVE-2018-18355 evil1m0 discovered a policy enforcement error. CVE-2018-18356 Tran Tien Hung discovered a use-after-free issue in the skia library. CVE-2018-18357 evil1m0 discovered a policy enforcement error. CVE-2018-18358 Jann Horn discovered a policy enforcement error. CVE-2018-18359 cyrilliu discovered an out-of-bounds read issue in the v8 javascript library. Several additional security relevant issues are also fixed in this update that have not yet received CVE identifiers. For the stable distribution (stretch), these problems have been fixed in version 71.0.3578.80-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 11, 2018 Share Posted December 11, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4353-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 10, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php7.0 CVE ID : CVE-2018-14851 CVE-2018-14883 CVE-2018-17082 CVE-2018-19518 CVE-2018-19935 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: The EXIF module was susceptible to denial of service/information disclosure when parsing malformed images, the Apache module allowed cross-site-scripting via the body of a "Transfer-Encoding: chunked" request and the IMAP extension performed insufficient input validation which can result in the execution of arbitrary shell commands in the imap_open() function and denial of service in the imap_mail() function. For the stable distribution (stretch), these problems have been fixed in version 7.0.33-0+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 15, 2018 Share Posted December 15, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4354-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 12, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2018-12405 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy. For the stable distribution (stretch), these problems have been fixed in version 60.4.0esr-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 20, 2018 Share Posted December 20, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4355-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 19, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl1.0 CVE ID : CVE-2018-0732 CVE-2018-0734 CVE-2018-0737 CVE-2018-5407 Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit. For the stable distribution (stretch), these problems have been fixed in version 1.0.2q-1~deb9u1. Going forward, openssl1.0 security updates for stretch will be based on the 1.0.2x upstream releases. Link to comment Share on other sites More sharing options...
sunrat Posted December 21, 2018 Share Posted December 21, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4356-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 20, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : netatalk CVE ID : CVE-2018-1160 Debian Bug : 916930 Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges. For the stable distribution (stretch), this problem has been fixed in version 2.2.5-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4357-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 20, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libapache-mod-jk CVE ID : CVE-2018-11759 Raphael Arrouas and Jean Lejeune discovered an access control bypass vulnerability in mod_jk, the Apache connector for the Tomcat Java servlet engine. The vulnerability is addressed by upgrading mod_jk to the new upstream version 1.2.46, which includes additional changes. https://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html#Changes_between_1.2.42_and_1.2.43 https://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html#Changes_between_1.2.43_and_1.2.44 https://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html#Changes_between_1.2.44_and_1.2.45 https://tomcat.apache.org/connectors-doc/miscellaneous/changelog.html#Changes_between_1.2.45_and_1.2.46 For the stable distribution (stretch), this problem has been fixed in version 1:1.2.46-0+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted December 23, 2018 Share Posted December 23, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4346-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 23, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript Debian Bug : 915832 The update for ghostscript issued as DSA-4346-1 caused a regression when used with certain options (cf. Debian bug #915832). Updated packages are now available to correct this issue. For the stable distribution (stretch), this problem has been fixed in version 9.26~dfsg-0+deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted December 29, 2018 Share Posted December 29, 2018 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4358-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso December 27, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ruby-sanitize CVE ID : CVE-2018-3740 Debian Bug : 893610 The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element. For the stable distribution (stretch), this problem has been fixed in version 2.1.0-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4359-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-19627 CVE-2018-19628 Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code. For the stable distribution (stretch), these problems have been fixed in version 2.6.5-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4360-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libarchive CVE ID : CVE-2016-10209 CVE-2016-10349 CVE-2016-10350 CVE-2017-14166 CVE-2017-14501 CVE-2017-14502 CVE-2017-14503 CVE-2018-1000877 CVE-2018-1000878 CVE-2018-1000880 Multiple security issues were found in libarchive, a multi-format archive and compression library: Processing malformed RAR archives could result in denial of service or the execution of arbitrary code and malformed WARC, LHarc, ISO, Xar or CAB archives could result in denial of service. For the stable distribution (stretch), these problems have been fixed in version 3.2.2-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4361-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 28, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libextractor CVE ID : CVE-2018-20430 CVE-2018-20431 Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or memory disclosure if a malformed OLE file is processed. For the stable distribution (stretch), these problems have been fixed in version 1:1.3-4+deb9u3. Link to comment Share on other sites More sharing options...
