Jump to content

Bruno

Recommended Posts

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4429-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

April 10, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : spip

Debian Bug : 926764

 

It was discovered that SPIP, a website engine for publishing, did not

properly sanitize its user input. This would allow an authenticated

user to perform arbitrary command execution.

 

For the stable distribution (stretch), this problem has been fixed in

version 3.1.4-4~deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4430-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

April 10, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wpa

CVE ID : CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499

Debian Bug : 926801

 

Mathy Vanhoef (NYUAD) and Eyal Ronen (Tel Aviv University & KU Leuven) found

multiple vulnerabilities in the WPA implementation found in wpa_supplication

(station) and hostapd (access point). These vulnerability are also collectively

known as "Dragonblood".

 

CVE-2019-9495

 

Cache-based side-channel attack against the EAP-pwd implementation: an

attacker able to run unprivileged code on the target machine (including for

example javascript code in a browser on a smartphone) during the handshake

could deduce enough information to discover the password in a dictionary

attack.

 

CVE-2019-9497

 

Reflection attack against EAP-pwd server implementation: a lack of

validation of received scalar and elements value in the EAP-pwd-Commit

messages could result in attacks that would be able to complete EAP-pwd

authentication exchange without the attacker having to know the password.

This does not result in the attacker being able to derive the session key,

complete the following key exchange and access the network.

 

CVE-2019-9498

 

EAP-pwd server missing commit validation for scalar/element: hostapd

doesn't validate values received in the EAP-pwd-Commit message, so an

attacker could use a specially crafted commit message to manipulate the

exchange in order for hostapd to derive a session key from a limited set of

possible values. This could result in an attacker being able to complete

authentication and gain access to the network.

 

CVE-2019-9499

 

EAP-pwd peer missing commit validation for scalar/element: wpa_supplicant

doesn't validate values received in the EAP-pwd-Commit message, so an

attacker could use a specially crafted commit message to manipulate the

exchange in order for wpa_supplicant to derive a session key from a limited

set of possible values. This could result in an attacker being able to

complete authentication and operate as a rogue AP.

 

Note that the Dragonblood moniker also applies to CVE-2019-9494 and

CVE-2014-9496 which are vulnerabilities in the SAE protocol in WPA3. SAE is not

enabled in Debian stretch builds of wpa, which is thus not vulnerable by default.

 

Due to the complexity of the backporting process, the fix for these

vulnerabilities are partial. Users are advised to use strong passwords to

prevent dictionary attacks or use a 2.7-based version from stretch-backports

(version above 2:2.7+git20190128+0c1e29f-4).

 

For the stable distribution (stretch), these problems have been fixed in

version 2:2.4-1+deb9u3.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4431-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 13, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libssh2

CVE ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858

CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862

CVE-2019-3863

Debian Bug : 924965

 

Chris Coulson discovered several vulnerabilities in libssh2, a SSH2

client-side library, which could result in denial of service,

information leaks or the execution of arbitrary code.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.7.0-1+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4432-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 16, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ghostscript

CVE ID : CVE-2019-3835 CVE-2019-3838

Debian Bug : 925256 925257

 

Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPL

PostScript/PDF interpreter, which could result in bypass of file system

restrictions of the dSAFER sandbox.

 

For the stable distribution (stretch), these problems have been fixed in

version 9.26a~dfsg-0+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4433-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 16, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ruby2.3

CVE ID : CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323

CVE-2019-8324 CVE-2019-8325

 

Several vulnerabilities have been discovered in the Rubygems included in

the interpreter for the Ruby language, which may result in denial of

service or the execution of arbitrary code.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.3.3-1+deb9u6.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4434-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 20, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : drupal7

CVE ID : CVE-2019-11358

Debian Bug : 927330

 

A cross-site scripting vulnerability has been found in Drupal, a

fully-featured content management framework. For additional information,

please refer to the upstream advisory at

https://www.drupal.org/sa-core-2019-006 .

 

For the stable distribution (stretch), this problem has been fixed in

version 7.52-2+deb9u8.

Link to comment
Share on other sites

------------------------------------------------------------------------

The Debian Project https://www.debian.org/

Updated Debian 9: 9.9 released press@debian.org

April 27th, 2019 https://www.debian.o...s/2019/20190427

------------------------------------------------------------------------

 

 

The Debian project is pleased to announce the ninth update of its stable

distribution Debian 9 (codename "stretch"). This point release mainly

adds corrections for security issues, along with a few adjustments for

serious problems. Security advisories have already been published

separately and are referenced where available.

