Jump to content

Recommended Posts

sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3526-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 23, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libmatroska

CVE ID : CVE-2015-8792

 

It was discovered that libmatroska, an extensible open standard

audio/video container format, incorrectly processed EBML lacing. By

providing maliciously crafted input, an attacker could use this flaw

to force some leakage of information located in the process heap

memory.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.3.0-2+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.4.1-2+deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, this

problem has been fixed in version 1.4.4-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3528-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 23, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : pidgin-otr

CVE ID : CVE-2015-8833

 

Stefan Sperling discovered that pidgin-otr, a Pidgin plugin

implementing Off-The-Record messaging, contained a use-after-free

bug. This could be used by a malicious remote user to intentionally

crash the application, thus causing a denial-of-service.

 

For the stable distribution (jessie), this problem has been fixed in

version 4.0.1-1+deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, this

problem has been fixed in version 4.0.2-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3529-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 23, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : redmine

CVE ID : CVE-2015-8474 CVE-2015-8346 CVE-2015-8473 CVE-2015-8537

 

Multiple vulnerabilities have been found in Redmine, a project management

web application, which may result in information disclosure.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.0~20140825-8~deb8u2.

 

For the testing distribution (stretch), these problems have been fixed

in version 3.2.0-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 3.2.0-1.

Link to post
Share on other sites
  • Replies 1.9k
  • Created
  • Last Reply

Top Posters In This Topic

  • sunrat

    1557

  • V.T. Eric Layton

    171

  • securitybreach

    112

  • Bruno

    65

Top Posters In This Topic

Popular Posts

- ------------------------------------------------------------------------- Debian Security Advisory DSA-3093-1 security@debian.org http://www.debian.org/security/

- ------------------------------------------------------------------------- Debian Security Advisory DSA-3401-1 security@debian.org https://www.debian.org/security/

- ------------------------------------------------------------------------- Debian Security Advisory DSA-4123-1 security@debian.org https://www.debian.org/security/

sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3527-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 24, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : inspircd

CVE ID : CVE-2015-8702

 

It was discovered that inspircd, an IRC daemon, incorrectly handled

PTR lookups of connecting users. This flaw allowed a remote attacker

to crash the application by setting up malformed DNS records, thus

causing a denial-of-service,

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.0.5-1+deb7u2.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.0.17-1+deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, this

problem has been fixed in version 2.0.20-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3530-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 25, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tomcat6

CVE ID : CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033

CVE-2014-0075 CVE-2014-0096 CVE-2014-0099 CVE-2014-0119

CVE-2014-0227 CVE-2014-0230 CVE-2014-7810 CVE-2015-5174

CVE-2015-5345 CVE-2015-5346 CVE-2015-5351 CVE-2016-0706

CVE-2016-0714 CVE-2016-0763

 

Multiple security vulnerabilities have been fixed in the Tomcat servlet

and JSP engine, which may result on bypass of security manager

restrictions, information disclosure, denial of service or session

fixation.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 6.0.45+dfsg-1~deb7u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3531-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

March 25, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromum-browser

CVE ID : CVE-2016-1646 CVE-2016-1647 CVE-2016-1648 CVE-2016-1649

CVE-2016-1650

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2016-1646

 

Wen Xu discovered an out-of-bounds read issue in the v8 library.

 

CVE-2016-1647

 

A use-after-free issue was discovered.

 

CVE-2016-1648

 

A use-after-free issue was discovered in the handling of extensions.

 

CVE-2016-1649

 

lokihardt discovered a buffer overflow issue in the Almost Native

Graphics Layer Engine (ANGLE) library.

 

CVE-2016-1650

 

The chrome development team found and fixed various issues during

internal auditing. Also multiple issues were fixed in the v8

javascript library, version 4.9.385.33.

 

For the stable distribution (jessie), these problems have been fixed in

version 49.0.2623.108-1~deb8u1.

 

For the testing distribution (stretch), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 49.0.2623.108-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3532-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : quagga

CVE ID : CVE-2016-2342

Debian Bug : 819179

 

Kostya Kortchinsky discovered a stack-based buffer overflow

vulnerability in the VPNv4 NLRI parser in bgpd in quagga, a BGP/OSPF/RIP

routing daemon. A remote attacker can exploit this flaw to cause a

denial of service (daemon crash), or potentially, execution of arbitrary

code, if bgpd is configured with BGP peers enabled for VPNv4.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 0.99.22.4-1+wheezy2.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.99.23.1-1+deb8u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3533-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 29, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openvswitch

CVE ID : CVE-2016-2074

 

