Jump to content

Recommended Posts

sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3612-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 01, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gimp

CVE ID : CVE-2016-4994

Debian Bug : 828179

 

Shmuel H discovered that GIMP, the GNU Image Manipulation Program, is

prone to a use-after-free vulnerability in the channel and layer

properties parsing process when loading a XCF file. An attacker can take

advantage of this flaw to potentially execute arbitrary code with the

privileges of the user running GIMP if a specially crafted XCF file is

processed.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.8.14-1+deb8u1.

Link to post
Share on other sites
  • Replies 1.9k
  • Created
  • Last Reply

Top Posters In This Topic

  • sunrat

    1558

  • V.T. Eric Layton

    171

  • securitybreach

    112

  • Bruno

    65

Top Posters In This Topic

Popular Posts

- ------------------------------------------------------------------------- Debian Security Advisory DSA-3093-1 security@debian.org http://www.debian.org/security/

- ------------------------------------------------------------------------- Debian Security Advisory DSA-3401-1 security@debian.org https://www.debian.org/security/

- ------------------------------------------------------------------------- Debian Security Advisory DSA-4123-1 security@debian.org https://www.debian.org/security/

sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3613-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 02, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libvirt

CVE ID : CVE-2016-5008

 

Vivian Zhang and Christoph Anton Mitterer discovered that setting an

empty VNC password does not work as documented in Libvirt, a

virtualisation abstraction library. When the password on a VNC server is

set to the empty string, authentication on the VNC server will be

disabled, allowing any user to connect, despite the documentation

declaring that setting an empty password for the VNC server prevents all

client connections. With this update the behaviour is enforced by

setting the password expiration to "now".

 

For the stable distribution (jessie), this problem has been fixed in

version 1.2.9-9+deb8u3.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.0.0-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3615-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

July 02, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wireshark

CVE ID : CVE-2016-5350 CVE-2016-5351 CVE-2016-5353 CVE-2016-5354

CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5359

 

Multiple vulnerabilities were discovered in the dissectors/parsers for

PKTC, IAX2, GSM CBCH and NCP, SPOOLS, IEEE 802.11, UMTS FP, USB,

Toshiba, CoSine, NetScreen, WBXML which could result in denial of service

or potentially the execution of arbitrary code.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.12.1+g01b65bf-4+deb8u7.

 

For the testing distribution (stretch), these problems have been fixed

in version 2.0.4+gdd7746e-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.0.4+gdd7746e-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3614-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 02, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tomcat7

CVE ID : CVE-2016-3092

 

The TERASOLUNA Framework Development Team discovered a denial of service

vulnerability in Apache Commons FileUpload, a package to make it

easy to add robust, high-performance, file upload capability to servlets

and web applications. A remote attacker can take advantage of this flaw

by sending file upload requests that cause the HTTP server using the

Apache Commons Fileupload library to become unresponsive, preventing the

server from servicing other requests.

 

Apache Tomcat uses a package renamed copy of Apache Commons FileUpload

to implement the file upload requirements of the Servlet specification

and is therefore also vulnerable to the denial of service vulnerability.

 

For the stable distribution (jessie), this problem has been fixed in

version 7.0.56-3+deb8u3.

 

For the testing distribution (stretch), this problem has been fixed

in version 7.0.70-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 7.0.70-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3616-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 04, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2014-9904 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829

CVE-2016-6130

Debian Bug : 828914

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a privilege escalation, denial of service or information

leaks.

 

CVE-2014-9904

 

It was discovered that the snd_compress_check_input function used in

the ALSA subsystem does not properly check for an integer overflow,

allowing a local user to cause a denial of service.

 

CVE-2016-5728

 

Pengfei Wang discovered a race condition in the MIC VOP driver that

could allow a local user to obtain sensitive information from kernel

memory or cause a denial of service.

 

CVE-2016-5828

 

Cyril Bur and Michael Ellerman discovered a flaw in the handling of

Transactional Memory on powerpc systems allowing a local user to

cause a denial of service (kernel crash) or possibly have

unspecified other impact, by starting a transaction, suspending it,

and then calling any of the exec() class system calls.

 

CVE-2016-5829

 

A heap-based buffer overflow vulnerability was found in the hiddev

driver, allowing a local user to cause a denial of service or,

potentially escalate their privileges.

 

CVE-2016-6130

 

Pengfei Wang discovered a flaw in the S/390 character device drivers

potentially leading to information leak with /dev/sclp.

 

Additionally this update fixes a regression in the ebtables facility

(#828914) that was introduced in DSA-3607-1.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.16.7-ckt25-2+deb8u3.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3617-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

July 06, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : horizon

CVE ID : CVE-2015-3219 CVE-2016-4428

 

Two cross-site scripting vulnerabilities have been found in Horizon,

a web application to control an OpenStack cloud.

 

For the stable distribution (jessie), these problems have been fixed in

version 2014.1.3-7+deb8u2.

 

For the testing distribution (stretch), these problems have been fixed

in version 3:9.0.1-2.

 

For the unstable distribution (sid), these problems have been fixed in

version 3:9.0.1-2.

Link to post
Share on other sites
  • 2 weeks later...
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3618-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

July 14, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771

CVE-2016-5772 CVE-2016-5773

 

Several vulnerabilities were found in PHP, a general-purpose scripting

language commonly used for web application development.