 

Please note that the point release does not constitute a new version of

Debian 9 but only updates some of the packages included. There is no

need to throw away old "stretch" media. After installation, packages can

be upgraded to the current versions using an up-to-date Debian mirror.

 

Those who frequently install updates from security.debian.org won't have

to update many packages, and most such updates are included in the point

release.

 

New installation images will be available soon at the regular locations.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4435-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 27, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libpng1.6

CVE ID : CVE-2019-7317

Debian Bug : 921355

 

A use-after-free vulnerability was discovered in the png_image_free()

function in the libpng PNG library, which could lead to denial of

service or potentially the execution of arbitrary code if a malformed

image is processed.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.6.28-1+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4436-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 28, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imagemagick

CVE ID : CVE-2019-9956 CVE-2019-10650

 

This update fixes two vulnerabilities in Imagemagick: Memory handling

problems and missing or incomplete input sanitising may result in denial

of service, memory disclosure or the execution of arbitrary code if

malformed TIFF or Postscript files are processed.

 

For the stable distribution (stretch), these problems have been fixed in

version 8:6.9.7.4+dfsg-11+deb9u7.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4437-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 29, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gst-plugins-base1.0

CVE ID : CVE-2019-9928

 

It was discovered that a buffer overflow in the RTSP parser of the

GStreamer media framework may result in the execution of arbitrary code

if a malformed RSTP stream is opened.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.10.4-1+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4438-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 07, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : atftp

CVE ID : CVE-2019-11365 CVE-2019-11366

Debian Bug : 927553

 

Denis Andzakovic discovered two vulnerabilities in atftp, the advanced

TFTP server which could result in denial of service by sending malformed

packets.

 

For the stable distribution (stretch), these problems have been fixed in

version 0.7.git20120829-3.1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4439-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 09, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : postgresql-9.6

CVE ID : CVE-2019-10130

 

Dean Rasheed discovered that row security policies in the PostgreSQL

database system could be bypassed.

 

For additional information please refer to the upstream announcement

at https://www.postgresql.org/about/news/1939/

 

For the stable distribution (stretch), this problem has been fixed in

version 9.6.13-0+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4440-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 09, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bind9

CVE ID : CVE-2018-5743 CVE-2018-5745 CVE-2019-6465

 

Multiple vulnerabilities were found in the BIND DNS server:

 

CVE-2018-5743

 

Connection limits were incorrectly enforced.

 

CVE-2018-5745

 

The "managed-keys" feature was susceptible to denial of service by

triggering an assert.

 

CVE-2019-6465

 

ACLs for zone transfers were incorrectly enforced for dynamically

loadable zones (DLZs).

 

For the stable distribution (stretch), these problems have been fixed in

version 1:9.10.3.dfsg.P4-12.3+deb9u5.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4441-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

May 10, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : symfony

CVE ID : CVE-2018-14773 CVE-2018-19789 CVE-2018-19790 CVE-2019-10909

CVE-2019-10910 CVE-2019-10911 CVE-2019-10912 CVE-2019-10913

 

Multiple vulnerabilities were discovered in the Symfony PHP framework

which could lead to cache bypass, authentication bypass, information

disclosure, open redirect, cross-site request forgery, deletion of

arbitrary files, or arbitrary code execution.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.8.7+dfsg-1.3+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4442-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 12, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ghostscript

CVE ID : CVE-2019-3839

 

A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF

interpreter, which may result in denial of service or the execution of

arbitrary code if a malformed Postscript file is processed (despite the

- -dSAFER sandbox being enabled).

 

For the stable distribution (stretch), this problem has been fixed in

version 9.26a~dfsg-0+deb9u3.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4442-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 13, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cups-filters

Debian Bug : 926576 928936 928952

 

The update for ghostscript released as DSA 4442-1 uncovered an issue in

cups-filters which was using the undocumented Ghostscript internal

"pdfdict" now hidden in the ghostscript update. Updated cups-filters

packages are now available to correct this issue.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.11.6-3+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4443-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 14, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

CVE ID : CVE-2018-16860

 

Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos

extension used in Samba's Active Directory support was susceptible to

man-in-the-middle attacks caused by incomplete checksum validation.

 

Details can be found in the upstream advisory at

https://www.samba.org/samba/security/CVE-2018-16860.html

 

For the stable distribution (stretch), this problem has been fixed in

version 2:4.5.16+dfsg-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4445-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 14, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : drupal7

CVE ID : CVE-2019-11831

 

It was discovered that incomplete validation in a Phar processing

library embedded in Drupal, a fully-featured content management

framework, could result in information disclosure.

 

For additional information, please refer to the upstream advisory

at https://www.drupal.org/sa-core-2019-007.

