Jump to content

Recommended Posts

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4099-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 27, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ffmpeg

CVE ID : CVE-2017-17081

 

Several vulnerabilities have been discovered in the FFmpeg multimedia

framework, which could result in denial of service or potentially the

execution of arbitrary code if malformed files/streams are processed.

 

For the stable distribution (stretch), this problem has been fixed in

version 7:3.2.10-1~deb9u1.

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4100-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 27, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tiff

CVE ID : CVE-2017-9935 CVE-2017-11335 CVE-2017-12944 CVE-2017-13726

CVE-2017-13727 CVE-2017-18013

 

Multiple vulnerabilities have been discovered in the libtiff library and

the included tools, which may result in denial of service or the

execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 4.0.3-12.3+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.0.8-2+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4101-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 28, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wireshark

CVE ID : CVE-2018-5334 CVE-2018-5335 CVE-2018-5336

 

It was discovered that wireshark, a network protocol analyzer, contained

several vulnerabilities in the dissectors/file parsers for IxVeriWave,

WCP, JSON, XML, NTP, XMPP and GDB, which could result in denial of

dervice or the execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version (1.12.1+g01b65bf-4+deb8u13.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.2.6+g32dac6a-2+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4094-2 security@debian.org

https://www.debian.org/security/

January 30, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : smarty3

CVE ID : CVE-2017-1000480

Debian Bug : 886460

 

Côme Chilliet from the FusionDirectory team detected a regression in the

previously issued fix for CVE-2017-1000480. This regression only affects

the Jessie version of the patch. For reference, the relevant part of the

original advisory text follows.

 

It was discovered that Smarty, a PHP template engine, was vulnerable to

code-injection attacks. An attacker was able to craft a filename in

comments that could lead to arbitrary code execution on the host running

Smarty.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 3.1.21-1+deb8u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4102-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

January 30, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : thunderbird

CVE ID : CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096

CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102

CVE-2018-5103 CVE-2018-5104 CVE-2018-5117

 

Multiple security issues have been found in Thunderbird, which may lead

to the execution of arbitrary code, denial of service or URL spoofing.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:52.6.0-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:52.6.0-1~deb9u1.

Link to post
Share on other sites
  • Replies 1.9k
  • Created
  • Last Reply

Top Posters In This Topic

  • sunrat

    1538

  • V.T. Eric Layton

    171

  • securitybreach

    112

  • Bruno

    65

Top Posters In This Topic

Popular Posts

- ------------------------------------------------------------------------- Debian Security Advisory DSA-3093-1 security@debian.org http://www.debian.org/security/

- ------------------------------------------------------------------------- Debian Security Advisory DSA-3401-1 security@debian.org https://www.debian.org/security/

- ------------------------------------------------------------------------- Debian Security Advisory DSA-4123-1 security@debian.org https://www.debian.org/security/

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4103-1 security@debian.org

https://www.debian.org/security/ Michael Gilbert

January 31, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : chromium-browser

CVE ID : CVE-2017-15420 CVE-2017-15429 CVE-2018-6031 CVE-2018-6032

CVE-2018-6033 CVE-2018-6034 CVE-2018-6035 CVE-2018-6036

CVE-2018-6037 CVE-2018-6038 CVE-2018-6039 CVE-2018-6040

CVE-2018-6041 CVE-2018-6042 CVE-2018-6043 CVE-2018-6045

CVE-2018-6046 CVE-2018-6047 CVE-2018-6048 CVE-2018-6049

CVE-2018-6050 CVE-2018-6051 CVE-2018-6052 CVE-2018-6053

CVE-2018-6054

 

Several vulnerabilities have been discovered in the chromium web browser.

 

CVE-2017-15420

 

Drew Springall discovered a URL spoofing issue.

 

CVE-2017-15429

 

A cross-site scripting issue was discovered in the v8 javascript

library.

 

CVE-2018-6031

 

A use-after-free issue was discovered in the pdfium library.

 

CVE-2018-6032

 

Jun Kokatsu discovered a way to bypass the same origin policy.

 

CVE-2018-6033

 

Juho Nurminen discovered a race condition when opening downloaded

files.

 

CVE-2018-6034

 

Tobias Klein discovered an integer overflow issue.

 

CVE-2018-6035

 

Rob Wu discovered a way for extensions to access devtools.

 

CVE-2018-6036

 

UK's National Cyper Security Centre discovered an integer overflow

issue.

 

CVE-2018-6037

 

Paul Stone discovered an issue in the autofill feature.

 

CVE-2018-6038

 

cloudfuzzer discovered a buffer overflow issue.

 

CVE-2018-6039

 

Juho Nurminen discovered a cross-site scripting issue in the

developer tools.

 

CVE-2018-6040

 

WenXu Wu discovered a way to bypass the content security policy.

 

CVE-2018-6041

 

Luan Herrera discovered a URL spoofing issue.

 

CVE-2018-6042

 

Khalil Zhani discovered a URL spoofing issue.

 

CVE-2018-6043

 

A character escaping issue was discovered.

 

CVE-2018-6045

 

Rob Wu discovered a way for extensions to access devtools.

 

CVE-2018-6046

 

Rob Wu discovered a way for extensions to access devtools.

 

CVE-2018-6047

 

Masato Kinugawa discovered an information leak issue.

 

CVE-2018-6048

 

Jun Kokatsu discoverd a way to bypass the referrer policy.

 

CVE-2018-6049

 

WenXu Wu discovered a user interface spoofing issue.

 

CVE-2018-6050

 

Jonathan Kew discovered a URL spoofing issue.

 

CVE-2018-6051

 

Anonio Sanso discovered an information leak issue.

 

CVE-2018-6052

 

Tanner Emek discovered that the referrer policy implementation

was incomplete.

 

CVE-2018-6053

 

Asset Kabdenov discoved an information leak issue.

 

CVE-2018-6054

 

Rob Wu discovered a use-after-free issue.

 

For the oldstable distribution (jessie), security support for chromium

has been discontinued.