 

The vulnerabilities are addressed by upgrading PHP to the new upstream

version 5.6.23, which includes additional bug fixes. Please refer to the

upstream changelog for more information:

 

https://php.net/ChangeLog-5.php#5.6.23

 

For the stable distribution (jessie), these problems have been fixed in

version 5.6.23+dfsg-0+deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 7.0.8-1 of the php7.0 source package.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3619-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 15, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libgd2

CVE ID : CVE-2016-5116 CVE-2016-5766 CVE-2016-6128 CVE-2016-6132

CVE-2016-6161 CVE-2016-6214

Debian Bug : 829014 829062 829694

 

Several vulnerabilities were discovered in libgd2, a library for

programmatic graphics creation and manipulation. A remote attacker can

take advantage of these flaws to cause a denial-of-service against an

application using the libgd2 library (application crash), or potentially

to execute arbitrary code with the privileges of the user running the

application.

 

For the stable distribution (jessie), these problems have been fixed in

version 2.1.0-5+deb8u4.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.2.2-29-g3c2b605-1 or earlier.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3620-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 15, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : pidgin

CVE ID : CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368

CVE-2016-2369 CVE-2016-2370 CVE-2016-2371 CVE-2016-2372

CVE-2016-2373 CVE-2016-2374 CVE-2016-2375 CVE-2016-2376

CVE-2016-2377 CVE-2016-2378 CVE-2016-2380 CVE-2016-4323

 

Yves Younan of Cisco Talos discovered several vulnerabilities in the

MXit protocol support in pidgin, a multi-protocol instant messaging

client. A remote attacker can take advantage of these flaws to cause a

denial of service (application crash), overwrite files, information

disclosure, or potentially to execute arbitrary code.

 

For the stable distribution (jessie), these problems have been fixed in

version 2.11.0-0+deb8u1.

 

For the testing distribution (stretch), these problems have been fixed

in version 2.11.0-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.11.0-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3621-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 18, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mysql-connector-java

CVE ID : CVE-2015-2575

 

A vulnerability was discovered in mysql-connector-java, a Java database

(JDBC) driver for MySQL, which may result in unauthorized update, insert

or delete access to some MySQL Connectors accessible data as well as

read access to a subset of MySQL Connectors accessible data. The

vulnerability was addressed by upgrading mysql-connector-java to the new

upstream version 5.1.39, which includes additional changes, such as bug

fixes, new features, and possibly incompatible changes. Please see the

MySQL Connector/J Release Notes and Oracle's Critical Patch Update

advisory for further details:

 

https://dev.mysql.com/doc/relnotes/connector-j/5.1/en/news-5-1.html

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixMSQL

 

For the stable distribution (jessie), this problem has been fixed in

version 5.1.39-1~deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3622-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 18, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-django

CVE ID : CVE-2016-6186

 

It was discovered that Django, a high-level Python web development

framework, is prone to a cross-site scripting vulnerability in the

admin's add/change related popup.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.7.7-1+deb8u5.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3623-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 20, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : apache2

CVE ID : CVE-2016-5387

 

Scott Geary of VendHQ discovered that the Apache HTTPD server used the

value of the Proxy header from HTTP requests to initialize the

HTTP_PROXY environment variable for CGI scripts, which in turn was

incorrectly used by certain HTTP client implementations to configure the

proxy for outgoing HTTP requests. A remote attacker could possibly use

this flaw to redirect HTTP requests performed by a CGI script to an

attacker-controlled proxy via a malicious HTTP request.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.4.10-10+deb8u5.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3624-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 21, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mysql-5.5

CVE ID : CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440

 

Several issues have been discovered in the MySQL database server. The

vulnerabilities are addressed by upgrading MySQL to the new upstream

version 5.5.50. Please see the MySQL 5.5 Release Notes and Oracle's

Critical Patch Update advisory for further details:

 

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-50.html

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

 

For the stable distribution (jessie), these problems have been fixed in

version 5.5.50-0+deb8u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3625-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

July 22, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : squid3

CVE ID : CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054

CVE-2016-4554 CVE-2016-4555 CVE-2016-4556

Debian Bug : 823968

 

Several security issues have been discovered in the Squid caching proxy.

 

CVE-2016-4051:

 

CESG and Yuriy M. Kaminskiy discovered that Squid cachemgr.cgi was

vulnerable to a buffer overflow when processing remotely supplied

inputs relayed through Squid.

 

CVE-2016-4052:

 

CESG discovered that a buffer overflow made Squid vulnerable to a

Denial of Service (DoS) attack when processing ESI responses.

 

CVE-2016-4053:

 

CESG found that Squid was vulnerable to public information

disclosure of the server stack layout when processing ESI responses.

 

CVE-2016-4054:

 

CESG discovered that Squid was vulnerable to remote code execution

when processing ESI responses.

 

CVE-2016-4554:

 

Jianjun Chen found that Squid was vulnerable to a header smuggling

attack that could lead to cache poisoning and to bypass of

same-origin security policy in Squid and some client browsers.

 

CVE-2016-4555, CVE-2016-4556:

 

"bfek-18" and "@vftable" found that Squid was vulnerable to a Denial

of Service (DoS) attack when processing ESI responses, due to

incorrect pointer handling and reference counting.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.4.8-6+deb8u3.

 

For the testing (stretch) and unstable (sid) distributions, these

problems have been fixed in version 3.5.19-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3626-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 24, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssh

CVE ID : CVE-2016-6210

Debian Bug : 831902

 

Eddie Harari reported that the OpenSSH SSH daemon allows user

enumeration through timing differences when trying to authenticate

users. When sshd tries to authenticate a non-existing user, it will pick

up a fixed fake password structure with a hash based on the Blowfish

algorithm. If real users passwords are hashed using SHA256/SHA512, then

a remote attacker can take advantage of this flaw by sending large

passwords, receiving shorter response times from the server for

non-existing users.

