Jump to content

Bruno
 Share

Recommended Posts

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4040-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 17, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imagemagick

CVE ID : CVE-2017-11352 CVE-2017-11640 CVE-2017-12431

CVE-2017-12640 CVE-2017-12877 CVE-2017-12983

CVE-2017-13134 CVE-2017-13139 CVE-2017-13144

CVE-2017-13758 CVE-2017-13769 CVE-2017-14224

CVE-2017-14607 CVE-2017-14682 CVE-2017-14989

CVE-2017-15277 CVE-2017-16546

 

This update fixes several vulnerabilities in imagemagick: Various memory

handling problems and cases of missing or incomplete input sanitising

may result in denial of service, memory disclosure or the execution of

arbitrary code if malformed image files are processed.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 8:6.8.9.9-5+deb8u11.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4041-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 19, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : procmail

CVE ID : CVE-2017-16844

Debian Bug : 876511

 

Jakub Wilk reported a heap-based buffer overflow vulnerability in

procmail's formail utility when processing specially-crafted email

headers. A remote attacker could use this flaw to cause formail to

crash, resulting in a denial of service or data loss.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 3.22-24+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 3.22-25+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4042-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 19, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libxml-libxml-perl

CVE ID : CVE-2017-10672

Debian Bug : 866676

 

A use-after-free vulnerability was discovered in XML::LibXML, a Perl

interface to the libxml2 library, allowing an attacker to execute

arbitrary code by controlling the arguments to a replaceChild() call.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.0116+dfsg-1+deb8u2.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.0128+dfsg-1+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4043-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 21, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

CVE ID : CVE-2017-14746 CVE-2017-15275

 

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,

print, and login server for Unix. The Common Vulnerabilities and

Exposures project identifies the following issues:

 

CVE-2017-14746

 

Yihan Lian and Zhibin Hu of Qihoo 360 GearTeam discovered a

use-after-free vulnerability allowing a client to compromise a SMB

server via malicious SMB1 requests.

 

CVE-2017-15275

 

Volker Lendecke of SerNet and the Samba team discovered that Samba

is prone to a heap memory information leak, where server allocated

heap memory may be returned to the client without being cleared.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2:4.2.14+dfsg-0+deb8u9.

 

For the stable distribution (stretch), these problems have been fixed in

version 2:4.5.12+dfsg-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4044-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

November 21, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : swauth

CVE ID : CVE-2017-16613

Debian Bug : 882314

 

A vulnerability has been discovered in swauth, an authentication system for

Swift, a distributed virtual object store used in Openstack.

 

The authentication token for an user is saved in clear text to the log file,

which could enable an attacker with access to the logs to bypass the

authentication provided by swauth.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.2.0-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4045-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 21, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : vlc

CVE ID : CVE-2017-9300 CVE-2017-10699

 

Several vulnerabilities have been found in VLC, the VideoLAN project's

media player. Processing malformed media files could lead to denial of

service and potentially the execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2.2.7-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.2.7-1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4046-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

November 22, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libspring-ldap-java

CVE ID : CVE-2017-8028

 

Tobias Schneider discovered that libspring-ldap-java, a Java library

for Spring-based applications using the Lightweight Directory Access

Protocol, would under some circumstances allow authentication with a

correct username but an arbitrary password.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.3.1.RELEASE-5+deb8u1.

 

We recommend that you upgrade your libspring-ldap-java packages.

 

For the detailed security status of libspring-ldap-java please refer to

its security tracker page at:

https://security-tracker.debian.org/tracker/libspring-ldap-java

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4047-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 23, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : otrs2

CVE ID : CVE-2017-15864 CVE-2017-16664

 

Two vulnerabilities were discovered in the Open Ticket Request System

which could result in disclosure of database credentials or the

execution of arbitrary shell commands by logged-in agents.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 3.3.18-1+deb8u2.

 

For the stable distribution (stretch), these problems have been fixed in

version 5.0.16-1+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4048-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 23, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295

CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348

CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356

CVE-2017-10357 CVE-2017-10388

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in impersonation

of Kerberos services, denial of service, sandbox bypass or HTTP header

injection.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 7u151-2.6.11-2~deb8u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4049-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 27, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ffmpeg

CVE ID : CVE-2017-15186 CVE-2017-15672 CVE-2017-16840

 

Several vulnerabilities have been discovered in the FFmpeg multimedia

framework, which could result in denial of service or potentially the

execution of arbitrary code if malformed files/streams are processed.

 

For the stable distribution (stretch), these problems have been fixed in

version 7:3.2.9-1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4050-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

November 28, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xen

CVE ID : CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319

CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15592

CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-15597

 

Multiple vulnerabilities have been discovered in the Xen hypervisor, which

could result in denial of service, information leaks, privilege escalation

or the execution of arbitrary code.

 

For the oldstable distribution (jessie) a separate update will be

released.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.8.2+xsa245-0+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4051-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

November 29, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : curl

CVE ID : CVE-2017-8816 CVE-2017-8817

 

Two vulnerabilities were discovered in cURL, an URL transfer library.