Kashyap Thimmaraju and Bhargava Shastry discovered a remotely

triggerable buffer overflow vulnerability in openvswitch, a production

quality, multilayer virtual switch implementation. Specially crafted

MPLS packets could overflow the buffer reserved for MPLS labels in an

OVS internal data structure. A remote attacker can take advantage of

this flaw to cause a denial of service, or potentially, execution of

arbitrary code.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.3.0+git20140819-3+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.3.0+git20140819-4.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3534-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 29, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dhcpcd

CVE ID : CVE-2012-6698 CVE-2012-6699 CVE-2012-6700

 

Guido Vranken discovered several vulnerabilities in dhcpcd, a DHCP

client, which may result in denial of service.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1:3.2.3-11+deb7u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3535-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 29, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : kamailio

CVE ID : CVE-2016-2385

 

Stelios Tsampas discovered a buffer overflow in the Kamailio SIP proxy

which might result in the execution of arbitrary code.

 

For the stable distribution (jessie), this problem has been fixed in

version 4.2.0-2+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 4.3.4-2.

 

For the unstable distribution (sid), this problem has been fixed in

version 4.3.4-2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3536-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 31, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libstruts1.2-java

CVE ID : CVE-2015-0899

 

It was discovered that libstruts1.2-java, a Java framework for MVC

applications, contains a bug in its multi-page validation code. This

allows input validation to be bypassed, even if MPV is not used

directly.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.2.9-5+deb7u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3537-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 31, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imlib2

CVE ID : CVE-2014-9762 CVE-2014-9763 CVE-2014-9764

 

Several vulnerabilities were discovered in imlib2, an image

manipulation library.

 

CVE-2014-9762

 

A segmentation fault could occur when opening GIFs without a

colormap.

 

CVE-2014-9763

 

Several divisions by zero, resulting in a program crash, could

occur when handling PNM files.

 

CVE-2014-9764

 

A segmentation fault could occur when opening GIFs with feh.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.4.5-1+deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.4.6-2+deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, these

problems have been fixed in version 1.4.7-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3538-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 31, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libebml

CVE ID : CVE-2015-8789 CVE-2015-8790 CVE-2015-8791

 

Several vulnerabilities were discovered in libebml, a library for

manipulating Extensible Binary Meta Language files.

 

CVE-2015-8789

 

Context-dependent attackers could trigger a use-after-free

vulnerability by providing a maliciously crafted EBML document.

 

CVE-2015-8790

 

Context-dependent attackers could obtain sensitive information

from the process' heap memory by using a maliciously crafted UTF-8

string.

 

CVE-2015-8791

 

Context-dependent attackers could obtain sensitive information

from the process' heap memory by using a maliciously crafted

length value in an EBML id.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.2.2-2+deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.3.0-2+deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, these

problems have been fixed in version 1.3.3-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3539-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 02, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : srtp

CVE ID : CVE-2015-6360

Debian Bug : 807698

 

Randell Jesup and the Firefox team discovered that srtp, Cisco's

reference implementation of the Secure Real-time Transport Protocol

(SRTP), does not properly handle RTP header CSRC count and extension

header length. A remote attacker can exploit this vulnerability to crash

an application linked against libsrtp, resulting in a denial of service.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 1.4.4+20100615~dfsg-2+deb7u2.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.4.5~20130609~dfsg-1.1+deb8u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3540-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 03, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lhasa

CVE ID : CVE-2016-2347

 

Marcin Noga discovered an integer underflow in Lhasa, a lzh archive

decompressor, which might result in the execution of arbitrary code if

a malformed archive is processed.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 0.0.7-2+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.2.0+git3fe46-1+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 0.3.1-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.3.1-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3541-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

April 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : roundcube

CVE ID : CVE-2015-8770

 

High-Tech Bridge Security Research Lab discovered that Roundcube, a

webmail client, contained a path traversal vulnerability. This flaw

could be exploited by an attacker to access sensitive files on the

server, or even execute arbitrary code.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 0.7.2-9+deb7u2.

 

For the testing (stretch) and unstable (sid) distributions, this

problem has been fixed in version 1.1.4+dfsg.1-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3542-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mercurial

CVE ID : CVE-2016-3068 CVE-2016-3069 CVE-2016-3630

Debian Bug : 819504

 

Several vulnerabilities have been discovered in Mercurial, a distributed

version control system. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2016-3068

 

Blake Burkhart discovered that Mercurial allows URLs for Git

subrepositories that could result in arbitrary code execution on

clone.

 

CVE-2016-3069

 

Blake Burkhart discovered that Mercurial allows arbitrary code

execution when converting Git repositories with specially

crafted names.

