Jump to content
Bruno

NEW UPDATES Debian

Recommended Posts

sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4676-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 06, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : salt
CVE ID         : CVE-2019-17361 CVE-2020-11651 CVE-2020-11652
Debian Bug     : 949222 959684

Several vulnerabilities were discovered in salt, a powerful remote
execution manager, which could result in retrieve of user tokens from
the salt master, execution of arbitrary commands on salt minions,
arbitrary directory access to authenticated users or arbitrary code
execution on salt-api hosts.

For the oldstable distribution (stretch), these problems have been fixed
in version 2016.11.2+ds-1+deb9u3.

For the stable distribution (buster), these problems have been fixed in
version 2018.3.4+dfsg1-6+deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4677-1                   security@debian.org
https://www.debian.org/security/                       Sebastien Delafond
May 06, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wordpress
CVE ID         : CVE-2019-9787 CVE-2019-16217 CVE-2019-16218 CVE-2019-16219 
                 CVE-2019-16220 CVE-2019-16221 CVE-2019-16222 CVE-2019-16223 
                 CVE-2019-16780 CVE-2019-16781 CVE-2019-17669 CVE-2019-17671 
                 CVE-2019-17672 CVE-2019-17673 CVE-2019-17674 CVE-2019-17675 
                 CVE-2019-20041 CVE-2019-20042 CVE-2019-20043 CVE-2020-11025 
                 CVE-2020-11026 CVE-2020-11027 CVE-2020-11028 CVE-2020-11029 
                 CVE-2020-11030
Debian Bug     : 924546 939543 942459 946905 959391

Several vulnerabilities were discovered in Wordpress, a web blogging
tool. They allowed remote attackers to perform various Cross-Side
Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks, create
files on the server, disclose private information, create open
redirects, poison cache, and bypass authorization access and input
sanitation.

For the oldstable distribution (stretch), these problems have been fixed
in version 4.7.5+dfsg-2+deb9u6.

For the stable distribution (buster), these problems have been fixed in
version 5.0.4+dfsg1-1+deb10u2.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4678-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 06, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or information disclosure.

For the oldstable distribution (stretch), these problems have been fixed
in version 68.8.0esr-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 68.8.0esr-1~deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4679-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 06, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : keystone
CVE ID         : not yet available
Debian Bug     : 959900

A vulnerability was found in the EC2 credentials API of Keystone, the
OpenStack identity service: Any user authenticated within a limited
scope (trust/oauth/application credential) could create an EC2 credential
with an escalated permission, such as obtaining "admin" while
the user is on a limited "viewer" role.

For the stable distribution (buster), this problem has been fixed in
version 2:14.2.0-0+deb10u1

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4680-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 06, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : tomcat9
CVE ID         : CVE-2019-10072 CVE-2019-12418 CVE-2019-17563
                 CVE-2019-17569 CVE-2020-1935 CVE-2020-1938

Several vulnerabilities were discovered in the Tomcat servlet and JSP
engine, which could result in HTTP request smuggling, code execution
in the AJP connector (disabled by default in Debian) or a man-in-the-middle
attack against the JMX interface.

For the stable distribution (buster), these problems have been fixed in
version 9.0.31-1~deb10u1. The fix for CVE-2020-1938 may require
configuration changes when Tomcat is used with the AJP connector, e.g.
in combination with libapache-mod-jk. For instance the attribute
"secretRequired" is set to true by default now. For affected setups it's
recommended to review https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html
before the deploying the update.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4681-1                   security@debian.org
https://www.debian.org/security/                           Alberto Garcia
May 07, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : webkit2gtk
CVE ID         : CVE-2020-3885 CVE-2020-3894 CVE-2020-3895 CVE-2020-3897
                 CVE-2020-3899 CVE-2020-3900 CVE-2020-3901 CVE-2020-3902

The following vulnerability has been discovered in the webkit2gtk web
engine:

CVE-2020-3885

    Ryan Pickren discovered that a file URL may be incorrectly
    processed.