 

For the stable distribution (stretch), these problems have been fixed in

version 64.0.3282.119-1~deb9u1.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4104-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 04, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : p7zip

CVE ID : CVE-2017-17969

Debian Bug : 888297

 

'landave' discovered a heap-based buffer overflow vulnerability in the

NCompress::NShrink::CDecoder::CodeReal method in p7zip, a 7zr file

archiver with high compression ratio. A remote attacker can take

advantage of this flaw to cause a denial-of-service or, potentially the

execution of arbitrary code with the privileges of the user running

p7zip, if a specially crafted shrinked ZIP archive is processed.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 9.20.1~dfsg.1-4.1+deb8u3.

 

For the stable distribution (stretch), this problem has been fixed in

version 16.02+dfsg-3+deb9u1.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4105-1 security@debian.org

https://www.debian.org/security/

February 06, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mpv

CVE ID : CVE-2018-6360

Debian Bug : 888654

 

It was discovered that mpv, a media player, was vulnerable to remote code

execution attacks. An attacker could craft a malicious web page that,

when used as an argument in mpv, could execute arbitrary code in the host

of the mpv user.

 

For the stable distribution (stretch), this problem has been fixed in

version 0.23.0-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4106-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 07, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libtasn1-6

CVE ID : CVE-2017-10790 CVE-2018-6003

Debian Bug : 867398

 

Two vulnerabilities were discovered in Libtasn1, a library to manage

ASN.1 structures, allowing a remote attacker to cause a denial of

service against an application using the Libtasn1 library.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.10-1.1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4107-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 07, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : django-anymail

CVE ID : CVE-2018-6596

Debian Bug : 889450

 

It was discovered that the webhook validation of Anymail, a Django email

backends for multiple ESPs, is prone to a timing attack. A remote

attacker can take advantage of this flaw to obtain a

WEBHOOK_AUTHORIZATION secret and post arbitrary email tracking events.

 

For the stable distribution (stretch), this problem has been fixed in

version 0.8-2+deb9u1.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4105-2 security@debian.org

https://www.debian.org/security/

February 08, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mpv

CVE ID : CVE-2018-6360

Debian Bug : 889892

 

A regression was detected in the previously issued fix for CVE-2018-6360.

The patch released with DSA 4105-1 broke the feature of invoking mpv with

raw YouTube ids. This update fixes this functionality issue. For

reference, the relevant part of the original advisory text follows.

 

It was discovered that mpv, a media player, was vulnerable to remote code

execution attacks. An attacker could craft a malicious web page that,

when used as an argument in mpv, could execute arbitrary code in the host

of the mpv user.

 

For the stable distribution (stretch), this problem has been fixed in

version 0.23.0-2+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4108-1 security@debian.org

https://www.debian.org/security/ Thijs Kinkhorst

February 09, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mailman

CVE ID : CVE-2018-5950

Debian Bug : 888201

 

Calum Hutton and the Mailman team discovered a cross site scripting and

information leak vulnerability in the user options page. A remote

attacker could use a crafted URL to steal cookie information or to

fish for whether a user is subscribed to a list with a private roster.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.1.18-2+deb8u2.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.1.23-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4109-1 security@debian.org

https://www.debian.org/security/

February 09, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ruby-omniauth

CVE ID : CVE-2017-18076

Debian Bug : 888523

 

Lalith Rallabhandi discovered that OmniAuth, a Ruby library for

implementing multi-provider authentication in web applications,

mishandled and leaked sensitive information. An attacker with access to

the callback environment, such as in the case of a crafted web

application, can request authentication services from this module and

access to the CSRF token.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.2.1-1+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.3.1-1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4110-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 10, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : exim4

CVE ID : CVE-2018-6789

Debian Bug : 890000

 

Meh Chang discovered a buffer overflow flaw in a utility function used

in the SMTP listener of Exim, a mail transport agent. A remote attacker

can take advantage of this flaw to cause a denial of service, or

potentially the execution of arbitrary code via a specially crafted

message.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 4.84.2-2+deb8u5.

 

For the stable distribution (stretch), this problem has been fixed in

version 4.89-2+deb9u3.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4111-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 11, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libreoffice

CVE ID : CVE-2018-6871

 

Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that

missing restrictions in the implementation of the WEBSERVICE function

in LibreOffice could result in the disclosure of arbitrary files

readable by the user who opens a malformed document.

 

For the stable distribution (stretch), this problem has been fixed in

version 1:5.2.7-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4111-2 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 12, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libreoffice

CVE ID : CVE-2018-6871

 

Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that

missing restrictions in the implementation of the WEBSERVICE function

in LibreOffice could result in the disclosure of arbitrary files

readable by the user who opens a malformed document.

 

For the oldstable distribution (jessie), this problem has been fixed in

version 1:4.3.3-2+deb8u10

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4112-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 14, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xen

CVE ID : CVE-2017-17563 CVE-2017-17564 CVE-2017-17565

CVE-2017-17566

 

Multiple vulnerabilities have been discovered in the Xen hypervisor:

 

CVE-2017-17563

 

Jan Beulich discovered that an incorrect reference count overflow

check in x86 shadow mode may result in denial of service or

privilege escalation.

 

CVE-2017-17564

 

Jan Beulich discovered that improper x86 shadow mode reference count

error handling may result in denial of service or privilege

escalation.

 

CVE-2017-17565

 

Jan Beulich discovered that an incomplete bug check in x86 log-dirty

handling may result in denial of service.

 

CVE-2017-17566

 

Jan Beulich discovered that x86 PV guests may gain access to

internally used pages which could result in denial of service or

potential privilege escalation.

 

In addition this update ships the "Comet" shim to address the Meltdown

class of vulnerabilities for guests with legacy PV kernels. In addition,

the package provides the "Xen PTI stage 1" mitigation which is built-in

and enabled by default on Intel systems, but can be disabled with

`xpti=false' on the hypervisor command line (It does not make sense to

use both xpti and the Comet shim.)