 

CVE-2017-8816

 

Alex Nichols discovered a buffer overrun flaw in the NTLM authentication

code which can be triggered on 32bit systems where an integer overflow

might occur when calculating the size of a memory allocation.

 

CVE-2017-8817

 

Fuzzing by the OSS-Fuzz project led to the discovery of a read out of

bounds flaw in the FTP wildcard function in libcurl. A malicious server

could redirect a libcurl-based client to an URL using a wildcard pattern,

triggering the out-of-bound read.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 7.38.0-4+deb8u8.

 

For the stable distribution (stretch), these problems have been fixed in

version 7.52.1-5+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4052-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 29, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bzr

CVE ID : CVE-2017-14176

Debian Bug : 874429

 

Adam Collard discovered that Bazaar, an easy to use distributed version

control system, did not correctly handle maliciously constructed bzr+ssh

URLs, allowing a remote attackers to run an arbitrary shell command.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.6.0+bzr6595-6+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.7.0+bzr6619-7+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4053-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

November 30, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : exim4

CVE ID : CVE-2017-16943 CVE-2017-16944

Debian Bug : 882648 882671

 

Several vulnerabilities have been discovered in Exim, a mail transport

agent. The Common Vulnerabilities and Exposures project identifies the

following issues:

 

CVE-2017-16943

 

A use-after-free vulnerability was discovered in Exim's routines

responsible for parsing mail headers. A remote attacker can take

advantage of this flaw to cause Exim to crash, resulting in a denial

of service, or potentially for remote code execution.

 

CVE-2017-16944

 

It was discovered that Exim does not properly handle BDAT data

headers allowing a remote attacker to cause Exim to crash, resulting

in a denial of service.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.89-2+deb9u2. Default installations disable advertising the

ESMTP CHUNKING extension and are not affected by these issues.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4054-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 03, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tor

CVE ID : CVE-2017-8819 CVE-2017-8820 CVE-2017-8821 CVE-2017-8822

CVE-2017-8823

 

Multiple vulnerabilities have been found in Tor, a connection-based

low-latency anonymous communication system.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 0.2.5.16-1.

 

For the stable distribution (stretch), these problems have been fixed in

version 0.2.9.14-1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4055-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

December 07, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : heimdal

CVE ID : CVE-2017-17439

Debian Bug : 878144

 

Michael Eder and Thomas Kittel discovered that Heimdal, an

implementation of Kerberos 5 that aims to be compatible with MIT

Kerberos, did not correctly handle ASN.1 data. This would allow an

unauthenticated remote attacker to cause a denial of service (crash of

the KDC daemon) by sending maliciously crafted packets.

 

For the stable distribution (stretch), this problem has been fixed in

version 7.1.0+dfsg-13+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4056-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

December 07, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : nova

CVE ID : CVE-2017-16239

Debian Bug : 882009

 

George Shuklin from servers.com discovered that Nova, a cloud

computing fabric controller, did not correctly enforce its image- or

hosts-filters. This allowed an authenticated user to bypass those

filters by simply rebuilding an instance.

 

For the stable distribution (stretch), this problem has been fixed in

version 2:14.0.0-4+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4057-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 08, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : erlang

CVE ID : CVE-2017-1000385

 

It was discovered that the TLS server in Erlang is vulnerable to an

adaptive chosen ciphertext attack against RSA keys.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1:17.3-dfsg-4+deb8u2.

 

For the stable distribution (stretch), this problem has been fixed in

version 1:19.2.1+dfsg-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4058-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 08, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : optipng

CVE ID : CVE-2017-16938 CVE-2017-1000229

Debian Bug : 878839 882032

 

Two vulnerabilities were discovered in optipng, an advanced PNG

optimizer, which may result in denial of service or the execution of

arbitrary code if a malformed file is processed.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 0.7.5-1+deb8u2.

 

For the stable distribution (stretch), these problems have been fixed in

version 0.7.6-1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4059-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 08, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libxcursor

CVE ID : CVE-2017-16612

Debian Bug : 883792

 

It was discovered that libXcursor, a X cursor management library, is

prone to several heap overflows when parsing malicious files. An

attacker can take advantage of these flaws for arbitrary code execution,

if a user is tricked into processing a specially crafted cursor file.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:1.1.14-1+deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:1.1.14-1+deb9u1.

Link to comment
Share on other sites

New update versions for Stretch and Jessie. Open the News links for a full list of updated packages.

 

------------------------------------------------------------------------

The Debian Project https://www.debian.org/

Updated Debian 9: 9.3 released press@debian.org

December 9th, 2017 https://www.debian.org/News/2017/2017120902

------------------------------------------------------------------------

 

 

The Debian project is pleased to announce the third update of its stable

distribution Debian 9 (codename "stretch"). This point release mainly

adds corrections for security issues, along with a few adjustments for

serious problems. Security advisories have already been published

separately and are referenced where available.

 

Please note that the point release does not constitute a new version of

Debian 9 but only updates some of the packages included. There is no

need to throw away old "stretch" media. After installation, packages can

be upgraded to the current versions using an up-to-date Debian mirror.

 

Those who frequently install updates from security.debian.org won't have

to update many packages, and most such updates are included in the point

release.