 

For the stable distribution (jessie), this problem has been fixed in

version 1:6.7p1-5+deb8u3.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:7.2p2-6.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3627-1 security@debian.org

https://www.debian.org/security/ Thijs Kinkhorst

July 24, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : phpmyadmin

CVE ID : CVE-2016-1927 CVE-2016-2039 CVE-2016-2040 CVE-2016-2041

CVE-2016-2560 CVE-2016-2561 CVE-2016-5099 CVE-2016-5701

CVE-2016-5705 CVE-2016-5706 CVE-2016-5731 CVE-2016-5733

CVE-2016-5739

 

Several vulnerabilities have been fixed in phpMyAdmin, the web-based

MySQL administration interface.

 

CVE-2016-1927

 

The suggestPassword function relied on a non-secure random number

generator which makes it easier for remote attackers to guess

generated passwords via a brute-force approach.

 

CVE-2016-2039

 

CSRF token values were generated by a non-secure random number

genrator, which allows remote attackers to bypass intended access

restrictions by predicting a value.

 

CVE-2016-2040

 

Multiple cross-site scripting (XSS) vulnerabilities allow remote

authenticated users to inject arbitrary web script or HTML.

 

CVE-2016-2041

 

phpMyAdmin does not use a constant-time algorithm for comparing

CSRF tokens, which makes it easier for remote attackers to bypass

intended access restrictions by measuring time differences.

 

CVE-2016-2560

 

Multiple cross-site scripting (XSS) vulnerabilities allow remote

attackers to inject arbitrary web script or HTML.

 

CVE-2016-2561

 

Multiple cross-site scripting (XSS) vulnerabilities allow remote

attackers to inject arbitrary web script or HTML.

 

CVE-2016-5099

 

Multiple cross-site scripting (XSS) vulnerabilities allow remote

attackers to inject arbitrary web script or HTML.

 

CVE-2016-5701

 

For installations running on plain HTTP, phpMyAdmin allows remote

attackers to conduct BBCode injection attacks against HTTP sessions

via a crafted URI.

 

CVE-2016-5705

 

Multiple cross-site scripting (XSS) vulnerabilities allow remote

attackers to inject arbitrary web script or HTML.

 

CVE-2016-5706

 

phpMyAdmin allows remote attackers to cause a denial of service

(resource consumption) via a large array in the scripts parameter.

 

CVE-2016-5731

 

A cross-site scripting (XSS) vulnerability allows remote

attackers to inject arbitrary web script or HTML.

 

CVE-2016-5733

 

Multiple cross-site scripting (XSS) vulnerabilities allow remote

attackers to inject arbitrary web script or HTML.

 

CVE-2016-5739

 

A specially crafted Transformation could leak information which

a remote attacker could use to perform cross site request forgeries.

 

For the stable distribution (jessie), these problems have been fixed in

version 4:4.2.12-2+deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 4:4.6.3-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3628-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 25, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : perl

CVE ID : CVE-2016-1238 CVE-2016-6185

Debian Bug : 829578

 

Multiple vulnerabilities were discovered in the implementation of the

Perl programming language. The Common Vulnerabilities and Exposures

project identifies the following problems:

 

CVE-2016-1238

 

John Lightsey and Todd Rinaldo reported that the opportunistic

loading of optional modules can make many programs unintentionally

load code from the current working directory (which might be changed

to another directory without the user realising) and potentially

leading to privilege escalation, as demonstrated in Debian with

certain combinations of installed packages.

 

The problem relates to Perl loading modules from the includes

directory array ("@INC") in which the last element is the current

directory ("."). That means that, when "perl" wants to load a module

(during first compilation or during lazy loading of a module in run-

time), perl will look for the module in the current directory at the

end, since '.' is the last include directory in its array of include

directories to seek. The issue is with requiring libraries that are

in "." but are not otherwise installed.

 

With this update several modules which are known to be vulnerable

are updated to not load modules from current directory.

 

Additionally the update allows configurable removal of "." from @INC

in /etc/perl/sitecustomize.pl for a transitional period. It is

recommended to enable this setting if the possible breakage for a

specific site has been evaluated. Problems in packages provided in

Debian resulting from the switch to the removal of '.' from @INC

should be reported to the Perl maintainers at

perl@packages.debian.org .

 

It is planned to switch to the default removal of '.' in @INC in a

subsequent update to perl via a point release if possible, and in

any case for the upcoming stable release Debian 9 (stretch).

 

CVE-2016-6185

 

It was discovered that XSLoader, a core module from Perl to

dynamically load C libraries into Perl code, could load shared

library from incorrect location. XSLoader uses caller() information

to locate the .so file to load. This can be incorrect if

XSLoader::load() is called in a string eval. An attacker can take

advantage of this flaw to execute arbitrary code.

