Jump to content

Bruno

Recommended Posts

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3388-1 security@debian.org

https://www.debian.org/security/ Kurt Roeckx

November 01, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ntp

CVE ID : CVE-2014-9750 CVE-2014-9751 CVE-2015-3405 CVE-2015-5146

CVE-2015-5194 CVE-2015-5195 CVE-2015-5219 CVE-2015-5300

CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702

CVE-2015-7703 CVE-2015-7704 CVE-2015-7850 CVE-2015-7852

CVE-2015-7855 CVE-2015-7871

 

Several vulnerabilities were discovered in the Network Time Protocol

daemon and utility programs:

 

CVE-2015-5146

 

A flaw was found in the way ntpd processed certain remote

configuration packets. An attacker could use a specially crafted

package to cause ntpd to crash if:

 

* ntpd enabled remote configuration

* The attacker had the knowledge of the configuration password

* The attacker had access to a computer entrusted to perform remote

configuration

 

Note that remote configuration is disabled by default in NTP.

 

CVE-2015-5194

 

It was found that ntpd could crash due to an uninitialized

variable when processing malformed logconfig configuration

commands.

 

CVE-2015-5195

 

It was found that ntpd exits with a segmentation fault when a

statistics type that was not enabled during compilation (e.g.

timingstats) is referenced by the statistics or filegen

configuration command

 

CVE-2015-5219

 

It was discovered that sntp program would hang in an infinite loop

when a crafted NTP packet was received, related to the conversion

of the precision value in the packet to double.

 

CVE-2015-5300

 

It was found that ntpd did not correctly implement the -g option:

 

Normally, ntpd exits with a message to the system log if the offset

exceeds the panic threshold, which is 1000 s by default. This

option allows the time to be set to any value without restriction;

however, this can happen only once. If the threshold is exceeded

after that, ntpd will exit with a message to the system log. This

option can be used with the -q and -x options.

 

ntpd could actually step the clock multiple times by more than the

panic threshold if its clock discipline doesn't have enough time to

reach the sync state and stay there for at least one update. If a

man-in-the-middle attacker can control the NTP traffic since ntpd

was started (or maybe up to 15-30 minutes after that), they can

prevent the client from reaching the sync state and force it to step

its clock by any amount any number of times, which can be used by

attackers to expire certificates, etc.

 

This is contrary to what the documentation says. Normally, the

assumption is that an MITM attacker can step the clock more than the

panic threshold only once when ntpd starts and to make a larger

adjustment the attacker has to divide it into multiple smaller

steps, each taking 15 minutes, which is slow.

 

CVE-2015-7691, CVE-2015-7692, CVE-2015-7702

 

It was found that the fix for CVE-2014-9750 was incomplete: three

issues were found in the value length checks in ntp_crypto.c, where

a packet with particular autokey operations that contained malicious

data was not always being completely validated. Receipt of these

packets can cause ntpd to crash.

 

CVE-2015-7701

 

A memory leak flaw was found in ntpd's CRYPTO_ASSOC. If ntpd is

configured to use autokey authentication, an attacker could send

packets to ntpd that would, after several days of ongoing attack,

cause it to run out of memory.

 

CVE-2015-7703

 

Miroslav Lichvar of Red Hat found that the :config command can be

used to set the pidfile and driftfile paths without any

restrictions. A remote attacker could use this flaw to overwrite a

file on the file system with a file containing the pid of the ntpd

process (immediately) or the current estimated drift of the system

clock (in hourly intervals). For example:

 

ntpq -c ':config pidfile /tmp/ntp.pid'

ntpq -c ':config driftfile /tmp/ntp.drift'

 

In Debian ntpd is configured to drop root privileges, which limits

the impact of this issue.

 

CVE-2015-7704

 

If ntpd as an NTP client receives a Kiss-of-Death (KoD) packet

from the server to reduce its polling rate, it doesn't check if the

originate timestamp in the reply matches the transmit timestamp from

its request. An off-path attacker can send a crafted KoD packet to

the client, which will increase the client's polling interval to a

large value and effectively disable synchronization with the server.

 

CVE-2015-7850

 

An exploitable denial of service vulnerability exists in the remote

configuration functionality of the Network Time Protocol. A

specially crafted configuration file could cause an endless loop

resulting in a denial of service. An attacker could provide a the

malicious configuration file to trigger this vulnerability.

 

CVE-2015-7852

 

A potential off by one vulnerability exists in the cookedprint

functionality of ntpq. A specially crafted buffer could cause a

buffer overflow potentially resulting in null byte being written out

of bounds.

 

CVE-2015-7855

 

It was found that NTP's decodenetnum() would abort with an assertion

failure when processing a mode 6 or mode 7 packet containing an

unusually long data value where a network address was expected. This

could allow an authenticated attacker to crash ntpd.

 

CVE-2015-7871

 

An error handling logic error exists within ntpd that manifests due

to improper error condition handling associated with certain

crypto-NAK packets. An unauthenticated, off-path attacker can force

ntpd processes on targeted servers to peer with time sources of the

attacker's choosing by transmitting symmetric active crypto-NAK

packets to ntpd. This attack bypasses the authentication typically

required to establish a peer association and allows an attacker to

make arbitrary changes to system time.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1:4.2.6.p5+dfsg-2+deb7u6.

 

For the stable distribution (jessie), these problems have been fixed in

version 1:4.2.6.p5+dfsg-7+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 1:4.2.8p4+dfsg-3.

 

For the unstable distribution (sid), these problems have been fixed in

version 1:4.2.8p4+dfsg-3.

 

We recommend that you upgrade your ntp packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2

 

iQIcBAEBCAAGBQJWNo/RAAoJEBDCk7bDfE42AakP/i8yAUHEguJRRKG/57ikoDsY

ANh1FWZGgXgsHfEzo0oTxmrHagSmVBVxQm7lTUC0Z9iu9Jt58V53ROf14ONdYPFJ

I+hboT4dFsaFkPxNZ6gGdiS74bEil2xiUYz7W24/8Z2bD3P6pO9cRXuHa/N0bD1h

pgzrJxRdOT3JKuJ/o7UX6XBRuxCKr9iC67BAtax0qDNj6jhZ9akMNLsbkxd5lZG4

QUtmmCrXk6MlsPp/Ckn9HId3rtqhdgYOc2yhkfZvwW1X/yMN3v+VIeWukM4yjw9T

DLgiQZGhxLgZGYjGagRbnq94MJZDk02we0yxLqMlrjsrtp047b4tzuIesAwek5cw

BblJauI7N2nWg7C31bQrW9IT1ndK5ScXWTEsCYQwYCFckWhr58ypfUQXS6YptRfd

NKFHRBrHUnCf/7ANvVwewNjo13eeYfkK/dw4zHBXRlXP6b+CgX8sO3LRpiKVqy5j

m43xGv5JL4PNLV5s6RHl5NB0kQNPzNBd6/Ef5GLr7XUWXkxz2aH5VLeTVaWlg2dp

xcU/IM/dJ/8033ryKGqOpEhCVOfsG0jCVvnlggyWLIaOgqi5UQalGwNChGWtiKqI

eZC+XMR3ZIYdOWjSkBRP2yPdIpfiXQe9n6qnzOSd98NsdnjfGoROPeUnNGo5gJh0

Lel5K+Jr+hVi/HyapP+X

=MnQO

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3381-2 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 1, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806

CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843

CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872

CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893

CVE-2015-4903 CVE-2015-4911

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in the execution

of arbitrary code, breakouts of the Java sandbox, information disclosure,

or denial of service.

