sunrat Posted April 10, 2019 Share Posted April 10, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4429-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond April 10, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : spip Debian Bug : 926764 It was discovered that SPIP, a website engine for publishing, did not properly sanitize its user input. This would allow an authenticated user to perform arbitrary command execution. For the stable distribution (stretch), this problem has been fixed in version 3.1.4-4~deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted April 13, 2019 Share Posted April 13, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4430-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez April 10, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wpa CVE ID : CVE-2019-9495 CVE-2019-9497 CVE-2019-9498 CVE-2019-9499 Debian Bug : 926801 Mathy Vanhoef (NYUAD) and Eyal Ronen (Tel Aviv University & KU Leuven) found multiple vulnerabilities in the WPA implementation found in wpa_supplication (station) and hostapd (access point). These vulnerability are also collectively known as "Dragonblood". CVE-2019-9495 Cache-based side-channel attack against the EAP-pwd implementation: an attacker able to run unprivileged code on the target machine (including for example javascript code in a browser on a smartphone) during the handshake could deduce enough information to discover the password in a dictionary attack. CVE-2019-9497 Reflection attack against EAP-pwd server implementation: a lack of validation of received scalar and elements value in the EAP-pwd-Commit messages could result in attacks that would be able to complete EAP-pwd authentication exchange without the attacker having to know the password. This does not result in the attacker being able to derive the session key, complete the following key exchange and access the network. CVE-2019-9498 EAP-pwd server missing commit validation for scalar/element: hostapd doesn't validate values received in the EAP-pwd-Commit message, so an attacker could use a specially crafted commit message to manipulate the exchange in order for hostapd to derive a session key from a limited set of possible values. This could result in an attacker being able to complete authentication and gain access to the network. CVE-2019-9499 EAP-pwd peer missing commit validation for scalar/element: wpa_supplicant doesn't validate values received in the EAP-pwd-Commit message, so an attacker could use a specially crafted commit message to manipulate the exchange in order for wpa_supplicant to derive a session key from a limited set of possible values. This could result in an attacker being able to complete authentication and operate as a rogue AP. Note that the Dragonblood moniker also applies to CVE-2019-9494 and CVE-2014-9496 which are vulnerabilities in the SAE protocol in WPA3. SAE is not enabled in Debian stretch builds of wpa, which is thus not vulnerable by default. Due to the complexity of the backporting process, the fix for these vulnerabilities are partial. Users are advised to use strong passwords to prevent dictionary attacks or use a 2.7-based version from stretch-backports (version above 2:2.7+git20190128+0c1e29f-4). For the stable distribution (stretch), these problems have been fixed in version 2:2.4-1+deb9u3. Link to comment Share on other sites More sharing options...
sunrat Posted April 13, 2019 Share Posted April 13, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4431-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libssh2 CVE ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 Debian Bug : 924965 Chris Coulson discovered several vulnerabilities in libssh2, a SSH2 client-side library, which could result in denial of service, information leaks or the execution of arbitrary code. For the stable distribution (stretch), these problems have been fixed in version 1.7.0-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted April 17, 2019 Share Posted April 17, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4432-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 16, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript CVE ID : CVE-2019-3835 CVE-2019-3838 Debian Bug : 925256 925257 Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPL PostScript/PDF interpreter, which could result in bypass of file system restrictions of the dSAFER sandbox. For the stable distribution (stretch), these problems have been fixed in version 9.26a~dfsg-0+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4433-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 16, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ruby2.3 CVE ID : CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Several vulnerabilities have been discovered in the Rubygems included in the interpreter for the Ruby language, which may result in denial of service or the execution of arbitrary code. For the stable distribution (stretch), these problems have been fixed in version 2.3.3-1+deb9u6. Link to comment Share on other sites More sharing options...
sunrat Posted April 22, 2019 Share Posted April 22, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4434-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 20, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : drupal7 CVE ID : CVE-2019-11358 Debian Bug : 927330 A cross-site scripting vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2019-006 . For the stable distribution (stretch), this problem has been fixed in version 7.52-2+deb9u8. Link to comment Share on other sites More sharing options...