 

For the stable distribution (jessie), these problems have been fixed in

version 5.20.2-3+deb8u6. Additionally this update includes the

following updated packages to address optional module loading

vulnerabilities related to CVE-2016-1238, or to address build failures

which occur when '.' is removed from @INC:

 

- cdbs 0.4.130+deb8u1

- debhelper 9.20150101+deb8u2

- devscripts 2.15.3+deb8u1

- exim4 4.84.2-2+deb8u1

- libintl-perl 1.23-1+deb8u1

- libmime-charset-perl 1.011.1-1+deb8u2

- libmime-encwords-perl 1.014.3-1+deb8u1

- libmodule-build-perl 0.421000-2+deb8u1

- libnet-dns-perl 0.81-2+deb8u1

- libsys-syslog-perl 0.33-1+deb8u1

- libunicode-linebreak-perl 0.0.20140601-2+deb8u2

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3629-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

July 25, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ntp

CVE ID : CVE-2015-7974 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979

CVE-2015-8138 CVE-2015-8158 CVE-2016-1547 CVE-2016-1548

CVE-2016-1550 CVE-2016-2516 CVE-2016-2518

 

Several vulnerabilities were discovered in the Network Time Protocol

daemon and utility programs:

 

CVE-2015-7974

 

Matt Street discovered that insufficient key validation allows

impersonation attacks between authenticated peers.

 

CVE-2015-7977 / CVE-2015-7978

 

Stephen Gray discovered that a NULL pointer dereference and a

buffer overflow in the handling of "ntpdc reslist" commands may

result in denial of service.

 

CVE-2015-7979

 

Aanchal Malhotra discovered that if NTP is configured for broadcast

mode, an attacker can send malformed authentication packets which

break associations with the server for other broadcast clients.

 

CVE-2015-8138

 

Matthew van Gundy and Jonathan Gardner discovered that missing

validation of origin timestamps in ntpd clients may result in denial

of service.

 

CVE-2015-8158

 

Jonathan Gardner discovered that missing input sanitising in ntpq

may result in denial of service.

 

CVE-2016-1547

 

Stephen Gray and Matthew van Gundy discovered that incorrect handling

of crypto NAK packets my result in denial of service.

 

CVE-2016-1548

 

Jonathan Gardner and Miroslav Lichvar discovered that ntpd clients

could be forced to change from basic client/server mode to interleaved

symmetric mode, preventing time synchronisation.

 

CVE-2016-1550

 

Matthew van Gundy, Stephen Gray and Loganaden Velvindron discovered

that timing leaks in the the packet authentication code could result

in recovery of a message digest.

 

CVE-2016-2516

 

Yihan Lian discovered that duplicate IPs on "unconfig" directives will

trigger an assert.

 

CVE-2016-2518

 

Yihan Lian discovered that an OOB memory access could potentially

crash ntpd.

 

For the stable distribution (jessie), these problems have been fixed in

version 1:4.2.6.p5+dfsg-7+deb8u2.

 

For the testing distribution (stretch), these problems have been fixed

in version 1:4.2.8p7+dfsg-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1:4.2.8p7+dfsg-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3630-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 26, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libgd2

CVE ID : CVE-2016-6207

 

Secunia Research at Flexera Software discovered an integer overflow

vulnerability within the _gdContributionsAlloc() function in libgd2, a

library for programmatic graphics creation and manipulation. A remote

attacker can take advantage of this flaw to cause a denial-of-service

against an application using the libgd2 library.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.1.0-5+deb8u6.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.2.2-43-g22cba39-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3631-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

July 26, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2016-5385 CVE-2016-5399 CVE-2016-6289 CVE-2016-6290

CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295

CVE-2016-6296 CVE-2016-6297

 

Several vulnerabilities were found in PHP, a general-purpose scripting

language commonly used for web application development.

 

The vulnerabilities are addressed by upgrading PHP to the new upstream

version 5.6.24, which includes additional bug fixes. Please refer to the

upstream changelog for more information:

 

https://php.net/ChangeLog-5.php#5.6.24

 

For the stable distribution (jessie), these problems have been fixed in

version 5.6.24+dfsg-0+deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 7.0.9-1 of the php7.0 source package.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3632-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mariadb-10.0

CVE ID : CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440

 

Several issues have been discovered in the MariaDB database server. The

vulnerabilities are addressed by upgrading MariaDB to the new upstream

version 10.0.26. Please see the MariaDB 10.0 Release Notes for further

details:

 

https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/

 

For the stable distribution (jessie), these problems have been fixed in

version 10.0.26-0+deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 10.0.26-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3633-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

July 27, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xen

CVE ID : CVE-2015-8338 CVE-2016-4480 CVE-2016-4962 CVE-2016-5242

CVE-2016-6258

 

Multiple vulnerabilities have been discovered in the Xen hypervisor. The

Common Vulnerabilities and Exposures project identifies the following

problems:

 

CVE-2015-8338

 

Julien Grall discovered that Xen on ARM was susceptible to denial

of service via long running memory operations.

 

CVE-2016-4480

 

Jan Beulich discovered that incorrect page table handling could

result in privilege escalation inside a Xen guest instance.

 

CVE-2016-4962

 

Wei Liu discovered multiple cases of missing input sanitising in

libxl which could result in denial of service.

 

CVE-2016-5242

 

Aaron Cornelius discovered that incorrect resource handling on

ARM systems could result in denial of service.

 

CVE-2016-6258

 

Jeremie Boutoille discovered that incorrect pagetable handling in

PV instances could result in guest to host privilege escalation.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.4.1-9+deb8u6.

 

For the unstable distribution (sid), these problems will be fixed soon.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3635-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

July 29, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libdbd-mysql-perl

CVE ID : CVE-2014-9906 CVE-2015-8949

 

Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl

DBI driver for the MySQL database server. A remote attacker can take

advantage of these flaws to cause a denial-of-service against an

application using DBD::mysql (application crash), or potentially to

execute arbitrary code with the privileges of the user running the

application.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.028-2+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3636-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

July 30, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : collectd

CVE ID : CVE-2016-6254

Debian Bug : 832507 832577

 

Emilien Gaspar discovered that collectd, a statistics collection and

monitoring daemon, incorrectly processed incoming network

packets. This resulted in a heap overflow, allowing a remote attacker

to either cause a DoS via application crash, or potentially execute

arbitrary code.