 

New installation images will be available soon at the regular locations.

 

Upgrading an existing installation to this revision can be achieved by

pointing the package management system at one of Debian's many HTTP

mirrors. A comprehensive list of mirrors is available at:

 

https://www.debian.org/mirror/list

 

------------------------------------------------------------------------

The Debian Project https://www.debian.org/

Updated Debian 8: 8.10 released press@debian.org

December 9th, 2017 https://www.debian.org/News/2017/20171209

------------------------------------------------------------------------

 

 

The Debian project is pleased to announce the tenth update of its

oldstable distribution Debian 8 (codename "jessie"). This point release

mainly adds corrections for security issues, along with a few

adjustments for serious problems. Security advisories have already been

published separately and are referenced where available.

 

Please note that the point release does not constitute a new version of

Debian 8 but only updates some of the packages included. There is no

need to throw away old "jessie" media. After installation, packages can

be upgraded to the current versions using an up-to-date Debian mirror.

 

Those who frequently install updates from security.debian.org won't have

to update many packages, and most such updates are included in the point

release.

 

New installation images will be available soon at the regular locations.

 

Upgrading an existing installation to this revision can be achieved by

pointing the package management system at one of Debian's many HTTP

mirrors. A comprehensive list of mirrors is available at:

 

https://www.debian.org/mirror/list

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4060-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 09, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wireshark

CVE ID : CVE-2017-11408 CVE-2017-13766 CVE-2017-17083 CVE-2017-17084

CVE-2017-17085

 

It was discovered that wireshark, a network protocol analyzer, contained

several vulnerabilities in the dissectors for CIP Safety, IWARP_MPA,

NetBIOS, Profinet I/O and AMQP, which result in denial of dervice or the

execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.12.1+g01b65bf-4+deb8u12.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.2.6+g32dac6a-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4061-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 10, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : thunderbird

CVE ID : CVE-2017-7826 CVE-2017-7828 CVE-2017-7830

 

Multiple security issues have been found in Thunderbird, which may lead

to the execution of arbitrary code or denial of service.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:52.5.0-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:52.5.0-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4062-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 10, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2017-7843

 

It discovered that the Private Browsing mode in the Mozilla Firefox

web browser allowed to fingerprint a user across multiple sessions

via IndexedDB.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 52.5.2esr-1~deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 52.5.2esr-1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4063-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 11, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : pdns-recursor

CVE ID : CVE-2017-15120

 

Toshifumi Sakaguchi discovered that PowerDNS Recursor, a high-performance

resolving name server was susceptible to denial of service via a crafted

CNAME answer.

 

The oldstable distribution (jessie) is not affected.

 

For the stable distribution (stretch), this problem has been fixed in

version 4.0.4-1+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4064-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

December 12, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410

CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416

CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420

CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426

CVE-2017-15427

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2017-15407

 

Ned Williamson discovered an out-of-bounds write issue.

 

CVE-2017-15408

 

Ke Liu discovered a heap overflow issue in the pdfium library.

 

CVE-2017-15409

 

An out-of-bounds write issue was discovered in the skia library.

 

CVE-2017-15410

 

Luat Nguyen discovered a use-after-free issue in the pdfium library.

 

CVE-2017-15411

 

Luat Nguyen discovered a use-after-free issue in the pdfium library.

 

CVE-2017-15413

 

Gaurav Dewan discovered a type confusion issue.

 

CVE-2017-15415

 

Viktor Brange discovered an information disclosure issue.

 

CVE-2017-15416

 

Ned Williamson discovered an out-of-bounds read issue.

 

CVE-2017-15417

 

Max May discovered an information disclosure issue in the skia

library.

 

CVE-2017-15418

 

Kushal Arvind Shah discovered an uninitialized value in the skia

library.

 

CVE-2017-15419

 

Jun Kokatsu discoved an information disclosure issue.

 

CVE-2017-15420

 

WenXu Wu discovered a URL spoofing issue.

 

CVE-2017-15423

 

Greg Hudson discovered an issue in the boringssl library.

 

CVE-2017-15424

 

Khalil Zhani discovered a URL spoofing issue.

 

CVE-2017-15425

 

xisigr discovered a URL spoofing issue.

 

CVE-2017-15426

 

WenXu Wu discovered a URL spoofing issue.

 

CVE-2017-15427

 

Junaid Farhan discovered an issue with the omnibox.

 

For the stable distribution (stretch), these problems have been fixed in

version 63.0.3239.84-1~deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4065-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 17, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl1.0

CVE ID : CVE-2017-3737 CVE-2017-3738

 

Multiple vulnerabilities have been discovered in OpenSSL, a Secure

Sockets Layer toolkit. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2017-3737

 

David Benjamin of Google reported that OpenSSL does not properly

handle SSL_read() and SSL_write() while being invoked in an error

state, causing data to be passed without being decrypted or

encrypted directly from the SSL/TLS record layer.

 

CVE-2017-3738

 

It was discovered that OpenSSL contains an overflow bug in the AVX2

Montgomery multiplication procedure used in exponentiation with

1024-bit moduli.