CVE-2020-3894

    Sergei Glazunov discovered that a race condition may allow an
    application to read restricted memory.

CVE-2020-3895

    grigoritchy discovered that processing maliciously crafted web
    content may lead to arbitrary code execution.

CVE-2020-3897

    Brendan Draper discovered that a remote attacker may be able to
    cause arbitrary code execution.

CVE-2020-3899

    OSS-Fuzz discovered that A remote attacker may be able to cause
    arbitrary code execution.

CVE-2020-3900

    Dongzhuo Zhao discovered that processing maliciously crafted web
    content may lead to arbitrary code execution.

CVE-2020-3901

    Benjamin Randazzo discovered that processing maliciously crafted
    web content may lead to arbitrary code execution.

CVE-2020-3902

    Yigit Can Yilmaz discovered that processing maliciously crafted
    web content may lead to a cross site scripting attack.

For the stable distribution (buster), these problems have been fixed in
version 2.28.2-2~deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4676-2                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 07, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : salt
CVE ID         : CVE-2020-11651 CVE-2020-11652
Debian Bug     : 959684

The update for salt for the oldstable distribution (stretch) released as
DSA 4676-1 contained an incomplete fix to address CVE-2020-11651 and
CVE-2020-11652. Updated salt packages are now available to correct this
issue. For reference, the original advisory text follows.

Several vulnerabilities were discovered in salt, a powerful remote
execution manager, which could result in retrieve of user tokens from
the salt master, execution of arbitrary commands on salt minions,
arbitrary directory access to authenticated users or arbitrary code
execution on salt-api hosts.

For the oldstable distribution (stretch), these problems have been fixed
in version 2016.11.2+ds-1+deb9u4.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4682-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 08, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : squid
CVE ID         : CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12523 
                 CVE-2019-12524 CVE-2019-12526 CVE-2019-12528 CVE-2019-18676 
                 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2020-8449 
                 CVE-2020-8450 CVE-2020-11945

Multiple security issues were discovered in the Squid proxy caching
server, which could result in the bypass of security filters, information
disclosure, the execution of arbitrary code or denial of service.

For the stable distribution (buster), these problems have been fixed in
version 4.6-1+deb10u2.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4683-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 08, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 
                 CVE-2020-12397

Multiple security issues have been found in Thunderbird which could
result in spoofing the displayed sender email address, denial of service
or potentially the execution of arbitrary code.

For the oldstable distribution (stretch), these problems have been fixed
in version 1:68.8.0-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 1:68.8.0-1~deb10u1.

Share this post


Link to post
Share on other sites
sunrat
------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Updated Debian 10: 10.4 released                        press@debian.org
May 9th, 2020                  https://www.debian.org/News/2020/20200509
------------------------------------------------------------------------


The Debian project is pleased to announce the fourth update of its
stable distribution Debian 10 (codename "buster"). This point release
mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 10 but only updates some of the packages included. There is no
need to throw away old "buster" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

Upgrading an existing installation to this revision can be achieved by
pointing the package management system at one of Debian's many HTTP
mirrors. A comprehensive list of mirrors is available at:

https://www.debian.org/mirror/list



Miscellaneous Bugfixes
----------------------

This stable update adds a few important corrections to the following
packages:

+---------------------------+-----------------------------------------+
| Package                   | Reason                                  |
+---------------------------+-----------------------------------------+
| apt-cacher-ng [1]         | Enforce secured call to the server in   |
|                           | maintenance job triggering [CVE-2020-   |
|                           | 5202]; allow .zst compression for       |
|                           | tarballs; increase size of the          |
|                           | decompression line buffer for           |
|                           | configuration file reading              |
|                           |                                         |
| backuppc [2]              | Pass the username to start-stop-daemon  |
|                           | when reloading, preventing reload       |
|                           | failures                                |
|                           |                                         |
| base-files [3]            | Update for the point release            |
|                           |                                         |
| brltty [4]                | Reduce severity of log message to avoid |
|                           | generating too many messages when used  |
|                           | with new Orca versions                  |
|                           |                                         |
| checkstyle [5]            | Fix XML External Entity injection issue |
|                           | [CVE-2019-9658 CVE-2019-10782]          |
|                           |                                         |
| choose-mirror [6]         | Update included mirror list             |
|                           |                                         |
| clamav [7]                | New upstream release [CVE-2020-3123]    |
|                           |                                         |
| corosync [8]              | totemsrp: Reduce MTU to avoid           |
|                           | generating oversized packets            |
|                           |                                         |
| corosync-qdevice [9]      | Fix service startup                     |
|                           |                                         |
| csync2 [10]               | Fail HELLO command when SSL is required |
|                           |                                         |
| cups [11]                 | Fix heap buffer overflow [CVE-2020-     |
|                           | 3898] and  "the `ippReadIO` function    |
|                           | may under-read an extension             |
|                           | field"  [CVE-2019-8842]                 |
|                           |                                         |
| dav4tbsync [12]           | New upstream release, restoring         |
|                           | compatibility with newer Thunderbird    |
|                           | versions                                |
|                           |                                         |
| debian-edu-config [13]    | Add policy files for Firefox ESR and    |
|                           | Thunderbird to fix the TLS/SSL setup    |
|                           |                                         |
| debian-installer [14]     | Update for the 4.19.0-9 kernel ABI      |
|                           |                                         |
| debian-installer-netboot- | Rebuild against proposed-updates        |
| images [15]               |                                         |
|                           |                                         |
| debian-security-          | New upstream stable release; update     |
| support [16]              | status of several packages; use         |
|                           | "runuser"  rather than  "su"            |
|                           |                                         |
| distro-info-data [17]     | Add Ubuntu 20.10, and likely end of     |
|                           | support date for stretch                |
|                           |                                         |
| dojo [18]                 | Fix improper regular expression usage   |
|                           | [CVE-2019-10785]                        |
|                           |                                         |
| dpdk [19]                 | New upstream stable release             |
|                           |                                         |
| dtv-scan-tables [20]      | New upstream snapshot; add all current  |
|                           | German DVB-T2 muxes and the Eutelsat-5- |
|                           | West-A satellite                        |
|                           |                                         |
| eas4tbsync [21]           | New upstream release, restoring         |
|                           | compatibility with newer Thunderbird    |
|                           | versions                                |
|                           |                                         |
| edk2 [22]                 | Security fixes [CVE-2019-14558          |
|                           | CVE-2019-14559 CVE-2019-14563 CVE-2019- |
|                           | 14575 CVE-2019-14586 CVE-2019-14587]    |
|                           |                                         |
| el-api [23]               | Fix stretch to buster upgrades that     |
|                           | involve Tomcat 8                        |
|                           |                                         |
| fex [24]                  | Fix a potential security issue in       |
|                           | fexsrv                                  |
|                           |                                         |
| filezilla [25]            | Fix untrusted search path vulnerability |
|                           | [CVE-2019-5429]                         |
|                           |                                         |
| frr [26]                  | Fix extended next hop capability        |
|                           |                                         |
| fuse [27]                 | Remove outdated udevadm commands from   |
|                           | post-install scripts; don't explicitly  |
|                           | remove fuse.conf on purge               |
|                           |                                         |
| fuse3 [28]                | Remove outdated udevadm commands from   |