 

For the stable distribution (stretch), this problem has been fixed in

version 7.52-2+deb9u9.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4444-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 14, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091

Debian Bug : 928125

 

Multiple researchers have discovered vulnerabilities in the way the

Intel processor designs have implemented speculative forwarding of data

filled into temporary microarchitectural structures (buffers). This

flaw could allow an attacker controlling an unprivileged process to

read sensitive information, including from the kernel and all other

processes running on the system or cross guest/host boundaries to read

host memory.

 

See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html

for more details.

 

To fully resolve these vulnerabilities it is also necessary to install

updated CPU microcode. An updated intel-microcode package (only

available in Debian non-free) will be provided via a separate DSA. The

updated CPU microcode may also be available as part of a system firmware

("BIOS") update.

 

In addition, this update includes a fix for a regression causing

deadlocks inside the loopback driver, which was introduced by the update

to 4.9.168 in the last Stretch point release.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.9.168-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4446-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 14, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lemonldap-ng

CVE ID : CVE-2019-12046

 

It was discovered that the Lemonldap::NG web SSO system performed

insuffient validation of session tokens if the "tokenUseGlobalStorage"

option is enabled, which could grant users with access to the main

session database access to an anonymous session.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.9.7-3+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4447-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 15, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : intel-microcode

CVE ID : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130

CVE-2019-11091

 

This update ships updated CPU microcode for most types of Intel CPUs. It

provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware

vulnerabilities.

 

To fully resolve these vulnerabilities it is also necessary to update

the Linux kernel packages as released in DSA 4444.

 

For the stable distribution (stretch), these problems have been fixed in

version 3.20190514.1~deb9u1.

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4448-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 22, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2018-18511 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797

CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819

CVE-2019-9820 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693

CVE-2019-11698

 

Multiple security issues have been found in the Mozilla Firefox web

browser, which could potentially result in the execution of arbitrary code.

 

For the stable distribution (stretch), these problems have been fixed in

version 60.7.0esr-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4449-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 22, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ffmpeg

CVE ID : CVE-2018-15822 CVE-2018-1999011 CVE-2019-9718

CVE-2019-11338

 

Several vulnerabilities have been discovered in the FFmpeg multimedia

framework, which could result in denial of service or potentially the

execution of arbitrary code if malformed files/streams are processed.

 

For the stable distribution (stretch), these problems have been fixed in

version 7:3.2.14-1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4450-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

May 24, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wpa

CVE ID : CVE-2019-11555

Debian Bug : 927463

 

A vulnerability was found in the WPA protocol implementation found in

wpa_supplication (station) and hostapd (access point).

 

The EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP

peer) doesn't properly validate fragmentation reassembly state when receiving

an unexpected fragment. This could lead to a process crash due to a NULL

pointer derefrence.

 

An attacker in radio range of a station or access point with EAP-pwd support

could cause a crash of the relevant process (wpa_supplicant or hostapd),

ensuring a denial of service.

 

For the stable distribution (stretch), this problem has been fixed in

version 2:2.4-1+deb9u4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4451-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 24, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : thunderbird

CVE ID : CVE-2018-18511 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797

CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819

CVE-2019-9820 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693

CVE-2019-11698

 

Multiple security issues have been found in Thunderbird: Multiple

vulnerabilities may lead to the execution of arbitrary code or denial of

service.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:60.7.0-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4452-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 24, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : jackson-databind

CVE ID : CVE-2018-11307 CVE-2018-12022 CVE-2018-12023 CVE-2018-14718

CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-19360

CVE-2018-19361 CVE-2018-19362 CVE-2019-12086

 

Multiple security issues were found in jackson-databind, a Java library

to parse JSON and other data formats which could result in information

disclosure or the execution of arbitrary code.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.8.6-1+deb9u5.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4453-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 29, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-8

CVE ID : CVE-2019-2602 CVE-2019-2684 CVE-2019-2698

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in denial of

service or sandbox bypass.

 

For the stable distribution (stretch), these problems have been fixed in

version 8u212-b03-2~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4454-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 30, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : qemu

CVE ID : CVE-2018-11806 CVE-2018-12617 CVE-2018-16872 CVE-2018-17958

CVE-2018-18849 CVE-2018-18954 CVE-2018-19364 CVE-2018-19489

CVE-2019-3812 CVE-2019-6778 CVE-2019-9824 CVE-2019-12155

 

Multiple security issues were discovered in QEMU, a fast processor

emulator, which could result in denial of service, the execution of

arbitrary code or information disclosure.