 

The jessie update in DSA 3381 was built incorrectly, we apologise for

the inconvenience. In addition the version number in jessie-security

was lower than in wheezy-security which could result in upgrade problems

during distribution updates. This has been fixed in 7u85-2.6.1-6~deb8u1.

 

We recommend that you upgrade your openjdk-7 packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2

 

iQIcBAEBCAAGBQJWNo9FAAoJEBDCk7bDfE423BUQALuKRlj1xBZ7dMPulMDMq0JM

z2Gd5lUCzJWJbXA6Y3UNotgGaF/fjbtw4uTZMRPT++P4S+HUM6W2FKSSvLv1Siha

UP8FSNJaXpPTbYdfHJ0UlFyY2PuP7cwAYEglrZXbsf7mjn7fIlpMiV1IiEuyRFrf

mYu3iaTgLI/BiPHbs/gBMB8YkXwPj+XjttAuhyhegDgDGHC3JNvpmGBcUAT4iLjb

31PvfJxfUH+ri+JryazNB6QH1vOI8qVLc/2Liwvqu13V4tpQFZHnMFvLpabic5c0

etR18Pieb60pAeAhmBRWP9JSDjZZ10MXh+/az8Q3tq+YK+io0lbTlc6BbUUKaS52

oD+bw+3HEOT5kAh/79ZSlzesHlbIBiy/WXVkNsUucGQWWAzqUPw4ma3+gyM0W7O9

yG1uOx1Yzrcq77mGpah/Jk3hyo3UtgdQX3on7qzWXfgwd/mlbOt4QRn1p138/aFX

b+dx2oxQRj5icfI8uHhBiakw0KC62O+j4E+P36NfmE32r8BehD37wFOR+BkTfk1c

OUSwm57gyhMw6Se6LqtNuC8yW+1TnivR7dbu271W/WQIeD3NROp8yvn5KWD/BB2k

IjFVTM/wXrN50gRn2eCeCVSH3aplbQ9R/znkRjRbgZa19mUM+DPS1BOMHIXQKrWf

I6VlEofVxzpb7np2j4dI

=Wu2G

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3389-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 01, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : elasticsearch

 

Security support for elasticsearch in jessie is hereby discontinued. The

project no longer releases information on fixed security issues which

allow backporting them to released versions of Debian and actively

discourages from doing so.

 

elasticsearch will also be removed from Debian stretch (the next stable

Debian release), but will continue to remain in unstable and available

in jessie-backports.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2

 

iQIcBAEBCAAGBQJWNo9RAAoJEBDCk7bDfE427Q0P/3X7V87H/M4pP656r0VMNI3l

wck4p4oOvRcUPPE/HgZXpu9QoxFejqc4CilRqRPNVWAljoYlEKQDbO/8ioxRSkEO

aaVvZgVr0UgkrBrUisF69W87tVpj1mKCQL9Kw2HdRsVTFhWRZe2MiAhQeFBuOVNq

rKM8Q5SnGAOe5FEe6aY+6g5nw/pLet5C2fw2WirW1SWsD3pP1AkcZoIRIfP6R2qc

Olu+N/j3fzMpIGr8IlOu2YR/MO9zwT2v6q0EZ9aM6ewEBwqC2Kldu3CdBZB2D8gH

3vXR0N12ZtXpl5yj23VAj8WFSUBitrTdmqP/WCwqp2mhXeuVuNpUAVJGeYzLF1Ve

z4fIoSS7wQOTTIagzwZqn40Op3+PuJh9G+Sz+X1gGMOMm9h/62sY2dOTgB4Dpx/y

St9DABmhMrm0+Eb6Wd+6U6ZNB6vYKTl93R4/cHdnVtmVuVjNGr2pSmgFN/wMxM5L

n0MD9K7knPyS0ngwjX+Zz/O4X7IqziHvPjp9rOXN2U9kO55Eeo739xBcxHfpg9Cp

Cyp2fPfSX5dBJVUD+y3ELjmgR+NdSbmKGMqLzsXngfu2DjvLUp/KMs5K10ReLBa4

MDXs/KH4LcRfKkbVkcjEUlAc+MqEDleZzO+IZS0r5ZnFXhuAtM3MMzQbaPMCXP2G

wRBPlKsMOPvfkyzAEtdE

=Z43V

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3390-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 02, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xen

CVE ID : CVE-2015-7835

 

It was discovered that the code to validate level 2 page table entries

is bypassed when certain conditions are satisfied. A malicious PV guest

administrator can take advantage of this flaw to gain privileges via a

crafted superpage mapping.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 4.1.4-3+deb7u9.

 

For the stable distribution (jessie), this problem has been fixed in

version 4.4.1-9+deb8u2.

 

We recommend that you upgrade your xen packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIbBAEBCgAGBQJWN6naAAoJEAVMuPMTQ89EJAUP+PTxbDcXdaWsxi1IHoF+JIBs

y0IpdchA/L2QWQ57bcG2Uv2Z0fHsFprLNX6WNWz1rOSCXMdwYDDDtecmg4l1oRl2

ozmCg0Zy3KbuG83dBZNKcdAFuOPpccpuxy2uc93z63Xcb9hcmUrrXTtG+jcNvOKN

mqWzp33ttqGBljP8EoK/yIy/P1jp8G4o3EoXAplkCQEoICHqCpiAbSU+AnHRxRcN

wGcQHOMiBtld/Neu0+NSwzBQvpt2pEmtCPFHysc3+VHrTaYRlEXzhlMNet+klqQe

wmrhAZUkW1FuMpcwAjXwQZ4S9kjvEGbsyacefAd6qWBzUhCJx8Lcz/ZvuXvZEmYk

Xvu+sEqnWfQwUPefBejbEuC1TLQnYrmOrhBE1CwgoiVJEDiqPJ+Srd8llk5oueur

omyJOS/gVQrSeQKaAeOhkCq4PTLUXS8V+BOHLDCQgXqfeS6FXvkKCL5g1dZsCM3W

W9AeynQ//rtcJoehhcFxBge4rx/0g4OMrOyxWgXovvchDi3fAYQSIBz+JyjVDJiP

VmOyo0eRSlOt2qFMlHtQGbAF44iUW+/aAejSp9Edp99apfbc6umGOhW6httEOoAZ

LR68eq24PrJ8RkEyUjvpdHd4DE5T4YBPNPS19wb6Av3m5NQe9ySrVGPGHCmUbres

SoSSlICiOGueda089nU=

=zS7s

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3355-2 security@debian.org

https://www.debian.org/security/ Alessandro Ghedini

November 02, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libvdpau

Debian Bug : 802625

 

The previous update for libvdpau, DSA-3355-1, introduced a regression in

the stable distribution (jessie) causing a segmentation fault when the

DRI_PRIME environment variable is set. For reference, the original

advisory text follows.