|                           | post-install scripts; don't explicitly  |
|                           | remove fuse.conf on purge; fix memory   |
|                           | leak in fuse_session_new()              |
|                           |                                         |
| golang-github-prometheus- | Extend validity of test certificates    |
| common [29]               |                                         |
|                           |                                         |
| gosa [30]                 | Replace (un)serialize with json_encode/ |
|                           | json_decode to mitigate PHP object      |
|                           | injection [CVE-2019-14466]              |
|                           |                                         |
| hbci4java [31]            | Support EU directive on payment         |
|                           | services (PSD2)                         |
|                           |                                         |
| hibiscus [32]             | Support EU directive on payment         |
|                           | services (PSD2)                         |
|                           |                                         |
| iputils [33]              | Correct an issue in which ping would    |
|                           | improperly exit with a failure code     |
|                           | when there were untried addresses still |
|                           | available in the getaddrinfo() library  |
|                           | call return value                       |
|                           |                                         |
| ircd-hybrid [34]          | Use dhparam.pem to avoid crash on       |
|                           | startup                                 |
|                           |                                         |
| jekyll [35]               | Allow use of ruby-i18n 0.x and 1.x      |
|                           |                                         |
| jsp-api [36]              | Fix stretch to buster upgrades that     |
|                           | involve Tomcat 8                        |
|                           |                                         |
| lemonldap-ng [37]         | Prevent unwanted access to              |
|                           | administration endpoints [CVE-2019-     |
|                           | 19791]; fix the GrantSession plugin     |
|                           | which could not prohibit logon when two |
|                           | factor authentication was used; fix     |
|                           | arbitrary redirects with OIDC if        |
|                           | redirect_uri was not used               |
|                           |                                         |
| libdatetime-timezone-     | Update included data                    |
| perl [38]                 |                                         |
|                           |                                         |
| libreoffice [39]          | Fix OpenGL slide transitions            |
|                           |                                         |
| libssh [40]               | Fix possible denial of service issue    |
|                           | when handling AES-CTR keys with OpenSSL |
|                           | [CVE-2020-1730]                         |
|                           |                                         |
| libvncserver [41]         | Fix heap overflow [CVE-2019-15690]      |
|                           |                                         |
| linux [42]                | New upstream stable release             |
|                           |                                         |
| linux-latest [43]         | Update kernel ABI to 4.19.0-9           |
|                           |                                         |
| linux-signed-amd64 [44]   | New upstream stable release             |
|                           |                                         |
| linux-signed-arm64 [45]   | New upstream stable release             |
|                           |                                         |
| linux-signed-i386 [46]    | New upstream stable release             |
|                           |                                         |
| lwip [47]                 | Fix buffer overflow [CVE-2020-8597]     |
|                           |                                         |
| lxc-templates [48]        | New upstream stable release; handle     |
|                           | languages that are only UTF-8 encoded   |
|                           |                                         |
| manila [49]               | Fix missing access permissions check    |
|                           | [CVE-2020-9543]                         |
|                           |                                         |
| megatools [50]            | Add support for the new format of       |
|                           | mega.nz links                           |
|                           |                                         |
| mew [51]                  | Fix server SSL certificate validity     |
|                           | checking                                |
|                           |                                         |
| mew-beta [52]             | Fix server SSL certificate validity     |
|                           | checking                                |
|                           |                                         |
| mkvtoolnix [53]           | Rebuild to tighten libmatroska6v5       |
|                           | dependency                              |
|                           |                                         |
| ncbi-blast+ [54]          | Disable SSE4.2 support                  |
|                           |                                         |
| node-anymatch [55]        | Remove unnecessary dependencies         |
|                           |                                         |
| node-dot [56]             | Prevent code execution after prototype  |
|                           | pollution [CVE-2020-8141]               |
|                           |                                         |
| node-dot-prop [57]        | Fix prototype pollution [CVE-2020-8116] |
|                           |                                         |
| node-knockout [58]        | Fix escaping with older Internet        |
|                           | Explorer versions [CVE-2019-14862]      |