 

In addition this update backports support to passthrough the new

md-clear CPU flag added in the intel-microcode update shipped in DSA 4447

to x86-based guests.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:2.8+dfsg-6+deb9u6.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4455-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

June 03, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : heimdal

CVE ID : CVE-2018-16860 CVE-2019-12098

Debian Bug : 928966 929064

 

Several vulnerabilities were discovered in Heimdal, an implementation of

Kerberos 5 that aims to be compatible with MIT Kerberos.

 

CVE-2018-16860

 

Isaac Boukris and Andrew Bartlett discovered that Heimdal was

susceptible to man-in-the-middle attacks caused by incomplete

checksum validation. Details on the issue can be found in the Samba

advisory at https://www.samba.org/samba/security/CVE-2018-16860.html

 

CVE-2019-12098

 

It was discovered that failure of verification of the PA-PKINIT-KX key

exchange client-side could permit to perform man-in-the-middle attack.

 

For the stable distribution (stretch), these problems have been fixed in

version 7.1.0+dfsg-13+deb9u3.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4456-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

June 05, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : exim4

CVE ID : CVE-2019-10149

 

The Qualys Research Labs reported a flaw in Exim, a mail transport

agent. Improper validation of the recipient address in the

deliver_message() function may result in the execution of arbitrary

commands.

 

For the stable distribution (stretch), this problem has been fixed in

version 4.89-2+deb9u4.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4454-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

June 06, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : qemu

Debian Bug : 929067

 

Vincent Tondellier reported that the qemu update issued as DSA 4454-1

did not correctly backport the support to define the md-clear bit to

allow mitigation of the MDS vulnerabilities. Updated qemu packages are

now available to correct this issue.

 

For the stable distribution (stretch), this problem has been fixed in

version 1:2.8+dfsg-6+deb9u7.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4457-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

June 07, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : evolution

CVE ID : CVE-2018-15587

Debian Bug : 924616

 

Hanno Böck discovered that Evolution was vulnerable to OpenPGP

signatures being spoofed for arbitrary messages using a specially

crafted HTML email. This issue was mitigated by moving the security

bar with encryption and signature information above the message

headers.

 

For the stable distribution (stretch), this problem has been fixed in

version 3.22.6-1+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4458-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

June 08, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cyrus-imapd

CVE ID : CVE-2019-11356

 

A flaw was discovered in the CalDAV feature in httpd of the Cyrus IMAP

server, leading to denial of service or potentially the execution of

arbitrary code via a crafted HTTP PUT operation for an event with a long

iCalendar property name.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.5.10-3+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4459-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

June 12, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : vlc

CVE ID : not yet available

 

Multiple security issues were discovered in the VLC media player, which

could result in the execution of arbitrary code or denial of service if

a malformed file/stream is processed.

 

For the stable distribution (stretch), these problems have been fixed in

version 3.0.7-0+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4460-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

June 12, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mediawiki

CVE ID : CVE-2019-11358 CVE-2019-12466 CVE-2019-12467 CVE-2019-12468

CVE-2019-12469 CVE-2019-12470 CVE-2019-12471 CVE-2019-12472

CVE-2019-12473 CVE-2019-12474

 

Multiple security vulnerabilities have been discovered in MediaWiki, a

website engine for collaborative work, which may result in authentication

bypass, denial of service, cross-site scripting, information disclosure

and bypass of anti-spam measures.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:1.27.7-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4461-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

June 12, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : zookeeper

CVE ID : CVE-2019-0201

 

Harrison Neil discovered that the getACL() command in Zookeeper, a

service for maintaining configuration information, did not validate

permissions, which could result in information disclosure.

 

For the stable distribution (stretch), this problem has been fixed in

version 3.4.9-3+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4462-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

June 13, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dbus

CVE ID : CVE-2019-12749

Debian Bug : 930375

 

Joe Vennix discovered an authentication bypass vulnerability in dbus, an

asynchronous inter-process communication system. The implementation of

the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a

symbolic link attack. A local attacker could take advantage of this flaw

to bypass authentication and connect to a DBusServer with elevated

privileges.

 

The standard system and session dbus-daemons in their default

configuration are not affected by this vulnerability.

 

The vulnerability was addressed by upgrading dbus to a new upstream

version 1.10.28 which includes additional fixes.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.10.28-0+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4463-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

June 14, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : znc

CVE ID : CVE-2019-9917 CVE-2019-12816

Debian Bug : 925285

 

Two vulnerabilities were discovered in the ZNC IRC bouncer which could

result in remote code execution (CVE-2019-12816) or denial of service

via invalid encoding (CVE-2019-9917).