 

Florian Weimer of Red Hat Product Security discovered that libvdpau, the

VDPAU wrapper library, did not properly validate environment variables,

allowing local attackers to gain additional privileges.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.8-3+deb8u2.

 

We recommend that you upgrade your libvdpau packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2

 

iQIcBAEBCgAGBQJWN7kdAAoJEK+lG9bN5XPLcBAP/inR777OEQH20M/uOAETje90

SwAEEF+dXW3A4EhJFCpr5EuFqbLtEnicxdTrCgKAtAIqeKmzcjcppOdaIa+EPJCY

mgi3nJaUzuU1RyDeDs8UrQosRBWdpbenpAmc0xpACYkHaSxz9BTjxx3xp8P3JPnQ

3hrNebH7WX+lg0Sit1ArCOqBkziXunZz2LSgKMyfw26oYb9wsLNInYapE+GbG1UC

qRfJoqzZv1GvMCCKvrw+MgFeWjbqeSVITpptWDo5Uh9r93BphJ1QM6RYZmoSsiEU

CsplCaRyriVCM2Dt+TdLXw0lBhozkTw/UkloIKJ0Zp03xtI+QYke6wHtiVBVcnKN

qDAiWeukowvgie9xdju4MSghkDqIi1aUNkHMhn3OBhX9IzT23UtFpeocHWgl5zyv

ziph8l5N71y/sAh4OZS1N7hRtFs8IFzIGvqnYU8rhiiJALgd9G0QNJfEeV/2/29J

LFkpJiq3KQapQgpGra1BLncHtn8qfbDS6aXAncnwHkWCxgM8TexgdqMm3axRwjO/

oovOWooqb7329UN2XsVumuiNO6Pk9uD90wCEkG6+IR+mW0A27icXKGoKTlWu2tU4

bj7II5HoQnqyO9aOUsFblh+CpGmGm37UQ261Ji5dWpkghBQBmiNR2SFU+1A9MfR/

QzKXOK8eDz2uIGFrAGG1

=ktpf

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3391-1 security@debian.org

https://www.debian.org/security/ Florian Weimer

November 03, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php-horde

Debian Bug : 803641

 

It was discovered that the web-based administration interface in the

Horde Application Framework did not guard against Cross-Site Request

Forgery (CSRF) attacks. As a result, other, malicious web pages could

cause Horde applications to perform actions as the Horde user.

 

The oldstable distribution (wheezy) did not contain php-horde

packages.

 

For the stable distribution (jessie), this problem has been fixed in

version 5.2.1+debian0-2+deb8u2.

 

For the testing distribution (stretch) and the unstable distribution

(sid), this problem has been fixed in version 5.2.8+debian0-1.

 

We recommend that you upgrade your php-horde packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.10 (GNU/Linux)

 

iQEcBAEBAgAGBQJWOStoAAoJEL97/wQC1SS+MHEIAJ2sxGyD96tbSiN0TkkYy6VZ

SmjY9xuw7VE1fDJippuyI3uSWpcg7X1Lp4lZaoa5kNYpbEwTQBAqAlsW7G5sanqt

LguF01ds1w1is4Tw796ukdT12nGY/DFo/t3DwbS+F0DIpZkvR2cNCHIVvw4Uu1mh

Mtr9mQe0oyPshxJoZmsjPSJW3JAlM9PE47YfvgNhONVFFl+95MMcjCzg2boRhl4k

fSS5S2mcZ/C8fRxUHdcywmZ/wE7NReIqBZPRptMWew2oWAENDrtCCGiqIxzoCwnT

s75dtELRXfneQ70bkTZnIyLQZKVDN+1YO9nGaOgCdoyxoT8r+hBuuXnmAtEP3H8=

=PQ4n

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3392-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

November 04, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : freeimage

CVE ID : CVE-2015-0852

Debian Bug : 797165

 

Pengsu Cheng discovered that FreeImage, a library for graphic image

formats, contained multiple integer underflows that could lead to a

denial of service: remote attackers were able to trigger a crash by

supplying a specially crafted image.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 3.15.1-1.1.

 

For the stable distribution (jessie), this problem has been fixed in

version 3.15.4-4.2.

 

For the testing distribution (stretch) and unstable distribution

(sid), this problem has been fixed in version 3.15.4-6.

 

We recommend that you upgrade your freeimage packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v2

 

iQEcBAEBCgAGBQJWOc9cAAoJEBC+iYPz1Z1kC/UH/AhAe5MJ9NSS9wT95K5qhe/Z

m4FKLdGDzGqWY82DhWyNYVTTeKit44rR70HnMQ4Ekj/s0SmOyXDAwhE5FR0lLnhW

MM5U4Ub3Zhms3uQdayo8tKmlW3eS7lS5w6rpXk0406TVfSy23XUf8C9rjcIVruYS

IBa1ROapH2pfo/LwFVwS3fm+ZzQ6M105WV1/TJEXG4sRCLKku470WPr8sDFGgWdZ

7UcdA1q8WbhGaELHI1Z7P86ycuz3hUTO9CzeYgUlcNBCOH27Uo4NiDQ5rOSHIY8N

qWLiE8eIlBqn+9Nyr+JcQ1t/mvAI1aAZAfL0w3MUNQ+IPTG6Cx3mbrKTUw5jaLA=

=klen

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3394-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 05, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libreoffice

CVE ID : CVE-2015-4551 CVE-2015-5212 CVE-2015-5213 CVE-2015-5214

 

Multiple vulnerabilities have been discovered in LibreOffice, a

full-featured office productivity:

 

CVE-2015-4551

 

Federico Scrinzi discovered an information leak in the handling of

ODF documents. Quoting from

https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/:

The LinkUpdateMode feature controls whether documents inserted into

Writer or Calc via links will either not get updated, or prompt to

update, or automatically update, when the parent document is loaded.

The configuration of this option was stored in the document. That

flawed approach enabled documents to be crafted with links to

plausible targets on the victims host computer. The contents of

those automatically inserted after load links can be concealed in

hidden sections and retrieved by the attacker if the document is

saved and returned to sender, or via http requests if the user has

selected lower security settings for that document.

 

CVE-2015-5212

 

A buffer overflow in parsing the printer setup information in ODF

documents may result in the execution of arbitrary code.

 

CVE-2015-5213 / CVE-2015-5214

 

A buffer overflow and an integer oect memory management in parsing

Microsoft Word documents may result in the execution of arbitrary code.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1:3.5.4+dfsg2-0+deb7u5.

 

For the stable distribution (jessie), these problems have been fixed in

version 1:4.3.3-2+deb8u2.

 

For the testing distribution (stretch), these problems have been fixed

in version 1:5.0.2-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1:5.0.2-1.