sunrat Posted January 2, 2019 Share Posted January 2, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4362-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 01, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : not yet available Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. For the stable distribution (stretch), this problem has been fixed in version 1:60.4.0-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 8, 2019 Share Posted January 8, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4363-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2019-3498 It was discovered that malformed URLs could spoof the content of the default 404 page of Django, a Python web development framework. For the stable distribution (stretch), this problem has been fixed in version 1:1.10.7-2+deb9u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4364-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ruby-loofah CVE ID : CVE-2018-16468 It was discovered that ruby-loofah, a general library for manipulating and transforming HTML/XML documents and fragments, performed insufficient sanitising of SVG elements. For the stable distribution (stretch), this problem has been fixed in version 2.0.3-2+deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted January 13, 2019 Share Posted January 13, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4365-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 10, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tmpreaper CVE ID : CVE-2019-3461 Stephen Roettger discovered a race condition in tmpreaper, a program that cleans up files in directories based on their age, which could result in local privilege escalation. For the stable distribution (stretch), this problem has been fixed in version 1.6.13+nmu1+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4366-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 12, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vlc CVE ID : CVE-2018-19857 An integer underflow was discovered in the CAF demuxer of the VLC media player. For the stable distribution (stretch), this problem has been fixed in version 3.0.6-0+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 14, 2019 Share Posted January 14, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4367-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 13, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : systemd CVE ID : CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 Debian Bug : 918841 918848 The Qualys Research Labs discovered multiple vulnerabilities in systemd-journald. Two memory corruption flaws, via attacker-controlled alloca()s (CVE-2018-16864, CVE-2018-16865) and an out-of-bounds read flaw leading to an information leak (CVE-2018-16866), could allow an attacker to cause a denial of service or the execution of arbitrary code. Further details in the Qualys Security Advisory at https://www.qualys.com/2019/01/09/system-down/system-down.txt For the stable distribution (stretch), these problems have been fixed in version 232-25+deb9u7. Link to comment Share on other sites More sharing options...
sunrat Posted January 15, 2019 Share Posted January 15, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4368-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : zeromq3 CVE ID : CVE-2019-6250 Guido Vranken discovered that an incorrect bounds check in ZeroMQ, a lightweight messaging kernel, could result in the execution of arbitrary code. For the stable distribution (stretch), this problem has been fixed in version 4.2.1-4+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4369-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2018-19961 CVE-2018-19962 CVE-2018-19965 CVE-2018-19966 CVE-2018-19967 Multiple vulnerabilities have been discovered in the Xen hypervisor: CVE-2018-19961 / CVE-2018-19962 Paul Durrant discovered that incorrect TLB handling could result in denial of service, privilege escalation or information leaks. CVE-2018-19965 Matthew Daley discovered that incorrect handling of the INVPCID instruction could result in denial of service by PV guests. CVE-2018-19966 It was discovered that a regression in the fix to address CVE-2017-15595 could result in denial of service, privilege escalation or information leaks by a PV guest. CVE-2018-19967 It was discovered that an error in some Intel CPUs could result in denial of service by a guest instance. For the stable distribution (stretch), these problems have been fixed in version 4.8.5+shim4.10.2+xsa282-1+deb9u11. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4367-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 15, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : systemd The Qualys Research Labs reported that the backported security fixes shipped in DSA 4367-1 contained a memory leak in systemd-journald. This and an unrelated bug in systemd-coredump are corrected in this update. Note that as the systemd-journald service is not restarted automatically a restart of the service or more safely a reboot is advised. For the stable distribution (stretch), these problems have been fixed in version 232-25+deb9u8. Link to comment Share on other sites More sharing options...