 

Details can be found in the upstream advisory:

https://www.openssl.org/news/secadv/20171207.txt

 

For the stable distribution (stretch), these problems have been fixed in

version 1.0.2l-2+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4066-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 17, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : otrs2

CVE ID : CVE-2017-16854 CVE-2017-16921

 

Two vulnerabilities were discovered in the Open Ticket Request System

which could result in information disclosure or the execution of arbitrary

shell commands by logged-in agents.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 3.3.18-1+deb8u3.

 

For the stable distribution (stretch), these problems have been fixed in

version 5.0.16-1+deb9u4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4067-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 17, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openafs

CVE ID : CVE-2017-17432

 

It was discovered that malformed jumbogram packets could result in

denial of service against OpenAFS, an implementation of the Andrew

distributed file system.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.6.9-2+deb8u6. This update also provides corrections for

CVE-2016-4536 and CVE-2016-9772.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.6.20-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4068-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 17, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : rsync

CVE ID : CVE-2017-16548 CVE-2017-17433 CVE-2017-17434

Debian Bug : 880954 883665 883667

 

Several vulnerabilities were discovered in rsync, a fast, versatile,

remote (and local) file-copying tool, allowing a remote attacker to

bypass intended access restrictions or cause a denial of service.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 3.1.1-3+deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 3.1.2-1+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4069-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 20, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : otrs2

CVE ID : CVE-2017-17476

Debian Bug : 884801

 

Francesco Sirocco discovered a flaw in otrs2, the Open Ticket Request

System, which could result in session information disclosure when cookie

support is disabled. A remote attacker can take advantage of this flaw

to take over an agent's session if the agent is tricked into clicking a

link in a specially crafted mail.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 3.3.18-1+deb8u4.

 

For the stable distribution (stretch), this problem has been fixed in

version 5.0.16-1+deb9u5.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4070-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 21, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : enigmail

CVE ID : not yet available

 

Multiple vulnerabilities were discovered in Enigmail, an OpenPGP

extension for Thunderbird, which could result in a loss of

confidentiality, faked signatures, plain text leaks and denial of

service. Additional information can be found under

https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2:1.9.9-1~deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 2:1.9.9-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4071-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 21, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : sensible-utils

CVE ID : CVE-2017-17512

Debian Bug : 881767

 

Gabriel Corona reported that sensible-browser from sensible-utils, a

collection of small utilities used to sensibly select and spawn an

appropriate browser, editor or pager, does not validate strings before

launching the program specified by the BROWSER environment variable,

potentially allowing a remote attacker to conduct argument-injection

attacks if a user is tricked into processing a specially crafted URL.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 0.0.9+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 0.0.9+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4072-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 21, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bouncycastle

CVE ID : CVE-2017-13098

 

Hanno Boeck, Juraj Somorovsky and Craig Young discovered that the

TLS implementation in Bouncy Castle is vulnerable to an adaptive chosen

ciphertext attack against RSA keys.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.56-1+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4073-1 security@debian.org

https://www.debian.org/security/ Ben Hutchings

December 23, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2017-8824 CVE-2017-16538 CVE-2017-16644 CVE-2017-16995

CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558

CVE-2017-17712 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806

CVE-2017-17807 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864

CVE-2017-1000407 CVE-2017-1000410

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a privilege escalation, denial of service or information

leaks.

 

CVE-2017-8824

 

Mohamed Ghannam discovered that the DCCP implementation did not

correctly manage resources when a socket is disconnected and

reconnected, potentially leading to a use-after-free. A local

user could use this for denial of service (crash or data

corruption) or possibly for privilege escalation. On systems that

do not already have the dccp module loaded, this can be mitigated

by disabling it:

echo >> /etc/modprobe.d/disable-dccp.conf install dccp false

 

CVE-2017-16538

 

Andrey Konovalov reported that the dvb-usb-lmedm04 media driver

did not correctly handle some error conditions during

initialisation. A physically present user with a specially

designed USB device can use this to cause a denial of service

(crash).

 

CVE-2017-16644

 

Andrey Konovalov reported that the hdpvr media driver did not

correctly handle some error conditions during initialisation. A

physically present user with a specially designed USB device can

use this to cause a denial of service (crash).

 

CVE-2017-16995

 

Jann Horn discovered that the Extended BPF verifier did not

correctly model the behaviour of 32-bit load instructions. A

local user can use this for privilege escalation.

 

CVE-2017-17448

 

Kevin Cernekee discovered that the netfilter subsystem allowed

users with the CAP_NET_ADMIN capability in any user namespace, not

just the root namespace, to enable and disable connection tracking

helpers. This could lead to denial of service, violation of

network security policy, or have other impact.

 

CVE-2017-17449

 

Kevin Cernekee discovered that the netlink subsystem allowed

users with the CAP_NET_ADMIN capability in any user namespace

to monitor netlink traffic in all net namespaces, not just

those owned by that user namespace. This could lead to

exposure of sensitive information.

 

CVE-2017-17450

 

Kevin Cernekee discovered that the xt_osf module allowed users

with the CAP_NET_ADMIN capability in any user namespace to modify

the global OS fingerprint list.