 

Please refer to the following URL for more details on how to configure

individual mitigation strategies:

https://xenbits.xen.org/xsa/advisory-254.html

 

Additional information can also be found in README.pti and README.comet.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u4.1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4113-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 14, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libvorbis

CVE ID : CVE-2017-14632 CVE-2017-14633

 

Two vulnerabilities were discovered in the libraries of the Vorbis audio

compression codec, which could result in denial of service or the

execution of arbitrary code if a malformed media file is processed.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.3.5-4+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4114-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

February 15, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : jackson-databind

CVE ID : CVE-2017-17485 CVE-2018-5968

Debian Bug : 888316 888318

 

It was discovered that jackson-databind, a Java library used to parse

JSON and other data formats, did not properly validate user input

before attempting deserialization. This allowed an attacker to perform

code execution by providing maliciously crafted input.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2.4.2-2+deb8u3.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.8.6-1+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4115-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 15, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : quagga

CVE ID : CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381

 

Several vulnerabilities have been discovered in Quagga, a routing

daemon. The Common Vulnerabilities and Exposures project identifies the

following issues:

 

CVE-2018-5378

 

It was discovered that the Quagga BGP daemon, bgpd, does not

properly bounds check data sent with a NOTIFY to a peer, if an

attribute length is invalid. A configured BGP peer can take

advantage of this bug to read memory from the bgpd process or cause

a denial of service (daemon crash).

 

https://www.quagga.net/security/Quagga-2018-0543.txt

 

CVE-2018-5379

 

It was discovered that the Quagga BGP daemon, bgpd, can double-free

memory when processing certain forms of UPDATE message, containing

cluster-list and/or unknown attributes, resulting in a denial of

service (bgpd daemon crash).

 

https://www.quagga.net/security/Quagga-2018-1114.txt

 

CVE-2018-5380

 

It was discovered that the Quagga BGP daemon, bgpd, does not

properly handle internal BGP code-to-string conversion tables.

 

https://www.quagga.net/security/Quagga-2018-1550.txt

 

CVE-2018-5381

 

It was discovered that the Quagga BGP daemon, bgpd, can enter an

infinite loop if sent an invalid OPEN message by a configured peer.

A configured peer can take advantage of this flaw to cause a denial

of service (bgpd daemon not responding to any other events; BGP

sessions will drop and not be reestablished; unresponsive CLI

interface).

 

https://www.quagga.net/security/Quagga-2018-1975.txt

 

For the oldstable distribution (jessie), these problems have been fixed

in version 0.99.23.1-1+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.1.1-3+deb9u2.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4116-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 16, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : plasma-workspace

CVE ID : CVE-2018-6791

 

Krzysztof Sieluzycki discovered that the notifier for removable devices

in the KDE Plasma workspace performed insufficient sanitisation of

FAT/VFAT volume labels, which could result in the execution of arbitrary

shell commands if a removable device with a malformed disk label is

mounted.

 

For the stable distribution (stretch), this problem has been fixed in

version 4:5.8.6-2.1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4117-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 17, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gcc-4.9

CVE ID : not applicable

 

This update doesn't fix a vulnerability in GCC itself, but instead

provides support for building retpoline-enabled Linux kernel updates.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 4.9.2-10+deb8u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4118-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 17, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : tomcat-native

CVE ID : CVE-2017-15698

 

Jonas Klempel reported that tomcat-native, a library giving Tomcat

access to the Apache Portable Runtime (APR) library's network connection

(socket) implementation and random-number generator, does not properly

handle fields longer than 127 bytes when parsing the AIA-Extension field

of a client certificate. If OCSP checks are used, this could result in

client certificates that should have been rejected to be accepted.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.1.32~repack-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.2.12-2+deb9u1.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4119-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 19, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libav

CVE ID : CVE-2017-16803

 

Several security issues have been corrected in multiple demuxers and

decoders of the libav multimedia library. A full list of the changes is

available at

https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.12

 

For the oldstable distribution (jessie), this problem has been fixed

in version 6:11.12-1~deb8u1.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4121-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 22, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gcc-6

CVE ID : not applicable

 

This update doesn't fix a vulnerability in GCC itself, but instead

provides support for building retpoline-enabled Linux kernel updates.

 

For the stable distribution (stretch), this problem has been fixed in

version 6.3.0-18+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4120-1 security@debian.org

https://www.debian.org/security/ Yves-Alexis Perez

February 22, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

CVE ID : CVE-2017-5715 CVE-2017-5754 CVE-2017-13166 CVE-2018-5750

 

Several vulnerabilities have been discovered in the Linux kernel that may

lead to a privilege escalation, denial of service or information leaks.

 

CVE-2017-5715

 

Multiple researchers have discovered a vulnerability in various

processors supporting speculative execution, enabling an attacker

controlling an unprivileged process to read memory from arbitrary

addresses, including from the kernel and all other processes running on

the system.

 

This specific attack has been named Spectre variant 2 (branch target

injection) and is mitigated in the Linux kernel for the Intel x86-64

architecture by using the 'retpoline' compiler feature which allows

indirect branches to be isolated from speculative execution.

 

CVE-2017-5754

 

Multiple researchers have discovered a vulnerability in Intel

processors, enabling an attacker controlling an unprivileged process to

read memory from arbitrary addresses, including from the kernel and all

other processes running on the system.

 

This specific attack has been named Meltdown and is addressed in the

Linux kernel on the powerpc/ppc64el architectures by flushing the L1

data cache on exit from kernel mode to user mode (or from hypervisor to

kernel).

 

This works on Power7, Power8 and Power9 processors.

 

CVE-2017-13166

 

A bug in the 32-bit compatibility layer of the v4l2 IOCTL handling code

has been found. Memory protections ensuring user-provided buffers always

point to userland memory were disabled, allowing . This bug could be

exploited by an attacker to overwrite kernel memory from an unprivileged

userland process, leading to privilege escalation.

