sunrat Posted January 14, 2013 Share Posted January 14, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2606-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst January 13, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : proftpd-dfsg Vulnerability : symlink race Problem type : local Debian-specific: no CVE ID : CVE-2012-6095 Debian Bug : 697524 It has been discovered that in ProFTPd, an FTP server, an attacker on the same physical host as the server may be able to perform a symlink attack allowing to elevate privileges in some configurations. For the stable distribution (squeeze), this problem has been fixed in version 1.3.3a-6squeeze5. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 1.3.4a-3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2605-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst January 13, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : asterisk Vulnerability : several issues Problem type : remote Debian-specific: no CVE ID : CVE-2012-5976 CVE-2012-5977 Debian Bug : 697230 Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, that allow remote attackers to perform denial of service attacks. For the stable distribution (squeeze), these problems have been fixed in version 1:1.6.2.9-2+squeeze9. For the testing distribution (wheezy) and unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted January 16, 2013 Share Posted January 16, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2607-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 15, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : qemu-kvm Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2012-6075 Debian Bug : 696051 It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames (which it will by default). For the stable distribution (squeeze), this problem has been fixed in version 0.12.5+dfsg-5+squeeze10. For the unstable distribution (sid), this problem has been fixed in version 1.1.2+dfsg-4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2608-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 15, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : qemu Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2012-6075 Debian Bug : 696051 It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames (which it will by default). For the stable distribution (squeeze), this problem has been fixed in version 0.12.5+dfsg-3squeeze3. For the unstable distribution (sid), this problem has been fixed in version 1.1.2+dfsg-4. Link to comment Share on other sites More sharing options...
sunrat Posted January 17, 2013 Share Posted January 17, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2609-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 16, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rails Vulnerability : SQL query manipulation Problem type : remote Debian-specific: no CVE ID : CVE-2013-0155 An interpretation conflict can cause the Active Record component of Rails, a web framework for the Ruby programming language, to truncate queries in unexpected ways. This may allow attackers to elevate their privileges. For the stable distribution (squeeze), this problem has been fixed in version 2.3.5-1.2+squeeze5. Link to comment Share on other sites More sharing options...
sunrat Posted January 20, 2013 Share Posted January 20, 2013 ------------------------------------------------------------------------ Debian Security Advisory DSA-2605-2 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst January 19, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : asterisk Vulnerability : several issues Problem type : remote Debian-specific: no CVE ID : CVE-2012-5976 CVE-2012-5977 Debian Bug : 697230 698112 698118 The security update released in DSA 2605 for Asterisk, caused a regression that could lead to crashes. Updated packages have now been made available to correct that behaviour. For reference, the original advisory text follows. Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, that allow remote attackers to perform denial of service attacks. For the stable distribution (squeeze), these problems have been fixed in version 1:1.6.2.9-2+squeeze10. For the testing distribution (wheezy) and unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted January 22, 2013 Share Posted January 22, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2610-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez January 21, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ganglia Vulnerability : arbitrary script execution Problem type : remote Debian-specific: no CVE ID : CVE-2012-3448 Debian Bug : 683584 Insufficient input sanitization in Ganglia, a web based monitoring system, could lead to remote PHP script execution with permissions of the user running the web browser. For the stable distribution (squeeze), this problem has been fixed in version 3.1.7-1+squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 3.3.8-1. For the unstable distribution (sid), this problem has been fixed in version 3.3.8-1. Link to comment Share on other sites More sharing options...
sunrat Posted January 22, 2013 Share Posted January 22, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2611-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez January 22, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : movabletype-opensource Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-0209 Debian Bug : 697666 An input sanitation problem has been found in upgrade functions of movabletype-opensource, a web-based publishing platform. Using carefully crafted requests to the mt-upgrade.cgi file, it would be possible to inject OS command and SQL queries. For the stable distribution (squeeze), this problem has been fixed in version 4.3.8+dfsg-0+squeeze3. For the testing distribution (wheezy), this problem has been fixed in version 5.1.2+dfsg-1. For the unstable distribution (sid), this problem has been fixed in version 5.1.2+dfsg-1. Link to comment Share on other sites More sharing options...
sunrat Posted January 25, 2013 Share Posted January 25, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2612-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff January 24, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ircd-ratbox Vulnerability : programming error Problem type : remote Debian-specific: no CVE ID : CVE-2012-6084 It was discovered that a bug in the server capability negotiation code of ircd-ratbox could result in denial of service. For the stable distribution (squeeze), this problem has been fixed in version 3.0.6.dfsg-2squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 3.0.7.dfsg-3. For the unstable distribution (sid), this problem has been fixed in version 3.0.7.dfsg-3. Link to comment Share on other sites More sharing options...