 

CVE-2017-17558

 

Andrey Konovalov reported that that USB core did not correctly

handle some error conditions during initialisation. A physically

present user with a specially designed USB device can use this to

cause a denial of service (crash or memory corruption), or

possibly for privilege escalation.

 

CVE-2017-17712

 

Mohamed Ghannam discovered a race condition in the IPv4 raw socket

implementation. A local user could use this to obtain sensitive

information from the kernel.

 

CVE-2017-17741

 

Dmitry Vyukov reported that the KVM implementation for x86 would

over-read data from memory when emulating an MMIO write if the

kvm_mmio tracepoint was enabled. A guest virtual machine might be

able to use this to cause a denial of service (crash).

 

CVE-2017-17805

 

It was discovered that some implementations of the Salsa20 block

cipher did not correctly handle zero-length input. A local user

could use this to cause a denial of service (crash) or possibly

have other security impact.

 

CVE-2017-17806

 

It was discovered that the HMAC implementation could be used with

an underlying hash algorithm that requires a key, which was not

intended. A local user could use this to cause a denial of

service (crash or memory corruption), or possibly for privilege

escalation.

 

CVE-2017-17807

 

Eric Biggers discovered that the KEYS subsystem lacked a check for

write permission when adding keys to a process's default keyring.

A local user could use this to cause a denial of service or to

obtain sensitive information.

 

CVE-2017-17862

 

Alexei Starovoitov discovered that the Extended BPF verifier

ignored unreachable code, even though it would still be processed

by JIT compilers. This could possibly be used by local users for

denial of service. It also increases the severity of bugs in

determining unreachable code.

 

CVE-2017-17863

 

Jann Horn discovered that the Extended BPF verifier did not

correctly model pointer arithmetic on the stack frame pointer.

A local user can use this for privilege escalation.

 

CVE-2017-17864

 

Jann Horn discovered that the Extended BPF verifier could fail to

detect pointer leaks from conditional code. A local user could

use this to obtain sensitive information in order to exploit

other vulnerabilities.

 

CVE-2017-1000407

 

Andrew Honig reported that the KVM implementation for Intel

processors allowed direct access to host I/O port 0x80, which

is not generally safe. On some systems this allows a guest

VM to cause a denial of service (crash) of the host.

 

CVE-2017-1000410

 

Ben Seri reported that the Bluetooth subsystem did not correctly

handle short EFS information elements in L2CAP messages. An

attacker able to communicate over Bluetooth could use this to

obtain sensitive information from the kernel.

 

The various problems in the Extended BPF verifier can be mitigated by

disabling use of Extended BPF by unprivileged users:

sysctl kernel.unprivileged_bpf_disabled=1

 

Debian disables unprivileged user namespaces by default, but if they

are enabled (via the kernel.unprivileged_userns_clone sysctl) then

CVE-2017-17448 can be exploited by any local user.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.9.65-3+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4074-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 28, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : imagemagick

CVE ID : CVE-2017-12877 CVE-2017-16546 CVE-2017-17499

CVE-2017-17504 CVE-2017-17879

 

This update fixes several vulnerabilities in imagemagick: Various memory

handling problems and cases of missing or incomplete input sanitising may

result in denial of service, memory disclosure or the execution of

arbitrary code if malformed image files are processed.

 

For the stable distribution (stretch), these problems have been fixed in

version 8:6.9.7.4+dfsg-11+deb9u4.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4075-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 29, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : thunderbird

CVE ID : CVE-2017-7826 CVE-2017-7828 CVE-2017-7829 CVE-2017-7830

CVE-2017-7846 CVE-2017-7847 CVE-2017-7848

 

Multiple security issues have been found in Thunderbird, which may lead

to the execution of arbitrary code, denial of service, information

disclosure or spoofing of sender's email addresses.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:52.5.2-2~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:52.5.2-2~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4076-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

December 30, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : asterisk

CVE ID : CVE-2017-16671 CVE-2017-16672 CVE-2017-17090

CVE-2017-17664

 

Multiple vulnerabilities have been discovered in Asterisk, an open source

PBX and telephony toolkit, which may result in denial of service,

information disclosure and potentially the execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:11.13.1~dfsg-2+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:13.14.1~dfsg-2+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4077-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

December 30, 2017 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gimp

CVE ID : CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 CVE-2017-17787

CVE-2017-17788 CVE-2017-17789

Debian Bug : 884836 884837 884862 884925 884927 885347

 

Several vulnerabilities were discovered in GIMP, the GNU Image

Manipulation Program, which could result in denial of service

(application crash) or potentially the execution of arbitrary code if

malformed files are opened.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2.8.14-1+deb8u2.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.8.18-1+deb9u1.

Link to comment
Share on other sites

  • 2 weeks later...

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4078-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

January 04, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2017-5754

 

Multiple researchers have discovered a vulnerability in Intel processors,

enabling an attacker controlling an unprivileged process to read memory from

arbitrary addresses, including from the kernel and all other processes running

on the system.

 

This specific attack has been named Meltdown and is addressed in the Linux

kernel for the Intel x86-64 architecture by a patch set named Kernel Page Table

Isolation, enforcing a near complete separation of the kernel and userspace

address maps and preventing the attack. This solution might have a performance

impact, and can be disabled at boot time by passing `pti=off' to the kernel

command line.