 

Additionally, security researchers at Columbia University and the

University of Virginia discovered that collectd failed to verify a

return value during initialization. This meant the daemon could

sometimes be started without the desired, secure settings.

 

For the stable distribution (jessie), this problem has been fixed in

version 5.4.1-6+deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, this

problem has been fixed in version 5.5.2-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3634-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

July 30, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : redis

CVE ID : CVE-2013-7458

Debian Bug : 832460

 

It was discovered that redis, a persistent key-value database, did not

properly protect redis-cli history files: they were created by default

with world-readable permissions.

 

Users and systems administrators may want to proactively change

permissions on existing ~/rediscli_history files, instead of waiting

for the updated redis-cli to do so the next time it is run.

 

For the stable distribution (jessie), this problem has been fixed in

version 2:2.8.17-1+deb8u5.

 

For the testing (stretch) and unstable (sid) distributions, this

problem has been fixed in version 2:3.2.1-4.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3637-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

July 31, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2016-1704 CVE-2016-1705 CVE-2016-1706 CVE-2016-1707

CVE-2016-1708 CVE-2016-1709 CVE-2016-1710 CVE-2016-1711

CVE-2016-5127 CVE-2016-5128 CVE-2016-5129 CVE-2016-5130

CVE-2016-5131 CVE-2016-5132 CVE-2016-5133 CVE-2016-5134

CVE-2016-5135 CVE-2016-5136 CVE-2016-5137

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2016-1704

 

The chrome development team found and fixed various issues during

internal auditing.

 

CVE-2016-1705

 

The chrome development team found and fixed various issues during

internal auditing.

 

CVE-2016-1706

 

Pinkie Pie discovered a way to escape the Pepper Plugin API sandbox.

 

CVE-2016-1707

 

xisigr discovered a URL spoofing issue.

 

CVE-2016-1708

 

Adam Varsan discovered a use-after-free issue.

 

CVE-2016-1709

 

ChenQin a buffer overflow issue in the sfntly library.

 

CVE-2016-1710

 

Mariusz Mlynski discovered a same-origin bypass.

 

CVE-2016-1711

 

Mariusz Mlynski discovered another same-origin bypass.

 

CVE-2016-5127

 

cloudfuzzer discovered a use-after-free issue.

 

CVE-2016-5128

 

A same-origin bypass issue was discovered in the v8 javascript library.

 

CVE-2016-5129

 

Jeonghoon Shin discovered a memory corruption issue in the v8 javascript

library.

 

CVE-2016-5130

 

Widih Matar discovered a URL spoofing issue.

 

CVE-2016-5131

 

Nick Wellnhofer discovered a use-after-free issue in the libxml2 library.

 

CVE-2016-5132

 

Ben Kelly discovered a same-origin bypass.

 

CVE-2016-5133

 

Patch Eudor discovered an issue in proxy authentication.

 

CVE-2016-5134

 

Paul Stone discovered an information leak in the Proxy Auto-Config

feature.

 

CVE-2016-5135

 

ShenYeYinJiu discovered a way to bypass the Content Security Policy.

 

CVE-2016-5136

 

Rob Wu discovered a use-after-free issue.

 

CVE-2016-5137

 

Xiaoyin Liu discovered a way to discover whether an HSTS web side had been

visited.

 

For the stable distribution (jessie), these problems have been fixed in

version 52.0.2743.82-1~deb8u1.

 

For the testing (stretch) and unstable (sid) distributions, these problems

have been fixed in version 52.0.2743.82-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3638-1 security@debian.org

https://www.debian.org/security/ Alessandro Ghedini

August 03, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : curl

CVE ID : CVE-2016-5419 CVE-2016-5420 CVE-2016-5421

 

Several vulnerabilities were discovered in cURL, an URL transfer library:

 

CVE-2016-5419

 

Bru Rom discovered that libcurl would attempt to resume a TLS session

even if the client certificate had changed.

 

CVE-2016-5420

 

It was discovered that libcurl did not consider client certificates

when reusing TLS connections.

 

CVE-2016-5421

 

Marcelo Echeverria and Fernando Muñoz discovered that libcurl was

vulnerable to a use-after-free flaw.

 

For the stable distribution (jessie), these problems have been fixed in

version 7.38.0-4+deb8u4.

 

For the unstable distribution (sid), these problems have been fixed in

version 7.50.1-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3639-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

August 03, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wordpress

CVE ID : CVE-2015-8834 CVE-2016-5832 CVE-2016-5834 CVE-2016-5835

CVE-2016-5837 CVE-2016-5838 CVE-2016-5839

 

Several vulnerabilities were discovered in wordpress, a web blogging

tool, which could allow remote attackers to compromise a site via

cross-site scripting, bypass restrictions, obtain sensitive

revision-history information, or mount a denial of service.

 

For the stable distribution (jessie), these problems have been fixed in

version 4.1+dfsg-1+deb8u9.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3640-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

August 03, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2016-2830 CVE-2016-2836 CVE-2016-2837 CVE-2016-2838

CVE-2016-5252 CVE-2016-5254 CVE-2016-5258 CVE-2016-5259

CVE-2016-5262 CVE-2016-5263 CVE-2016-5264 CVE-2016-5265

 

Multiple security issues have been found in the Mozilla Firefox web

browser: Multiple memory safety errors, buffer overflows and other

implementation errors may lead to the execution of arbitrary code,

cross-site scriping, information disclosure and bypass of the same-origin

policy.