sunrat Posted April 28, 2019 Share Posted April 28, 2019 ------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Updated Debian 9: 9.9 released press@debian.org April 27th, 2019 https://www.debian.o...s/2019/20190427 ------------------------------------------------------------------------ The Debian project is pleased to announce the ninth update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. New installation images will be available soon at the regular locations. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4435-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libpng1.6 CVE ID : CVE-2019-7317 Debian Bug : 921355 A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed. For the stable distribution (stretch), this problem has been fixed in version 1.6.28-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted April 28, 2019 Share Posted April 28, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4436-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2019-9956 CVE-2019-10650 This update fixes two vulnerabilities in Imagemagick: Memory handling problems and missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed TIFF or Postscript files are processed. For the stable distribution (stretch), these problems have been fixed in version 8:6.9.7.4+dfsg-11+deb9u7. Link to comment Share on other sites More sharing options...
sunrat Posted May 1, 2019 Share Posted May 1, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4437-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 29, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gst-plugins-base1.0 CVE ID : CVE-2019-9928 It was discovered that a buffer overflow in the RTSP parser of the GStreamer media framework may result in the execution of arbitrary code if a malformed RSTP stream is opened. For the stable distribution (stretch), this problem has been fixed in version 1.10.4-1+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted May 8, 2019 Share Posted May 8, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4438-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 07, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : atftp CVE ID : CVE-2019-11365 CVE-2019-11366 Debian Bug : 927553 Denis Andzakovic discovered two vulnerabilities in atftp, the advanced TFTP server which could result in denial of service by sending malformed packets. For the stable distribution (stretch), these problems have been fixed in version 0.7.git20120829-3.1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted May 10, 2019 Share Posted May 10, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4439-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 09, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : postgresql-9.6 CVE ID : CVE-2019-10130 Dean Rasheed discovered that row security policies in the PostgreSQL database system could be bypassed. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1939/ For the stable distribution (stretch), this problem has been fixed in version 9.6.13-0+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4440-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 09, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bind9 CVE ID : CVE-2018-5743 CVE-2018-5745 CVE-2019-6465 Multiple vulnerabilities were found in the BIND DNS server: CVE-2018-5743 Connection limits were incorrectly enforced. CVE-2018-5745 The "managed-keys" feature was susceptible to denial of service by triggering an assert. CVE-2019-6465 ACLs for zone transfers were incorrectly enforced for dynamically loadable zones (DLZs). For the stable distribution (stretch), these problems have been fixed in version 1:9.10.3.dfsg.P4-12.3+deb9u5. Link to comment Share on other sites More sharing options...
sunrat Posted May 11, 2019 Share Posted May 11, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4441-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond May 10, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : symfony CVE ID : CVE-2018-14773 CVE-2018-19789 CVE-2018-19790 CVE-2019-10909 CVE-2019-10910 CVE-2019-10911 CVE-2019-10912 CVE-2019-10913 Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution. For the stable distribution (stretch), these problems have been fixed in version 2.8.7+dfsg-1.3+deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted May 13, 2019 Share Posted May 13, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4442-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 12, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript CVE ID : CVE-2019-3839 A vulnerability was discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the - -dSAFER sandbox being enabled). For the stable distribution (stretch), this problem has been fixed in version 9.26a~dfsg-0+deb9u3. Link to comment Share on other sites More sharing options...
