sunrat Posted June 21, 2019 Share Posted June 21, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4447-2 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff Jun 20, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : intel-microcode CVE ID : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 DSA 4447-1 shipped updated CPU microcode for most types of Intel CPUs as mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. This update provides additional support for some Sandybridge server and Core-X CPUs which were not covered in the original May microcode release. For a list of specific CPU models now supported please refer to the entries listed under CPUID 206D6 and 206D7 at https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf For the stable distribution (stretch), these problems have been fixed in version 3.20190618.1~deb9u1. 1 Link to comment Share on other sites More sharing options...
sunrat Posted June 23, 2019 Share Posted June 23, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4468-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 21, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php-horde-form CVE ID : CVE-2019-9858 Debian Bug : 930321 A path traversal vulnerability due to an unsanitized POST parameter was discovered in php-horde-form, a package providing form rendering, validation, and other functionality for the Horde Application Framework. An attacker can take advantage of this flaw for remote code execution. For the stable distribution (stretch), this problem has been fixed in version 2.0.15-1+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4469-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 22, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvirt CVE ID : CVE-2019-10161 CVE-2019-10167 Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the virDomainSaveImageGetXMLDesc API. Additionally the libvirt's cpu map was updated to make addressing CVE-2018-3639, CVE-2017-5753, CVE-2017-5715, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130 and CVE-2019-11091 easier by supporting the md-clear, ssbd, spec-ctrl and ibpb CPU features when picking CPU models without having to fall back to host-passthrough. For the stable distribution (stretch), these problems have been fixed in version 3.0.0-4+deb9u4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4467-2 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 23, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vim CVE ID : CVE-2019-12735 The update for vim released as DSA 4467-1 introduced a regression which broke syntax highlighting in some circumstances. Updated vim packages are now available to correct this issue. For the stable distribution (stretch), this problem has been fixed in version 8.0.0197-4+deb9u3. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4470-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 23, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pdns CVE ID : CVE-2019-10162 CVE-2019-10163 Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup. For the stable distribution (stretch), these problems have been fixed in version 4.0.3-1+deb9u5. Link to comment Share on other sites More sharing options...
sunrat Posted June 24, 2019 Share Posted June 24, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4471-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 24, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2019-11707 CVE-2019-11708 Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read. For the stable distribution (stretch), these problems have been fixed in version 1:60.7.2-1~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted June 29, 2019 Share Posted June 29, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4472-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 28, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : expat CVE ID : CVE-2018-20843 Debian Bug : 931031 It was discovered that Expat, an XML parsing C library, did not properly handled XML input including XML names that contain a large number of colons, potentially resulting in denial of service. For the stable distribution (stretch), this problem has been fixed in version 2.2.0-2+deb9u2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4473-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 28, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rdesktop Debian Bug : 930387 Multiple security issues were found in the rdesktop RDP client, which could result in denial of service and the execution of arbitrary code. For the stable distribution (stretch), this problem has been fixed in version 1.8.6-2~deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 2, 2019 Share Posted July 2, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4474-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 01, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2019-11708 A sandbox escape was found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code if combined with additional vulnerabilities. For the stable distribution (stretch), this problem has been fixed in version 60.7.2esr-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4475-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 01, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2019-1543 Joran Dirk Greef discovered that overly long nonces used with ChaCha20-Poly1305 were incorrectly processed and could result in nonce reuse. This doesn't affect OpenSSL-internal uses of ChaCha20-Poly1305 such as TLS. For the stable distribution (stretch), this problem has been fixed in version 1.1.0k-1~deb9u1. This DSA also upgrades openssl1.0 (which itself is not affected by CVE-2019-1543) to 1.0.2s-1~deb9u1 Link to comment Share on other sites More sharing options...
sunrat Posted July 6, 2019 Share Posted July 6, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4476-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-django CVE ID : CVE-2019-6975 CVE-2019-12308 CVE-2019-12781 Three security issues were found in Django, a Python web development framework, which could result in denial of service, incomplete sanitisation of clickable links or missing redirects of HTTP requests to HTTPS. For the stable distribution (stretch), these problems have been fixed in version 1:1.10.7-2+deb9u5. Link to comment Share on other sites More sharing options...