 

For the stable distribution (jessie), these problems have been fixed in

version 45.3.0esr-1~deb8u1.

 

For the unstable distribution (sid), these problems have been fixed in

version 45.3.0esr-1 for firefox-esr and 48.0-1 for firefox.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3641-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

August 04, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2016-3458 CVE-2016-3500 CVE-2016-3508 CVE-2016-3550

CVE-2016-3606

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in breakouts of

the Java sandbox or denial of service.

 

For the stable distribution (jessie), these problems have been fixed in

version 7u111-2.6.7-1~deb8u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3642-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

August 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lighttpd

CVE ID : CVE-2016-1000212

Debian Bug : 832571

 

Dominic Scheirlinck and Scott Geary of Vend reported insecure behavior

in the lighttpd web server. Lighttpd assigned Proxy header values from

client requests to internal HTTP_PROXY environment variables, allowing

remote attackers to carry out Man in the Middle (MITM) attacks or

initiate connections to arbitrary hosts.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.4.35-4+deb8u1.

 

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3643-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

August 06, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : kde4libs

CVE ID : CVE-2016-6232

Debian Bug : 832620

 

Andreas Cord-Landwehr discovered that kde4libs, the core libraries

for all KDE 4 applications, do not properly handle the extraction

of archives with "../" in the file paths. A remote attacker can

take advantage of this flaw to overwrite files outside of the

extraction folder, if a user is tricked into extracting a specially

crafted archive.

 

For the stable distribution (jessie), this problem has been fixed in

version 4:4.14.2-5+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 4:4.14.22-2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3644-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

August 08, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : fontconfig

CVE ID : CVE-2016-5384

Debian Bug : 833570

 

Tobias Stoeckmann discovered that cache files are insufficiently

validated in fontconfig, a generic font configuration library. An

attacker can trigger arbitrary free() calls, which in turn allows double

free attacks and therefore arbitrary code execution. In combination with

setuid binaries using crafted cache files, this could allow privilege

escalation.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.11.0-6.3+deb8u1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.11.0-6.5.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3645-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

August 09, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2016-5139 CVE-2016-5140 CVE-2016-5141 CVE-2016-5142

CVE-2016-5143 CVE-2016-5144

 

Several vulnerabilites have been discovered in the chromium web browser.

 

CVE-2016-5139

 

GiWan Go discovered a use-after-free issue in the pdfium library.

 

CVE-2016-5140

 

Ke Liu discovered a use-after-free issue in the pdfium library.

 

CVE-2016-5141

 

Sergey Glazunov discovered a URL spoofing issue.

 

CVE-2016-5142

 

Sergey Glazunov discovered a use-after-free issue.

 

CVE-2016-5143

 

Gregory Panakkal discovered an issue in the developer tools.

 

CVE-2016-5144

 

Gregory Panakkal discovered another issue in the developer tools.

 

CVE-2016-5146

 

The chrome development team found and fixed various issues during

internal auditing.

 

For the stable distribution (jessie), these problems have been fixed in

version 52.0.2743.116-1~deb8u1.

 

For the testing distribution (stretch), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 52.0.2743.116-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3646-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

August 11, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : postgresql-9.4

CVE ID : CVE-2016-5423 CVE-2016-5424

 

Several vulnerabilities have been found in PostgreSQL-9.4, a SQL

database system.

 

CVE-2016-5423

 

Karthikeyan Jambu Rajaraman discovered that nested CASE-WHEN

expressions are not properly evaluated, potentially leading to a

crash or allowing to disclose portions of server memory.

 

CVE-2016-5424

 

Nathan Bossart discovered that special characters in database and

role names are not properly handled, potentially leading to the

execution of commands with superuser privileges, when a superuser

executes pg_dumpall or other routine maintenance operations.

 

For the stable distribution (jessie), these problems have been fixed in

version 9.4.9-0+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3647-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

August 11, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icedove

CVE ID : CVE-2016-2818

 

Multiple security issues have been found in Icedove, Debian's version of

the Mozilla Thunderbird mail client: Multiple memory safety errors may

lead to the execution of arbitrary code or denial of service.

 

For the stable distribution (jessie), this problem has been fixed in

version 1:45.2.0-1~deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 1:45.2.0-2.

 

For the unstable distribution (sid), this problem has been fixed in

version 1:45.2.0-2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3648-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

August 12, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wireshark

CVE ID : CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507

CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511

 

Multiple vulnerabilities were discovered in the dissectors for NDS,

PacketBB, WSP, MMSE, RLC, LDSS, RLC and OpenFlow, which could result in

denial of service or the execution of arbitrary code.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.12.1+g01b65bf-4+deb8u8.

 

For the testing distribution (stretch), these problems have been fixed

in version 2.0.5+ga3be9c6-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 2.0.5+ga3be9c6-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3649-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

August 17, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gnupg

CVE ID : CVE-2016-6313

 

Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of

Technology discovered a flaw in the mixing functions of GnuPG's random

number generator. An attacker who obtains 4640 bits from the RNG can

trivially predict the next 160 bits of output.

 

A first analysis on the impact of this bug for GnuPG shows that existing

RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely

that the private key can be predicted from other public information.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.4.18-7+deb8u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3650-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

August 17, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libgcrypt20

CVE ID : CVE-2016-6313

 

Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of

Technology discovered a flaw in the mixing functions of Libgcrypt's

random number generator. An attacker who obtains 4640 bits from the RNG

can trivially predict the next 160 bits of output.