 

CVE-2018-5750

 

An information leak has been found in the Linux kernel. The

acpi_smbus_hc_add() prints a kernel address in the kernel log at every

boot, which could be used by an attacker on the system to defeat kernel

ASLR.

 

Additionnaly to those vulnerability, some mitigations for CVE-2017-5753 are

included in this release.

 

CVE-2017-5753

 

Multiple researchers have discovered a vulnerability in various

processors supporting speculative execution, enabling an attacker

controlling an unprivileged process to read memory from arbitrary

addresses, including from the kernel and all other processes running on

the system.

 

This specific attack has been named Spectre variant 1 (bounds-check

bypass) and is mitigated in the Linux kernel architecture by identifying

vulnerable code sections (array bounds checking followed by array

access) and replacing the array access with the speculation-safe

array_index_nospec() function.

 

More use sites will be added over time.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.9.82-1+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4122-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 23, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : squid3

CVE ID : CVE-2018-1000024 CVE-2018-1000027

Debian Bug : 888719 888720

 

Several vulnerabilities have been discovered in Squid3, a fully featured

web proxy cache. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2018-1000024

 

Louis Dion-Marcil discovered that Squid does not properly handle

processing of certain ESI responses. A remote server delivering

certain ESI response syntax can take advantage of this flaw to cause

a denial of service for all clients accessing the Squid service.

This problem is limited to the Squid custom ESI parser.

 

http://www.squid-cache.org/Advisories/SQUID-2018_1.txt

 

CVE-2018-1000027

 

Louis Dion-Marcil discovered that Squid is prone to a denial of

service vulnerability when processing ESI responses or downloading

intermediate CA certificates. A remote attacker can take advantage

of this flaw to cause a denial of service for all clients accessing

the Squid service.

 

http://www.squid-cache.org/Advisories/SQUID-2018_2.txt

 

For the oldstable distribution (jessie), these problems have been fixed

in version 3.4.8-6+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 3.5.23-5+deb9u1.

Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4123-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 24, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : drupal7

CVE ID : not yet available

Debian Bug : 891154 891153 891152 891150

 

Multiple vulnerabilities have been found in the Drupal content management

framework. For additional information, please refer to the upstream

advisory at https://www.drupal.org/sa-core-2018-001

 

For the oldstable distribution (jessie), this problem has been fixed

in version 7.32-1+deb8u10.

 

For the stable distribution (stretch), this problem has been fixed in

version 7.52-2+deb9u2.

  • Like 1
Link to post
Share on other sites

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4124-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

February 27, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : lucene-solr

CVE ID : CVE-2017-3163 CVE-2017-12629

 

Two vulnerabilities have been found in Solr, a search server based on

Lucene, which could result in the execution of arbitrary code or

path traversal.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 3.6.2+dfsg-5+deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 3.6.2+dfsg-10+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4125-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

February 27, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : wavpack

CVE ID : CVE-2018-6767 CVE-2018-7253 CVE-2018-7254

Debian Bug : 889274 889276 889559

 

Joonun Jang discovered several problems in wavpack, an audio

compression format suite. Incorrect processing of input resulted in

several heap- and stack-based buffer overflows, leading to application

crash or potential code execution.

 

For the stable distribution (stretch), these problems have been fixed

in version 5.0.0-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4126-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

February 27, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xmltooling

CVE ID : CVE-2018-0489

 

Kelby Ludwig and Scott Cantor discovered that the Shibboleth service

provider is vulnerable to impersonation attacks and information

disclosure due to incorrect XML parsing. For additional details please

refer to the upstream advisory at

https://shibboleth.net/community/advisories/secadv_20180227.txt

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.5.3-2+deb8u3.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.6.0-4+deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4127-1 security@debian.org

https://www.debian.org/security/ Thijs Kinkhorst

March 02, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : simplesamlphp

CVE ID : CVE-2017-12867 CVE-2017-12869 CVE-2017-12873

CVE-2017-12874 CVE-2017-18121 CVE-2017-18122

CVE-2018-6519 CVE-2018-6521

Debian Bug : 889286

 

Several vulnerabilities have been discovered in SimpleSAMLphp, a

framework for authentication, primarily via the SAML protocol.

 

CVE-2017-12867

 

Attackers with access to a secret token could extend its validity

period by manipulating the prepended time offset.

 

CVE-2017-12869

 

When using the multiauth module, attackers can bypass authentication

context restrictions and use any authentication source defined in

the config.

 

CVE-2017-12873

 

Defensive measures have been taken to prevent the administrator

from misconfiguring persistent NameIDs to avoid identifier clash.

(Affects Debian 8 Jesse only.)

 

CVE-2017-12874

 

The InfoCard module could accept incorrectly signed XML messages

in rare occasions.

 

CVE-2017-18121

 

The consentAdmin module was vulnerable to a Cross-Site Scripting

attack, allowing an attacker to craft links that could execute

arbitrary Javascript code in the victim's browser.

 

CVE-2017-18122

 

The (deprecated) SAML 1.1 implementation would regard as valid any

unsigned SAML response containing more than one signed assertion,

provided that the signature of at least one of the assertions was

valid, allowing an attacker that could obtain a valid signed

assertion from an IdP to impersonate users from that IdP.

 

CVE-2018-6519

 

Regular expression denial of service when parsing extraordinarily

long timestamps.

 

CVE-2018-6521

 

Change sqlauth module MySQL charset from utf8 to utf8mb to

prevent theoretical query truncation that could allow remote

attackers to bypass intended access restrictions

 

SSPSA-201802-01 (no CVE yet)

 

Critical signature validation vulnerability.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.13.1-2+deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.14.11-1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4128-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 02, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : trafficserver

CVE ID : CVE-2017-5660 CVE-2017-7671

 

Several vulnerabilities were discovered in Apache Traffic Server, a

reverse and forward proxy server. They could lead to the use of an

incorrect upstream proxy, or allow a remote attacker to cause a

denial-of-service by application crash.