sunrat Posted July 9, 2019 Share Posted July 9, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4477-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 08, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : zeromq3 CVE ID : CVE-2019-13132 Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled, can take advantage of this flaw to cause a denial of service or the execution of arbitrary code. For the oldstable distribution (stretch), this problem has been fixed in version 4.2.1-4+deb9u2. For the stable distribution (buster), this problem has been fixed in version 4.3.1-4+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 11, 2019 Share Posted July 11, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4478-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 10, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dosbox CVE ID : CVE-2019-7165 CVE-2019-12594 Two vulnerabilities were discovered in the DOSBox emulator, which could result in the execution of arbitrary code on the host running DOSBox when running a malicious executable in the emulator. For the oldstable distribution (stretch), these problems have been fixed in version 0.74-4.2+deb9u2. For the stable distribution (buster), these problems have been fixed in version 0.74-2-3+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 12, 2019 Share Posted July 12, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4479-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 11, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2019-9811 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 CVE-2019-11719 CVE-2019-11729 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery. For the oldstable distribution (stretch), these problems have been fixed in version 60.8.0esr-1~deb9u1. For the stable distribution (buster), these problems have been fixed in version 60.8.0esr-1~deb10u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4480-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 11, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : redis CVE ID : CVE-2019-10192 CVE-2019-10193 Multiple vulnerabilities were discovered in the HyperLogLog implementation of Redis, a persistent key-value database, which could result in denial of service or potentially the execution of arbitrary code. For the oldstable distribution (stretch), these problems have been fixed in version 3:3.2.6-3+deb9u3. For the stable distribution (buster), these problems have been fixed in version 5:5.0.3-4+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 14, 2019 Share Posted July 14, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4481-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 13, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ruby-mini-magick CVE ID : CVE-2019-13574 Debian Bug : 931932 Harsh Jaiswal discovered a remote shell execution vulnerability in ruby-mini-magick, a Ruby library providing a wrapper around ImageMagick or GraphicsMagick, exploitable when using MiniMagick::Image.open with specially crafted URLs coming from unsanitized user input. For the oldstable distribution (stretch), this problem has been fixed in version 4.5.1-1+deb9u1. For the stable distribution (buster), this problem has been fixed in version 4.9.2-1+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 14, 2019 Share Posted July 14, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4482-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2019-9811 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11730 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing, information disclosure, denial of service or cross-site request forgery. CVE-2019-11719 and CVE-2019-11729 are only addressed for stretch, in buster Thunderbird uses the system-wide copy of NSS which will be updated separately. For the oldstable distribution (stretch), these problems have been fixed in version 1:60.8.0-1~deb9u1. For the stable distribution (buster), these problems have been fixed in version 1:60.8.0-1~deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 16, 2019 Share Posted July 16, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4483-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 16, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libreoffice CVE ID : CVE-2019-9848 CVE-2019-9849 Two security issues have been discovered in LibreOffice: CVE-2019-9848 Nils Emmerich discovered that malicious documents could execute arbitrary Python code via LibreLogo. CVE-2019-9849 Matei Badanoiu discovered that the stealth mode did not apply to bullet graphics. For the oldstable distribution (stretch), these problems have been fixed in version 1:5.2.7-1+deb9u9. For the stable distribution (buster), these problems have been fixed in version 1:6.1.5-3+deb10u2. Link to comment Share on other sites More sharing options...
sunrat Posted July 21, 2019 Share Posted July 21, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4484-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 20, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2019-13272 Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios. For the oldstable distribution (stretch), this problem has been fixed in version 4.9.168-1+deb9u4. For the stable distribution (buster), this problem has been fixed in version 4.19.37-5+deb10u1. This update includes as well a patch for a regression introduced by the original fix for CVE-2019-11478 (#930904). Link to comment Share on other sites More sharing options...
