sunrat Posted September 7, 2016 Share Posted September 7, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3661-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 06, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : charybdis CVE ID : CVE-2016-7143 It was discovered that incorrect SASL authentication in the Charybdis IRC server may lead to users impersonating other users. For the stable distribution (jessie), this problem has been fixed in version 3.4.2-5+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 3.5.3-1. Link to comment Share on other sites More sharing options...
sunrat Posted September 9, 2016 Share Posted September 9, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3662-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 08, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : inspircd CVE ID : CVE-2016-7142 It was discovered that incorrect SASL authentication in the Inspircd IRC server may lead to users impersonating other users. For the stable distribution (jessie), this problem has been fixed in version 2.0.17-1+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 2.0.23-1. Link to comment Share on other sites More sharing options...
sunrat Posted September 11, 2016 Share Posted September 11, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3663-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 09, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2016-7092 CVE-2016-7094 CVE-2016-7154 Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7092 (XSA-185) Jeremie Boutoille of Quarkslab and Shangcong Luan of Alibaba discovered a flaw in the handling of L3 pagetable entries, allowing a malicious 32-bit PV guest administrator can escalate their privilege to that of the host. CVE-2016-7094 (XSA-187) x86 HVM guests running with shadow paging use a subset of the x86 emulator to handle the guest writing to its own pagetables. Andrew Cooper of Citrix discovered that there are situations a guest can provoke which result in exceeding the space allocated for internal state. A malicious HVM guest administrator can cause Xen to fail a bug check, causing a denial of service to the host. CVE-2016-7154 (XSA-188) Mikhail Gorobets of Advanced Threat Research, Intel Security discovered a use after free flaw in the FIFO event channel code. A malicious guest administrator can crash the host, leading to a denial of service. Arbitrary code execution (and therefore privilege escalation), and information leaks, cannot be excluded. For the stable distribution (jessie), these problems have been fixed in version 4.4.1-9+deb8u7. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3664-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 10, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pdns CVE ID : CVE-2016-5426 CVE-2016-5427 CVE-2016-6172 Debian Bug : 830808 Multiple vulnerabilities have been discovered in pdns, an authoritative DNS server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-5426 / CVE-2016-5427 Florian Heinz and Martin Kluge reported that the PowerDNS Authoritative Server accepts queries with a qname's length larger than 255 bytes and does not properly handle dot inside labels. A remote, unauthenticated attacker can take advantage of these flaws to cause abnormal load on the PowerDNS backend by sending specially crafted DNS queries, potentially leading to a denial of service. CVE-2016-6172 It was reported that a malicious primary DNS server can crash a secondary PowerDNS server due to improper restriction of zone size limits. This update adds a feature to limit AXFR sizes in response to this flaw. For the stable distribution (jessie), these problems have been fixed in version 3.4.1-4+deb8u6. Link to comment Share on other sites More sharing options...
sunrat Posted September 12, 2016 Share Posted September 12, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3665-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjpeg2 CVE ID : CVE-2015-6581 CVE-2015-8871 CVE-2016-1924 CVE-2016-7163 Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed. For the stable distribution (jessie), these problems have been fixed in version 2.1.0-2+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted September 14, 2016 Share Posted September 14, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3666-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 14, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mysql-5.5 CVE ID : CVE-2016-6662 Dawid Golunski discovered that the mysqld_safe wrapper provided by the MySQL database server insufficiently restricted the load path for custom malloc implementations, which could result in privilege escalation. The vulnerability was addressed by upgrading MySQL to the new upstream version 5.5.52, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes for further details: https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-51.html https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-52.html For the stable distribution (jessie), this problem has been fixed in version 5.5.52-0+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted September 15, 2016 Share Posted September 15, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3667-1 security@debian.org https://www.debian.org/security/ Michael Gilbert September 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2016-5170 CVE-2016-5171 CVE-2016-5172 CVE-2016-5173 CVE-2016-5174 CVE-2016-5175 CVE-2016-7395 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5170 A use-after-free issue was discovered in Blink/Webkit. CVE-2016-5171 Another use-after-free issue was discovered in Blink/Webkit. CVE-2016-5172 Choongwoo Han discovered an information leak in the v8 javascript library. CVE-2016-5173 A resource bypass issue was discovered in extensions. CVE-2016-5174 Andrey Kovalev discoved a way to bypass the popup blocker. CVE-2016-5175 The chrome development team found and fixed various issues during internal auditing. CVE-2016-7395 An uninitialized memory read issue was discovered in the skia library. For the stable distribution (jessie), these problems have been fixed in version 53.0.2785.113-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 53.0.2785.113-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3668-1 security@debian.org https://www.debian.org/security/ Thijs Kinkhorst September 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mailman CVE ID : CVE-2016-6893 Debian Bug : 835970 It was discovered that there was a CSRF vulnerability in mailman, a web-based mailing list manager, which could allow an attacker to obtain a user's password. For the stable distribution (jessie), this problem has been fixed in version 1:2.1.18-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1:2.1.23-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3669-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat7 CVE ID : CVE-2016-1240 Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation. For the stable distribution (jessie), this problem has been fixed in version 7.0.56-3+deb8u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3670-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tomcat8 CVE ID : CVE-2016-1240 Dawid Golunski of LegalHackers discovered that the Tomcat init script performed unsafe file handling, which could result in local privilege escalation. For the stable distribution (jessie), this problem has been fixed in version 8.0.14-1+deb8u3. For the unstable distribution (sid), this problem will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted September 21, 2016 Share Posted September 21, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3671-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 20, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wireshark CVE ID : CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 Multiple vulnerabilities were discovered in the dissectors for H.225, Catapult DCT2000, UMTS FP and IPMI, which could result in denial of service or the execution of arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 1.12.1+g01b65bf-4+deb8u9. For the testing distribution (stretch), these problems have been fixed in version 2.2.0+g5368c50-1. For the unstable distribution (sid), these problems have been fixed in version 2.2.0+g5368c50-1. Link to comment Share on other sites More sharing options...
sunrat Posted September 21, 2016 Share Posted September 21, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3672-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 21, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : irssi CVE ID : CVE-2016-7044 CVE-2016-7045 Gabriel Campana and Adrien Guinet from Quarkslab discovered two remotely exploitable crash and heap corruption vulnerabilities in the format parsing code in Irssi, a terminal based IRC client. For the stable distribution (jessie), these problems have been fixed in version 0.8.17-1+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted September 23, 2016 Share Posted September 23, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3673-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 22, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 Several vulnerabilities were discovered in OpenSSL: CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ CVE-2016-2178 Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code. CVE-2016-2179 / CVE-2016-2181 Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS. CVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303 Shi Lei discovered an out-of-bounds memory read in TS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec() and MDC2_Update(). CVE-2016-2183 DES-based cipher suites are demoted from the HIGH group to MEDIUM as a mitigation for the SWEET32 attack. CVE-2016-6302 Shi Lei discovered that the use of SHA512 in TLS session tickets is susceptible to denial of service. CVE-2016-6304 Shi Lei discovered that excessively large OCSP status request may result in denial of service via memory exhaustion. CVE-2016-6306 Shi Lei discovered that missing message length validation when parsing certificates may potentially result in denial of service. For the stable distribution (jessie), these problems have been fixed in version 1.0.1t-1+deb8u4. For the unstable distribution (sid), these problems will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3674-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 22, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2016-5250 CVE-2016-5257 CVE-2016-5261 CVE-2016-5270 CVE-2016-5272 CVE-2016-5274 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5280 CVE-2016-5281 CVE-2016-5284 Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or information disclosure. For the stable distribution (jessie), these problems have been fixed in version 45.4.0esr-1~deb8u2. For the unstable distribution (sid), these problems have been fixed in version 45.4.0esr-1 of firefox-esr and in version 49.0-1 of firefox. Link to comment Share on other sites More sharing options...
sunrat Posted September 24, 2016 Share Posted September 24, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3675-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 23, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : not yet available Debian Bug : 836776 836172 836171 This updates fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed SIXEL, PDB, MAP, SGI, TIFF and CALS files are processed. For the stable distribution (jessie), these problems have been fixed in version 8:6.8.9.9-5+deb8u5. For the unstable distribution (sid), these problems will be fixed soon. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3673-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 23, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl Debian Bug : 838652 838659 It was discovered that the original patch applied for CVE-2016-2182 in DSA-3673-1 was incomplete, causing a regression when parsing certificates. Updated packages are now available to address this problem. For the stable distribution (jessie), this problem has been fixed in version 1.0.1t-1+deb8u5. Link to comment Share on other sites More sharing options...