sunrat Posted January 30, 2013 Share Posted January 30, 2013 ------------------------------------------------------------------------- Debian Security Advisory DSA-2613-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst January 29, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rails Vulnerability : insufficient input validation Problem type : remote Debian-specific: no CVE ID : CVE-2013-0333 Debian Bug : 699226 Lawrence Pit discovered that Ruby on Rails, a web development framenwork, is vulnerable to a flaw in the parsing of JSON to YAML. Using a specially crafted payload attackers can trick the backend into decoding a subset of YAML. The vulnerability has been addressed by removing the YAML backend and adding the OkJson backend. For the stable distribution (squeeze), this problem has been fixed in version 2.3.5-1.2+squeeze6. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 2.3.14-6 of the ruby-activesupport-2.3 package. The 3.2 version of rails as found in Debian wheezy and sid is not affected by the problem. Link to comment Share on other sites More sharing options...
sunrat Posted February 3, 2013 Share Posted February 3, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2614-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez February 01, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libupnp Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2012-5961 CVE-2012-5962 CVE-2012-5963 CVE-2012-5964 CVE-2012-5965 Debian Bug : 699316 Multiple stack-based buffer overflows were discovered in libupnp, a library used for handling the Universal Plug and Play protocol. HD Moore from Rapid7 discovered that SSDP queries where not correctly handled by the unique_service_name() function. An attacker sending carefully crafted SSDP queries to a daemon built on libupnp could generate a buffer overflow, overwriting the stack, leading to the daemon crash and possible remote code execution. For the stable distribution (squeeze), these problems have been fixed in version 1:1.6.6-5+squeeze1. For the testing distribution (wheezy), these problems have been fixed in version 1:1.6.17-1.2. For the unstable distribution (sid), these problems have been fixed in version 1:1.6.17-1.2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2615-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez February 01, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libupnp4 Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2012-5961 CVE-2012-5962 CVE-2012-5963 CVE-2012-5964 CVE-2012-5965 Debian Bug : 699459 Multiple stack-based buffer overflows were discovered in libupnp4, a library used for handling the Universal Plug and Play protocol. HD Moore from Rapid7 discovered that SSDP queries where not correctly handled by the unique_service_name() function. An attacker sending carefully crafted SSDP queries to a daemon built on libupnp4 could generate a buffer overflow, overwriting the stack, leading to the daemon crash and possible remote code execution. For the stable distribution (squeeze), these problems have been fixed in version 1.8.0~svn20100507-1+squeeze1. For the testing distribution (wheezy), these problems have been fixed in version 1.8.0~svn20100507-1.2. For the unstable distribution (sid), these problems have been fixed in version 1.8.0~svn20100507-1.2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2617-1 security@debian.org http://www.debian.org/security/ Luciano Bello February 02, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : samba Vulnerability : several issues Problem type : remote Debian-specific: no CVE ID : CVE-2013-0213 CVE-2013-0214 Jann Horn had reported two vulnerabilities in Samba, a popular cross-platform network file and printer sharing suite. In particular, these vulnerabilities affect to SWAT, the Samba Web Administration Tool. CVE-2013-0213: Clickjacking issue in SWAT An attacker can integrate a SWAT page into a malicious web page via a frame or iframe and then overlaid by other content. If an authenticated valid user interacts with this malicious web page, she might perform unintended changes in the Samba settings. CVE-2013-0214: Potential Cross-site request forgery An attacker can persuade a valid SWAT user, who is logged in, to click in a malicious link and trigger arbitrary unintended changes in the Samba settings. For the stable distribution (squeeze), these problems have been fixed in version 3.5.6~dfsg-3squeeze9. For the testing distribution (wheezy), these problems have been fixed in version 2:3.6.6-5. For the unstable distribution (sid), these problems have been fixed in version 2:3.6.6-5. Link to comment Share on other sites More sharing options...
sunrat Posted February 3, 2013 Share Posted February 3, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2616-1 security@debian.org http://www.debian.org/security/ Jonathan Wiltshire February 03, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nagios3 Vulnerability : buffer overflow in CGI scripts Problem type : remote Debian-specific: no CVE ID : CVE-2012-6096 Debian Bug : 697930 A buffer overflow problem has been found in nagios3, a host/service/network monitoring and management system. A mailicious client could craft a request to history.cgi and cause application crashes. For the stable distribution (squeeze), this problem has been fixed in version 3.2.1-2+squeeze1. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 3.4.1-3. Link to comment Share on other sites More sharing options...