sunrat Posted July 21, 2019 Share Posted July 21, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4485-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 21, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-8 CVE ID : CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in information disclosure, denial of service or bypass of sandbox restrictions. In addition the implementation of elliptic curve cryptography was modernised. For the oldstable distribution (stretch), these problems have been fixed in version 8u222-b10-1~deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4486-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 21, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-11 CVE ID : CVE-2019-2745 CVE-2019-2762 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2818 CVE-2019-2821 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in information disclosure, denial of service or bypass of sandbox restrictions. In addition the implementation of elliptic curve cryptography was modernised. For the stable distribution (buster), these problems have been fixed in version 11.0.4+11-1~deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 24, 2019 Share Posted July 24, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4487-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 23, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : neovim CVE ID : CVE-2019-12735 User "Arminius" discovered a vulnerability in Vim, an enhanced version of the standard UNIX editor Vi (Vi IMproved), which also affected the Neovim fork, an extensible editor focused on modern code and features: Editors typically provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened, while harmful commands are filtered by a sandbox mechanism. It was discovered that the "source" command (used to include and execute another file) was not filtered, allowing shell command execution with a carefully crafted file opened in Neovim. For the oldstable distribution (stretch), this problem has been fixed in version 0.1.7-4+deb9u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 26, 2019 Share Posted July 26, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4488-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : exim4 CVE ID : CVE-2019-13917 Jeremy Harris discovered that Exim, a mail transport agent, does not properly handle the ${sort } expansion. This flaw can be exploited by a remote attacker to execute programs with root privileges in non-default (and unusual) configurations where ${sort } expansion is used for items that can be controlled by an attacker. For the oldstable distribution (stretch), this problem has been fixed in version 4.89-2+deb9u5. For the stable distribution (buster), this problem has been fixed in version 4.92-8+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted July 28, 2019 Share Posted July 28, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4489-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 27, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : patch CVE ID : CVE-2019-13636 CVE-2019-13638 Debian Bug : 932401 933140 Imre Rad discovered several vulnerabilities in GNU patch, leading to shell command injection or escape from the working directory and access and overwrite files, if specially crafted patch files are processed. This update includes a bugfix for a regression introduced by the patch to address CVE-2018-1000156 when applying an ed-style patch (#933140). For the oldstable distribution (stretch), these problems have been fixed in version 2.7.5-1+deb9u2. For the stable distribution (buster), these problems have been fixed in version 2.7.6-3+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 1, 2019 Share Posted August 1, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4490-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 01, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : subversion CVE ID : CVE-2018-11782 CVE-2019-0203 Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2018-11782 Ace Olszowka reported that the Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer, leading to a denial of service. CVE-2019-0203 Tomas Bortoli reported that the Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. If the server is configured with anonymous access enabled this could lead to a remote unauthenticated denial of service. For the oldstable distribution (stretch), these problems have been fixed