 

For the stable distribution (stretch), these problems have been fixed in

version 7.0.0-6+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4129-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 02, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : freexl

CVE ID : CVE-2018-7435 CVE-2018-7436 CVE-2018-7437 CVE-2018-7438

CVE-2018-7439

 

Multiple heap buffer over reads were discovered in freexl, a library to

read Microsoft Excel spreadsheets, which could result in denial of

service.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.0.0g-1+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.0.2-2+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4130-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 02, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : dovecot

CVE ID : CVE-2017-14461 CVE-2017-15130 CVE-2017-15132

Debian Bug : 888432 891819 891820

 

Several vulnerabilities have been discovered in the Dovecot email

server. The Common Vulnerabilities and Exposures project identifies the

following issues:

 

CVE-2017-14461

 

Aleksandar Nikolic of Cisco Talos and 'flxflndy' discovered that

Dovecot does not properly parse invalid email addresses, which may

cause a crash or leak memory contents to an attacker.

 

CVE-2017-15130

 

It was discovered that TLS SNI config lookups may lead to excessive

memory usage, causing imap-login/pop3-login VSZ limit to be reached

and the process restarted, resulting in a denial of service. Only

Dovecot configurations containing local_name { } or local { }

configuration blocks are affected.

 

CVE-2017-15132

 

It was discovered that Dovecot contains a memory leak flaw in the

login process on aborted SASL authentication.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:2.2.13-12~deb8u4.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:2.2.27-3+deb9u2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4120-2 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 03, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : linux

Debian Bug : 891249

 

The security update announced as DSA-4120-1 caused regressions on the

powerpc kernel architecture (random programs segfault, data corruption).

Updated packages are now available to correct this issue.

 

For the stable distribution (stretch), this problem has been fixed in

version 4.9.82-1+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4131-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 04, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : xen

CVE ID : CVE-2018-7540 CVE-2018-7541 CVE-2018-7542

 

Multiple vulnerabilities have been discovered in the Xen hypervisor:

 

CVE-2018-7540

 

Jann Horn discovered that missing checks in page table freeing may

result in denial of service.

 

CVE-2018-7541

 

Jan Beulich discovered that incorrect error handling in grant table

checks may result in guest-to-host denial of service and potentially

privilege escalation.

 

CVE-2018-7542

 

Ian Jackson discovered that insufficient handling of x86 PVH guests

without local APICs may result in guest-to-host denial of service.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.8.3+comet2+shim4.10.0+comet3-1+deb9u5.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4132-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 04, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libvpx

CVE ID : CVE-2017-13194

 

It was discovered that incorrect validation of frame widths in the libvpx

multimedia library may result in denial of service and potentially the

execution of arbitrary code.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.3.0-3+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.6.1-3+deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4133-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 07, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : isc-dhcp

CVE ID : CVE-2017-3144 CVE-2018-5732 CVE-2018-5733

Debian Bug : 887413 891785 891786

 

Several vulnerabilities have been discovered in the ISC DHCP client,

relay and server. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2017-3144

 

It was discovered that the DHCP server does not properly clean up

closed OMAPI connections, which can lead to exhaustion of the pool

of socket descriptors available to the DHCP server, resulting in

denial of service.

 

CVE-2018-5732

 

Felix Wilhelm of the Google Security Team discovered that the DHCP

client is prone to an out-of-bound memory access vulnerability when

processing specially constructed DHCP options responses, resulting

in potential execution of arbitrary code by a malicious DHCP server.

 

CVE-2018-5733

 

Felix Wilhelm of the Google Security Team discovered that the DHCP

server does not properly handle reference counting when processing

client requests. A malicious client can take advantage of this flaw

to cause a denial of service (dhcpd crash) by sending large amounts

of traffic.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 4.3.1-6+deb8u3.

 

For the stable distribution (stretch), these problems have been fixed in

version 4.3.5-3+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4134-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 10, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : util-linux

CVE ID : CVE-2018-7738

Debian Bug : 892179

 

Bjorn Bosselmann discovered that the umount bash completion from

util-linux does not properly handle embedded shell commands in a

mountpoint name. An attacker with rights to mount filesystems can take

advantage of this flaw for privilege escalation if a user (in particular

root) is tricked into using the umount completion while a specially

crafted mount is present.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.29.2-1+deb9u1.

Link to post
Share on other sites
sunrat

------------------------------------------------------------------------

The Debian Project https://www.debian.org/

Updated Debian 9: 9.4 released press@debian.org

March 10th, 2018 https://www.debian.org/News/2018/20180310

------------------------------------------------------------------------

 

 

The Debian project is pleased to announce the fourth update of its

stable distribution Debian 9 (codename "stretch"). This point release

mainly adds corrections for security issues, along with a few

adjustments for serious problems. Security advisories have already been

published separately and are referenced where available.

 

Please note that the point release does not constitute a new version of

Debian 9 but only updates some of the packages included. There is no

need to throw away old "stretch" media. After installation, packages can

be upgraded to the current versions using an up-to-date Debian mirror.

 

Those who frequently install updates from security.debian.org won't have

to update many packages, and most such updates are included in the point

release.

 

New installation images will be available soon at the regular locations.

 

Upgrading an existing installation to this revision can be achieved by

pointing the package management system at one of Debian's many HTTP

mirrors. A comprehensive list of mirrors is available at:

 

https://www.debian.org/mirror/list

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4135-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 13, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : samba

CVE ID : CVE-2018-1050 CVE-2018-1057

 

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,

print, and login server for Unix. The Common Vulnerabilities and

Exposures project identifies the following issues:

 

CVE-2018-1050

 

It was discovered that Samba is prone to a denial of service

attack when the RPC spoolss service is configured to be run as an

external daemon.

 

https://www.samba.org/samba/security/CVE-2018-1050.html

 

CVE-2018-1057

 

Bjoern Baumbach from Sernet discovered that on Samba 4 AD DC the

LDAP server incorrectly validates permissions to modify passwords

over LDAP allowing authenticated users to change any other users

passwords, including administrative users.