|                           |                                         |
| node-mongodb [59]         | Reject invalid _bsontypes [CVE-2019-    |
|                           | 2391 CVE-2020-7610]                     |
|                           |                                         |
| node-yargs-parser [60]    | Fix prototype pollution [CVE-2020-7608] |
|                           |                                         |
| npm [61]                  | Fix arbitrary path access [CVE-2019-    |
|                           | 16775 CVE-2019-16776 CVE-2019-16777]    |
|                           |                                         |
| nvidia-graphics-          | New upstream stable release             |
| drivers [62]              |                                         |
|                           |                                         |
| nvidia-graphics-drivers-  | New upstream stable release             |
| legacy-390xx [63]         |                                         |
|                           |                                         |
| nvidia-settings-          | New upstream release                    |
| legacy-340xx [64]         |                                         |
|                           |                                         |
| oar [65]                  | Revert to stretch behavior for          |
|                           | Storable::dclone perl function, fixing  |
|                           | recursion depth issues                  |
|                           |                                         |
| opam [66]                 | Prefer mccs over aspcud                 |
|                           |                                         |
| openvswitch [67]          | Fix vswitchd abort when a port is added |
|                           | and the controller is down              |
|                           |                                         |
| orocos-kdl [68]           | Fix string conversion with Python 3     |
|                           |                                         |
| owfs [69]                 | Remove broken Python 3 packages         |
|                           |                                         |
| pango1.0 [70]             | Fix crash in                            |
|                           | pango_fc_font_key_get_variations() when |
|                           | key is null                             |
|                           |                                         |
| pgcli [71]                | Add missing dependency on python3-pkg-  |
|                           | resources                               |
|                           |                                         |
| php-horde-data [72]       | Fix authenticated remote code execution |
|                           | vulnerability [CVE-2020-8518]           |
|                           |                                         |
| php-horde-form [73]       | Fix authenticated remote code execution |
|                           | vulnerability [CVE-2020-8866]           |
|                           |                                         |
| php-horde-trean [74]      | Fix authenticated remote code execution |
|                           | vulnerability [CVE-2020-8865]           |
|                           |                                         |
| postfix [75]              | New upstream stable release; fix panic  |
|                           | with Postfix multi-Milter configuration |
|                           | during MAIL FROM; fix d/init.d running  |
|                           | change so it works with multi-instance  |
|                           | again                                   |
|                           |                                         |
| proftpd-dfsg [76]         | Fix memory access issue in keyboard-    |
|                           | interative code in mod_sftp; properly   |
|                           | handle DEBUG, IGNORE, DISCONNECT, and   |
|                           | UNIMPLEMENTED messages in keyboard-     |
|                           | interactive mode                        |
|                           |                                         |
| puma [77]                 | Fix Denial of Service issue [CVE-2019-  |
|                           | 16770]                                  |
|                           |                                         |
| purple-discord [78]       | Fix crashes in ssl_nss_read             |
|                           |                                         |
| python-oslo.utils [79]    | Fix leak of sensitive information via   |
|                           | mistral logs [CVE-2019-3866]            |
|                           |                                         |
| rails [80]                | Fix possible cross-site scripting via   |
|                           | Javascript escape helper [CVE-2020-     |
|                           | 5267]                                   |
|                           |                                         |
| rake [81]                 | Fix command injection vulnerability     |
|                           | [CVE-2020-8130]                         |
|                           |                                         |
| raspi3-firmware [82]      | Fix dtb names mismatch in z50-raspi-    |
|                           | firmware; fix boot on Raspberry Pi      |
|                           | families 1 and 0                        |
|                           |                                         |
| resource-agents [83]      | Fix  "ethmonitor does not list          |
|                           | interfaces without assigned IP          |
|                           | address" ; remove no longer required    |
|                           | xen-toolstack patch; fix non-standard   |
|                           | usage in ZFS agent                      |
|                           |                                         |
| rootskel [84]             | Disable multiple console support if     |
|                           | preseeding is in use                    |
|                           |                                         |
| ruby-i18n [85]            | Fix gemspec generation                  |
|                           |                                         |
| rubygems-integration [86] | Avoid deprecation warnings when users   |
|                           | install a newer version of Rubygems via |