sunrat Posted May 14, 2019 Share Posted May 14, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4442-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 13, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cups-filters Debian Bug : 926576 928936 928952 The update for ghostscript released as DSA 4442-1 uncovered an issue in cups-filters which was using the undocumented Ghostscript internal "pdfdict" now hidden in the ghostscript update. Updated cups-filters packages are now available to correct this issue. For the stable distribution (stretch), this problem has been fixed in version 1.11.6-3+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted May 15, 2019 Share Posted May 15, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4443-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba CVE ID : CVE-2018-16860 Isaac Boukris and Andrew Bartlett discovered that the S4U2Self Kerberos extension used in Samba's Active Directory support was susceptible to man-in-the-middle attacks caused by incomplete checksum validation. Details can be found in the upstream advisory at https://www.samba.org/samba/security/CVE-2018-16860.html For the stable distribution (stretch), this problem has been fixed in version 2:4.5.16+dfsg-1+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4445-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : drupal7 CVE ID : CVE-2019-11831 It was discovered that incomplete validation in a Phar processing library embedded in Drupal, a fully-featured content management framework, could result in information disclosure. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2019-007. For the stable distribution (stretch), this problem has been fixed in version 7.52-2+deb9u9. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4444-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Debian Bug : 928125 Multiple researchers have discovered vulnerabilities in the way the Intel processor designs have implemented speculative forwarding of data filled into temporary microarchitectural structures (buffers). This flaw could allow an attacker controlling an unprivileged process to read sensitive information, including from the kernel and all other processes running on the system or cross guest/host boundaries to read host memory. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html for more details. To fully resolve these vulnerabilities it is also necessary to install updated CPU microcode. An updated intel-microcode package (only available in Debian non-free) will be provided via a separate DSA. The updated CPU microcode may also be available as part of a system firmware ("BIOS") update. In addition, this update includes a fix for a regression causing deadlocks inside the loopback driver, which was introduced by the update to 4.9.168 in the last Stretch point release. For the stable distribution (stretch), these problems have been fixed in version 4.9.168-1+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4446-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lemonldap-ng CVE ID : CVE-2019-12046 It was discovered that the Lemonldap::NG web SSO system performed insuffient validation of session tokens if the "tokenUseGlobalStorage" option is enabled, which could grant users with access to the main session database access to an anonymous session. For the stable distribution (stretch), this problem has been fixed in version 1.9.7-3+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted May 15, 2019 Share Posted May 15, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4447-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 15, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : intel-microcode CVE ID : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 This update ships updated CPU microcode for most types of Intel CPUs. It provides mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. To fully resolve these vulnerabilities it is also necessary to update the Linux kernel packages as released in DSA 4444. For the stable distribution (stretch), these problems have been fixed in version 3.20190514.1~deb9u1. 1 Link to comment Share on other sites More sharing options...
sunrat Posted May 24, 2019 Share Posted May 24, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4448-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 22, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2018-18511 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797 CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819 CVE-2019-9820 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11698 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For the stable distribution (stretch), these problems have been fixed in version 60.7.0esr-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4449-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 22, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ffmpeg CVE ID : CVE-2018-15822 CVE-2018-1999011 CVE-2019-9718 CVE-2019-11338 Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. For the stable distribution (stretch), these problems have been fixed in version 7:3.2.14-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted May 26, 2019 Share Posted May 26, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4450-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez May 24, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wpa CVE ID : CVE-2019-11555 Debian Bug : 927463 A vulnerability was found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point). The EAP-pwd implementation in hostapd (EAP server) and wpa_supplicant (EAP peer) doesn't properly validate fragmentation reassembly state when receiving an unexpected fragment. This could lead to a process crash due to a NULL pointer derefrence. An attacker in radio range of a station or access point with EAP-pwd support could cause a crash of the relevant process (wpa_supplicant or hostapd), ensuring a denial of service. For the stable distribution (stretch), this problem has been fixed in version 2:2.4-1+deb9u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4451-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 24, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2018-18511 CVE-2019-5798 CVE-2019-7317 CVE-2019-9797 CVE-2019-9800 CVE-2019-9816 CVE-2019-9817 CVE-2019-9819 CVE-2019-9820 CVE-2019-11691 CVE-2019-11692 CVE-2019-11693 CVE-2019-11698 Multiple security issues have been found in Thunderbird: Multiple vulnerabilities may lead to the execution of arbitrary code or denial of service. For the stable distribution (stretch), these problems have been fixed in version 1:60.7.0-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4452-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 24, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : jackson-databind CVE ID : CVE-2018-11307 CVE-2018-12022 CVE-2018-12023 CVE-2018-14718 CVE-2018-14719 CVE-2018-14720 CVE-2018-14721 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2019-12086 Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code. For the stable distribution (stretch), these problems have been fixed in version 2.8.6-1+deb9u5. Link to comment Share on other sites More sharing options...
sunrat Posted May 29, 2019 Share Posted May 29, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4453-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-8 CVE ID : CVE-2019-2602 CVE-2019-2684 CVE-2019-2698 Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service or sandbox bypass. For the stable distribution (stretch), these problems have been fixed in version 8u212-b03-2~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted May 31, 2019 Share Posted May 31, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4454-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 30, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : qemu CVE ID : CVE-2018-11806 CVE-2018-12617 CVE-2018-16872 CVE-2018-17958 CVE-2018-18849 CVE-2018-18954 CVE-2018-19364 CVE-2018-19489 CVE-2019-3812 CVE-2019-6778 CVE-2019-9824 CVE-2019-12155 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure. In addition this update backports support to passthrough the new md-clear CPU flag added in the intel-microcode update shipped in DSA 4447 to x86-based guests. For the stable distribution (stretch), these problems have been fixed in version 1:2.8+dfsg-6+deb9u6. Link to comment Share on other sites More sharing options...