 

CVE-2016-3630

 

It was discovered that Mercurial does not properly perform bounds-

checking in its binary delta decoder, which may be exploitable for

remote code execution via clone, push or pull.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 2.2.2-4+deb7u2.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.1.2-2+deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 3.7.3-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3543-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : oar

CVE ID : CVE-2016-1235

 

Emmanuel Thome discovered that missing sanitising in the oarsh command

of OAR, a software used to manage jobs and resources of HPC clusters,

could result in privilege escalation.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.5.2-3+deb7u1.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.5.4-2+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.5.7-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3544-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 07, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-django

CVE ID : CVE-2016-2512 CVE-2016-2513

Debian Bug : 816434

 

Several vulnerabilities were discovered in Django, a high-level Python

web development framework. The Common Vulnerabilities and Exposures

project identifies the following problems:

 

CVE-2016-2512

 

Mark Striemer discovered that some user-supplied redirect URLs

containing basic authentication credentials are incorrectly handled,

potentially allowing a remote attacker to perform a malicious

redirect or a cross-site scripting attack.

 

CVE-2016-2513

 

Sjoerd Job Postmus discovered that Django allows user enumeration

through timing difference on password hasher work factor upgrades.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.4.5-1+deb7u16.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.7.7-1+deb8u4.

 

For the testing distribution (stretch), these problems have been fixed

in version 1.9.4-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.9.4-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3545-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 07, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : cgit

CVE ID : CVE-2016-1899 CVE-2016-1900 CVE-2016-1901

Debian Bug : 812411

 

Several vulnerabilities were discovered in cgit, a fast web frontend for

git repositories written in C. A remote attacker can take advantage of

these flaws to perform cross-site scripting, header injection or denial

of service attacks.

 

For the stable distribution (jessie), these problems have been fixed in

version 0.10.2.git2.0.1-3+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 0.12.0.git2.7.0-1 or earlier.

 

For the unstable distribution (sid), these problems have been fixed in

version 0.12.0.git2.7.0-1 or earlier.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3546-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 07, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : optipng

CVE ID : CVE-2016-2191

 

Hans Jerry Illikainen discovered that missing input sanitising in the

BMP processing code of the optipng PNG optimiser may result in denial of

service or the execution of arbitrary code if a malformed file is

processed.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 0.6.4-1+deb7u2. This update also fixes CVE-2015-7801, which

was originally targeted for a wheezy point update.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.7.5-1+deb8u1.

 

For the unstable distribution (sid), this problem will be fixed soon.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3547-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

April 11, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imagemagick

Debian Bug : 811308

 

Several vulnerabilities were discovered in Imagemagick, a program suite for

image manipulation. This update fixes a large number of potential security

problems such as null-pointer access and buffer-overflows that might lead

to memory leaks or denial of service. Any of these security problems have

a CVE number assigned.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 8:6.7.7.10-5+deb7u4.

 

For the stable distribution (jessie), this problem was already fixed in

version 8:6.8.9.9-5+deb8u1, in the last point release.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3485-2 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

April 12, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : didiwiki

Debian Bug : 818708

 

The update for didiwiki issued as DSA-3485-1 introduced a regression

that caused a large number of valid pages to not be accessible

anymore. This occurred mostly for pages whose names started with

non-ascii characters.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 0.5-11+deb7u2.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.5-11+deb8u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.5-13.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3548-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 13, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

CVE ID : CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112

CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118

 

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,

print, and login server for Unix. The Common Vulnerabilities and

Exposures project identifies the following issues:

 

CVE-2015-5370

 

Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC

code which can lead to denial of service (crashes and high cpu

consumption) and man-in-the-middle attacks.

 

CVE-2016-2110

 

Stefan Metzmacher of SerNet and the Samba Team discovered that the

feature negotiation of NTLMSSP does not protect against downgrade

attacks.

 

CVE-2016-2111

 

When Samba is configured as domain controller, it allows remote

attackers to spoof the computer name of a secure channel's endpoint,

and obtain sensitive session information. This flaw corresponds to

the same vulnerability as CVE-2015-0005 for Windows, discovered by

Alberto Solino from Core Security.

 

CVE-2016-2112

 

Stefan Metzmacher of SerNet and the Samba Team discovered that a

man-in-the-middle attacker can downgrade LDAP connections to avoid

integrity protection.

 

CVE-2016-2113

 

Stefan Metzmacher of SerNet and the Samba Team discovered that

man-in-the-middle attacks are possible for client triggered LDAP

connections and ncacn_http connections.

 

CVE-2016-2114

 

Stefan Metzmacher of SerNet and the Samba Team discovered that Samba

does not enforce required smb signing even if explicitly configured.

 

CVE-2016-2115

 

Stefan Metzmacher of SerNet and the Samba Team discovered that SMB

connections for IPC traffic are not integrity-protected.