 

We recommend that you upgrade your libreoffice packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIcBAEBAgAGBQJWO6QVAAoJEBDCk7bDfE42Sb4QAJ9pxAmvkInFVRYwKtNd71fz

vNJ20YHRYouaoIyuoxUZmx27euObg56QFqp5ni+QmobMTYprL8AUIkhUQzNCPC6A

T6CVDOGi+3UQMP3a6XByAtaeVceJOT/YxRKBxP2VGCxeIUAOmrQgKwPLcR2mwpii

hSSmqTeYibEsD0M+f51qvIuEPtodzr4DsYrYysJtOEgzq2XN5gRQmbI2QTI2haQp

3tYO+ylCfsQGHy/5cTwpJ3xILefXel7q1K+N5LuEJrsVXuxUFiKvWWzqS/ZpcG5s

CuiSOOYByTZw3ACIU9GV6jMkj8aOH7XwzQhYOJlTmuY/rpo0qbaP8IW9T9BiGRmB

AZjZujGNGsc8WIedkLRdA/oSCNPfVQ8O1+19xMU05zBct6gpqQ+yhtDEM7s8M8LN

2pjG03eEW42NhEk+giz41hyHbAPCMqG3xA+ZChQTeK7/rW4LV48J1N6OF65AN4uQ

a5KLjuvTkENDBNvb+3Qo2dqk7IdPIQ0h2DVVxW2z/7DucWpc1ausEJFz93IWWzOM

/CjyL8svtEeEUFiLGc03cUlCSIu4ljs3FAiC50FqIsGQ0dyFhzSuCwTY+p+m1ecI

bEB1Jhzo6zt7WXeBm+O9zWhx7Z5dG6XttR3KgduYZumgWGdX70rP756xjFY5br5l

5lc81kD970Ob7+P+Jz1i

=/yq0

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3393-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 04, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iceweasel

CVE ID : CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183

CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194

CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199

CVE-2015-7200

 

Multiple security issues have been found in Iceweasel, Debian's version

of the Mozilla Firefox web browser: Multiple memory safety errors,

integer overflows, buffer overflows and other implementation errors may

lead to the execution of arbitrary code, information disclosure or

denial of service.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 38.4.0esr-1~deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 38.4.0esr-1~deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 38.4.0esr-1.

 

We recommend that you upgrade your iceweasel packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIcBAEBAgAGBQJWOlFJAAoJEBDCk7bDfE42diMP/2VK0dXZdknI+7WYm9mzRxv2

raQdxvB3tCehPKCsxLcpE11l2qLOAyBqguJC4SKqCsda1fSmkmftYvW21UTuRX55

5eaiceYKaKys8if2BxZiKMA7h9w3aGS6G1p4Bp7ld2s3tgDqSvrtxppowVY6/f5D

od+DSzyl0qv1AzGHnscF+ThrooisC2LJSNZSHo67v97eruAPT14ohvOhU7zaf4tM

nesRes7MhleHUsEWySYZDi3yQIe2+c/F6OnKeZ9dxCVBnKtUUpCqaGGfiktsunRm

5s3oieTiLXRg5wj61VY0pTdLCS1ji2GSd6J7fNfL2kIuZyai04mpzdVrtzFFLpgV

xQ/IJQwTnqzA/zwhFEKdwVkRV1ZQUUCjnsNqZb3RghixrrFW7+Z09BpO63hfCP5X

k3GkIv43I78XiC5Kwl2xaSgSZY1t4smN2SsVGWkrOXMcLXJDQJvzGTr+LMvbrv2z

6tEBaCID0gLgSbuEb6TCc0vXlSaKr7iD9zl4HZeMegEoMiu91cRvc1zl4mMidnvX

Boc6uT2aVtdvFoEwtruxP+DYFa/p3yIsu8DgrzvFTMOh/OS1kXcEbXBsKaorcJyq

9fHHEhRYVm7e78KI9wLT1lljmnm3dGKwcdBVRWY7pq1tKJUp51d8k/5kntihVEoc

4H0p5gbleUYsnHHjlTQr

=6psN

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3395-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 06, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : krb5

CVE ID : CVE-2015-2695 CVE-2015-2696 CVE-2015-2697

Debian Bug : 803083 803084 803088

 

Several vulnerabilities were discovered in krb5, the MIT implementation

of Kerberos. The Common Vulnerabilities and Exposures project identifies

the following problems:

 

CVE-2015-2695

 

It was discovered that applications which call gss_inquire_context()

on a partially-established SPNEGO context can cause the GSS-API

library to read from a pointer using the wrong type, leading to a

process crash.

 

CVE-2015-2696

 

It was discovered that applications which call gss_inquire_context()

on a partially-established IAKERB context can cause the GSS-API

library to read from a pointer using the wrong type, leading to a

process crash.

 

CVE-2015-2697

 

It was discovered that the build_principal_va() function incorrectly

handles input strings. An authenticated attacker can take advantage

of this flaw to cause a KDC to crash using a TGS request with a

large realm field beginning with a null byte.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.10.1+dfsg-5+deb7u4.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.12.1+dfsg-19+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 1.13.2+dfsg-3.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.13.2+dfsg-3.

 

We recommend that you upgrade your krb5 packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIcBAEBCgAGBQJWPQNaAAoJEAVMuPMTQ89EYEkQAJBm5hBqyHJaJI9Pr1ZgrUd/

X8LKuhhak0T9R5uxh+3OunBKsmIU3bFZmljSHTGLpqD+L08kLA+ydRHHlP48fvQk

enBzWYPUB4r0X3Ys/AoW0BzfA1ZSYaG8qSnwY5i0jyVPs7KOBATnHmj+Lv+btarB

YmzIAq2SZza+pvMEyrZMRArkAzM33LFySNTcdzBz7MVvNq7yK3D0OdGJJVR6A13P

vQ+yBNMbcXljOIi+amisqC5DD9lNfq84JeK8TKJC0qrURDsGzD8OLJ+VSUubeULF

fYBxMn074RFxic2BtOp2Ns92zc0+PkCgu719amfFjSJ7UvSKRl5lVCBS5Tpq1V4l

/besADZ9XqhxHgcAHPZl2Qclsy4ocoe/pcJtAacLMeKUBhPLPZdmJMDSxnsjK4Gf

FugumQ5KeMV1hHLqWio7HDHlnynsJHdWJW65m6b1FyEj8IvW7aYBxELlkHRz393L

B6VDjVsbu1rfHYGiTvReJNGJgDHoBRn6Oxw/t1h35/GC5jTsvRmYXeKnkNNq1O5h

rSWOs+gTcCNDWOMJyc4690GG56FEuApidav9bcumzHXZYFH9lWstNmsFPX4wCshI

RnfgPzrjd8fhQ+PLVD79pV4wXibbAuDf0MakCUTjY96nG5E/G5DnDNYUKh65/E3C

v+AxuiDjbZ4j0vHn4Bv0

=FU4r

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3386-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 09, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : unzip

Debian Bug : 804595

 

The update for unzip issued as DSA-3386-1 introduced a regression when

extracting 0-byte files. Updated packages are now available to address

this regression.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 6.0-8+deb7u5.

 

For the stable distribution (jessie), this problem has been fixed in

version 6.0-16+deb8u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 6.0-20.