sunrat Posted June 4, 2019 Share Posted June 4, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4455-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 03, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : heimdal CVE ID : CVE-2018-16860 CVE-2019-12098 Debian Bug : 928966 929064 Several vulnerabilities were discovered in Heimdal, an implementation of Kerberos 5 that aims to be compatible with MIT Kerberos. CVE-2018-16860 Isaac Boukris and Andrew Bartlett discovered that Heimdal was susceptible to man-in-the-middle attacks caused by incomplete checksum validation. Details on the issue can be found in the Samba advisory at https://www.samba.org/samba/security/CVE-2018-16860.html CVE-2019-12098 It was discovered that failure of verification of the PA-PKINIT-KX key exchange client-side could permit to perform man-in-the-middle attack. For the stable distribution (stretch), these problems have been fixed in version 7.1.0+dfsg-13+deb9u3. Link to comment Share on other sites More sharing options...
sunrat Posted June 6, 2019 Share Posted June 6, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4456-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 05, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : exim4 CVE ID : CVE-2019-10149 The Qualys Research Labs reported a flaw in Exim, a mail transport agent. Improper validation of the recipient address in the deliver_message() function may result in the execution of arbitrary commands. For the stable distribution (stretch), this problem has been fixed in version 4.89-2+deb9u4. Link to comment Share on other sites More sharing options...
sunrat Posted June 6, 2019 Share Posted June 6, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4454-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 06, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : qemu Debian Bug : 929067 Vincent Tondellier reported that the qemu update issued as DSA 4454-1 did not correctly backport the support to define the md-clear bit to allow mitigation of the MDS vulnerabilities. Updated qemu packages are now available to correct this issue. For the stable distribution (stretch), this problem has been fixed in version 1:2.8+dfsg-6+deb9u7. Link to comment Share on other sites More sharing options...
sunrat Posted June 8, 2019 Share Posted June 8, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4457-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond June 07, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : evolution CVE ID : CVE-2018-15587 Debian Bug : 924616 Hanno Böck discovered that Evolution was vulnerable to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted HTML email. This issue was mitigated by moving the security bar with encryption and signature information above the message headers. For the stable distribution (stretch), this problem has been fixed in version 3.22.6-1+deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted June 9, 2019 Share Posted June 9, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4458-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 08, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cyrus-imapd CVE ID : CVE-2019-11356 A flaw was discovered in the CalDAV feature in httpd of the Cyrus IMAP server, leading to denial of service or potentially the execution of arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. For the stable distribution (stretch), this problem has been fixed in version 2.5.10-3+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted June 11, 2019 Share Posted June 11, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4459-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 12, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vlc CVE ID : not yet available Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed. For the stable distribution (stretch), these problems have been fixed in version 3.0.7-0+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4460-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 12, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mediawiki CVE ID : CVE-2019-11358 CVE-2019-12466 CVE-2019-12467 CVE-2019-12468 CVE-2019-12469 CVE-2019-12470 CVE-2019-12471 CVE-2019-12472 CVE-2019-12473 CVE-2019-12474 Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work, which may result in authentication bypass, denial of service, cross-site scripting, information disclosure and bypass of anti-spam measures. For the stable distribution (stretch), these problems have been fixed in version 1:1.27.7-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4461-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 12, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : zookeeper CVE ID : CVE-2019-0201 Harrison Neil discovered that the getACL() command in Zookeeper, a service for maintaining configuration information, did not validate permissions, which could result in information disclosure. For the stable distribution (stretch), this problem has been fixed in version 3.4.9-3+deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted June 13, 2019 Share Posted June 13, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4462-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 13, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dbus CVE ID : CVE-2019-12749 Debian Bug : 930375 Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw to bypass authentication and connect to a DBusServer with elevated privileges. The standard system and session dbus-daemons in their default configuration are not affected by this vulnerability. The vulnerability was addressed by upgrading dbus to a new upstream version 1.10.28 which includes additional fixes. For the stable distribution (stretch), this problem has been fixed in version 1.10.28-0+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted June 14, 2019 Share Posted June 14, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4463-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : znc CVE ID : CVE-2019-9917 CVE-2019-12816 Debian Bug : 925285 Two vulnerabilities were discovered in the ZNC IRC bouncer which could result in remote code execution (CVE-2019-12816) or denial of service via invalid encoding (CVE-2019-9917). For the stable distribution (stretch), these problems have been fixed in version 1.6.5-1+deb9u2. Link to comment Share on other sites More sharing options...