sunrat Posted February 7, 2013 Share Posted February 7, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2618-1 security@debian.org http://www.debian.org/security/ Luciano Bello February 07, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ircd-hybrid Vulnerability : denial of service Problem type : remote Debian-specific: no CVE ID : CVE-2013-0238 Debian Bug : 699267 Bob Nomnomnom reported a Denial of Service vulnerability in IRCD-Hybrid, an Internet Relay Chat server. A remote attacker may use an error in the masks validation and crash the server. For the stable distribution (squeeze), this problem has been fixed in version 7.2.2.dfsg.2-6.2+squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 1:7.2.2.dfsg.2-10. For the unstable distribution (sid), this problem has been fixed in version 1:7.2.2.dfsg.2-10. Link to comment Share on other sites More sharing options...
sunrat Posted February 10, 2013 Share Posted February 10, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2619-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff February 10, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen-qemu-dm-4.0 Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2012-6075 A buffer overflow was found in the e1000e emulation, which could be triggered when processing jumbo frames. For the stable distribution (squeeze), this problem has been fixed in version 4.0.1-2+squeeze3. For the unstable distribution (sid), this problem has been fixed in version 4.1.3-8 of the xen source package. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2612-2 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff February 10, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ircd-ratbox Vulnerability : programming error Problem type : remote Debian-specific: no CVE ID : CVE-2012-6084 This update to the previous ircd-ratbox DSA only raises the version number to ensure that a higher version is used than a previously binNMU on some architectures. For the stable distribution (squeeze), this problem has been fixed in version 3.0.6.dfsg-2+squeeze1. Link to comment Share on other sites More sharing options...
sunrat Posted February 13, 2013 Share Posted February 13, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2620-1 security@debian.org http://www.debian.org/security/ Florian Weimer February 12, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rails Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-0276 CVE-2013-0277 Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development. CVE-2013-0276 The blacklist provided by the attr_protected method could be bypassed with crafted requests, having an application-specific impact. CVE-2013-0277 In some applications, the +serialize+ helper in ActiveRecord could be tricked into deserializing arbitrary YAML data, possibly leading to remote code execution. For the stable distribution (squeeze), these problems have been fixed in version 2.3.5-1.2+squeeze7. Link to comment Share on other sites More sharing options...
sunrat Posted February 13, 2013 Share Posted February 13, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2621-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst February 13, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-0166 CVE-2013-0169 Debian Bug : 699889 Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-0166 OpenSSL does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service via an invalid key. CVE-2013-0169 A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the "Lucky Thirteen" issue. For the stable distribution (squeeze), these problems have been fixed in version 0.9.8o-4squeeze14. For the testing distribution (wheezy), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 1.0.1e-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2622-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst February 13, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : polarssl Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-0169 CVE-2013-1621 CVE-2013-1622 Debian Bug : 699887 Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-0169 A timing side channel attack has been found in CBC padding allowing an attacker to recover pieces of plaintext via statistical analysis of crafted packages, known as the "Lucky Thirteen" issue. CVE-2013-1621 An array index error might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session CVE-2013-1622 Malformed CBC data in a TLS session could allow remote attackers to conduct distinguishing attacks via statistical analysis of timing side-channel data for crafted packets. For the stable distribution (squeeze), these problems have been fixed in version 0.12.1-1squeeze1. For the testing distribution (wheezy), and the unstable distribution (sid), these problems have been fixed in version 1.1.4-2. Link to comment Share on other sites More sharing options...
sunrat Posted February 15, 2013 Share Posted February 15, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2623-1 security@debian.org http://www.debian.org/security/ Florian Weimer February 14, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openconnect Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2012-6128 Kevin Cernekee discovered that a malicious VPN gateway can send crafted responses which trigger stack-based buffer overflows. For the stable distribution (squeeze), this problem has been fixed in version 2.25-0.1+squeeze2. Link to comment Share on other sites More sharing options...