 

We recommend that you upgrade your unzip packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIcBAEBCgAGBQJWQRdxAAoJEAVMuPMTQ89EzUkP/0/3Llq2nGOqaYk02mZFy5cs

DK/iRRTdEmXxkY5H4Nhhc9Zcz8Mv63pqVX/VDf2WdSgGl8otLSwbRrNirXFMpExv

vboEQhXXHW7//h4HME85FX6sEkg8m+niU0lYiXJsA3jUgWOTQUUcrmR7LWusCG/X

AUn123vIvU+wJd/EqPWSowZ3j+SgIYy19zcbvZPiHrMvLNPTt0wDu2ltq422LquL

ccq+tjaQc8wajX4ycg3JMX6dsGbBsNq0K8M71T56o4fa62bVan1xvwiowSya1T9J

OQiw3KhlMpDgda8ETq31P4GJzTyr3KSjbcgnYELWB1jLnEqXSf49YKiUoJdVZlYn

Dh8NeR9NvKlMFId7EZmYPvep9Kw0/POCD+MorWGUEyIi48Rl3YzWaFN2+9t0j+iY

8aEolm3TL/CliHq5nrFsBwq2JYldrCJG0id7EgtlWtDvnBDms1Q/hBT3cyZWdaBI

mZ/VO7MHmsZ8Ipg74hEQVT+nSMoF5YsO4uMF1ylMzYEDRPa6/eM93wUPkZdfV9/h

Ex5xIyYtnIOyC40uAsF6yis4kOlYXa4Bvdx9UQ5n1CLLquB+4XBBUvMMswepUwv4

KG6pXhfEEDzrK0agL1NRnXvMhxCBccSPv+AFakV5mJIqG7YlIzlFcwmon7H5mHd5

dFH8rj+R2ISnWUc1sGDl

=h0yH

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3396-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 10, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2015-5307 CVE-2015-7833 CVE-2015-7872 CVE-2015-7990

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a denial of service.

 

CVE-2015-5307

 

Ben Serebrin from Google discovered a guest to host denial of

service flaw affecting the KVM hypervisor. A malicious guest can

trigger an infinite stream of "alignment check" (#AC) exceptions

causing the processor microcode to enter an infinite loop where the

core never receives another interrupt. This leads to a panic of the

host kernel.

 

CVE-2015-7833

 

Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a

flaw in the processing of certain USB device descriptors in the

usbvision driver. An attacker with physical access to the system can

use this flaw to crash the system.

 

CVE-2015-7872

 

Dmitry Vyukov discovered a vulnerability in the keyrings garbage

collector allowing a local user to trigger a kernel panic.

 

CVE-2015-7990

 

It was discovered that the fix for CVE-2015-6937 was incomplete. A

race condition when sending a message on unbound socket can still

cause a NULL pointer dereference. A remote attacker might be able to

cause a denial of service (crash) by sending a crafted packet.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 3.2.68-1+deb7u6.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.16.7-ckt11-1+deb8u6.

 

We recommend that you upgrade your linux packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIcBAEBCgAGBQJWQaXfAAoJEAVMuPMTQ89ExbwP/jOoRqC06ghZHt0L85pdDG/T

3mkgcNeO8kDqwm4hqOpIq4oZJY+LwnSWoLYSJp2OodIEEw3qdhNcDmQZqrOdn+lU

lDQtVVjd13io5vHE+R8/a03ChhUlVhQv40hQE0rALjYvdKYvn+JszZFwnAPe1pjc

qnRafMEy8N2/lMWPDuxmdavzg7J8nXmxWKS1jW5a6PxrHyrLe1nAEc68iG51P6bF

HQ8kbyWZFkD/hZ4al3dQCTLfmrFuRxf/Bv/L6EgLUCQT7IsBreASaqAE7tbpRm4I

AI3nx9Yu6F4HnMdHDQZCUTgMJEYBDcJREMmqgwnUWIsKbdiyGBwWDGU9qsa0yQWP

RcFxbH64C0HdB8gVKNj0qfTgF0P50ChIdpohs/IN5WCJ7SADfr61Rv6gHID1j38e

YhyKV4qf/WPtYtr9524pkrhC07Znnk802m8wJgMacBVM2PTs/mxz75hZU/k3yRUN

oyVL5nWUJSJBMnD+PoHaFnlit8FcJj6WS6iQUJ18Y/UOt4QWqZZgv3TjdIJmAUeg

fJJjnlCMZHquUaUQ7W03LuFXKgrMnCwuWq53rCbzp5+/CkhRIuY5OylrSfh3JQi6

yckyHk/LF1XD4jgVPvpXv5OhFfsr5tZvN+V3UKmeigzUQr91XgO1ccu/AZ3igs5q

MSXijRFylMzZsEHh+FUY

=aHKu

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3397-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 10, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wpa

CVE ID : CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-4144

CVE-2015-4145 CVE-2015-4146 CVE-2015-5310 CVE-2015-5314

CVE-2015-5315 CVE-2015-5316 CVE-2015-8041

Debian Bug : 787371 787372 787373 795740 804707 804708 804710

 

Several vulnerabilities have been discovered in wpa_supplicant and

hostapd. The Common Vulnerabilities and Exposures project identifies the

following problems:

 

CVE-2015-4141

 

Kostya Kortchinsky of the Google Security Team discovered a

vulnerability in the WPS UPnP function with HTTP chunked transfer

encoding which may result in a denial of service.

 

CVE-2015-4142

 

Kostya Kortchinsky of the Google Security Team discovered a

vulnerability in the WMM Action frame processing which may result in

a denial of service.

 

CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146

 

Kostya Kortchinsky of the Google Security Team discovered that

EAP-pwd payload is not properly validated which may result in a

denial of service.

 

CVE-2015-5310

 

Jouni Malinen discovered a flaw in the WMM Sleep Mode Response frame

processing. A remote attacker can take advantage of this flaw to

mount a denial of service.

 

CVE-2015-5314 CVE-2015-5315

 

Jouni Malinen discovered a flaw in the handling of EAP-pwd messages

which may result in a denial of service.

 

CVE-2015-5316

 

Jouni Malinen discovered a flaw in the handling of EAP-pwd Confirm

messages which may result in a denial of service.

 

CVE-2015-8041

 

Incomplete WPS and P2P NFC NDEF record payload length validation may

result in a denial of service.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.0-3+deb7u3. The oldstable distribution (wheezy) is only

affected by CVE-2015-4141, CVE-2015-4142, CVE-2015-4143 and

CVE-2015-8041.

 

For the stable distribution (jessie), these problems have been fixed in

version 2.3-1+deb8u3.

 

We recommend that you upgrade your wpa packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIcBAEBCgAGBQJWQk59AAoJEAVMuPMTQ89EfRoQAI2Hzz2IVjv2/Vqs+Eb1jN7s

B1YeIISf83YOoSLXk1AdFp1irWIJR/1USKjlP3jm7Iedjz/nTqEr8k+4mjtaf1ap

QVj07KUhmQYWJqxqCtrOYh5FKMgwZ6pDGbZaU7W9dV0NTyaQ9Yfi7rz2qf87zKlg

rB66pMheTQVKwb60z2SLkRCzYxwcneVNt1k2YDymP4vthyjqDD3Hr/xkNQmOpYxD

ZZBUVdj2VszBrvQI/7X1zb36viQrTSY/LtiL7V+ouQRQW2iRItHV6UgisKTxqLrc

mxFHO910KexOYUlClShvy+uxPcNEFciY+WXJWk6C/vnWn3kgCePEMfHKnmyqpRHX

/cpv/tClt9fbkv8pd+pdFKvDT4nUeRkKMvjA788nhB0JsAUpJBV2zM1/OqnqSpEy

AkKJpBrAva63k44vrBSpMLQeZph3O4XQxVxd3GQUbnqff/QgfNdt3IZKejieEtr9

aGB9MEbACObsHfJMsyMKTas4wHjUjttli9dv1EjAo+l76uVwqsSsCjkd3hpwGTAa

RfPtr406t8S6mJHUHiAnVGBaDRFLNj+GN4VUI03TY1xV+SryDDwvvNt6mqLPwYGQ

DrkzMvNdpbZeeAZx4Lktwk3VHHqctpSWxh26+hZu/1gSn2fJt4IBAnuvR7U61L/s

dmbD9IrwgfWdrmSOe/8e

=oQsm

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3395-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 12, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : krb5

CVE ID : CVE-2015-2697

Debian Bug : 803088

 

Marc Deslauriers reported that the update for krb5 issued as DSA-3395-1

did not contain the patch to address CVE-2015-2697 for the packages

built for the oldstable distribution (wheezy). Updated packages are now

available to address this issue. For reference, the relevant part of the

original advisory text follows.