 

A first analysis on the impact of this bug for GnuPG shows that existing

RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely

that the private key can be predicted from other public information.

 

For the stable distribution (jessie), this problem has been fixed in

version 1.6.3-2+deb8u2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3651-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

August 25, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : rails

CVE ID : CVE-2016-6316

Debian Bug : 834155

 

Andrew Carpenter of Critical Juncture discovered a cross-site scripting

vulnerability affecting Action View in rails, a web application

framework written in Ruby. Text declared as "HTML safe" will not have

quotes escaped when used as attribute values in tag helpers.

 

For the stable distribution (jessie), this problem has been fixed in

version 2:4.1.8-1+deb8u4.

 

For the unstable distribution (sid), this problem has been fixed in

version 2:4.2.7.1-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3652-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

August 25, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imagemagick

CVE ID : CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010

CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690

CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491

Debian Bugs : 832885 832887 832888 832968 833003 832474 832475 832464

832465 832467 832457 832461 832469 832482 832483 832504

832633 832776 832780 832787 832789 823750 832455 832478

832480 832506 832785 832793 832942 832944 832890 833044

833043 833042 831034 833099 833101 827643 833812 833744

833743 833735 833732 833730 834183 834501 834163 834504

 

This updates fixes many vulnerabilities in imagemagick: Various memory

handling problems and cases of missing or incomplete input sanitising

may result in denial of service or the execution of arbitrary code if

malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum,

PDB, DDS, DCM, EXIF, RGF or BMP files are processed.

 

For the stable distribution (jessie), these problems have been fixed in

version 8:6.8.9.9-5+deb8u4.

 

For the unstable distribution (sid), these problems will be fixed soon.

 

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3653-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

August 25, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : flex

CVE ID : CVE-2016-6354

Debian Bug : 832768

 

Alexander Sulfrian discovered a buffer overflow in the

yy_get_next_buffer() function generated by Flex, which may result in

denial of service and potentially the execution of code if operating on

data from untrusted sources.

 

Affected applications need to be rebuild. bogofilter will be rebuild

against the updated flex in a followup update. Further affected

applications should be reported at the bug referenced above.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.5.39-8+deb8u1.

 

For the testing distribution (stretch), this problem has been fixed

in version 2.6.1-1.

 

For the unstable distribution (sid), this problem has been fixed in

version 2.6.1-1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3654-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

August 26, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : quagga

CVE ID : CVE-2016-4036 CVE-2016-4049

Debian Bug : 822787 835223

 

Two vulnerabilities were discovered in quagga, a BGP/OSPF/RIP routing

daemon.

 

CVE-2016-4036

 

Tamás Németh discovered that sensitive configuration files in

/etc/quagga were world-readable despite containing sensitive

information.

 

CVE-2016-4049

 

Evgeny Uskov discovered that a bgpd instance handling many peers

could be crashed by a malicious user when requesting a route dump.

 

For the stable distribution (jessie), these problems have been fixed in

version 0.99.23.1-1+deb8u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3655-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

August 26, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mupdf

CVE ID : CVE-2016-6265 CVE-2016-6525

Debian Bug : 832031 833417

 

Two vulnerabilities were discovered in MuPDF, a lightweight PDF viewer.

The Common Vulnerabilities and Exposures project identifies the

following problems:

 

CVE-2016-6265

 

Marco Grassi discovered a use-after-free vulnerability in MuPDF. An

attacker can take advantage of this flaw to cause an application

crash (denial-of-service), or potentially to execute arbitrary code

with the privileges of the user running MuPDF, if a specially

crafted PDF file is processed.

 

CVE-2016-6525

 

Yu Hong and Zheng Jihong discovered a heap overflow vulnerability

within the pdf_load_mesh_params function, allowing an attacker to

cause an application crash (denial-of-service), or potentially to

execute arbitrary code with the privileges of the user running

MuPDF, if a specially crafted PDF file is processed.

 

For the stable distribution (jessie), these problems have been fixed in

version 1.5-1+deb8u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3656-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

August 30, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tryton-server

CVE ID : CVE-2016-1241 CVE-2016-1242

 

Two vulnerabilities have been discovered in the server for the Tryton

application platform, which may result in information disclosure of

password hashes or file contents.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.4.0-3+deb8u2.

 

For the unstable distribution (sid), these problems have been fixed in

version 4.0.4-1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3657-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

August 30, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libarchive

CVE ID : CVE-2015-8916 CVE-2015-8917 CVE-2015-8919 CVE-2015-8920

CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8925

CVE-2015-8926 CVE-2015-8928 CVE-2015-8930 CVE-2015-8931

CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-4300

CVE-2016-4302 CVE-2016-4809 CVE-2016-5844

 

Hanno Boeck and Marcin Noga discovered multiple vulnerabilities in

libarchive; processing malformed archives may result in denial of

service or the execution of arbitrary code.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.1.2-11+deb8u2.

 

For the testing distribution (stretch), these problems have been fixed

in version 3.2.1-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 3.2.1-1.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3658-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 01, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libidn

CVE ID : CVE-2015-8948 CVE-2016-6261 CVE-2016-6263

 

Hanno Boeck discovered multiple vulnerabilities in libidn, the GNU

library for Internationalized Domain Names (IDNs), allowing a remote

attacker to cause a denial of service against an application using the

libidn library (application crash).

 

For the stable distribution (jessie), these problems have been fixed in

version 1.29-1+deb8u2.

 

For the testing distribution (stretch), these problems have been fixed

in version 1.33-1.