sunrat Posted February 17, 2013 Share Posted February 17, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2624-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff February 16, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ffmpeg Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-0858 CVE-2012-2777 CVE-2012-2783 CVE-2012-2784 CVE-2012-2788 CVE-2012-2801 CVE-2012-2803 Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Shorten, Chines AVS video, VP5, VP6, AVI, AVS and MPEG-1/2 files could lead to the execution of arbitrary code. Most of these issues were discovered by Mateusz Jurczyk and Gynvael Coldwind. For the stable distribution (squeeze), these problems have been fixed in version 4:0.5.10-1. For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 6:0.8.5-1 of the source package libav. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2625-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff February 17, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-1582 CVE-2013-1586 CVE-2013-1588 CVE-2013-1590 Multiple vulnerabilities were discovered in the dissectors for the CLNP, DTLS, DCP-ETSI and NTLMSSP protocols, which could result in denial of service or the execution of arbitrary code. For the stable distribution (squeeze), these problems have been fixed in version 1.2.11-6+squeeze9. For the unstable distribution (sid), these problems will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted February 18, 2013 Share Posted February 18, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2626-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst February 17, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lighttpd Vulnerability : several issues Problem type : remote Debian-specific: no CVE ID : CVE-2009-3555 CVE-2012-4929 Debian Bug : 700399 Several vulnerabilities were discovered in the TLS/SSL protocol. This update addresses these protocol vulnerabilities in lighttpd. CVE-2009-3555 Marsh Ray, Steve Dispensa, and Martin Rex discovered that the TLS and SSLv3 protocols do not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions. This issue is solved in lighttpd by disabling client initiated renegotiation by default. Those users that do actually need such renegotiations, can reenable them via the new 'ssl.disable-client-renegotiation' parameter. CVE-2012-4929 Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed 'CRIME', allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update disables compression. For the stable distribution (squeeze), these problems have been fixed in version 1.4.28-2+squeeze1.2. For the testing distribution (wheezy), and the unstable distribution (sid) these problems have been fixed in version 1.4.30-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2627-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst February 17, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nginx Vulnerability : information leak Problem type : remote Debian-specific: no CVE ID : CVE-2012-4929 Debian Bug : 700426 Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed 'CRIME', allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update to nginx disables SSL compression. For the stable distribution (squeeze), this problem has been fixed in version 0.7.67-3+squeeze3. For the testing distribution (wheezy), and unstable distribution (sid), this problem has been fixed in version 1.1.16-1. Link to comment Share on other sites More sharing options...
sunrat Posted February 19, 2013 Share Posted February 19, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2628-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff February 18, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nss-pam-ldapd Vulnerability : buffer overflow Problem type : local (remote) Debian-specific: no CVE ID : CVE-2013-0288 Debian Bug : 690319 Garth Mollett discovered that a file descriptor overflow issue in the use of FD_SET() in nss-pam-ldapd, which provides NSS and PAM modules for using LDAP as a naming service, can lead to a stack-based buffer overflow. An attacker could, under some circumstances, use this flaw to cause a process that has the NSS or PAM module loaded to crash or potentially execute arbitrary code. For the stable distribution (squeeze) this problem has been fixed in version 0.7.15+squeeze3. For the testing distribution (wheezy), this problem has been fixed in version 0.8.10-3. For the unstable distribution (sid), this problem has been fixed in version 0.8.10-3. Link to comment Share on other sites More sharing options...
sunrat Posted February 20, 2013 Share Posted February 20, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2630-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff February 20, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : postgresql-8.4 Vulnerability : programming error Problem type : remote Debian-specific: no CVE ID : CVE-2013-0255 Sumit Soni discovered that PostgreSQL,an object-relational SQL database, could be forced to crash when an internal function was called with invalid arguments, resulting in denial of service. For the stable distribution (squeeze), this problem has been fixed in version 8.4.16-0squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 8.4.16-1. For the unstable distribution (sid), this problem has been fixed in version 8.4.16-1. Link to comment Share on other sites More sharing options...
sunrat Posted February 24, 2013 Share Posted February 24, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2630-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso February 24, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : squid3 Vulnerability : denial of service Problem type : remote Debian-specific: no CVE ID : CVE-2012-5643 CVE-2013-0189 Debian Bug : 696187 Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi: CVE-2012-5643 squid's cachemgr.cgi was vulnerable to excessive resource use. A remote attacker could exploit this flaw to perform a denial of service attack on the server and other hosted services. CVE-2013-0189 The original patch for CVE-2012-5643 was incomplete. A remote attacker still could exploit this flaw to perform a denial of service attack. For the stable distribution (squeeze), these problems have been fixed in version 3.1.6-1.2+squeeze3. For the testing distribution (wheezy), these problems have been fixed in version 3.1.20-2.1. For the unstable distribution (sid), these problems have been fixed in version 3.1.20-2.1. Link to comment Share on other sites More sharing options...
sunrat Posted February 25, 2013 Share Posted February 25, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2629-1 security@debian.org http://www.debian.org/security/ Michael Gilbert February 25, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjpeg Vulnerability : several issues Problem type : local (remote) Debian-specific: no CVE ID : CVE-2009-5030 CVE-2012-3358 CVE-2012-3535 Debian Bug : 672455 681075 685970 CVE-2009-5030 Heap memory corruption leading to invalid free when processing certain Gray16 TIFF images. CVE-2012-3358 Huzaifa Sidhpurwala of the Red Hat Security Response Team found a heap-based buffer overflow in JPEG2000 image parsing. CVE-2012-3535 Huzaifa Sidhpurwala of the Red Hat Security Response Team found a heap-based buffer overflow when decoding JPEG2000 images. For the stable distribution (squeeze), these problems have been fixed in version 1.3+dfsg-4+squeeze1. For the testing (wheezy) and unstable (sid) distributions, these problems have been fixed in version 1.3+dfsg-4.6. Link to comment Share on other sites More sharing options...