sunrat Posted September 24, 2016 Share Posted September 24, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3676-1 security@debian.org https://www.debian.org/security/ Luciano Bello September 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : unadf CVE ID : CVE-2016-1243 CVE-2016-1244 Debian Bug : 838248 Tuomas Räsänen discovered two vulnerabilities in unADF, a tool to extract files from an Amiga Disk File dump (.adf): CVE-2016-1243 A stack buffer overflow in the function extractTree() might allow an attacker, with control on the content of a ADF file, to execute arbitrary code with the privileges of the program execution. CVE-2016-1244 The unADF extractor creates the path in the destination via a mkdir in a system() call. Since there was no sanitization on the input of the filenames, an attacker can directly inject code in the pathnames of archived directories in an ADF file. For the oldstable distribution (wheezy), these problems have been fixed in version 0.7.11a-3+deb7u1. For the stable distribution (jessie), these problems have been fixed in version 0.7.11a-3+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 0.7.11a-4. Link to comment Share on other sites More sharing options...
sunrat Posted September 26, 2016 Share Posted September 26, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3677-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libarchive CVE ID : CVE-2016-5418 CVE-2016-6250 CVE-2016-7166 Debian Bug : 837714 Several vulnerabilities were discovered in libarchive, a multi-format archive and compression library, which may lead to denial of service (memory consumption and application crash), bypass of sandboxing restrictions and overwrite arbitrary files with arbitrary data from an archive, or the execution of arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 3.1.2-11+deb8u3. Link to comment Share on other sites More sharing options...
sunrat Posted September 27, 2016 Share Posted September 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3678-1 security@debian.org https://www.debian.org/security/ Florian Weimer September 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2016-7401 Sergey Bobrov discovered that cookie parsing in Django and Google Analytics interacted such a way that an attacker could set arbitrary cookies. This allows other malicious web sites to bypass the Cross-Site Request Forgery (CSRF) protections built into Django. For the stable distribution (jessie), this problem has been fixed in version 1.7.11-1+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1:1.10-1. Link to comment Share on other sites More sharing options...
sunrat Posted September 27, 2016 Share Posted September 27, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3679-1 security@debian.org https://www.debian.org/security/ Florian Weimer September 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : jackrabbit CVE ID : CVE-2016-6801 Debian Bug : 838204 Lukas Reschke discovered that Apache Jackrabbit, an implementation of the Content Repository for Java Technology API, did not correctly check the Content-Type header on HTTP POST requests, enabling Cross-Site Request Forgery (CSRF) attacks by malicious web sites. For the stable distribution (jessie), this problem has been fixed in version 2.3.6-1+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 2.12.4-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3680-1 security@debian.org https://www.debian.org/security/ Florian Weimer September 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : bind9 CVE ID : CVE-2016-2775 CVE-2016-2776 Debian Bug : 831796 839010 Two vulnerabilities were reported in BIND, a DNS server. CVE-2016-2775 The lwresd component in BIND (which is not enabled by default) could crash while processing an overlong request name. This could lead to a denial of service. CVE-2016-2776 A crafted query could crash the BIND name server daemon, leading to a denial of service. All server roles (authoritative, recursive and forwarding) in default configurations are are affected. For the stable distribution (jessie), these problems have been fixed in version 1:9.9.5.dfsg-9+deb8u7. Link to comment Share on other sites More sharing options...
sunrat Posted September 29, 2016 Share Posted September 29, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3681-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez September 29, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wordpress CVE ID : CVE-2016-4029 CVE-2016-6634 CVE-2016-6635 CVE-2016-7168 CVE-2016-7169 Debian Bug : 837090 Several vulnerabilities were discovered in wordpress, a web blogging tool, which could allow remote attackers to compromise a site via cross-site scripting, cross-site request forgery, path traversal, or bypass restrictions. For the stable distribution (jessie), these problems have been fixed in version 4.1+dfsg-1+deb8u10. Link to comment Share on other sites More sharing options...
sunrat Posted October 1, 2016 Share Posted October 1, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3682-1 security@debian.org https://www.debian.org/security/ Florian Weimer September 30, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : c-ares CVE ID : CVE-2016-5180 Debian Bug : 839151 Gzob Qq discovered that the query-building functions in c-ares, an asynchronous DNS request library would not correctly process crafted query names, resulting in a heap buffer overflow and potentially leading to arbitrary code execution. For the stable distribution (jessie), this problem has been fixed in version 1.10.0-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1.12.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted October 2, 2016 Share Posted October 2, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3681-2 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez October 01, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wordpress Debian Bug : #839190 It was discovered that the patch to fix CVE-2016-6635 added a function already present in the code, preventing the website to display completely. The package has been updated to fix this regression. For the stable distribution (jessie), this problem has been fixed in version 4.1+dfsg-1+deb8u11. Link to comment Share on other sites More sharing options...