 

For the stable distribution (stretch), these problems have been fixed in

version 1.6.5-1+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4464-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

June 15, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : thunderbird

CVE ID : CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706

 

Multiple security issues have been found in Thunderbird which may lead

to the execution of arbitrary code if malformed email messages are read.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:60.7.1-1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4465-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

June 17, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2019-3846 CVE-2019-5489 CVE-2019-9500 CVE-2019-9503

CVE-2019-10126 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479

CVE-2019-11486 CVE-2019-11599 CVE-2019-11815 CVE-2019-11833

CVE-2019-11884

Debian Bug : 928989

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a privilege escalation, denial of service or information

leaks.

 

CVE-2019-3846, CVE-2019-10126

 

huangwen reported multiple buffer overflows in the Marvell wifi

(mwifiex) driver, which a local user could use to cause denial of

service or the execution of arbitrary code.

 

CVE-2019-5489

 

Daniel Gruss, Erik Kraft, Tri****a Tiwari, Michael Schwarz, Ari

Trachtenberg, Jason Hennessey, Alex Ionescu, and Anders Fogh

discovered that local users could use the mincore() system call to

obtain sensitive information from other processes that access the

same memory-mapped file.

 

CVE-2019-9500, CVE-2019-9503

 

Hugues Anguelkov discovered a buffer overflow and missing access

validation in the Broadcom FullMAC wifi driver (brcmfmac), which a

attacker on the same wifi network could use to cause denial of

service or the execution of arbitrary code.

 

CVE-2019-11477

 

Jonathan Looney reported that a specially crafted sequence of TCP

selective acknowledgements (SACKs) allows a remotely triggerable

kernel panic.

 

CVE-2019-11478

 

Jonathan Looney reported that a specially crafted sequence of TCP

selective acknowledgements (SACKs) will fragment the TCP

retransmission queue, allowing an attacker to cause excessive

resource usage.

 

CVE-2019-11479

 

Jonathan Looney reported that an attacker could force the Linux

kernel to segment its responses into multiple TCP segments, each of

which contains only 8 bytes of data, drastically increasing the

bandwidth required to deliver the same amount of data.

 

This update introduces a new sysctl value to control the minimal MSS

(net.ipv4.tcp_min_snd_mss), which by default uses the formerly hard-

coded value of 48. We recommend raising this to 536 unless you know

that your network requires a lower value.

 

CVE-2019-11486

 

Jann Horn of Google reported numerous race conditions in the

Siemens R3964 line discipline. A local user could use these to

cause unspecified security impact. This module has therefore been

disabled.

 

CVE-2019-11599

 

Jann Horn of Google reported a race condition in the core dump

implementation which could lead to a use-after-free. A local

user could use this to read sensitive information, to cause a

denial of service (memory corruption), or for privilege

escalation.

 

CVE-2019-11815

 

It was discovered that a use-after-free in the Reliable Datagram

Sockets protocol could result in denial of service and potentially

privilege escalation. This protocol module (rds) is not auto-

loaded on Debian systems, so this issue only affects systems where

it is explicitly loaded.

 

CVE-2019-11833

 

It was discovered that the ext4 filesystem implementation writes

uninitialised data from kernel memory to new extent blocks. A

local user able to write to an ext4 filesystem and then read the

filesystem image, for example using a removable drive, might be

able to use this to obtain sensitive information.

 

CVE-2019-11884

 

It was discovered that the Bluetooth HIDP implementation did not

ensure that new connection names were null-terminated. A local

user with CAP_NET_ADMIN capability might be able to use this to

obtain sensitive information from the kernel stack.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.9.168-1+deb9u3.

  • Like 1
Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4466-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

June 18, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2019-11707

 

Samuel Gross discovered a type confusion bug in the Javascript engine of

the Mozilla Firefox web browser, which could result in the execution of

arbitrary code when browsing a malicious website.

 

For the stable distribution (stretch), this problem has been fixed in

version 60.7.1esr-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4467-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

June 18, 2019 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : vim

CVE ID : CVE-2019-12735

 

User "Arminius" discovered a vulnerability in Vim, an enhanced version of the

standard UNIX editor Vi (Vi IMproved). The "Common vulnerabilities and

exposures project" identifies the following problem:

 

Editors typically provide a way to embed editor configuration commands (aka

modelines) which are executed once a file is opened, while harmful commands

are filtered by a sandbox mechanism. It was discovered that the "source"

command (used to include and execute another file) was not filtered, allowing

shell command execution with a carefully crafted file opened in Vim.

 

For the stable distribution (stretch), this problem has been fixed in

version 8.0.0197-4+deb9u2.

Link to comment
Share on other sites

×
×
  • Create New...