sunrat Posted February 28, 2013 Share Posted February 28, 2013 - ------------------------------ ------------------------------------------- Debian Security Advisory DSA-2634-1 security@debian.org http://www.debian.org/security/ Nico Golde February 27, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-4520 CVE-2013-0305 CVE-2013-0306 CVE-2013-1665 Debian Bug : 701186 696535 691145 Several vulnerabilities have been discovered in python-django, a high-level python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-4520 James Kettle discovered that django did not properly filter the HTTP Host header when processing certain requests. An attacker could exploit this to generate and cause parts of django, particularly the password-reset mechanism, to display arbitrary URLs to users. CVE-2013-0305 Orange Tsai discovered that the bundled administrative interface of django could expose supposedly-hidden information via its history log. CVE-2013-0306 Mozilla discovered that an attacker can abuse django's tracking of the number of forms in a formset to cause a denial-of-service attack due to extreme memory consumption. CVE-2013-1665 Michael Koziarski discovered that django's XML deserialization is vulnerable to entity-expansion and external-entity/DTD attacks. For the stable distribution (squeeze), these problems have been fixed in version 1.2.3-3+squeeze5. For the testing distribution (wheezy), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 1.4.4-1. - ------------------------------ ------------------------------------------- Debian Security Advisory DSA-2633-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez February 26, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : fusionforge Vulnerability : privilege escalation Problem type : remote Debian-specific: no CVE ID : CVE-2013-1423 Debian Bug : Helmut Grohne discovered multiple privilege escalation flaws in FusionForge, a web-based project-management and collaboration software. Most of the vulnerabilities are related to the bad handling of privileged operations on user-controlled files or directories. For the stable distribution (squeeze), this problem has been fixed in version 5.0.2-5+squeeze2. For the testing (wheezy) and unstable (sid) distribution, theses problems will be fixed soon. - ------------------------------ ---------------------------------------- Debian Security Advisory DSA-2632-1 security@debian.org http://www.debian.org/security/ Dann Frazier February 25, 2013 http://www.debian.org/security/faq - ---------------------------------------------------------------------- Package : linux-2.6 Vulnerability : privilege escalation/denial of service Problem type : local Debian-specific: no CVE Id(s) : CVE-2013-0231 CVE-2013-0871 Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-0231 Jan Beulich provided a fix for an issue in the Xen PCI backend drivers. Users of guests on a system using passed-through PCI devices can create a denial of service of the host system due to the use of non-ratelimited kernel log messages. CVE-2013-0871 Suleiman Souhlal and Salman Qazi of Google, with help from Aaron Durbin and Michael Davidson of Google, discovered an issue in the ptrace subsystem. Due to a race condition with PTRACE_SETREGS, local users can cause kernel stack corruption and execution of arbitrary code. For the stable distribution (squeeze), this problem has been fixed in version 2.6.32-48squeeze1. The following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update: Debian 6.0 (squeeze) user-mode-linux 2.6.32-1um-4+48squeeze1 We recommend that you upgrade your linux-2.6 and user-mode-linux packages. Link to comment Share on other sites More sharing options...
sunrat Posted March 3, 2013 Share Posted March 3, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2635-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso March 1, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cfingerd Vulnerability : buffer overflow Problem type : remote Debian-specific: yes CVE ID : CVE-2013-1049 Debian Bug : 700098 Malcolm Scott discovered a remote-exploitable buffer overflow in the rfc1413 (ident) client of cfingerd, a configurable finger daemon. This vulnerability was introduced in a previously applied patch to the cfingerd package in 1.4.3-3. For the stable distribution (squeeze), this problem has been fixed in version 1.4.3-3+squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 1.4.3-3.1. For the unstable distribution (sid), this problem has been fixed in version 1.4.3-3.1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2636-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 01, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-4544 CVE-2012-5511 CVE-2012-5634 CVE-2013-0153 Debian Bug : Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-4544 Insufficient validation of kernel or ramdisk sizes in the Xen PV domain builder could result in denial of service. CVE-2012-5511 Several HVM control operations performed insufficient validation of input, which could result in denial of service through resource exhaustion. CVE-2012-5634 Incorrect interrupt handling when using VT-d hardware could result in denial of service. CVE-2013-0153 Insufficient restriction of interrupt access could result in denial of service. For the stable distribution (squeeze), these problems have been fixed in version 4.0.1-5.7. For the testing distribution (wheezy), these problems have been fixed in version 4.1.4-2. For the unstable distribution (sid), these problems have been fixed in version 4.1.4-2. Link to comment Share on other sites More sharing options...