 

CVE-2015-2697

 

It was discovered that the build_principal_va() function incorrectly

handles input strings. An authenticated attacker can take advantage

of this flaw to cause a KDC to crash using a TGS request with a

large realm field beginning with a null byte.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.10.1+dfsg-5+deb7u6.

 

We recommend that you upgrade your krb5 packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIcBAEBCgAGBQJWRP8BAAoJEAVMuPMTQ89EOYkQAJapOzRZJJ9R2X8CEl2oDzC3

It0qbSVMU3YwTtwLmHzgwSf1XmlVDRP9+bRURmK7rqERoLdeGLEEHXOoi5i4I80m

fJT2uleuMGPWiYvLRb/aFWMdgd+tNDcmrFX0YQVYuyNPO5ixOuusIKE1Sihbcx+T

j/haOd5t+HStYbi2667ph5p8xlwykmONEUjkRY/6CE5D/SR8sfnFZARQ8iD8ug2u

J6nvXFHnvQuU0xmDr/jDPH0pAhF3Ntvm9Tl0RHpkQ6MIfe0DS2yGs1TXtQSVSY8u

0vgejWbXqSwXr5VjsB6KcZ83PjsSYyaCsLy3zq8dC00yuCGUyG59chlvFqm3+Hhv

sjXlA38DobsxkiFT3cIXJLGjzIcz3fcMKFy2kaBikPSkxDQKfj1a8OgMoK9ojCF0

kYdhLaO4pVEJDQeTMyxscQVZwy5O//hicNJvfYSTWbwOvcxGWnBri/hS89Ct4KQI

JoBXYsa1OOCH5PGD5CW/uVmFw+KtQnK59eg3CdMthlIfIDV4RYXBq6SuG+oVPfbF

6Q2mKwmyBunBi0cltcAo7vUUJUZQeiLpwq6kl3UxpbZMDqsJ+rbW8z33sNTZj2WG

imCG6Xjt2GThyRB2m8cyKLFlJJ+SQZGBOEW3/155/s/2h5uUxr2VKYzMWt5vWZe4

NuNKx1P9QVemIc0qcQNb

=/WpO

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach
-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3208-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 14, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : freexl

 

The update for freexl issued as DSA-3208-1 introduced a regression when

handling certain Microsoft Excel spreadsheets files. Updated packages

are now available to address this regression. For reference the original

advisory text follows.

 

Jodie Cunningham discovered multiple vulnerabilities in freexl, a

library to read Microsoft Excel spreadsheets, which might result in

denial of service or the execution of arbitrary code if a malformed

Excel file is opened.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.0.0b-1+deb7u3.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.0.0g-1+deb8u3.

 

We recommend that you upgrade your freexl packages.

 

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: https://www.debian.org/security/

 

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iQIcBAEBCgAGBQJWR0exAAoJEAVMuPMTQ89E3OMP/3t0dIqxOodj8kL/WrMFbRBz

bIAPBU50Jbv3SpgZNa3CkT4gjvWgEA79RsF0obepqYf/5h05FC8Kpvic7hUYsVj3

4FYk1KNCvYP67+UIpu5pe0hV2w9OGMJmVZWI4qUVjxIHenhHbv4WAEoa2vGk7wlk

QQAQfmRepiy6i6pEZX7VGbsQsLkBKzWQl8T7NJrxbrT35fM2hmQin93gJzLMGWFQ

YyLzvtPxs4FBkKbGTESSbtLkhtHq2Tnax+GqZsPkT2NVtOm8qXEqaw+Tnx/Hopjp

eVqB0uvdkFFSZx8wFlqUCVFHLun/03KRKz3foGDCB1eAL4jODfFZV37vaJ182Exp

EqJuDdYoUyGWM2ikr8cEP4+OsHEXeDeUiZPkU9Hr+1FSF2AUHWvIqB+RqNTJZF+E

5aGBO/HJBFxf4Z1fZVmTqpgdjl1Wqi77pPmqfvNA27YpBGjVCzqtfEB6c8HHdRDS

viIEmE//E2pquOyrqU3noFBTcAlddvreKjkWo3y+DOHGSS7JLL8FUVM9amnPOmpn

vbID6vVKJvTk8NyeZoHsGxRh3GgVHauI+9wV7yUSWItxQM2Jubd1eYKfgmqi0u9i

a4L+ADDaQW4Gvd9NqLZ/si5YOvEEysQjqXdHpIE58wxivU9x/XJ6Zu/OraCKGf1a

DXiRuF3RQlIV6agMYiuQ

=RGyz

-----END PGP SIGNATURE-----

Link to comment
Share on other sites

securitybreach

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3398-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

November 16, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : strongswan

CVE ID : CVE-2015-8023

 

Tobias Brunner found an authentication bypass vulnerability in

strongSwan, an IKE/IPsec suite.

 

Due to insufficient validation of its local state the server

implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin

can be tricked into successfully concluding the authentication without

providing valid credentials.

 

It's possible to recognize such attacks by looking at the server logs.

The following log message would be seen during the client

authentication:

 

EAP method EAP_MSCHAPV2 succeeded, no MSK established

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 4.5.2-1.5+deb7u8.

 

For the stable distribution (jessie), this problem has been fixed in

version 5.2.1-6+deb8u2.

 

For the testing distribution (stretch), this problem has been fixed

in version 5.3.3-3.

 

For the unstable distribution (sid), this problem has been fixed in

version 5.3.3-3.

Link to comment
Share on other sites

securitybreach

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3399-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 18, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libpng

CVE ID : CVE-2015-7981 CVE-2015-8126

Debian Bug : 803078 805113

 

Several vulnerabilities have been discovered in the libpng PNG library.

The Common Vulnerabilities and Exposures project identifies the

following problems:

 

CVE-2015-7981

 

Qixue Xiao discovered an out-of-bounds read vulnerability in the

png_convert_to_rfc1123 function. A remote attacker can potentially

take advantage of this flaw to cause disclosure of information from

process memory.

 

CVE-2015-8126

 

Multiple buffer overflows were discovered in the png_set_PLTE and

png_get_PLTE functions. A remote attacker can take advantage of this

flaw to cause a denial of service (application crash) via a small

bit-depth value in an IHDR (image header) chunk in a PNG image.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.2.49-1+deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.2.50-2+deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.2.54-1.