 

We also identified a regression for ancient userspaces using the vsyscall

interface, for example chroot and containers using (e)glibc 2.13 and older,

including those based on Debian 7 or RHEL/CentOS 6. This regression will be

fixed in a later update.

 

The other vulnerabilities (named Spectre) published at the same time are not

addressed in this update and will be fixed in a later update.

 

For the oldstable distribution (jessie), this problem will be fixed in a

separate update.

 

For the stable distribution (stretch), this problem has been fixed in

version 4.9.65-3+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4079-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 07, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : poppler

CVE ID : CVE-2017-9406 CVE-2017-9408 CVE-2017-9775

CVE-2017-9776 CVE-2017-9865 CVE-2017-14517

CVE-2017-14518 CVE-2017-14519 CVE-2017-14520

CVE-2017-14975 CVE-2017-14976 CVE-2017-14977

CVE-2017-15565

 

Multiple vulnerabilities were discovered in the poppler PDF rendering

library, which could result in denial of service or the execution of

arbitrary code if a malformed PDF file is processed.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 0.26.5-2+deb8u2.

 

For the stable distribution (stretch), these problems have been fixed in

version 0.48.0-2+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4080-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 08, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php7.0

CVE ID : CVE-2017-11144 CVE-2017-11145 CVE-2017-11628

CVE-2017-12932 CVE-2017-12933 CVE-2017-12934

CVE-2017-16642

 

Several vulnerabilities were found in PHP, a widely-used open source

general purpose scripting language:

 

CVE-2017-11144

 

Denial of service in openssl extension due to incorrect return value

check of OpenSSL sealing function

 

CVE-2017-11145

 

Out-of-bounds read in wddx_deserialize()

 

CVE-2017-11628

 

Buffer overflow in PHP INI parsing API

 

CVE-2017-12932 / CVE-2017-12934

 

Use-after-frees during unserialisation

 

CVE-2017-12933

 

Buffer overread in finish_nested_data()

 

CVE-2017-16642

 

Out-of-bounds read in timelib_meridian()

 

For the stable distribution (stretch), these problems have been fixed in

version 7.0.27-0+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4081-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 08, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : php5

CVE ID : CVE-2017-11142 CVE-2017-11143 CVE-2017-11144

CVE-2017-11145 CVE-2017-11628 CVE-2017-12933

CVE-2017-16642

 

Several vulnerabilities were found in PHP, a widely-used open source

general purpose scripting language:

 

CVE-2017-11142

 

Denial of service via overly long form variables

 

CVE-2017-11143

 

Invalid free() in wddx_deserialize()

 

CVE-2017-11144

 

Denial of service in openssl extension due to incorrect return value

check of OpenSSL sealing function.

 

CVE-2017-11145

 

Out-of-bounds read in wddx_deserialize()

 

CVE-2017-11628

 

Buffer overflow in PHP INI parsing API

 

CVE-2017-12933

 

Buffer overread in finish_nested_data()

 

CVE-2017-16642

 

Out-of-bounds read in timelib_meridian()

 

For the oldstable distribution (jessie), these problems have been fixed

in version 5.6.33+dfsg-0+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4082-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 09, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2017-5754 CVE-2017-8824 CVE-2017-15868 CVE-2017-16538

CVE-2017-16939 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450

CVE-2017-17558 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806

CVE-2017-17807 CVE-2017-1000407 CVE-2017-1000410

 

Several vulnerabilities have been discovered in the Linux kernel that

may lead to a privilege escalation, denial of service or information

leaks.

 

CVE-2017-5754

 

Multiple researchers have discovered a vulnerability in Intel

processors, enabling an attacker controlling an unprivileged

process to read memory from arbitrary addresses, including from

the kernel and all other processes running on the system.

 

This specific attack has been named Meltdown and is addressed in

the Linux kernel for the Intel x86-64 architecture by a patch set

named Kernel Page Table Isolation, enforcing a near complete

separation of the kernel and userspace address maps and preventing

the attack. This solution might have a performance impact, and can

be disabled at boot time by passing `pti=off' to the kernel

command line.

 

CVE-2017-8824

 

Mohamed Ghannam discovered that the DCCP implementation did not

correctly manage resources when a socket is disconnected and

reconnected, potentially leading to a use-after-free. A local

user could use this for denial of service (crash or data

corruption) or possibly for privilege escalation. On systems that

do not already have the dccp module loaded, this can be mitigated

by disabling it:

echo >> /etc/modprobe.d/disable-dccp.conf install dccp false

 

CVE-2017-15868

 

Al Viro found that the Bluebooth Network Encapsulation Protocol

(BNEP) implementation did not validate the type of the second

socket passed to the BNEPCONNADD ioctl(), which could lead to

memory corruption. A local user with the CAP_NET_ADMIN capability

can use this for denial of service (crash or data corruption) or

possibly for privilege escalation.

 

CVE-2017-16538

 

Andrey Konovalov reported that the dvb-usb-lmedm04 media driver

did not correctly handle some error conditions during

initialisation. A physically present user with a specially

designed USB device can use this to cause a denial of service

(crash).