sunrat Posted March 3, 2013 Share Posted March 3, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2636-2 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 03, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-4544 CVE-2012-5511 CVE-2012-5634 CVE-2013-0153 A regression in combination with pygrub has been discovered. For the stable distribution (squeeze), these problems have been fixed in version 4.0.1-5.8. Link to comment Share on other sites More sharing options...
sunrat Posted March 10, 2013 Share Posted March 10, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2637-1 security@debian.org http://www.debian.org/security/ Stefan Fritsch March 04, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apache2 Vulnerability : several issues Problem type : remote Debian-specific: no CVE ID : CVE-2012-3499 CVE-2012-4558 CVE-2013-1048 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2012-3499 The modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp did not properly escape hostnames and URIs in HTML output, causing cross site scripting vulnerabilities. CVE-2012-4558 Mod_proxy_balancer did not properly escape hostnames and URIs in its balancer-manager interface, causing a cross site scripting vulnerability. CVE-2013-1048 Hayawardh Vijayakumar noticed that the apache2ctl script created the lock directory in an unsafe manner, allowing a local attacker to gain elevated privileges via a symlink attack. This is a Debian specific issue. For the stable distribution (squeeze), these problems have been fixed in version 2.2.16-6+squeeze11. For the testing distribution (wheezy), these problems will be fixed in version 2.2.22-13. For the unstable distribution (sid), these problems will be fixed in version 2.2.22-13. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2638-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 04, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openafs Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2013-1794 CVE-2013-1795 Multiple buffer overflows were discovered in OpenAFS, the implementation of the distributed filesystem AFS, which might result in denial of service or the execution of arbitrary code. Further information is available at http://www.openafs.org/security. For the stable distribution (squeeze), this problem has been fixed in version 1.4.12.1+dfsg-4+squeeze1. For the unstable distribution (sid), this problem has been fixed in version 1.6.1-3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2639-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst March 05, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-1635 CVE-2013-1643 Debian Bug : 702221 Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-1635 If a PHP application accepted untrusted SOAP object input remotely from clients, an attacker could read system files readable for the webserver. CVE-2013-1643 The soap.wsdl_cache_dir function did not take PHP open_basedir restrictions into account. Note that Debian advises against relying on open_basedir restrictions for security. For the stable distribution (squeeze), these problems have been fixed in version 5.3.3-7+squeeze15. For the testing distribution (wheezy), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 5.4.4-14. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2642-1 security@debian.org http://www.debian.org/security/ Michael Gilbert March 09, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : sudo Vulnerability : several issues Problem type : remote Debian-specific: no CVE ID : CVE-2013-1775 CVE-2013-1776 Debian Bug : 701838 701839 Several vulnerabilities have been discovered in sudo, a program designed to allow a sysadmin to give limited root privileges to users. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1775 Marco Schoepl discovered an authentication bypass when the clock is set to the UNIX epoch [00:00:00 UTC on 1 January 1970]. CVE-2013-1776 Ryan Castellucci and James Ogden discovered aspects of an issue that would allow session id hijacking from another authorized tty. For the stable distribution (squeeze), these problems have been fixed in version 1.7.4p4-2.squeeze.4. For the testing (wheezy) and unstable (sid) distributions, these problems have been fixed in version 1.8.5p2-1+nmu1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2641-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso March 09, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : perl Vulnerability : rehashing flaw Problem type : remote Debian-specific: no CVE ID : CVE-2013-1667 Debian Bug : 702296 Yves Orton discovered a flaw in the rehashing code of Perl. This flaw could be exploited to carry out a denial of service attack against code that uses arbitrary user input as hash keys. Specifically an attacker could create a set of keys of a hash causing a denial of service via memory exhaustion. For the stable distribution (squeeze), this problem has been fixed in version 5.10.1-17squeeze6. For the testing distribution (wheezy), and the unstable distribution (sid), this problem has been fixed in version 5.14.2-19. Link to comment Share on other sites More sharing options...