 

For the unstable distribution (sid), these problems have been fixed in

version 1.33-1.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3653-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 04, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : flex

CVE ID : CVE-2016-6354

Debian Bug : 832768 835542

 

It was reported that the update for flex as released in DSA-3653-1 did

not completely address CVE-2016-6354 as intended due to problems in the

patch handling and regenerated files during the build. Additionally a

regression was introduced, causing new warnings when compiling flex

generated code. Updated packages are now available to address these

problems. For reference, the relevant part of the original advisory

text follows.

 

Alexander Sulfrian discovered a buffer overflow in the

yy_get_next_buffer() function generated by Flex, which may result in

denial of service and potentially the execution of code if operating on

data from untrusted sources.

 

Affected applications need to be rebuild.

 

For the stable distribution (jessie), this problem has been fixed in

version 2.5.39-8+deb8u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3659-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

September 04, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2016-5696 CVE-2016-6136 CVE-2016-6480 CVE-2016-6828

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a privilege escalation, denial of service or have other

impacts.

 

CVE-2016-5696

 

Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, and Srikanth V.

Krishnamurthy of the University of California, Riverside; and Lisa

M. Marvel of the United States Army Research Laboratory discovered

that Linux's implementation of the TCP Challenge ACK feature

results in a side channel that can be used to find TCP connections

between specific IP addresses, and to inject messages into those

connections.

 

Where a service is made available through TCP, this may allow

remote attackers to impersonate another connected user to the

server or to impersonate the server to another connected user. In

case the service uses a protocol with message authentication

(e.g. TLS or SSH), this vulnerability only allows denial of

service (connection failure). An attack takes tens of seconds, so

short-lived TCP connections are also unlikely to be vulnerable.

 

This may be mitigated by increasing the rate limit for TCP

Challenge ACKs so that it is never exceeded:

sysctl net.ipv4.tcp_challenge_ack_limit=1000000000

 

CVE-2016-6136

 

Pengfei Wang discovered that the audit subsystem has a

'double-fetch' or 'TOCTTOU' bug in its handling of special

characters in the name of an executable. Where audit logging of

execve() is enabled, this allows a local user to generate

misleading log messages.

 

CVE-2016-6480

 

Pengfei Wang discovered that the aacraid driver for Adaptec RAID

controllers has a 'double-fetch' or 'TOCTTOU' bug in its

validation of 'FIB' messages passed through the ioctl() system

call. This has no practical security impact in current Debian

releases.

 

CVE-2016-6828

 

Marco Grassi reported a 'use-after-free' bug in the TCP

implementation, which can be triggered by local users. The

security impact is unclear, but might include denial of service or

privilege escalation.

 

For the stable distribution (jessie), these problems have been fixed in

version 3.16.36-1+deb8u1. In addition, this update contains several

changes originally targeted for the upcoming jessie point release.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-3660-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

September 05, 2016 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2016-5147 CVE-2016-5148 CVE-2016-5149 CVE-2016-5150

CVE-2016-5151 CVE-2016-5152 CVE-2016-5153 CVE-2016-5154

CVE-2016-5155 CVE-2016-5156 CVE-2016-5157 CVE-2016-5158

CVE-2016-5159 CVE-2016-5160 CVE-2016-5161 CVE-2016-5162

CVE-2016-5163 CVE-2016-5164 CVE-2016-5165 CVE-2016-5166

CVE-2016-5167

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2016-5147

 

A cross-site scripting issue was discovered.

 

CVE-2016-5148

 

Another cross-site scripting issue was discovered.

 

CVE-2016-5149

 

Max Justicz discovered a script injection issue in extension handling.

 

CVE-2016-5150

 

A use-after-free issue was discovered in Blink/Webkit.

 

CVE-2016-5151

 

A use-after-free issue was discovered in the pdfium library.

 

CVE-2016-5152

 

GiWan Go discovered a heap overflow issue in the pdfium library.

 

CVE-2016-5153

 

Atte Kettunen discovered a use-after-destruction issue.

 

CVE-2016-5154

 

A heap overflow issue was discovered in the pdfium library.

 

CVE-2016-5155

 

An address bar spoofing issue was discovered.

 

CVE-2016-5156

 

jinmo123 discovered a use-after-free issue.

 

CVE-2016-5157

 

A heap overflow issue was discovered in the pdfium library.

 

CVE-2016-5158

 

GiWan Go discovered a heap overflow issue in the pdfium library.

 

CVE-2016-5159

 

GiWan Go discovered another heap overflow issue in the pdfium library.

 

CVE-2016-5160

 

@l33terally discovered an extensions resource bypass.

 

CVE-2016-5161

 

A type confusion issue was discovered.

 

CVE-2016-5162

 

Nicolas Golubovic discovered an extensions resource bypass.

 

CVE-2016-5163

 

Rafay Baloch discovered an address bar spoofing issue.

 

CVE-2016-5164

 

A cross-site scripting issue was discovered in the developer tools.

 

CVE-2016-5165

 

Gregory Panakkal discovered a script injection issue in the developer

tools.

 

CVE-2016-5166

 

Gregory Panakkal discovered an issue with the Save Page As feature.

 

CVE-2016-5167

 

The chrome development team found and fixed various issues during

internal auditing.

 

For the stable distribution (jessie), these problems have been fixed in

version 53.0.2785.89-1~deb8u1.

 

For the testing distribution (stretch), these problems will be fixed soon.

 

For the unstable distribution (sid), these problems have been fixed in

version 53.0.2785.89-1.

Link to post
Share on other sites

×
×
  • Create New...