sunrat Posted October 2, 2016 Share Posted October 2, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3683-1 security@debian.org https://www.debian.org/security/ Michael Gilbert October 02, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium-browser CVE ID : CVE-2016-5177 CVE-2016-5178 Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5177 A use-after-free issue was discovered in the v8 javascript library. CVE-2016-5178 The chrome development team found and fixed various issues during internal auditing. For the stable distribution (jessie), these problems have been fixed in version 53.0.2785.143-1~deb8u1. For the testing distribution (stretch), these problems will be fixed soon. For the unstable distribution (sid), these problems have been fixed in version 53.0.2785.143-1. Link to comment Share on other sites More sharing options...
sunrat Posted October 3, 2016 Share Posted October 3, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3684-1 security@debian.org https://www.debian.org/security/ Florian Weimer October 03, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libdbd-mysql-perl CVE ID : CVE-2016-1246 Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service. For the stable distribution (jessie), this problem has been fixed in version 4.028-2+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted October 4, 2016 Share Posted October 4, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3685-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libav CVE ID : CVE-2016-7424 Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.8 For the stable distribution (jessie), these problems have been fixed in version 6:11.8-1~deb8u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3686-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-2836 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), this problem has been fixed in version 1:45.3.0-1~deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1:45.3.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted October 5, 2016 Share Posted October 5, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3687-1 security@debian.org https://www.debian.org/security/ Florian Weimer October 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nspr CVE ID : CVE-2016-1951 Debian Bug : 583651 Two vulnerabilities were reported in NSPR, a library to abstract over operating system interfaces developed by the Mozilla project. CVE-2016-1951 q1 reported that the NSPR implementation of sprintf-style string formatting function miscomputed memory allocation sizes, potentially leading to heap-based buffer overflows The second issue concerns environment variable processing in NSPR. The library did not ignore environment variables used to configuring logging and tracing in processes which underwent a SUID/SGID/AT_SECURE transition at process start. In certain system configurations, this allowed local users to escalate their privileges. In addition, this nspr update contains further stability and correctness fixes and contains support code for an upcoming nss update. For the stable distribution (jessie), these problems have been fixed in version 2:4.12-1+debu8u1. For the unstable distribution (sid), these problems have been fixed in version 2:4.12-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3688-1 security@debian.org https://www.debian.org/security/ Florian Weimer October 05, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nss CVE ID : CVE-2015-4000 CVE-2015-7181 CVE-2015-7182 CVE-2015-7575 CVE-2016-1938 CVE-2016-1950 CVE-2016-1978 CVE-2016-1979 CVE-2016-2834 Debian Bug : 583651 Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project. CVE-2015-4000 David Adrian et al. reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of data encrypted with Transport Layer Security (TLS). CVE-2015-7181 CVE-2015-7182 CVE-2016-1950 Tyson Smith, David Keeler, and Francis Gabriel discovered heap-based buffer overflows in the ASN.1 DER parser, potentially leading to arbitrary code execution. CVE-2015-7575 Karthikeyan Bhargavan discovered that TLS client implementation accepted MD5-based signatures for TLS 1.2 connections with forward secrecy, weakening the intended security strength of TLS connections. CVE-2016-1938 Hanno Boeck discovered that NSS miscomputed the result of integer division for certain inputs. This could weaken the cryptographic protections provided by NSS. However, NSS implements RSA-CRT leak hardening, so RSA private keys are not directly disclosed by this issue. CVE-2016-1978 Eric Rescorla discovered a user-after-free vulnerability in the implementation of ECDH-based TLS handshakes, with unknown consequences. CVE-2016-1979 Tim Taubert discovered a use-after-free vulnerability in ASN.1 DER processing, with application-specific impact. CVE-2016-2834 Tyson Smith and Jed Davis discovered unspecified memory-safety bugs in NSS. In addition, the NSS library did not ignore environment variables in processes which underwent a SUID/SGID/AT_SECURE transition at process start. In certain system configurations, this allowed local users to escalate their privileges. This update contains further correctness and stability fixes without immediate security impact. For the stable distribution (jessie), these problems have been fixed in version 2:3.26-1+debu8u1. For the unstable distribution (sid), these problems have been fixed in version 2:3.23-1. Link to comment Share on other sites More sharing options...
sunrat Posted October 9, 2016 Share Posted October 9, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3689-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 08, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2016-7124 CVE-2016-7125 CVE-2016-7126 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.26, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.25 https://php.net/ChangeLog-5.php#5.6.26 For the stable distribution (jessie), these problems have been fixed in version 5.6.26+dfsg-0+deb8u1. Link to comment Share on other sites More sharing options...