 

https://www.samba.org/samba/security/CVE-2018-1057.html

https://wiki.samba.org/index.php/CVE-2018-1057

 

For the oldstable distribution (jessie), CVE-2018-1050 will be addressed

in a later update. Unfortunately the changes required to fix

CVE-2018-1057 for Debian oldstable are too invasive to be backported.

Users using Samba as an AD-compatible domain controller are encouraged

to apply the workaround described in the Samba wiki and upgrade to

Debian stretch.

 

For the stable distribution (stretch), these problems have been fixed in

version 2:4.5.12+dfsg-2+deb9u2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4136-1 security@debian.org

https://www.debian.org/security/ Alessandro Ghedini

March 14, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : curl

CVE ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122

 

Multiple vulnerabilities were discovered in cURL, an URL transfer library.

 

CVE-2018-1000120

 

Duy Phan Thanh discovered that curl could be fooled into writing a

zero byte out of bounds when curl is told to work on an FTP URL with

the setting to only issue a single CWD command, if the directory part

of the URL contains a "%00" sequence.

 

CVE-2018-1000121

 

Dario Weisser discovered that curl might dereference a near-NULL

address when getting an LDAP URL due to the ldap_get_attribute_ber()

fuction returning LDAP_SUCCESS and a NULL pointer. A malicious server

might cause libcurl-using applications that allow LDAP URLs, or that

allow redirects to LDAP URLs to crash.

 

CVE-2018-1000122

 

OSS-fuzz, assisted by Max Dymond, discovered that curl could be

tricked into copying data beyond the end of its heap based buffer

when asked to transfer an RTSP URL.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 7.38.0-4+deb8u10.

 

For the stable distribution (stretch), these problems have been fixed in

version 7.52.1-5+deb9u5.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4137-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 14, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libvirt

CVE ID : CVE-2018-1064 CVE-2018-5748 CVE-2018-6764

 

Several vulnerabilities were discovered in Libvirt, a virtualisation

abstraction library:

 

CVE-2018-1064

 

Denial Berrange discovered that the QEMU guest agent performed

insufficient validationof incoming data, which allows a privileged

user in the guest to exhaust resources on the virtualisation host,

resulting in denial of service.

 

CVE-2018-5748

 

Daniel Berrange and Peter Krempa that the QEMU monitor was suspectible

to denial of service by memory exhaustion. This was already fixed in

Debian stretch and only affects Debian jessie.

 

CVE-2018-6764

 

Pedro Sampaio discovered that LXC containes detected the hostname

insecurely. This only affects Debian stretch.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.2.9-9+deb8u5.

 

For the stable distribution (stretch), these problems have been fixed in

version 3.0.0-4+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4138-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 15, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mbedtls

CVE ID : CVE-2017-18187 CVE-2018-0487 CVE-2018-0488

Debian Bug : 890287 890288

 

Several vulnerabilities were discovered in mbed TLS, a lightweight

crypto and SSL/TLS library, that allowed a remote attacker to either

cause a denial-of-service by application crash, or execute arbitrary

code.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.4.2-1+deb9u2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4139-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 15, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5130

CVE-2018-5131 CVE-2018-5144 CVE-2018-5145

 

Several security issues have been found in the Mozilla Firefox web

browser: Multiple memory safety errors and other implementation errors

may lead to the execution of arbitrary code, denial of service or

information disclosure.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 52.7.1esr-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 52.7.1esr-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4140-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 16, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libvorbis

CVE ID : CVE-2018-5146

Debian Bug : 893130

 

Richard Zhu discovered that an out-of-bounds memory write in the

codeboook parsing code of the Libvorbis multimedia library could result

in the execution of arbitrary code.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.3.4-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.3.5-4+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4141-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 16, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libvorbisidec

CVE ID : CVE-2018-5147

Debian Bug : 893132

 

Huzaifa Sidhpurwala discovered that an out-of-bounds memory write in the

codebook parsing code of the Libtremor multimedia library could result

in the execution of arbitrary code if a malformed Vorbis file is opened.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.0.2+svn18153-1~deb8u2.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.0.2+svn18153-1+deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4142-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 17, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : uwsgi

CVE ID : CVE-2018-7490

Debian Bug : 891639

 

Marios Nicolaides discovered that the PHP plugin in uWSGI, a fast,

self-healing application container server, does not properly handle a

DOCUMENT_ROOT check during use of the --php-docroot option, allowing a

remote attacker to mount a directory traversal attack and gain

unauthorized read access to sensitive files located outside of the web

root directory.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 2.0.7-1+deb8u2. This update additionally includes the fix for

CVE-2018-6758 which was aimed to be addressed in the upcoming jessie

point release.

 

For the stable distribution (stretch), this problem has been fixed in

version 2.0.14+20161117-3+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4143-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 17, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2018-5146 CVE-2018-5147

 

Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds

memory write when playing Vorbis media files could result in the

execution of arbitrary code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 52.7.2esr-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 52.7.2esr-1~deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4144-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 17, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-8

CVE ID : CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599

CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2629

CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641

CVE-2018-2663 CVE-2018-2677 CVE-2018-2678

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in denial of

service, sandbox bypass, execution of arbitrary code, incorrect

LDAP/GSS authentication, insecure use of cryptography or bypass of

deserialisation restrictions.

 

For the stable distribution (stretch), these problems have been fixed in

version 8u162-b12-1~deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4145-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 18, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : gitlab

CVE ID : CVE-2017-0915 CVE-2017-0916 CVE-2017-0917 CVE-2017-0918

CVE-2017-0925 CVE-2017-0926 CVE-2018-3710

 

Several vulnerabilities have been discovered in Gitlab, a software

platform to collaborate on code:

 

CVE-2017-0915 / CVE-2018-3710

 

Arbitrary code execution in project import.

 

CVE-2017-0916

 

Command injection via Webhooks.

 

CVE-2017-0917

 

Cross-site scripting in CI job output.

 

CVE-2017-0918

 

Insufficient restriction of CI runner for project cache access.

 

CVE-2017-0925

 

Information disclosure in Services API.