 

CVE-2016-2118

 

Stefan Metzmacher of SerNet and the Samba Team discovered that a

man-in-the-middle attacker can intercept any DCERPC traffic between

a client and a server in order to impersonate the client and obtain

the same privileges as the authenticated user account.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 2:3.6.6-6+deb7u9. The oldstable distribution is not affected

by CVE-2016-2113 and CVE-2016-2114.

 

For the stable distribution (jessie), these problems have been fixed in

version 2:4.2.10+dfsg-0+deb8u1. The issues were addressed by upgrading

to the new upstream version 4.2.10, which includes additional changes

and bugfixes. The depending libraries ldb, talloc, tdb and tevent

required as well an update to new upstream versions for this update.

 

For the unstable distribution (sid), these problems have been fixed in

version 2:4.3.7+dfsg-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3548-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 14, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

Debian Bug : 820947

 

The upgrade to Samba 4.2 issued as DSA-3548-1 introduced a packaging

regression causing an additional dependency on the samba binary package

for the samba-libs, samba-common-bin, python-samba and samba-vfs-modules

binary packages. Updated packages are now available to address this

problem.

 

For the stable distribution (jessie), this problem has been fixed in

version 2:4.2.10+dfsg-0+deb8u2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3548-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 13, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

CVE ID : CVE-2015-5370 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112

CVE-2016-2113 CVE-2016-2114 CVE-2016-2115 CVE-2016-2118

 

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,

print, and login server for Unix. The Common Vulnerabilities and

Exposures project identifies the following issues:

 

CVE-2015-5370

 

Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC

code which can lead to denial of service (crashes and high cpu

consumption) and man-in-the-middle attacks.

 

CVE-2016-2110

 

Stefan Metzmacher of SerNet and the Samba Team discovered that the

feature negotiation of NTLMSSP does not protect against downgrade

attacks.

 

CVE-2016-2111

 

When Samba is configured as domain controller, it allows remote

attackers to spoof the computer name of a secure channel's endpoint,

and obtain sensitive session information. This flaw corresponds to

the same vulnerability as CVE-2015-0005 for Windows, discovered by

Alberto Solino from Core Security.

 

CVE-2016-2112

 

Stefan Metzmacher of SerNet and the Samba Team discovered that a

man-in-the-middle attacker can downgrade LDAP connections to avoid

integrity protection.

 

CVE-2016-2113

 

Stefan Metzmacher of SerNet and the Samba Team discovered that

man-in-the-middle attacks are possible for client triggered LDAP

connections and ncacn_http connections.

 

CVE-2016-2114

 

Stefan Metzmacher of SerNet and the Samba Team discovered that Samba

does not enforce required smb signing even if explicitly configured.

 

CVE-2016-2115

 

Stefan Metzmacher of SerNet and the Samba Team discovered that SMB

connections for IPC traffic are not integrity-protected.

 

CVE-2016-2118

 

Stefan Metzmacher of SerNet and the Samba Team discovered that a

man-in-the-middle attacker can intercept any DCERPC traffic between

a client and a server in order to impersonate the client and obtain

the same privileges as the authenticated user account.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 2:3.6.6-6+deb7u9. The oldstable distribution is not affected

by CVE-2016-2113 and CVE-2016-2114.

 

For the stable distribution (jessie), these problems have been fixed in

version 2:4.2.10+dfsg-0+deb8u1. The issues were addressed by upgrading

to the new upstream version 4.2.10, which includes additional changes

and bugfixes. The depending libraries ldb, talloc, tdb and tevent

required as well an update to new upstream versions for this update.

 

For the unstable distribution (sid), these problems have been fixed in

version 2:4.3.7+dfsg-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3548-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 14, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

Debian Bug : 820947

 

The upgrade to Samba 4.2 issued as DSA-3548-1 introduced a packaging

regression causing an additional dependency on the samba binary package

for the samba-libs, samba-common-bin, python-samba and samba-vfs-modules

binary packages. Updated packages are now available to address this

problem.

 

For the stable distribution (jessie), this problem has been fixed in

version 2:4.2.10+dfsg-0+deb8u2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3549-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

April 15, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2016-1651 CVE-2016-1652 CVE-2016-1653 CVE-2016-1654

CVE-2016-1655 CVE-2016-1657 CVE-2016-1658 CVE-2016-1659

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2016-1651

 

An out-of-bounds read issue was discovered in the pdfium library.

 

CVE-2016-1652

 

A cross-site scripting issue was discovered in extension bindings.

 

CVE-2016-1653

 

Choongwoo Han discovered an out-of-bounds write issue in the v8

javascript library.

 

CVE-2016-1654

 

Atte Kettunen discovered an uninitialized memory read condition.

 

CVE-2016-1655

 

Rob Wu discovered a use-after-free issue related to extensions.

 

CVE-2016-1657

 

Luan Herrera discovered a way to spoof URLs.