 

CVE-2017-16939

 

Mohamed Ghannam reported (through Beyond Security's SecuriTeam

Secure Disclosure program) that the IPsec (xfrm) implementation

did not correctly handle some failure cases when dumping policy

information through netlink. A local user with the CAP_NET_ADMIN

capability can use this for denial of service (crash or data

corruption) or possibly for privilege escalation.

 

CVE-2017-17448

 

Kevin Cernekee discovered that the netfilter subsystem allowed

users with the CAP_NET_ADMIN capability in any user namespace, not

just the root namespace, to enable and disable connection tracking

helpers. This could lead to denial of service, violation of

network security policy, or have other impact.

 

CVE-2017-17449

 

Kevin Cernekee discovered that the netlink subsystem allowed

users with the CAP_NET_ADMIN capability in any user namespace

to monitor netlink traffic in all net namespaces, not just

those owned by that user namespace. This could lead to

exposure of sensitive information.

 

CVE-2017-17450

 

Kevin Cernekee discovered that the xt_osf module allowed users

with the CAP_NET_ADMIN capability in any user namespace to modify

the global OS fingerprint list.

 

CVE-2017-17558

 

Andrey Konovalov reported that that USB core did not correctly

handle some error conditions during initialisation. A physically

present user with a specially designed USB device can use this to

cause a denial of service (crash or memory corruption), or

possibly for privilege escalation.

 

CVE-2017-17741

 

Dmitry Vyukov reported that the KVM implementation for x86 would

over-read data from memory when emulating an MMIO write if the

kvm_mmio tracepoint was enabled. A guest virtual machine might be

able to use this to cause a denial of service (crash).

 

CVE-2017-17805

 

Dmitry Vyukov reported that the KVM implementation for x86 would

over-read data from memory when emulating an MMIO write if the

kvm_mmio tracepoint was enabled. A guest virtual machine might be

able to use this to cause a denial of service (crash).

 

CVE-2017-17806

 

It was discovered that the HMAC implementation could be used with

an underlying hash algorithm that requires a key, which was not

intended. A local user could use this to cause a denial of

service (crash or memory corruption), or possibly for privilege

escalation.

 

CVE-2017-17807

 

Eric Biggers discovered that the KEYS subsystem lacked a check for

write permission when adding keys to a process's default keyring.

A local user could use this to cause a denial of service or to

obtain sensitive information.

 

CVE-2017-1000407

 

Andrew Honig reported that the KVM implementation for Intel

processors allowed direct access to host I/O port 0x80, which

is not generally safe. On some systems this allows a guest

VM to cause a denial of service (crash) of the host.

 

CVE-2017-1000410

 

Ben Seri reported that the Bluetooth subsystem did not correctly

handle short EFS information elements in L2CAP messages. An

attacker able to communicate over Bluetooth could use this to

obtain sensitive information from the kernel.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 3.16.51-3+deb8u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4083-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

January 11, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : poco

CVE ID : CVE-2017-1000472

 

Stephan Zeisberg discovered that poco, a collection of open source C++

class libraries, did not correctly validate file paths in ZIP

archives. An attacker could leverage this flaw to create or overwrite

arbitrary files.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.3.6p1-5+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.7.6+dfsg1-5+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4084-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

January 12, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gifsicle

CVE ID : CVE-2017-1000421

 

It was discovered that gifsicle, a tool for manipulating GIF image

files, contained a flaw that could lead to arbitrary code execution.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.86-1+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.88-3+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4085-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 12, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xmltooling

CVE ID : CVE-2018-0486

 

Philip Huppert discovered the Shibboleth service provider is vulnerable

to impersonation attacks and information disclosure due to mishandling

of DTDs in the XMLTooling XML parsing library. For additional details

please refer to the upstream advisory at

https://shibboleth.net/community/advisories/secadv_20180112.txt

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.5.3-2+deb8u2.

 

The stable distribution (stretch) is not affected.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4086-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 13, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libxml2

CVE ID : CVE-2017-15412

Debian Bug : 883790

 

Nick Wellnhofer discovered that certain function calls inside XPath

predicates can lead to use-after-free and double-free errors when

executed by libxml2's XPath engine via an XSLT transformation.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.9.1+dfsg1-5+deb8u6.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.9.4+dfsg1-2.2+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4087-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 14, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : transmission

CVE ID : not yet available

 

Tavis Ormandy discovered a vulnerability in the Transmission BitTorrent

client; insecure RPC handling between the Transmission daemon and the

client interface(s) may result in the execution of arbitrary code if a

user visits a malicious website while Transmission is running.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.84-0.2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.92-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4088-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 15, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gdk-pixbuf

CVE ID : CVE-2017-1000422

 

It was discovered that multiple integer overflows in the GIF image loader

in the GDK Pixbuf library may result in denial of service and potentially

the execution of arbitrary code if a malformed image file is opened.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.31.1-2+deb8u7.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.36.5-2+deb9u2. In addition this update provides fixes for

CVE-2017-6312, CVE-2017-6313 and CVE-2017-6314.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4089-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 16, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : bind9

CVE ID : CVE-2017-3145

 

Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server

implementation, was improperly sequencing cleanup operations, leading in

some cases to a use-after-free error, triggering an assertion failure

and crash in named.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1:9.9.5.dfsg-9+deb8u15.