 

CVE-2017-0926

 

Restrictions for disabled OAuth providers could be bypassed.

 

For the stable distribution (stretch), these problems have been fixed in

version 8.13.11+dfsg1-8+deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4146-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 20, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : plexus-utils

CVE ID : CVE-2017-1000487

 

Charles Duffy discovered that the Commandline class in the utilities for

the Plexus framework performs insufficient quoting of double-encoded

strings, which could result in the execution of arbitrary shell commands.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1:1.5.15-4+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1:1.5.15-4+deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4147-1 security@debian.org

https://www.debian.org/security/ Sebastien Delafond

March 21, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : polarssl

CVE ID : CVE-2017-18187 CVE-2018-0487 CVE-2018-0488

Debian Bug : 890287 890288

 

Several vulnerabilities were discovered in PolarSSL, a lightweight

crypto and SSL/TLS library, that allowed a remote attacker to either

cause a denial-of-service by application crash, or execute arbitrary

code.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.3.9-2.1+deb8u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4148-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 22, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : kamailio

CVE ID : CVE-2018-8828

 

Alfred Farrugia and Sandro Gauci discovered an off-by-one heap overflow

in the Kamailio SIP server which could result in denial of service and

potentially the execution of arbitrary code.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 4.2.0-2+deb8u3.

 

For the stable distribution (stretch), this problem has been fixed in

version 4.4.4-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4149-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 22, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : plexus-utils2

CVE ID : CVE-2017-1000487

 

Charles Duffy discovered that the Commandline class in the utilities for

the Plexus framework performs insufficient quoting of double-encoded

strings, which could result in the execution of arbitrary shell commands.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 3.0.15-1+deb8u1.

 

For the stable distribution (stretch), this problem has been prior to

the initial release.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4150-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 23, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : icu

CVE ID : CVE-2017-15422

 

It was discovered that an integer overflow in the International

Components for Unicode (ICU) library could result in denial of service

and potentially the execution of arbitrary code.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 52.1-8+deb8u7.

 

For the stable distribution (stretch), this problem has been fixed in

version 57.1-6+deb9u2.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4151-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 26, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : librelp

CVE ID : CVE-2018-1000140

 

Bas van Schaik and Kevin Backhouse discovered a stack-based buffer

overflow vulnerability in librelp, a library providing reliable event

logging over the network, triggered while checking x509 certificates

from a peer. A remote attacker able to connect to rsyslog can take

advantage of this flaw for remote code execution by sending a specially

crafted x509 certificate.

 

Details can be found in the upstream advisory:

http://www.rsyslog.com/cve-2018-1000140/

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.2.7-2+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.2.12-1+deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4152-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

March 27, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : mupdf

CVE ID : CVE-2018-6544 CVE-2018-1000051

Debian Bug : 891245

 

Two vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book

viewer, which may result in denial of service or remote code execution.

An attacker can craft a PDF document which, when opened in the victim

host, might consume vast amounts of memory, crash the program, or, in

some cases, execute code in the context in which the application is

running.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.5-1+deb8u4.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.9a+ds1-4+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4153-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 27, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : firefox-esr

CVE ID : CVE-2018-5148

 

It was discovered that a use-after-free in the compositor of Firefox

can result in the execution of arbitrary code.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 52.7.3esr-1~deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 52.7.3esr-1~deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4154-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 28, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : net-snmp

CVE ID : CVE-2015-5621 CVE-2018-1000116

Debian Bug : 788964 894110

 

A heap corruption vulnerability was discovered in net-snmp, a suite of

Simple Network Management Protocol applications, triggered when parsing

the PDU prior to the authentication process. A remote, unauthenticated

attacker can take advantage of this flaw to crash the snmpd process

(causing a denial of service) or, potentially, execute arbitrary code

with the privileges of the user running snmpd.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 5.7.2.1+dfsg-1+deb8u1.

 

For the stable distribution (stretch), these problems have been fixed

before the initial release.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4155-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

March 28, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : thunderbird

CVE ID : CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144

CVE-2018-5145 CVE-2018-5146

 

Multiple security issues have been found in Thunderbird, which may lead

to the execution of arbitrary code, denial of service or information

disclosure.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1:52.7.0-1~deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:52.7.0-1~deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4156-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 29, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : drupal7

CVE ID : CVE-2018-7600

Debian Bug : 894259

 

A remote code execution vulnerability has been found in Drupal, a

fully-featured content management framework. For additional information,

please refer to the upstream advisory at

https://www.drupal.org/sa-core-2018-002

 

For the oldstable distribution (jessie), this problem has been fixed

in version 7.32-1+deb8u11.

 

For the stable distribution (stretch), this problem has been fixed in

version 7.52-2+deb9u3.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4157-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 29, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl

CVE ID : CVE-2017-3738 CVE-2018-0739

 

Multiple vulnerabilities have been discovered in OpenSSL, a Secure

Sockets Layer toolkit. The Common Vulnerabilities and Exposures project

identifies the following issues:

 

CVE-2017-3738

 

David Benjamin of Google reported an overflow bug in the AVX2

Montgomery multiplication procedure used in exponentiation with

1024-bit moduli.

 

CVE-2018-0739

 

It was discovered that constructed ASN.1 types with a recursive

definition could exceed the stack, potentially leading to a denial

of service.

 

Details can be found in the upstream advisory:

https://www.openssl.org/news/secadv/20180327.txt

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.0.1t-1+deb8u8. The oldstable distribution is not affected

by CVE-2017-3738.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.1.0f-3+deb9u2.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4158-1 security@debian.org

https://www.debian.org/security/ Salvatore Bonaccorso

March 29, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openssl1.0

CVE ID : CVE-2018-0739

 

It was discovered that constructed ASN.1 types with a recursive

definition could exceed the stack, potentially leading to a denial of

service.