 

CVE-2016-1658

 

Antonio Sanso discovered an information leak related to extensions.

 

CVE-2016-1659

 

The chrome development team found and fixed various issues during

internal auditing.

 

For the stable distribution (jessie), these problems have been fixed in

version 50.0.2661.75-1~deb8u1.

 

For the testing distribution (stretch), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 50.0.2661.75-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3550-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 15, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssh

CVE ID : CVE-2015-8325

 

Shayan Sadigh discovered a vulnerability in OpenSSH: If PAM support is

enabled and the sshd PAM configuration is configured to read user-

specified environment variables and the "UseLogin" option is enabled, a

local user may escalate her privileges to root.

 

In Debian "UseLogin" is not enabled by default.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 6.0p1-4+deb7u4.

 

For the stable distribution (jessie), this problem has been fixed in

version 6.7p1-5+deb8u2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:7.2p2-3.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3551-1 security@debian.org

https://www.debian.org/security/ Florian Weimer

April 16, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : fuseiso

CVE ID : CVE-2015-8836 CVE-2015-8837

Debian Bug : 779047

 

It was discovered that fuseiso, a user-space implementation of the

ISO 9660 file system based on FUSE, contains several vulnerabilities.

 

CVE-2015-8836

 

A stack-based buffer overflow may allow attackers who can trick a

user into mounting a crafted ISO 9660 file system to cause a

denial of service (crash), or, potentially, execute arbitrary

code.

 

CVE-2015-8837

 

An integer overflow leads to a heap-based buffer overflow, which

allows an attacker (who can trick a user into mounting a crafted

ISO 9660 file system) to cause a denial of service (crash), or,

potentially, execute arbitrary code.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 20070708-3+deb7u1.

 

The stable distribution (jessie) does not contain fuseiso packages.

 

For the unstable distribution (sid), these problems have been fixed in

version 20070708-3.2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3552-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 17, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tomcat7

CVE ID : CVE-2015-5174 CVE-2015-5345 CVE-2015-5346 CVE-2015-5351

CVE-2016-0706 CVE-2016-0714 CVE-2016-0763

 

Multiple security vulnerabilities have been discovered in the Tomcat

servlet and JSP engine, which may result in information disclosure,

the bypass of CSRF protections and bypass of the SecurityManager.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 7.0.28-4+deb7u4. This update also fixes CVE-2014-0119 and

CVE-2014-0096.

 

For the stable distribution (jessie), these problems have been fixed in

version 7.0.56-3+deb8u2.

 

For the testing distribution (stretch), these problems have been fixed

in version 7.0.68-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 7.0.68-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3554-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 21, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xen

CVE ID : CVE-2016-3158 CVE-2016-3159 CVE-2016-3960

 

Multiple vulnerabilities have been discovered in the Xen hypervisor. The

Common Vulnerabilities and Exposures project identifies the following

problems:

 

CVE-2016-3158, CVE-2016-3159 (XSA-172)

 

Jan Beulich from SUSE discovered that Xen does not properly handle

writes to the hardware FSW.ES bit when running on AMD64 processors.

A malicious domain can take advantage of this flaw to obtain address

space usage and timing information, about another domain, at a

fairly low rate.

 

CVE-2016-3960 (XSA-173)

 

Ling Liu and Yihan Lian of the Cloud Security Team, Qihoo 360

discovered an integer overflow in the x86 shadow pagetable code. A

HVM guest using shadow pagetables can cause the host to crash. A PV

guest using shadow pagetables (i.e. being migrated) with PV

superpages enabled (which is not the default) can crash the host, or

corrupt hypervisor memory, potentially leading to privilege

escalation.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.4.1-9+deb8u5.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3553-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

April 22, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : varnish

CVE ID : CVE-2015-8852

Debian Bug : 783510

 

Régis Leroy from Makina Corpus discovered that varnish, a caching HTTP

reverse proxy, is vulnerable to HTTP smuggling issues, potentially

resulting in cache poisoning or bypassing of access control policies.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 3.0.2-2+deb7u2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3555-1 security@debian.org

https://www.debian.org/security/ Alessandro Ghedini

April 23, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imlib2

CVE ID : CVE-2011-5326 CVE-2014-9771 CVE-2016-3993 CVE-2016-3994

CVE-2016-4024

Debian Bug : 639414 785369 819818 820206 821732

 

Several vulnerabilities were discovered in imlib2, an image manipulation

library.

 

CVE-2011-5326

 

Kevin Ryde discovered that attempting to draw a 2x1 radi ellipse

results in a floating point exception.

 

CVE-2014-9771

 

It was discovered that an integer overflow could lead to invalid

memory reads and unreasonably large memory allocations.