 

For the stable distribution (stretch), this problem has been fixed in

version 1:9.10.3.dfsg.P4-12.3+deb9u4.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4090-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

January 17, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wordpress

CVE ID : CVE-2017-9066 CVE-2017-16510 CVE-2017-17091 CVE-2017-17092

CVE-2017-17093 CVE-2017-17094

Debian Bug : 862816 883314 880528

 

Several vulnerabilities were discovered in Wordpress, a web blogging

tool. They allowed remote attackers to perform SQL injections and

various Cross-Side Scripting (XSS) and Server-Side Request Forgery

(SSRF) attacks, as well as bypass some access restrictions.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 4.1+dfsg-1+deb8u16.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.7.5+dfsg-2+deb9u2.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4091-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 18, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mysql-5.5

CVE ID : CVE-2018-2562 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665

CVE-2018-2668

 

Several issues have been discovered in the MySQL database server. The

vulnerabilities are addressed by upgrading MySQL to the new upstream

version 5.5.59, which includes additional changes. Please see the MySQL

5.5 Release Notes and Oracle's Critical Patch Update advisory for

further details:

 

https://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-59.html

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

 

For the oldstable distribution (jessie), these problems have been fixed

in version 5.5.59-0+deb8u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4092-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

January 19, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : awstats

CVE ID : CVE-2017-1000501

Debian Bug : 885835

 

The cPanel Security Team discovered that awstats, a log file analyzer,

was vulnerable to path traversal attacks. A remote unauthenticated

attacker could leverage that to perform arbitrary code execution.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 7.2+dfsg-1+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 7.6+dfsg-1+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4093-1 security@debian.org

https://www.debian.org/security/

January 21, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openocd

CVE ID : CVE-2018-5704

Debian Bug : 887488

 

Josef Gajdusek discovered that OpenOCD, a JTAG debugger for ARM and MIPS,

was vulnerable to Cross Protocol Scripting attacks. An attacker could

craft a HTML page that, when visited by a victim running OpenOCD, could

execute arbitrary commands on the victims host.

 

This fix also sets the OpenOCD default binding to localhost, instead of

every network interfaces. This can be changed with the added "bindto"

command argument.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 0.8.0-4+deb7u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 0.9.0-1+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4094-1 security@debian.org

https://www.debian.org/security/

January 22, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : smarty3

CVE ID : CVE-2017-1000480

Debian Bug : 886460

 

It was discovered that Smarty, a PHP template engine, was vulnerable to

code-injection attacks. An attacker was able to craft a filename in

comments that could lead to arbitrary code execution on the host running

Smarty.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 3.1.21-1+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 3.1.31+20161214.1.c7d42e4+selfpack1-2+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4095-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

January 24, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gcab

CVE ID : CVE-2018-5345

Debian Bug : 887776

 

It was discovered that gcab, a Microsoft Cabinet file manipulation tool,

is prone to a stack-based buffer overflow vulnerability when extracting

.cab files. An attacker can take advantage of this flaw to cause a

denial-of-service or, potentially the execution of arbitrary code with

the privileges of the user running gcab, if a specially crafted .cab

file is processed.

 

For the stable distribution (stretch), this problem has been fixed in

version 0.7-2+deb9u1.

Link to comment
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4096-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 25, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096

CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102

CVE-2018-5103 CVE-2018-5104 CVE-2018-5117

 

Several security issues have been found in the Mozilla Firefox web

browser: Multiple memory safety errors, use-after-frees, integer

overflows and other implementation errors may lead to the execution of

arbitrary code, denial of service or URL spoofing.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 52.6.0esr-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 52.6.0esr-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4097-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 25, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : poppler

CVE ID : CVE-2017-14929 CVE-2017-1000456

 

Multiple vulnerabilities were discovered in the poppler PDF rendering

library, which could result in denial of service or the execution of

arbitrary code if a malformed PDF file is processed.

 

This update also fixes a regression in the handling of Type 3 fonts.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 0.26.5-2+deb8u3.

 

For the stable distribution (stretch), these problems have been fixed in

version 0.48.0-2+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4098-1 security@debian.org

https://www.debian.org/security/ Alessandro Ghedini

January 26, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : curl

CVE ID : CVE-2018-1000005 CVE-2018-1000007

 

Two vulnerabilities were discovered in cURL, an URL transfer library.

 

CVE-2018-1000005

 

Zhouyihai Ding discovered an out-of-bounds read in the code

handling HTTP/2 trailers. This issue doesn't affect the oldstable

distribution (jessie).

 

CVE-2018-1000007

 

Craig de Stigter discovered that authentication data might be leaked

to third parties when following HTTP redirects.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 7.38.0-4+deb8u9.

 

For the stable distribution (stretch), these problems have been fixed in

version 7.52.1-5+deb9u4.

Link to comment
Share on other sites

 Share

×
×
  • Create New...