sunrat Posted March 13, 2013 Share Posted March 13, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2643-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez March 12, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : puppet Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654 CVE-2013-1655 CVE-2013-2274 CVE-2013-2275 Debian Bug : Multiple vulnerabilities were discovered in Puppet, a centralized configuration management system. CVE-2013-1640 An authenticated malicious client may request its catalog from the puppet master, and cause the puppet master to execute arbitrary code. The puppet master must be made to invoke the `template` or `inline_template` functions during catalog compilation. CVE-2013-1652 An authenticated malicious client may retrieve catalogs from the puppet master that it is not authorized to access. Given a valid certificate and private key, it is possible to construct an HTTP GET request that will return a catalog for an arbitrary client. CVE-2013-1653 An authenticated malicious client may execute arbitrary code on Puppet agents that accept kick connections. Puppet agents are not vulnerable in their default configuration. However, if the Puppet agent is configured to listen for incoming connections, e.g. listen = true, and the agent's auth.conf allows access to the `run` REST endpoint, then an authenticated client can construct an HTTP PUT request to execute arbitrary code on the agent. This issue is made worse by the fact that puppet agents typically run as root. CVE-2013-1654 A bug in Puppet allows SSL connections to be downgraded to SSLv2, which is known to contain design flaw weaknesses This affects SSL connections between puppet agents and master, as well as connections that puppet agents make to third party servers that accept SSLv2 connections. Note that SSLv2 is disabled since OpenSSL 1.0. CVE-2013-1655 An unauthenticated malicious client may send requests to the puppet master, and have the master load code in an unsafe manner. It only affects users whose puppet masters are running ruby 1.9.3 and above. CVE-2013-2274 An authenticated malicious client may execute arbitrary code on the puppet master in its default configuration. Given a valid certificate and private key, a client can construct an HTTP PUT request that is authorized to save the client's own report, but the request will actually cause the puppet master to execute arbitrary code. CVE-2013-2275 The default auth.conf allows an authenticated node to submit a report for any other node, which is a problem for compliance. It has been made more restrictive by default so that a node is only allowed to save its own report. For the stable distribution (squeeze), these problems have been fixed in version 2.6.2-5+squeeze7. For the testing distribution (wheezy), these problems have been fixed in version 2.7.18-3. For the unstable distribution (sid), these problems have been fixed in version 2.7.18-3. Link to comment Share on other sites More sharing options...
sunrat Posted March 15, 2013 Share Posted March 15, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2644-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 14, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-2478 CVE-2013-2480 CVE-2013-2481 CVE-2013-2483 CVE-2013-2484 CVE-2013-2488 Multiple vulnerabilities were discovered in the dissectors for the MS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could result in denial of service or the execution of arbitrary code. For the stable distribution (squeeze), these problems have been fixed in version 1.2.11-6+squeeze10. For the unstable distribution (sid), these problems have been fixed in version 1.8.2-5. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2640-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso March 14, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : zoneminder Vulnerability : several issues Problem type : remote Debian-specific: no CVE ID : CVE-2013-0232 CVE-2013-0332 Debian Bug : 698910 700912 Multiple vulnerabilities were discovered in zoneminder, a Linux video camera security and surveillance solution. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-0232 Brendan Coles discovered that zoneminder is prone to an arbitrary command execution vulnerability. Remote (authenticated) attackers could execute arbitrary commands as the web server user. CVE-2013-0332 zoneminder is prone to a local file inclusion vulnerability. Remote attackers could examine files on the system running zoneminder. For the stable distribution (squeeze), these problems have been fixed in version 1.24.2-8+squeeze1. For the testing distribution (wheezy), these problems have been fixed in version 1.25.0-4. For the unstable distribution (sid), these problems have been fixed in version 1.25.0-4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2645-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez March 14, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : inetutils Vulnerability : denial of service Problem type : remote Debian-specific: no CVE ID : CVE-2010-2529 Debian Bug : Ovidiu Mara reported in 2010 a vulnerability in the ping util, commonly used by system and network administrators. By carefully crafting ICMP responses, an attacker could make the ping command hangs. For the stable distribution (squeeze), this problem has been fixed in version 2:1.6-3.1+squeeze2. For the testing distribution (wheezy), this problem has been fixed in version 2:1.9-2. For the unstable distribution (sid), this problem has been fixed in version 2:1.9-2. Link to comment Share on other sites More sharing options...