in version 1.9.5-1+deb9u4. For the stable distribution (buster), these problems have been fixed in version 1.10.4-1+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 5, 2019 Share Posted August 5, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4491-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 04, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : proftpd-dfsg CVE ID : CVE-2019-12815 Debian Bug : 932453 Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands. For the oldstable distribution (stretch), this problem has been fixed in version 1.3.5b-4+deb9u1. For the stable distribution (buster), this problem has been fixed in version 1.3.6-4+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 8, 2019 Share Posted August 8, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4492-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 08, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : postgresql-9.6 CVE ID : CVE-2019-10208 A issue has been discovered in the PostgreSQL database system, which could result in privilege escalation. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1960/ For the oldstable distribution (stretch), these problems have been fixed in version 9.6.15-0+deb9u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4493-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 08, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : postgresql-11 CVE ID : CVE-2019-10208 CVE-2019-10209 Two security issues have been discovered in the PostgreSQL database system, which could result in privilege escalation, denial of service or memory disclosure. For additional information please refer to the upstream announcement at https://www.postgresql.org/about/news/1960/ For the stable distribution (buster), these problems have been fixed in version 11.5-1+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 15, 2019 Share Posted August 15, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4497-1 security@debian.org https://www.debian.org/security/ Ben Hutchings August 13, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2015-8553 CVE-2018-5995 CVE-2018-20836 CVE-2018-20856 CVE-2019-1125 CVE-2019-3882 CVE-2019-3900 CVE-2019-10207 CVE-2019-10638 CVE-2019-10639 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8553 Jan Beulich discovered that CVE-2015-2150 was not completely addressed. If a PCI physical function is passed through to a Xen guest, the guest is able to access its memory and I/O regions before enabling decoding of those regions. This could result in a denial-of-service (unexpected NMI) on the host. The fix for this is incompatible with qemu versions before 2.5. (CVE ID not yet assigned) Denis Andzakovic reported a missing type check in the IPv4 multicast routing implementation. A user with the CAP_NET_ADMIN capability (in any user namespace) could use this for denial-of-service (memory corruption or crash) or possibly for privilege escalation. CVE-2018-5995 ADLab of VenusTech discovered that the kernel logged the virtual addresses assigned to per-CPU data, which could make it easier to exploit other vulnerabilities. CVE-2018-20836 chenxiang reported a race condition in libsas, the kernel subsystem supporting Serial Attached SCSI (SAS) devices, which could lead to a use-after-free. It is not clear how this might be exploited. CVE-2018-20856 Xiao Jin reported a potential double-free in the block subsystem, in case an error occurs while initialising the I/O scheduler for a block device. It is not clear how this might be exploited. CVE-2019-1125 It was discovered that most x86 processors could speculatively skip a conditional SWAPGS instruction used when entering the kernel from user mode, and/or could speculatively execute it when it should be skipped. This is a subtype of Spectre variant 1, which could allow local users to obtain sensitive information from the kernel or other processes. It has been mitigated by using memory barriers to limit speculative execution. Systems using an i386 kernel are not affected as the kernel does not use SWAPGS. CVE-2019-3882 It was found that the vfio implementation did not limit the number of DMA mappings to device memory. A local user granted ownership of a vfio device could use this to cause a denial of service (out-of-memory condition). CVE-2019-3900 It was discovered that vhost drivers did not properly control the amount of work done to service requests from guest VMs. A