sunrat Posted January 18, 2019 Share Posted January 18, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4370-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 17, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : drupal7 CVE ID : not yet available Two vulnerabilities were found in Drupal, a fully-featured content management framework, which could result in arbitrary code execution. For additional information, please refer to the upstream advisories at https://www.drupal.org/sa-core-2019-001 and https://www.drupal.org/sa-core-2019-002 For the stable distribution (stretch), this problem has been fixed in version 7.52-2+deb9u6. Link to comment Share on other sites More sharing options...
sunrat Posted January 23, 2019 Share Posted January 23, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4371-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez January 22, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apt CVE ID : CVE-2019-3462 Max Justicz discovered a vulnerability in APT, the high level package manager. The code handling HTTP redirects in the HTTP transport method doesn't properly sanitize fields transmitted over the wire. This vulnerability could be used by an attacker located as a man-in-the-middle between APT and a mirror to inject malicous content in the HTTP connection. This content could then be recognized as a valid package by APT and used later for code execution with root privileges on the target machine. Since the vulnerability is present in the package manager itself, it is recommended to disable redirects in order to prevent exploitation during this upgrade only, using: apt -o Acquire::http::AllowRedirect=false update apt -o Acquire::http::AllowRedirect=false upgrade This is known to break some proxies when used against security.debian.org. If that happens, people can switch their security APT source to use: deb http://cdn-fastly.deb.debian.org/debian-security stable/updates main For the stable distribution (stretch), this problem has been fixed in version 1.4.9. Link to comment Share on other sites More sharing options...
sunrat Posted January 23, 2019 Share Posted January 23, 2019 - ------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 9: 9.7 released press@debian.org January 23rd, 2019 https://www.debian.org/News/2019/20190123 - ------------------------------------------------------------------------ The Debian project is pleased to announce the seventh update of its stable distribution Debian 9 (codename "stretch"). This point release incorporates the recent security update for APT [1], in order to help ensure that new installations of stretch are not vulnerable. No other updates are included. 1: https://packages.debian.org/src:APT New installation images will be available soon at the regular locations. Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. Due to the nature of the included updates, in this case it is recommended to follow the instructions listed in DSA-4371 [2]. 2: https://www.debian.org/security/2019/dsa-4371 A comprehensive list of mirrors is available at: https://www.debian.org/mirror/list Miscellaneous Bugfixes - ---------------------- This stable update adds a few important corrections to the following packages: +----------------+------------------------------+ | Package | Reason | +----------------+------------------------------+ | base-files [3] | Update for the point release | | | | +----------------+------------------------------+ 3: https://packages.debian.org/src:base-files Security Updates - ---------------- This revision adds the following security updates to the stable release. The Security Team has already released an advisory for each of these updates: +--------------+---------+ | Advisory ID | Package | +--------------+---------+ | DSA-4371 [4] | apt [5] | | | | +--------------+---------+ 4: https://www.debian.org/security/2019/dsa-4371 5: https://packages.debian.org/src:apt URLs - ---- The complete lists of packages that have changed with this revision: http://ftp.debian.org/debian/dists/stretch/ChangeLog The current stable distribution: http://ftp.debian.org/debian/dists/stable/ Proposed updates to the stable distribution: http://ftp.debian.org/debian/dists/proposed-updates stable distribution information (release notes, errata etc.): https://www.debian.org/releases/stable/ Security announcements and information: https://security.debian.org/ [6] 6: https://www.debian.org/security/ About Debian - ------------ The Debian Project is an association of Free Software developers who volunteer their time and effort in order to produce the completely free operating system Debian. Contact Information - ------------------- For further information, please visit the Debian web pages at https://www.debian.org/, send mail to <press@debian.org>, or contact the stable release team at <debian-release@lists.debian.org>. Link to comment Share on other sites More sharing options...