sunrat Posted October 11, 2016 Share Posted October 11, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3690-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-5257 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), this problem has been fixed in version 1:45.4.0-1~deb8u1. For the testing distribution (stretch), this problem has been fixed in version 1:45.4.0-1. For the unstable distribution (sid), this problem has been fixed in version 1:45.4.0-1. Link to comment Share on other sites More sharing options...
sunrat Posted October 12, 2016 Share Posted October 12, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3691-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 12, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript CVE ID : CVE-2013-5653 CVE-2016-7976 CVE-2016-7977 CVE-2016-7978 CVE-2016-7979 CVE-2016-8602 Debian Bug : 839118 839260 839841 839845 839846 840451 Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or information disclosure if a specially crafted Postscript file is processed. For the stable distribution (jessie), these problems have been fixed in version 9.06~dfsg-2+deb8u3. Link to comment Share on other sites More sharing options...
sunrat Posted October 13, 2016 Share Posted October 13, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3692-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 13, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : freeimage CVE ID : CVE-2015-3885 CVE-2016-5684 Multiple vulnerabilities were discovered in the FreeImage multimedia library, which might result in denial of service or the execution of arbitrary code if a malformed XMP or RAW image is processed. For the stable distribution (jessie), these problems have been fixed in version 3.15.4-4.2+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 3.17.0+ds1-3. For the unstable distribution (sid), these problems have been fixed in version 3.17.0+ds1-3. Link to comment Share on other sites More sharing options...
sunrat Posted October 17, 2016 Share Posted October 17, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3693-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 14, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libgd2 CVE ID : CVE-2016-7568 Multiple vulnerabilities have been discovered in the GD Graphics Library, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed. For the stable distribution (jessie), this problem has been fixed in version 2.1.0-5+deb8u7. For the unstable distribution (sid), this problem will be fixed soon. Link to comment Share on other sites More sharing options...
sunrat Posted October 18, 2016 Share Posted October 18, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3694-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 18, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : tor CVE ID : not yet available It has been discovered that Tor treats the contents of some buffer chunks as if they were a NUL-terminated string. This issue could enable a remote attacker to crash a Tor client, hidden service, relay, or authority. For the stable distribution (jessie), this problem has been fixed in version 0.2.5.12-3. For the unstable distribution (sid), this problem has been fixed in version 0.2.8.9-1. For the experimental distribution, this problem has been fixed in version 0.2.9.4-alpha-1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-3695-1 security@debian.org https://www.debian.org/security/ Florian Weimer October 18, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : quagga CVE ID : CVE-2016-1245 Debian Bug : 841162 It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. For the stable distribution (jessie), this problem has been fixed in version 0.99.23.1-1+deb8u3. Link to comment Share on other sites More sharing options...
sunrat Posted October 19, 2016 Share Posted October 19, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3696-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 19, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2015-8956 CVE-2016-5195 CVE-2016-7042 CVE-2016-7425 Debian Bug : 831014 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8956 It was discovered that missing input sanitising in RFCOMM Bluetooth socket handling may result in denial of service or information leak. CVE-2016-5195 It was discovered that a race condition in the memory management code can be used for local privilege escalation. CVE-2016-7042 Ondrej Kozina discovered that incorrect buffer allocation in the proc_keys_show() function may result in local denial of service. CVE-2016-7425 Marco Grassi discovered a buffer overflow in the arcmsr SCSI driver which may result in local denial of service, or potentially, arbitrary code execution. Additionally this update fixes a regression introduced in DSA-3616-1 causing iptables performance issues (cf. Debian Bug #831014). For the stable distribution (jessie), these problems have been fixed in version 3.16.36-1+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted October 21, 2016 Share Posted October 21, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3697-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 21, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : kdepimlibs CVE ID : CVE-2016-7966 Roland Tapken discovered that insufficient input sanitising in KMail's plain text viewer allowed the injection of HTML code. For the stable distribution (jessie), this problem has been fixed in version 4:4.14.2-2+deb8u2. Link to comment Share on other sites More sharing options...
sunrat Posted October 25, 2016 Share Posted October 25, 2016 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3698-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 24, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : not yet available Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.27, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.27 For the stable distribution (jessie), this problem has been fixed in version 5.6.27+dfsg-0+deb8u1. Link to comment Share on other sites More sharing options...
Recommended Posts