 

Details can be found in the upstream advisory:

https://www.openssl.org/news/secadv/20180327.txt

 

For the stable distribution (stretch), this problem has been fixed in

version 1.0.2l-2+deb9u3.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4159-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 01, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : remctl

CVE ID : CVE-2018-0493

 

Santosh Ananthakrishnan discovered a use-after-free in remctl, a server

for Kerberos-authenticated command execution. If the command is

configured with the sudo option, this could potentially result in the

execution of arbitrary code.

 

The oldstable distribution (jessie) is not affected.

 

For the stable distribution (stretch), this problem has been fixed in

version 3.13-1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4160-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 01, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : libevt

CVE ID : CVE-2018-8754

 

It was discovered that insufficient input sanitising in libevt, a library

to access the Windows Event Log (EVT) format, could result in denial of

service or the execution of arbitrary code if a malformed EVT file is

processed.

 

For the stable distribution (stretch), this problem has been fixed in

version 20170120-1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4161-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

April 01, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : python-django

CVE ID : CVE-2018-7536 CVE-2018-7537

 

James Davis discovered two issues in Django, a high-level Python web

development framework, that can lead to a denial-of-service attack.

An attacker with control on the input of the django.utils.html.urlize()

function or django.utils.text.Truncator's chars() and words() methods

could craft a string that might stuck the execution of the application.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 1.7.11-1+deb8u3.

 

For the stable distribution (stretch), these problems have been fixed in

version 1:1.10.7-2+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4162-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 01, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : irssi

CVE ID : CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208

CVE-2018-7050 CVE-2018-7051 CVE-2018-7052 CVE-2018-7053

CVE-2018-7054

 

Multiple vulnerabilities have been discovered in Irssi, a terminal-based

IRC client which can result in denial of service.

 

For the stable distribution (stretch), these problems have been fixed in

version 1.0.7-1~deb9u1.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4163-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 02, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : beep

CVE ID : CVE-2018-0492

 

It was discovered that a race condition in beep (if configured as setuid

via debconf) allows local privilege escalation.

 

For the oldstable distribution (jessie), this problem has been fixed

in version 1.3-3+deb8u1.

 

For the stable distribution (stretch), this problem has been fixed in

version 1.3-4+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4164-1 security@debian.org

https://www.debian.org/security/ Stefan Fritsch

April 03, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : apache2

CVE ID : CVE-2017-15710 CVE-2017-15715 CVE-2018-1283 CVE-2018-1301

CVE-2018-1303 CVE-2018-1312

 

Several vulnerabilities have been found in the Apache HTTPD server.

 

CVE-2017-15710

 

Alex Nichols and Jakob Hirsch reported that mod_authnz_ldap, if

configured with AuthLDAPCharsetConfig, could cause an of bound write

if supplied with a crafted Accept-Language header. This could

potentially be used for a Denial of Service attack.

 

CVE-2017-15715

 

Elar Lang discovered that expression specified in <FilesMatch> could

match '$' to a newline character in a malicious filename, rather

than matching only the end of the filename. This could be exploited

in environments where uploads of some files are are externally

blocked, but only by matching the trailing portion of the filename.

 

CVE-2018-1283

 

When mod_session is configured to forward its session data to CGI

applications (SessionEnv on, not the default), a remote user could

influence their content by using a "Session" header.

 

CVE-2018-1301

 

Robert Swiecki reported that a specially crafted request could have

crashed the Apache HTTP Server, due to an out of bound access after

a size limit is reached by reading the HTTP header.

 

CVE-2018-1303

 

Robert Swiecki reported that a specially crafted HTTP request header

could have crashed the Apache HTTP Server if using

mod_cache_socache, due to an out of bound read while preparing data

to be cached in shared memory.

 

CVE-2018-1312

 

Nicolas Daniels discovered that when generating an HTTP Digest

authentication challenge, the nonce sent by mod_auth_digest to

prevent reply attacks was not correctly generated using a

pseudo-random seed. In a cluster of servers using a common Digest

authentication configuration, HTTP requests could be replayed across

servers by an attacker without detection.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 2.4.10-10+deb8u12.

 

For the stable distribution (stretch), these problems have been fixed in

version 2.4.25-3+deb9u4.

Link to post
Share on other sites
sunrat

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4165-1 security@debian.org

https://www.debian.org/security/ Luciano Bello

April 03, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : ldap-account-manager

CVE ID : CVE-2018-8763 CVE-2018-8764

 

Michal Kedzior found two vulnerabilities in LDAP Account Manager, a web

front-end for LDAP directories.

 

CVE-2018-8763

 

The found Reflected Cross Site Scripting (XSS) vulnerability might

allow an attacker to execute Javascript code in the browser of the

victim or to redirect her to a malicious website if the victim clicks

on a specially crafted link.

 

CVE-2018-8764

 

The application leaks the CSRF token in the URL, which can be use by

an attacker to perform a Cross-Site Request Forgery attack, in which

a victim logged in LDAP Account Manager might performed unwanted

actions in the front-end by clicking on a link crafted by the

attacker.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 4.7.1-1+deb8u1.

 

For the stable distribution (stretch), these problems have been fixed in

version 5.5-1+deb9u1.

 

- -------------------------------------------------------------------------

Debian Security Advisory DSA-4166-1 security@debian.org

https://www.debian.org/security/ Moritz Muehlenhoff

April 04, 2018 https://www.debian.org/security/faq

- -------------------------------------------------------------------------

 

Package : openjdk-7

CVE ID : CVE-2018-2579 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602

CVE-2018-2603 CVE-2018-2618 CVE-2018-2629 CVE-2018-2633

CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2663

CVE-2018-2677 CVE-2018-2678

 

Several vulnerabilities have been discovered in OpenJDK, an

implementation of the Oracle Java platform, resulting in denial of

service, sandbox bypass, execution of arbitrary code, incorrect

LDAP/GSS authentication, insecure use of cryptography or bypass of

deserialisation restrictions.

 

For the oldstable distribution (jessie), these problems have been fixed

in version 7u171-2.6.13-1~deb8u1.

Link to post
Share on other sites

×
×
  • Create New...