Link to comment
Share on other sites

securitybreach

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3400-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 19, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lxc

CVE ID : CVE-2015-1335

Debian Bug : 800471

 

Roman Fiedler discovered a directory traversal flaw in LXC, the Linux

Containers userspace tools. A local attacker with access to a LXC

container could exploit this flaw to run programs inside the container

that are not confined by AppArmor or expose unintended files in the host

to the container.

 

For the stable distribution (jessie), this problem has been fixed in

version 1:1.0.6-6+deb8u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3401-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 22, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2015-4871

 

It was discovered that rebinding a receiver of a direct method handle

may allow a protected method to be accessed.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 7u91-2.6.3-1~deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 7u91-2.6.3-1~deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 7u91-2.6.3-1.

  • Like 1
Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3402-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 24, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : symfony

CVE ID : CVE-2015-8124 CVE-2015-8125

 

Several vulnerabilities have been discovered in symfony, a framework to

create websites and web applications. The Common Vulnerabilities and

Exposures project identifies the following problems:

 

CVE-2015-8124

 

The RedTeam Pentesting GmbH team discovered a session fixation

vulnerability within the "Remember Me" login feature, allowing an

attacker to impersonate the victim towards the web application if

the session id value was previously known to the attacker.

 

CVE-2015-8125

 

Several potential remote timing attack vulnerabilities were

discovered in classes from the Symfony Security component and in the

legacy CSRF implementation from the Symfony Form component.

 

For the stable distribution (jessie), these problems have been fixed in

version 2.3.21+dfsg-4+deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.7.7+dfsg-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3403-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 24, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libcommons-collections3-java

 

This update backports changes from the commons-collections 3.2.2 release

which disable the deserialisation of the functors classes unless the

system property org.apache.commons.collections.enableUnsafeSerialization

is set to 'true'. This fixes a vulnerability in unsafe applications

deserialising objects from untrusted sources without sanitising the

input data. Classes considered unsafe are: CloneTransformer, ForClosure,

InstantiateFactory, InstantiateTransformer, InvokerTransformer,

PrototypeCloneFactory, PrototypeSerializationFactory and WhileClosure.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 3.2.1-5+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 3.2.1-7+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 3.2.2-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.2.2-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3404-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 25, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-django

CVE ID : CVE-2015-8213

 

Ryan Butterfield discovered a vulnerability in the date template filter

in python-django, a high-level Python web development framework. A

remote attacker can take advantage of this flaw to obtain any secret in

the application's settings.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.4.5-1+deb7u14.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.7.7-1+deb8u3.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.8.7-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3405-1 security@debian.org

https://www.debian.org/security/ Florian Weimer

November 25, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : smokeping

CVE ID : CVE-2015-0859

 

Tero Marttila discovered that the Debian packaging for smokeping

installed it in such a way that the CGI implementation of Apache httpd

(mod_cgi) passed additional arguments to the smokeping_cgi program,

potentially leading to arbitrary code execution in response to crafted

HTTP requests.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.6.8-2+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.6.9-1+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3406-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 25, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : nspr

CVE ID : CVE-2015-7183

 

It was discovered that incorrect memory allocation in the NetScape

Portable Runtime library might result in denial of service or the

execution of arbitrary code.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2:4.9.2-1+deb7u3.

 

For the stable distribution (jessie), this problem has been fixed in

version 2:4.10.7-1+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 2:4.10.10-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2:4.10.10-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3407-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 26, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dpkg

CVE ID : CVE-2015-0860

 

Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb

component of dpkg, the Debian package management system. This flaw could

potentially lead to arbitrary code execution if a user or an automated

system were tricked into processing a specially crafted Debian binary

package (.deb) in the old style Debian binary package format.

 

This update also includes updated translations and additional bug fixes.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.16.17.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.17.26.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3408-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 01, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gnutls26

CVE ID : CVE-2015-8313

 

It was discovered that GnuTLS, a library implementing the TLS and SSL

protocols, incorrectly validates the first byte of padding in CBC modes.

A remote attacker can possibly take advantage of this flaw to perform a

padding oracle attack.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.12.20-8+deb7u4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3409-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 01, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : putty

CVE ID : CVE-2015-5309

 

A memory-corrupting integer overflow in the handling of the ECH (erase

characters) control sequence was discovered in PuTTY's terminal

emulator. A remote attacker can take advantage of this flaw to mount a

denial of service or potentially to execute arbitrary code.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 0.62-9+deb7u3.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.63-10+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 0.66-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.66-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3410-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 01, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icedove

CVE ID : CVE-2015-4473 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489

CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7188

CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7197

CVE-2015-7198 CVE-2015-7199 CVE-2015-7200

 

Multiple security issues have been found in Icedove, Debian's version of

the Mozilla Thunderbird mail client: Multiple memory safety errors,

integer overflows, buffer overflows and other implementation errors may

lead to the execution of arbitrary code or denial of service.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 38.4.0-1~deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 38.4.0-1~deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 38.4.0-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3411-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 02, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cups-filters

CVE ID : CVE-2015-8327

 

Michal Kowalczyk discovered that missing input sanitising in the

foomatic-rip print filter might result in the execution of arbitrary

commands.

 

The oldstable distribution (wheezy) is not affected.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.0.61-5+deb8u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.2.0-1. : CVE-2015-8327

 

Michal Kowalczyk discovered that missing input sanitising in the

foomatic-rip print filter might result in the execution of arbitrary

commands.

 

The oldstable distribution (wheezy) is not affected.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.0.61-5+deb8u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.2.0-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3412-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 03, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : redis

CVE ID : CVE-2015-8080

Debian Bug : 804419

 

Luca Bruno discovered an integer overflow flaw leading to a stack-based

buffer overflow in redis, a persistent key-value database. A remote

attacker can use this flaw to cause a denial of service (application

crash).

 

For the stable distribution (jessie), this problem has been fixed in

version 2:2.8.17-1+deb8u3.

 

For the testing distribution (stretch), this problem has been fixed

in version 2:3.0.5-4.

 

For the unstable distribution (sid), this problem has been fixed in

version 2:3.0.5-4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3413-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 04, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2015-3194 CVE-2015-3195 CVE-2015-3196

 

Multiple vulnerabilities have been discovered in OpenSSL, a Secure

Sockets Layer toolkit. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2015-3194

 

Loic Jonas Etienne of Qnective AG discovered that the signature

verification routines will crash with a NULL pointer dereference if

presented with an ASN.1 signature using the RSA PSS algorithm and

absent mask generation function parameter. A remote attacker can

exploit this flaw to crash any certificate verification operation

and mount a denial of service attack.

 

CVE-2015-3195

 

Adam Langley of Google/BoringSSL discovered that OpenSSL will leak

memory when presented with a malformed X509_ATTRIBUTE structure.

 

CVE-2015-3196

 

A race condition flaw in the handling of PSK identify hints was

discovered, potentially leading to a double free of the identify

hint data.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.0.1e-2+deb7u18.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.0.1k-3+deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.0.2e-1 or earlier.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3414-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 09, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xen

CVE ID : CVE-2015-3259 CVE-2015-3340 CVE-2015-5307 CVE-2015-6654

CVE-2015-7311 CVE-2015-7812 CVE-2015-7813 CVE-2015-7814

CVE-2015-7969 CVE-2015-7970 CVE-2015-7971 CVE-2015-7972

CVE-2015-8104

 

Multiple security issues have been found in the Xen virtualisation

solution, which may result in denial of service or information

disclosure.