malicious guest could use this to cause a denial-of-service (unbounded CPU usage) on the host. CVE-2019-10207 The syzkaller tool found a potential null dereference in various drivers for UART-attached Bluetooth adapters. A local user with access to a pty device or other suitable tty device could use this for denial-of-service (BUG/oops). CVE-2019-10638 Amit Klein and Benny Pinkas discovered that the generation of IP packet IDs used a weak hash function, "jhash". This could enable tracking individual computers as they communicate with different remote servers and from different networks. The "siphash" function is now used instead. CVE-2019-10639 Amit Klein and Benny Pinkas discovered that the generation of IP packet IDs used a weak hash function that incorporated a kernel virtual address. This hash function is no longer used for IP IDs, although it is still used for other purposes in the network stack. CVE-2019-13631 It was discovered that the gtco driver for USB input tablets could overrun a stack buffer with constant data while parsing the device's descriptor. A physically present user with a specially constructed USB device could use this to cause a denial-of-service (BUG/oops), or possibly for privilege escalation. CVE-2019-13648 Praveen Pandey reported that on PowerPC (ppc64el) systems without Transactional Memory , the kernel would still attempt to restore TM state passed to the sigreturn() system call. A local user could use this for denial-of-service (oops). CVE-2019-14283 The syzkaller tool found a missing bounds check in the floppy disk driver. A local user with access to a floppy disk device, with a disk present, could use this to read kernel memory beyond the I/O buffer, possibly obtaining sensitive information. CVE-2019-14284 The syzkaller tool found a potential division-by-zero in the floppy disk driver. A local user with access to a floppy disk device could use this for denial-of-service (oops). (CVE ID not yet assigned) Denis Andzakovic reported a possible use-after-free in the TCP sockets implementation. A local user could use this for denial-of-service (memory corruption or crash) or possibly for privilege escalation. (CVE ID not yet assigned) The netfilter conntrack subsystem used kernel addresses as user-visible IDs, which could make it easier to exploit other security vulnerabilities. XSA-300 Julien Grall reported that Linux does not limit the amount of memory which a domain will attempt to baloon out, nor limits the amount of "foreign / grant map" memory which any individual guest can consume, leading to denial of service conditions (for host or guests). For the oldstable distribution (stretch), these problems have been fixed in version 4.9.168-1+deb9u5. For the stable distribution (buster), these problems were mostly fixed in version 4.19.37-5+deb10u2 or earlier. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4500-1 security@debian.org https://www.debian.org/security/ Michael Gilbert August 12, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium CVE ID : CVE-2019-5805 CVE-2019-5806 CVE-2019-5807 CVE-2019-5808 CVE-2019-5809 CVE-2019-5810 CVE-2019-5811 CVE-2019-5813 CVE-2019-5814 CVE-2019-5815 CVE-2019-5818 CVE-2019-5819 CVE-2019-5820 CVE-2019-5821 CVE-2019-5822 CVE-2019-5823 CVE-2019-5824 CVE-2019-5825 CVE-2019-5826 CVE-2019-5827 CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5836 CVE-2019-5837 CVE-2019-5838 CVE-2019-5839 CVE-2019-5840 CVE-2019-5842 CVE-2019-5847 CVE-2019-5848 CVE-2019-5849 CVE-2019-5850 CVE-2019-5851 CVE-2019-5852 CVE-2019-5853 CVE-2019-5854 CVE-2019-5855 CVE-2019-5856 CVE-2019-5857 CVE-2019-5858 CVE-2019-5859 CVE-2019-5860 CVE-2019-5861 CVE-2019-5862 CVE-2019-5864 CVE-2019-5865 CVE-2019-5867 CVE-2019-5868 Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-5805 A use-after-free issue was discovered in the pdfium library. CVE-2019-5806 Wen Xu discovered an integer overflow issue in the Angle library. CVE-2019-5807 TimGMichaud discovered a memory corruption issue in the v8 javascript library. CVE-2019-5808 cloudfuzzer discovered a use-after-free issue in Blink/Webkit. CVE-2019-5809 Mark Brand discovered a use-after-free issue in Blink/Webkit. CVE-2019-5810 Mark Amery discovered an information disclosure issue. CVE-2019-5811 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature. CVE-2019-5813 Aleksandar Nikolic discovered an out-of-bounds read issue in the v8 javascript library. CVE-2019-5814 @AaylaSecura1138 discovered a way to bypass the Cross-Origin Resource Sharing feature. CVE-2019-5815 Nicolas Grégoire discovered a buffer overflow issue in Blink/Webkit. CVE-2019-5818 Adrian Tolbaru discovered an uninitialized value issue. CVE-2019-5819 Svyat Mitin discovered an error in the developer tools. CVE-2019-5820 pdknsk discovered an integer overflow issue in the pdfium library. CVE-2019-5821 pdknsk discovered another integer overflow issue in the pdfium library. CVE-2019-5822 Jun Kokatsu discovered a way to bypass the Cross-Origin Resource Sharing feature. CVE-2019-5823 David Erceg discovered a navigation error. CVE-2019-5824 leecraso and Guang Gong discovered an error in the media player. CVE-2019-5825 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered an out-of-bounds write issue in the v8 javascript library. CVE-2019-5826 Genming Liu, Jianyu Chen, Zhen Feng, and Jessica Liu discovered a use-after-free issue. CVE-2019-5827 mlfbrown discovered an out-of-bounds read issue in the sqlite library. CVE-2019-5828 leecraso and Guang Gong discovered a use-after-free issue. CVE-2019-5829 Lucas Pinheiro discovered a use-after-free issue. CVE-2019-5830 Andrew Krashichkov discovered a credential error in the Cross-Origin Resource Sharing feature. CVE-2019-5831 yngwei discovered a map error in the v8 javascript library. CVE-2019-5832 Sergey Shekyan discovered an error in the Cross-Origin Resource Sharing feature. CVE-2019-5833 Khalil Zhani discovered a user interface error. CVE-2019-5834 Khalil Zhani discovered a URL spoofing issue. CVE-2019-5836 Omair discovered a buffer overflow issue in the Angle library. CVE-2019-5837 Adam Iawniuk discovered an information disclosure issue. CVE-2019-5838 David Erceg discovered an error in extension permissions. CVE-2019-5839 Masato Kinugawa discovered implementation errors in Blink/Webkit. CVE-2019-5840 Eliya Stein and Jerome Dangu discovered a way to bypass the popup blocker. CVE-2019-5842 BUGFENSE discovered a use-after-free issue in Blink/Webkit. CVE-2019-5847 m3plex discovered an error in the v8 javascript library. CVE-2019-5848 Mark Amery discovered an information disclosure issue. CVE-2019-5849 Zhen Zhou discovered an out-of-bounds read in the Skia library. CVE-2019-5850 Brendon Tiszka discovered a use-after-free issue in the offline page fetcher. CVE-2019-5851 Zhe Jin discovered a use-after-poison issue. CVE-2019-5852 David Erceg discovered an information disclosure issue. CVE-2019-5853 Yngwei and sakura discovered a memory corruption issue. CVE-2019-5854 Zhen Zhou discovered an integer overflow issue in the pdfium library. CVE-2019-5855 Zhen Zhou discovered an integer overflow issue in the pdfium library. CVE-2019-5856 Yongke Wang discovered an error related to file system URL permissions. CVE-2019-5857 cloudfuzzer discovered a way to crash chromium. CVE-2019-5858 evil1m0 discovered an information disclosure issue. CVE-2019-5859 James Lee discovered a way to launch alternative browsers. CVE-2019-5860 A use-after-free issue was discovered in the v8 javascript library. CVE-2019-5861 Robin Linus discovered an error determining click location. CVE-2019-5862 Jun Kokatsu discovered an error in the AppCache implementation. CVE-2019-5864 Devin Grindle discovered an error in the Cross-Origin Resourse Sharing feature for extensions. CVE-2019-5865 Ivan Fratric discovered a way to bypass the site isolation feature. CVE-2019-5867 Lucas Pinheiro discovered an out-of-bounds read issue in the v8 javascript library. CVE-2019-5868 banananapenguin discovered a use-after-free issue in the v8 javascript library. For the stable distribution (buster), these problems have been fixed in version 76.0.3809.100-1~deb10u1. 1 Link to comment Share on other sites More sharing options...
sunrat Posted August 16, 2019 Share Posted August 16, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4501-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 15, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libreoffice CVE ID : CVE-2019-9850 CVE-2019-9851 CVE-2019-9852 It was discovered that the code fixes to address CVE-2018-16858 and CVE-2019-9848 were not complete. For the oldstable distribution (stretch), these problems have been fixed in version 1:5.2.7-1+deb9u10. For the stable distribution (buster), these problems have been fixed in version 1:6.1.5-3+deb10u3. Link to comment Share on other sites More sharing options...