 

CVE-2016-3993

 

Yuriy M. Kaminskiy discovered that drawing using coordinates from

an untrusted source could lead to an out-of-bound memory read, which

in turn could result in an application crash.

 

CVE-2016-3994

 

Jakub Wilk discovered that a malformed image could lead to an

out-of-bound read in the GIF loader, which may result in an

application crash or information leak.

 

CVE-2016-4024

 

Yuriy M. Kaminskiy discovered an integer overflow that could lead to

an insufficient heap allocation and out-of-bound memory write.

 

For the oldstable distribution (wheezy), these problems have been fixed

in version 1.4.5-1+deb7u2.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.4.6-2+deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.4.8-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3556-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 24, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libgd2

CVE ID : CVE-2016-3074

Debian Bug : 822242

 

Hans Jerry Illikainen discovered that libgd2, a library for programmatic

graphics creation and manipulation, suffers of a signedness

vulnerability which may result in a heap overflow when processing

specially crafted compressed gd2 data. A remote attacker can take

advantage of this flaw to cause an application using the libgd2 library

to crash, or potentially, to execute arbitrary code with the privileges

of the user running the application.

 

For the oldstable distribution (wheezy), this problem has been fixed

in version 2.0.36~rc1~dfsg-6.1+deb7u2.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.1.0-5+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.1.1-4.1.

Link to post
Share on other sites
sunrat

------------------------------------------------------------------------

The Debian Project https://www.debian.org/

Security support for Wheezy handed over to the LTS team press@debian.org

April 25th, 2016 https://www.debian.org/News/2016/20160425

------------------------------------------------------------------------

 

 

As of 25 April, one year after the release of Debian 8, alias "Jessie",

and nearly three years after the release of Debian 7, alias "Wheezy",

regular security support for Wheezy comes to an end. The Debian Long

Term Support (LTS) [1] Team will take over security support.

 

1: https://wiki.debian.org/LTS/

 

 

Information for users

---------------------

 

Wheezy LTS will be supported from 26 April 2016 to 31 May 2018.

 

For Debian 7 Wheezy LTS there will be no requirement to add a separate

wheezy-lts suite to your sources.list any more and your current setup

will continue to work without further changes.

 

For how to use Debian Long Term Support please read LTS/Using [2].

 

2: https://wiki.debian.org/LTS/Using

 

Important information and changes regarding Wheezy LTS can be found at

LTS/Wheezy [3].

 

3: https://wiki.debian.org/LTS/Wheezy

 

Most notably OpenJDK 7 will be made the new Java default JRE/JDK on 26

June 2016 to ensure full security support until Wheezy LTS reaches its

end-of-life.

 

You should also subscribe to the announcement mailing list [4] for

security updates for Wheezy LTS.

 

4: https://lists.debian.org/debian-lts-announce/

 

A few packages are not covered by the Wheezy LTS support. These can be

detected by installing the debian-security-support [5] package. If

debian-security-support detects an unsupported package which is critical

to you, please get in touch with <debian-lts@lists.debian.org>.

 

5: https://tracker.debian.org/pkg/debian-security-support

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3557-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 26, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mysql-5.5

CVE ID : CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643

CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648

CVE-2016-0649 CVE-2016-0650 CVE-2016-0666 CVE-2016-2047

Debian Bug : 821100

 

Several issues have been discovered in the MySQL database server. The

vulnerabilities are addressed by upgrading MySQL to the new upstream

version 5.5.49. Please see the MySQL 5.5 Release Notes and Oracle's

Critical Patch Update advisory for further details:

 

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-48.html

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-49.html

http://www.oracle.com/technetwork/topics/security/cpuapr2016-2881694.html

 

For the stable distribution (jessie), these problems have been fixed in

version 5.5.49-0+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3558-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 26, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2016-0636 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695

CVE-2016-3425 CVE-2016-3426 CVE-2016-3427

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in breakouts of

the Java sandbox, denial of service or information disclosure.

 

For the stable distribution (jessie), these problems have been fixed in

version 7u101-2.6.6-1~deb8u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3559-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : iceweasel

CVE ID : CVE-2016-2805 CVE-2016-2807 CVE-2016-2808 CVE-2016-2814

 

Multiple security issues have been found in Iceweasel, Debian's version

of the Mozilla Firefox web browser: Multiple memory safety errors and

buffer overflows may lead to the execution of arbitrary code or denial

of service.

 

For the oldstable distribution (wheezy), these problems have been fixed in

version 38.8.0esr-1~deb7u1.

 

For the stable distribution (jessie), these problems have been fixed in

version 38.8.0esr-1~deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 45.1.0esr-1 of the firefox-esr source package and version

46.0-1 of the firefox source package.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3560-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072

CVE-2016-4073

 

Several vulnerabilities were found in PHP, a general-purpose scripting

language commonly used for web application development.