sunrat Posted March 15, 2013 Share Posted March 15, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2647-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firebird2.1 Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2013-2492 Debian Bug : 702735 A buffer overflow was discovered in the Firebird database server, which could result in the execution of arbitrary code. For the stable distribution (squeeze), this problem has been fixed in version 2.1.3.18185-0.ds1-11+squeeze1. For the testing distribution (wheezy), firebird2.1 will be removed in favour of firebird2.5. For the unstable distribution (sid), firebird2.1 will be removed in favour of firebird2.5. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2648-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firebird2.5 Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2012-5529 CVE-2013-2492 A buffer overflow was discovered in the Firebird database server, which could result in the execution of arbitrary code. In addition, a denial of service vulnerability was discovered in the TraceManager. For the stable distribution (squeeze), these problems have been fixed in version 2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze1. For the testing distribution (wheezy), these problems will be fixed soon. For the unstable distribution (sid), these problems will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2646-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez March 15, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : typo3-src Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2013-1842 CVE-2013-1843 Debian Bug : 702574 Typo3, a PHP-based content management system, was found vulnerable to several vulnerabilities. CVE-2013-1842 Helmut Hummel and Markus Opahle discovered that the Extbase database layer was not correctly sanitizing user input when using the Query object model. This can lead to SQL injection by a malicious user inputing crafted relation values. CVE-2013-1843 Missing user input validation in the access tracking mechanism could lead to arbitrary URL redirection. . Note: the fix will break already published links. Upstream advisory on http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/ has more information on how to mitigate that. For the stable distribution (squeeze), these problems have been fixed in version 4.3.9+dfsg1-1+squeeze8. For the testing distribution (wheezy), these problems have been fixed in version 4.5.19+dfsg1-5. For the unstable distribution (sid), these problems have been fixed in version 4.5.19+dfsg1-5. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2649-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez March 15, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lighttpd Vulnerability : fixed socket name in world-writable directory Problem type : local Debian-specific: yes CVE ID : CVE-2013-1427 Debian Bug : Stefan Bühler discovered that the Debian specific configuration file for lighttpd webserver FastCGI PHP support used a fixed socket name in the world-writable /tmp directory. A symlink attack or a race condition could be exploited by a malicious user on the same machine to take over the PHP control socket and for example force the webserver to use a different PHP version. As the fix is in a configuration file lying in /etc, the update won't be enforced if the file has been modified by the administrator. In that case, care should be taken to manually apply the fix. For the stable distribution (squeeze), this problem has been fixed in version 1.4.28-2+squeeze1.3. For the testing distribution (wheezy), this problem has been fixed in version 1.4.31-4. For the unstable distribution (sid), this problem has been fixed in version 1.4.31-4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2650-1 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez March 15, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvirt-bin Vulnerability : files and device nodes ownership change to kvm group Problem type : local Debian-specific: yes CVE ID : CVE-2013-1766 Debian Bug : 701649 Bastian Blank discovered that libvirtd, a daemon for management of virtual machines, network and storage, would change ownership of devices files so they would be owned by user `libvirt-qemu` and group `kvm`, which is a general purpose group not specific to libvirt, allowing unintended write access to those devices and files for the kvm group members. For the stable distribution (squeeze), this problem has been fixed in version 0.8.3-5+squeeze4. For the testing distribution (wheezy), this problem has been fixed in version 0.9.12-11. For the unstable distribution (sid), this problem has been fixed in version 0.9.12-11. Link to comment Share on other sites More sharing options...
sunrat Posted March 17, 2013 Share Posted March 17, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2650-2 security@debian.org http://www.debian.org/security/ Yves-Alexis Perez March 17, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvirt Vulnerability : files and device nodes ownership change to kvm group Problem type : local Debian-specific: yes CVE ID : CVE-2013-1766 Debian Bug : 701649 The recent security update for libvirt was found to cause a regression. The kvm/qemu processes weren't run as the `kvm` user anymore in order to fix the file/device ownership changes, but the processes where not correctly configured to use the `kvm` group either. When the user would try to run a virtual machine, the process was denied access to the /dev/kvm device node, preventing the virtual machine to run. For the stable distribution (squeeze), this problem has been fixed in version 0.8.3-5+squeeze5. Link to comment Share on other sites More sharing options...
sunrat Posted March 20, 2013 Share Posted March 20, 2013 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2641-2 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso March 20, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libapache2-mod-perl2 Debian Bug : 702821 The security fix applied to the perl package due to CVE-2013-1667 introduced a test failure in libapache2-mod-perl2 source package specific to the rehash mechanism in Perl. See Debian Bug #702821 for details. This update fixes that problem. For reference, the original advisory text for perl follows. Yves Orton discovered a flaw in the rehashing code of Perl. This flaw could be exploited to carry out a denial of service attack against code that uses arbitrary user input as hash keys. Specifically an attacker could create a set of keys of a hash causing a denial of service via memory exhaustion. For the stable distribution (squeeze), this problem has been fixed in version 2.0.4-7+squeeze1. For the testing distribution (wheezy) this problem has been fixed in version 2.0.7-3. For the unstable distribution (sid), this problem has been fixed in version 2.0.7-3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-2651-1 security@debian.org http://www.debian.org/security/ Salvatore Bonaccorso March 20, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : smokeping Vulnerability : cross-site scripting vulnerability Problem type : remote Debian-specific: no CVE ID : CVE-2012-0790 Debian Bug : 659899 A cross-site scripting vulnerability was discovered in smokeping, a latency logging and graphing system. Input passed to the "displaymode" parameter was not properly sanitized. An attacker could use this flaw to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. For the stable distribution (squeeze), this problem has been fixed in version 2.3.6-5+squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 2.6.7-1. For the unstable distribution (sid), this problem has been fixed in version 2.6.7-1. Link to comment Share on other sites More sharing options...
Recommended Posts