sunrat Posted August 16, 2019 Share Posted August 16, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4502-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 16, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ffmpeg CVE ID : CVE-2019-12730 Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. For the stable distribution (buster), this problem has been fixed in version 7:4.1.4-1~deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 18, 2019 Share Posted August 18, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4503-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 18, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : golang-1.11 CVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-14809 Three vulnerabilities have been discovered in the Go programming language; "net/url" accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service. For the stable distribution (buster), these problems have been fixed in version 1.11.6-1+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 21, 2019 Share Posted August 21, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4504-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 20, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vlc CVE ID : CVE-2019-13602 CVE-2019-13962 CVE-2019-14437 CVE-2019-14438 CVE-2019-14498 CVE-2019-14533 CVE-2019-14534 CVE-2019-14535 CVE-2019-14776 CVE-2019-14777 CVE-2019-14778 CVE-2019-14970 Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed. For the oldstable distribution (stretch), these problems have been fixed in version 3.0.8-0+deb9u1. For the stable distribution (buster), these problems have been fixed in version 3.0.8-0+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 22, 2019 Share Posted August 22, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4505-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 22, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nginx CVE ID : CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 Three vulnerabilities were discovered in the HTTP/2 code of Nginx, a high-performance web and reverse proxy server, which could result in denial of service. For the oldstable distribution (stretch), these problems have been fixed in version 1.10.3-1+deb9u3. For the stable distribution (buster), these problems have been fixed in version 1.14.2-2+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 24, 2019 Share Posted August 24, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4506-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 24, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : qemu CVE ID : CVE-2018-20815 CVE-2019-13164 CVE-2019-14378 Debian Bug : 873012 933741 931351 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs. In addition this update fixes a regression which could cause NBD connections to hang. For the oldstable distribution (stretch), these problems have been fixed in version 1:2.8+dfsg-6+deb9u8. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4507-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 24, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : squid CVE ID : CVE-2019-12525 CVE-2019-12527 CVE-2019-12529 CVE-2019-12854 CVE-2019-13345 Debian Bug : 931478 Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and potentially the execution of arbitrary code. For the stable distribution (buster), these problems have been fixed in version 4.6-1+deb10u1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4508-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 24, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : h2o CVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP server, which could result in denial of service. For the stable distribution (buster), these problems have been fixed in version 2.2.5+dfsg2-2+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 26, 2019 Share Posted August 26, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4509-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 26, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apache2 CVE ID : CVE-2019-9517 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2019-9517 Jonathan Looney reported that a malicious client could perform a denial of service attack (exhausting h2 workers) by flooding a connection with requests and basically never reading responses on the TCP connection. CVE-2019-10081 Craig Young reported that HTTP/2 PUSHes could lead to an overwrite of memory in the pushing request's pool, leading to crashes. CVE-2019-10082 Craig Young reported that the HTTP/2 session handling could be made to read memory after being freed, during connection shutdown. CVE-2019-10092 Matei "Mal" Badanoiu reported a limited cross-site scripting vulnerability in the mod_proxy error page. CVE-2019-10097 Daniel McCarney reported that when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients. The issue does not affect the stretch release. CVE-2019-10098 Yukitsugu Sasaki reported a potential open redirect vulnerability in the mod_rewrite module. For the oldstable distribution (stretch), these problems have been fixed in version 2.4.25-3+deb9u8. For the stable distribution (buster), these problems have been fixed in version 2.4.38-3+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted August 28, 2019 Share Posted August 28, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4510-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 28, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : dovecot CVE ID : CVE-2019-11500 Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input (both pre- and post-login). A remote attacker can take advantage of this flaw to trigger out of bounds heap memory writes, leading to information leaks or potentially the execution of arbitrary code. For the oldstable distribution (stretch), this problem has been fixed in version 1:2.2.27-3+deb9u5. For the stable distribution (buster), this problem has been fixed in version 1:2.3.4.1-5+deb10u1. Link to comment Share on other sites More sharing options...
sunrat Posted September 1, 2019 Share Posted September 1, 2019 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4511-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff September 01, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nghttp2 CVE ID : CVE-2019-9511 CVE-2019-9513 Two vulnerabilities were discovered in the HTTP/2 code of the nghttp2 HTTP server, which could result in denial of service. For the oldstable distribution (stretch), these problems have been fixed in version 1.18.1-1+deb9u1. For the stable distribution (buster), these problems have been fixed in version 1.36.0-2+deb10u1. Link to comment Share on other sites More sharing options...
Recommended Posts