 

The vulnerabilities are addressed by upgrading PHP to the new upstream

version 5.6.20, which includes additional bug fixes. Please refer to the

upstream changelog for more information:

 

https://php.net/ChangeLog-5.php#5.6.20

 

For the stable distribution (jessie), these problems have been fixed in

version 5.6.20+dfsg-0+deb8u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3561-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

April 29, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : subversion

CVE ID : CVE-2016-2167 CVE-2016-2168

 

Several vulnerabilities were discovered in Subversion, a version control

system. The Common Vulnerabilities and Exposures project identifies the

following problems:

 

CVE-2016-2167

 

Daniel Shahaf and James McCoy discovered that an implementation

error in the authentication against the Cyrus SASL library would

permit a remote user to specify a realm string which is a prefix of

the expected realm string and potentially allowing a user to

authenticate using the wrong realm.

 

CVE-2016-2168

 

Ivan Zhakov of VisualSVN discovered a remotely triggerable denial

of service vulnerability in the mod_authz_svn module during COPY or

MOVE authorization check. An authenticated remote attacker could

take advantage of this flaw to cause a denial of service

(Subversion server crash) via COPY or MOVE requests with specially

crafted header.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.8.10-6+deb8u4.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.9.4-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3562-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 01, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tardiff

CVE ID : CVE-2015-0857 CVE-2015-0858

 

Several vulnerabilities were discovered in tardiff, a tarball comparison

tool. The Common Vulnerabilities and Exposures project identifies the

following problems:

 

CVE-2015-0857

 

Rainer Mueller and Florian Weimer discovered that tardiff is prone

to shell command injections via shell meta-characters in filenames

in tar files or via shell meta-characters in the tar filename

itself.

 

CVE-2015-0858

 

Florian Weimer discovered that tardiff uses predictable temporary

directories for unpacking tarballs. A malicious user can use this

flaw to overwrite files with permissions of the user running the

tardiff command line tool.

 

For the stable distribution (jessie), these problems have been fixed in

version 0.1-2+deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 0.1-5 and partially in earlier versions.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3563-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 01, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : poppler

CVE ID : CVE-2015-8868

 

It was discovered that a heap overflow in the Poppler PDF library may

result in denial of service and potentially the execution of arbitrary

code if a malformed PDF file is opened.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.26.5-2+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 0.38.0-3.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.38.0-3.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3564-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

May 02, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2016-1660 CVE-2016-1661 CVE-2016-1662 CVE-2016-1663

CVE-2016-1664 CVE-2016-1665 CVE-2016-1666

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2016-1660

 

Atte Kettunen discovered an out-of-bounds write issue.

 

CVE-2016-1661

 

Wadih Matar discovered a memory corruption issue.

 

CVE-2016-1662

 

Rob Wu discovered a use-after-free issue related to extensions.

 

CVE-2016-1663

 

A use-after-free issue was discovered in Blink's bindings to V8.

 

CVE-2016-1664

 

Wadih Matar discovered a way to spoof URLs.

 

CVE-2016-1665

 

gksgudtjr456 discovered an information leak in the v8 javascript

library.

 

CVE-2016-1666

 

The chrome development team found and fixed various issues during

internal auditing.

 

For the stable distribution (jessie), these problems have been fixed in

version 50.0.2661.94-1~deb8u1.

 

For the testing distribution (stretch), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 50.0.2661.94-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3565-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

May 02, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : botan1.10

CVE ID : CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194

CVE-2016-2195 CVE-2016-2849

Debian Bug : 817932 822698

 

Several security vulnerabilities were found in botan1.10, a C++

library which provides support for many common cryptographic

operations, including encryption, authentication, X.509v3 certificates

and CRLs.

 

CVE-2015-5726

The BER decoder would crash due to reading from offset 0 of an

empty vector if it encountered a BIT STRING which did not contain

any data at all. This can be used to easily crash applications

reading untrusted ASN.1 data, but does not seem exploitable for

code execution.

 

CVE-2015-5727

The BER decoder would allocate a fairly arbitrary amount of memory

in a length field, even if there was no chance the read request

would succeed. This might cause the process to run out of memory or

invoke the OOM killer.

 

CVE-2015-7827

Use constant time PKCS #1 unpadding to avoid possible side channel

attack against RSA decryption

 

CVE-2016-2194

Infinite loop in modular square root algorithm.

The ressol function implementing the Tonelli-Shanks algorithm for

finding square roots could be sent into a nearly infinite loop due

to a misplaced conditional check. This could occur if a composite

modulus is provided, as this algorithm is only defined for primes.

This function is exposed to attacker controlled input via the

OS2ECP function during ECC point decompression.