sunrat Posted June 16, 2019 Share Posted June 16, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4464-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 15, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read. For the stable distribution (stretch), these problems have been fixed in version 1:60.7.1-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted June 18, 2019 Share Posted June 18, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4465-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 17, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2019-3846 CVE-2019-5489 CVE-2019-9500 CVE-2019-9503 CVE-2019-10126 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11599 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 Debian Bug : 928989 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3846, CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi (mwifiex) driver, which a local user could use to cause denial of service or the execution of arbitrary code. CVE-2019-5489 Daniel Gruss, Erik Kraft, Tri****a Tiwari, Michael Schwarz, Ari Trachtenberg, Jason Hennessey, Alex Ionescu, and Anders Fogh discovered that local users could use the mincore() system call to obtain sensitive information from other processes that access the same memory-mapped file. CVE-2019-9500, CVE-2019-9503 Hugues Anguelkov discovered a buffer overflow and missing access validation in the Broadcom FullMAC wifi driver (brcmfmac), which a attacker on the same wifi network could use to cause denial of service or the execution of arbitrary code. CVE-2019-11477 Jonathan Looney reported that a specially crafted sequence of TCP selective acknowledgements (SACKs) allows a remotely triggerable kernel panic. CVE-2019-11478 Jonathan Looney reported that a specially crafted sequence of TCP selective acknowledgements (SACKs) will fragment the TCP retransmission queue, allowing an attacker to cause excessive resource usage. CVE-2019-11479 Jonathan Looney reported that an attacker could force the Linux kernel to segment its responses into multiple TCP segments, each of which contains only 8 bytes of data, drastically increasing the bandwidth required to deliver the same amount of data. This update introduces a new sysctl value to control the minimal MSS (net.ipv4.tcp_min_snd_mss), which by default uses the formerly hard- coded value of 48. We recommend raising this to 536 unless you know that your network requires a lower value. CVE-2019-11486 Jann Horn of Google reported numerous race conditions in the Siemens R3964 line discipline. A local user could use these to cause unspecified security impact. This module has therefore been disabled. CVE-2019-11599 Jann Horn of Google reported a race condition in the core dump implementation which could lead to a use-after-free. A local user could use this to read sensitive information, to cause a denial of service (memory corruption), or for privilege escalation. CVE-2019-11815 It was discovered that a use-after-free in the Reliable Datagram Sockets protocol could result in denial of service and potentially privilege escalation. This protocol module (rds) is not auto- loaded on Debian systems, so this issue only affects systems where it is explicitly loaded. CVE-2019-11833 It was discovered that the ext4 filesystem implementation writes uninitialised data from kernel memory to new extent blocks. A local user able to write to an ext4 filesystem and then read the filesystem image, for example using a removable drive, might be able to use this to obtain sensitive information. CVE-2019-11884 It was discovered that the Bluetooth HIDP implementation did not ensure that new connection names were null-terminated. A local user with CAP_NET_ADMIN capability might be able to use this to obtain sensitive information from the kernel stack. For the stable distribution (stretch), these problems have been fixed in version 4.9.168-1+deb9u3. 1 Link to comment Share on other sites More sharing options...
sunrat Posted June 18, 2019 Share Posted June 18, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4466-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2019-11707 Samuel Gross discovered a type confusion bug in the Javascript engine of the Mozilla Firefox web browser, which could result in the execution of arbitrary code when browsing a malicious website. For the stable distribution (stretch), this problem has been fixed in version 60.7.1esr-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4467-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vim CVE ID : CVE-2019-12735 User "Arminius" discovered a vulnerability in Vim, an enhanced version of the standard UNIX editor Vi (Vi IMproved). The "Common vulnerabilities and exposures project" identifies the following problem: Editors typically provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened, while harmful commands are filtered by a sandbox mechanism. It was discovered that the "source" command (used to include and execute another file) was not filtered, allowing shell command execution with a carefully crafted file opened in Vim. For the stable distribution (stretch), this problem has been fixed in version 8.0.0197-4+deb9u2. Link to comment Share on other sites More sharing options...
Recommended Posts