 

For the oldstable distribution (wheezy), an update will be provided

later.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.4.1-9+deb8u3.

 

For the unstable distribution (sid), these problems will be fixed soon.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3415-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

December 09, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2015-1302 CVE-2015-6764 CVE-2015-6765 CVE-2015-6766

CVE-2015-6767 CVE-2015-6768 CVE-2015-6769 CVE-2015-6770

CVE-2015-6771 CVE-2015-6772 CVE-2015-6773 CVE-2015-6774

CVE-2015-6775 CVE-2015-6776 CVE-2015-6777 CVE-2015-6778

CVE-2015-6779 CVE-2015-6780 CVE-2015-6781 CVE-2015-6782

CVE-2015-6784 CVE-2015-6785 CVE-2015-6786

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2015-1302

 

Rub Wu discovered an information leak in the pdfium library.

 

CVE-2015-6764

 

Guang Gong discovered an out-of-bounds read issue in the v8

javascript library.

 

CVE-2015-6765

 

A use-after-free issue was discovered in AppCache.

 

CVE-2015-6766

 

A use-after-free issue was discovered in AppCache.

 

CVE-2015-6767

 

A use-after-free issue was discovered in AppCache.

 

CVE-2015-6768

 

Mariusz Mlynski discovered a way to bypass the Same Origin

Policy.

 

CVE-2015-6769

 

Mariusz Mlynski discovered a way to bypass the Same Origin

Policy.

 

CVE-2015-6770

 

Mariusz Mlynski discovered a way to bypass the Same Origin

Policy.

 

CVE-2015-6771

 

An out-of-bounds read issue was discovered in the v8

javascript library.

 

CVE-2015-6772

 

Mariusz Mlynski discovered a way to bypass the Same Origin

Policy.

 

CVE-2015-6773

 

cloudfuzzer discovered an out-of-bounds read issue in the

skia library.

 

CVE-2015-6774

 

A use-after-free issue was found in extensions binding.

 

CVE-2015-6775

 

Atte Kettunen discovered a type confusion issue in the pdfium

library.

 

CVE-2015-6776

 

Hanno Böck dicovered and out-of-bounds access issue in the

openjpeg library, which is used by pdfium.

 

CVE-2015-6777

 

Long Liu found a use-after-free issue.

 

CVE-2015-6778

 

Karl Skomski found an out-of-bounds read issue in the pdfium

library.

 

CVE-2015-6779

 

Til Jasper Ullrich discovered that the pdfium library does

not sanitize "chrome:" URLs.

 

CVE-2015-6780

 

Khalil Zhani discovered a use-after-free issue.

 

CVE-2015-6781

 

miaubiz discovered an integer overflow issue in the sfntly

library.

 

CVE-2015-6782

 

Luan Herrera discovered a URL spoofing issue.

 

CVE-2015-6784

 

Inti De Ceukelaire discovered a way to inject HTML into

serialized web pages.

 

CVE-2015-6785

 

Michael Ficarra discovered a way to bypass the Content

Security Policy.

 

CVE-2015-6786

 

Michael Ficarra discovered another way to bypass the Content

Security Policy.

 

For the stable distribution (jessie), these problems have been fixed in

version 47.0.2526.73-1~deb8u1.

 

For the testing distribution (stretch), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 47.0.2526.73-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3416-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

December 13, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libphp-phpmailer

CVE ID : CVE-2015-8476

Debian Bug : 807265

 

Takeshi Terada discovered a vulnerability in PHPMailer, a PHP library for

email transfer, used by many CMSs. The library accepted email addresses

and SMTP commands containing line breaks, which can be abused by an

attacker to inject messages.

 

For the oldstable distribution (wheezy), this problem has been fixed in

version 5.1-1+deb6u11.

 

For the stable distribution (jessie), this problem has been fixed in

version 5.2.9+dfsg-2+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 5.2.14+dfsg-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3417-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

December 14, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bouncycastle

CVE ID : CVE-2015-7940

Debian Bug : 802671

 

Tibor Jager, Jörg Schwenk, and Juraj Somorovsky, from Horst Görtz

Institute for IT Security, published a paper in ESORICS 2015 where they

describe an invalid curve attack in Bouncy Castle Crypto, a Java library

for cryptography. An attacker is able to recover private Elliptic Curve

keys from different applications, for example, TLS servers.

 

More information:

http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html

Practical Invalid Curve Attacks on TLS-ECDH:

http://euklid.org/pdf/ECC_Invalid_Curve.pdf

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.44+dfsg-3.1+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.49+dfsg-3+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.51-2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3418-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

December 14, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2015-6788 CVE-2015-6789 CVE-2015-6790 CVE-2015-6791

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2015-6788

 

A type confusion issue was discovered in the handling of extensions.

 

CVE-2015-6789

 

cloudfuzzer discovered a use-after-free issue.

 

CVE-2015-6790

 

Inti De Ceukelaire discovered a way to inject HTML into

serialized web pages.

 

CVE-2015-6791

 

The chrome 47 development team found and fixed various issues

during internal auditing. Also multiple issues were fixed in

the v8 javascript library, version 4.7.80.23.

 

For the stable distribution (jessie), these problems have been fixed in

version 47.0.2526.80-1~deb8u1.

 

For the testing distribution (stretch), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 47.0.2526.80-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3419-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 15, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cups-filters

CVE ID : CVE-2015-8560

Debian Bug : 807930

 

Adam Chester discovered that missing input sanitising in the

foomatic-rip print filter might result in the execution of arbitrary

commands.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.0.61-5+deb8u3.

 

For the unstable distribution (sid), this problem has been fixed in

version 1.4.0-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3420-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 15, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bind9

CVE ID : CVE-2015-8000

Debian Bug : 808081

 

It was discovered that the BIND DNS server does not properly handle the

parsing of incoming responses, allowing some records with an incorrect

class to be accepted by BIND instead of being rejected as malformed.

This can trigger a REQUIRE assertion failure when those records are

subsequently cached. A remote attacker can exploit this flaw to cause a

denial of service against servers performing recursive queries.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u8.

 

For the stable distribution (jessie), this problem has been fixed in

version 1:9.9.5.dfsg-9+deb8u4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3422-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 16, 2015 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iceweasel

CVE ID : CVE-2015-7201 CVE-2015-7205 CVE-2015-7210 CVE-2015-7212

CVE-2015-7213 CVE-2015-7214 CVE-2015-7222

 

Multiple security issues have been found in Iceweasel, Debian's version

of the Mozilla Firefox web browser: Multiple memory safety errors,

integer overflows, use-after-frees and other implementation errors

may lead to the execution of arbitrary code, bypass of the same-origin

policy or denial of service.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 38.5.0esr-1~deb7u2.

 

For the stable distribution (jessie), these problems have been fixed in

version 38.5.0esr-1~deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 38.5.0esr-1.

Link to comment
Share on other sites

×
×
  • Create New...