securitybreach Posted January 23, 2019 Share Posted January 23, 2019 Nice. Link to comment Share on other sites More sharing options...
sunrat Posted January 27, 2019 Share Posted January 27, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4372-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 26, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript CVE ID : CVE-2019-6116 Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being enabled). For the stable distribution (stretch), this problem has been fixed in version 9.26a~dfsg-0+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 29, 2019 Share Posted January 29, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4373-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez January 28, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : coturn CVE ID : CVE-2018-4056 CVE-2018-4058 CVE-2018-4059 Multiple vulnerabilities were discovered in coTURN, a TURN and STUN server for VoIP. CVE-2018-4056 An SQL injection vulnerability was discovered in the coTURN administrator web portal. As the administration web interface is shared with the production, it is unfortunately not possible to easily filter outside access and this security update completely disable the web interface. Users should use the local, command line interface instead. CVE-2018-4058 Default configuration enables unsafe loopback forwarding. A remote attacker with access to the TURN interface can use this vulnerability to gain access to services that should be local only. CVE-2018-4059 Default configuration uses an empty password for the local command line administration interface. An attacker with access to the local console (either a local attacker or a remote attacker taking advantage of CVE-2018-4058) could escalade privileges to administrator of the coTURN server. For the stable distribution (stretch), these problems have been fixed in version 4.5.0.5-1+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4374-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond January 28, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : qtbase-opensource-src CVE ID : CVE-2018-15518 CVE-2018-19870 CVE-2018-19873 Debian Bug : 907139 Several issues were discovered in qtbase-opensource-src, a cross-platform C++ application framework, which could lead to denial-of-service via application crash. Additionally, this update fixes a problem affecting vlc, where it would start without a GUI. For the stable distribution (stretch), these problems have been fixed in version 5.7.1+dfsg-3+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted January 29, 2019 Share Posted January 29, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4375-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 29, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : spice CVE ID : CVE-2019-3813 Debian Bug : 920762 Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code. For the stable distribution (stretch), this problem has been fixed in version 0.12.8-2.1+deb9u3. Link to comment Share on other sites More sharing options...
sunrat Posted January 30, 2019 Share Posted January 30, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4376-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 30, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation. For the stable distribution (stretch), these problems have been fixed in version 60.5.0esr-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4377-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 30, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rssh CVE ID : CVE-2019-1000018 Debian Bug : 919623 The ESnet security team discovered a vulnerability in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the scp support could result in the bypass of this restriction, allowing the execution of arbitrary shell commands. Please note that with the update applied, the "-3" option of scp can no longer be used. For the stable distribution (stretch), this problem has been fixed in version 2.3.4-5+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4378-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 30, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php-pear CVE ID : CVE-2018-1000888 Debian Bug : 919147 Fariskhi Vidyan discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a PHP object injection vulnerability, potentially allowing a remote attacker to execute arbitrary code. For the stable distribution (stretch), this problem has been fixed in version 1:1.10.1+submodules+notgz-9+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted February 2, 2019 Share Posted February 2, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4379-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : golang-1.7 CVE ID : CVE-2018-7187 CVE-2019-6486 A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes a vulnerability in "go get", which could result in the execution of arbitrary shell commands. For the stable distribution (stretch), these problems have been fixed in version 1.7.4-2+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4380-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : golang-1.8 CVE ID : CVE-2018-6574 CVE-2018-7187 CVE-2019-6486 A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in "go get", which could result in the execution of arbitrary shell commands. For the stable distribution (stretch), these problems have been fixed in version 1.8.1-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted February 3, 2019 Share Posted February 3, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4381-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 02, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libreoffice CVE ID : CVE-2018-16858 Alex Infuehr discovered a directory traversal vulnerability which could result in the execution of Python script code when opening a malformed document. For the stable distribution (stretch), this problem has been fixed in version 1:5.2.7-1+deb9u5. In addition this update fixes a bug in the validation of signed PDFs; it would display an incomplete status message when dealing with a partial signature. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4382-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 02, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rssh CVE ID : CVE-2019-3463 CVE-2019-3464 Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution of arbitrary shell commands. For the stable distribution (stretch), these problems have been fixed in version 2.3.4-5+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4383-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 03, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvncserver CVE ID : CVE-2018-6307 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 Debian Bug : 916941 Pavel Cheremushkin discovered several vulnerabilities in libvncserver, a library to implement VNC server/client functionalities, which might result in the execution of arbitrary code, denial of service or information disclosure. For the stable distribution (stretch), these problems have been fixed in version 0.9.11+dfsg-1.3~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted February 6, 2019 Share Posted February 6, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4384-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 04, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libgd2 CVE ID : CVE-2019-6977 CVE-2019-6978 Debian Bug : 920645 920728 Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed. For the stable distribution (stretch), these problems have been fixed in version 2.2.4-2+deb9u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4385-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso February 05, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dovecot CVE ID : CVE-2019-3814 halfdog discovered an authentication bypass vulnerability in the Dovecot email server. Under some configurations Dovecot mistakenly trusts the username provided via authentication instead of failing. If there is no additional password verification, this allows the attacker to login as anyone else in the system. Only installations using: auth_ssl_require_client_cert = yes auth_ssl_username_from_cert = yes are affected by this flaw. For the stable distribution (stretch), this problem has been fixed in version 1:2.2.27-3+deb9u3. Link to comment Share on other sites More sharing options...
sunrat Posted February 6, 2019 Share Posted February 6, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4386-1 security@debian.org https://www.debian.org/security/ Alessandro Ghedini February 06, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : curl CVE ID : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 Multiple vulnerabilities were discovered in cURL, an URL transfer library. CVE-2018-16890 Wenxiang Qian of Tencent Blade Team discovered that the function handling incoming NTLM type-2 messages does not validate incoming data correctly and is subject to an integer overflow vulnerability, which could lead to an out-of-bounds buffer read. CVE-2019-3822 Wenxiang Qian of Tencent Blade Team discovered that the function creating an outgoing NTLM type-3 header is subject to an integer overflow vulnerability, which could lead to an out-of-bounds write. CVE-2019-3823 Brian Carpenter of Geeknik Labs discovered that the code handling the end-of-response for SMTP is subject to an out-of-bounds heap read. For the stable distribution (stretch), these problems have been fixed in version 7.52.1-5+deb9u9. Link to comment Share on other sites More sharing options...
sunrat Posted February 9, 2019 Share Posted February 9, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4387-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez February 09, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssh CVE ID : CVE-2018-20685 CVE-2019-6109 CVE-2019-6111 Debian Bug : 793412 919101 Harry Sintonen from F-Secure Corporation discovered multiple vulnerabilities in OpenSSH, an implementation of the SSH protocol suite. All the vulnerabilities are in found in the scp client implementing the SCP protocol. CVE-2018-20685 Due to improper directory name validation, the scp client allows servers to modify permissions of the target directory by using empty or dot directory name. CVE-2019-6109 Due to missing character encoding in the progress display, the object name can be used to manipulate the client output, for example to employ ANSI codes to hide additional files being transferred. CVE-2019-6111 Due to scp client insufficient input validation in path names sent by server, a malicious server can do arbitrary file overwrites in target directory. If the recursive (-r) option is provided, the server can also manipulate subdirectories as well. . The check added in this version can lead to regression if the client and the server have differences in wildcard expansion rules. If the server is trusted for that purpose, the check can be disabled with a new -T option to the scp client. For the stable distribution (stretch), these problems have been fixed in version 1:7.4p1-10+deb9u5. Link to comment Share on other sites More sharing options...
Recommended Posts