 

CVE-2016-2195

Fix Heap overflow on invalid ECC point.

 

CVE-2016-2849

Use constant time modular inverse algorithm to avoid possible

side channel attack against ECDSA.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.10.8-2+deb8u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3566-1 security@debian.org

https://www.debian.org/security/ Alessandro Ghedini

May 03, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108

CVE-2016-2109 CVE-2016-2176

 

Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer

toolkit.

 

CVE-2016-2105

 

Guido Vranken discovered that an overflow can occur in the function

EVP_EncodeUpdate(), used for Base64 encoding, if an attacker can

supply a large amount of data. This could lead to a heap corruption.

 

CVE-2016-2106

 

Guido Vranken discovered that an overflow can occur in the function

EVP_EncryptUpdate() if an attacker can supply a large amount of data.

This could lead to a heap corruption.

 

CVE-2016-2107

 

Juraj Somorovsky discovered a padding oracle in the AES CBC cipher

implementation based on the AES-NI instruction set. This could allow

an attacker to decrypt TLS traffic encrypted with one of the cipher

suites based on AES CBC.

 

CVE-2016-2108

 

David Benjamin from Google discovered that two separate bugs in the

ASN.1 encoder, related to handling of negative zero integer values

and large universal tags, could lead to an out-of-bounds write.

 

CVE-2016-2109

 

Brian Carpenter discovered that when ASN.1 data is read from a BIO

using functions such as d2i_CMS_bio(), a short invalid encoding can

casuse allocation of large amounts of memory potentially consuming

excessive resources or exhausting memory.

 

CVE-2016-2176

 

Guido Vranken discovered that ASN.1 Strings that are over 1024 bytes

can cause an overread in applications using the X509_NAME_oneline()

function on EBCDIC systems. This could result in arbitrary stack data

being returned in the buffer.

 

Additional information about these issues can be found in the OpenSSL

security advisory at https://www.openssl.org/news/secadv/20160503.txt

 

For the stable distribution (jessie), these problems have been fixed in

version 1.0.1k-3+deb8u5.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.0.2h-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3567-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 04, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libpam-sshauth

CVE ID : CVE-2016-4422

 

It was discovered that libpam-sshauth, a PAM module to authenticate

using an SSH server, does not correctly handle system users. In certain

configurations an attacker can take advantage of this flaw to gain root

privileges.

 

For the stable distribution (jessie), this problem has been fixed in

version 0.3.1-1+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 0.4.1-2.

 

For the unstable distribution (sid), this problem has been fixed in

version 0.4.1-2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3568-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libtasn1-6

CVE ID : CVE-2016-4008

 

Pascal Cuoq and Miod Vallat discovered that Libtasn1, a library to

manage ASN.1 structures, does not correctly handle certain malformed DER

certificates. A remote attacker can take advantage of this flaw to cause

an application using the Libtasn1 library to hang, resulting in a denial

of service.

 

For the stable distribution (jessie), this problem has been fixed in

version 4.2-3+deb8u2.

 

For the testing distribution (stretch), this problem has been fixed

in version 4.8-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 4.8-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3569-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openafs

CVE ID : CVE-2015-8312 CVE-2016-2860

 

Two vulnerabilities were discovered in openafs, an implementation of the

distributed filesystem AFS. The Common Vulnerabilities and Exposures

project identifies the following problems:

 

CVE-2015-8312

 

Potential denial of service caused by a bug in the pioctl

logic allowing a local user to overrun a kernel buffer with a

single NUL byte.

 

CVE-2016-2860

 

Peter Iannucci discovered that users from foreign Kerberos realms

can create groups as if they were administrators.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.6.9-2+deb8u5.

 

For the testing distribution (stretch), these problems have been fixed

in version 1.6.17-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.6.17-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3570-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

May 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mercurial

CVE ID : CVE-2016-3105

 

Blake Burkhart discovered an arbitrary code execution flaw in

Mercurial, a distributed version control system, when using the convert

extension on Git repositories with specially crafted names. This flaw in

particular affects automated code conversion services that allow

arbitrary repository names.

 

For the stable distribution (jessie), this problem has been fixed in

version 3.1.2-2+deb8u3.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.8.1-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3571-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

May 08, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ikiwiki

CVE ID : CVE-2016-4561

 

Simon McVittie discovered a cross-site scripting vulnerability in the

error reporting of Ikiwiki, a wiki compiler. This update also hardens

ikiwiki's use of imagemagick in the img plugin.

 

For the stable distribution (jessie), this problem has been fixed in

version 3.20141016.3.

 

For the unstable distribution (sid), this problem has been fixed in

version 3.20160506.

Link to post
Share on other sites

×
×
  • Create New...