|                           | "gem update --system"                   |
|                           |                                         |
| schleuder [87]            | Improve patch to handle encoding errors |
|                           | introduced in the previous version;     |
|                           | switch default encoding to UTF-8; let   |
|                           | x-add-key handle mails with attached,   |
|                           | quoted-printable encoded keys; fix x-   |
|                           | attach-listkey with mails created by    |
|                           | Thunderbird that include protected      |
|                           | headers                                 |
|                           |                                         |
| scilab [88]               | Fix library loading with OpenJDK 11.0.7 |
|                           |                                         |
| serverspec-runner [89]    | Support Ruby 2.5                        |
|                           |                                         |
| softflowd [90]            | Fix broken flow aggregation which might |
|                           | result in flow table overflow and 100%  |
|                           | CPU usage                               |
|                           |                                         |
| speech-dispatcher [91]    | Fix default pulseaudio latency which    |
|                           | triggers  "scratchy"  output            |
|                           |                                         |
| spl-linux [92]            | Fix deadlock                            |
|                           |                                         |
| sssd [93]                 | Fix sssd_be busy-looping when LDAP      |
|                           | connection is intermittent              |
|                           |                                         |
| systemd [94]              | when authorizing via PolicyKit re-      |
|                           | resolve callback/userdata instead of    |
|                           | caching it [CVE-2020-1712]; install 60- |
|                           | block.rules in udev-udeb and initramfs- |
|                           | tools                                   |
|                           |                                         |
| taglib [95]               | Fix corruption issues with OGG files    |
|                           |                                         |
| tbsync [96]               | New upstream release, restoring         |
|                           | compatibility with newer Thunderbird    |
|                           | versions                                |
|                           |                                         |
| timeshift [97]            | Fix predictable temporary directory use |
|                           | [CVE-2020-10174]                        |
|                           |                                         |
| tinyproxy [98]            | Only set PIDDIR, if PIDFILE is a non-   |
|                           | zero length string                      |
|                           |                                         |
| tzdata [99]               | New upstream stable release             |
|                           |                                         |
| uim [100]                 | unregister modules that are not         |
|                           | installed, fixing a regression in the   |
|                           | previous upload                         |
|                           |                                         |
| user-mode-linux [101]     | Fix build failure with current stable   |
|                           | kernels                                 |
|                           |                                         |
| vite [102]                | Fix crash when there are more than 32   |
|                           | elements                                |
|                           |                                         |
| waagent [103]             | New upstream release; support co-       |
|                           | installation with cloud-init            |
|                           |                                         |
| websocket-api [104]       | Fix stretch to buster upgrades that     |
|                           | involve Tomcat 8                        |
|                           |                                         |
| wpa [105]                 | Do not try to detect PSK mismatch       |
|                           | during PTK rekeying; check for FT       |
|                           | support when selecting FT suites; fix   |
|                           | MAC randomisation issue with some cards |
|                           |                                         |
| xdg-utils [106]           | xdg-open: fix pcmanfm check and         |
|                           | handling of directories with spaces in  |
|                           | their names; xdg-screensaver: Sanitise  |
|                           | window name before sending it over D-   |
|                           | Bus; xdg-mime: Create config directory  |
|                           | if it does not exist yet                |
|                           |                                         |
| xtrlock [107]             | Fix blocking of (some) multitouch       |
|                           | devices while locked [CVE-2016-10894]   |
|                           |                                         |
| zfs-linux [108]           | Fix potential deadlock issues           |
|                           |                                         |
+---------------------------+-----------------------------------------+

Security Updates
----------------

This revision adds the following security updates to the stable release.
The Security Team has already released an advisory for each of these
updates:

+----------------+-----------------------------+
| Advisory ID    | Package                     |
+----------------+-----------------------------+
| DSA-4616 [109] | qemu [110]                  |
|                |                             |
| DSA-4617 [111] | qtbase-opensource-src [112] |
|                |                             |
| DSA-4618 [113] | libexif [114]               |
|                |                             |
| DSA-4619 [115] | libxmlrpc3-java [116]       |
|                |                             |
| DSA-4620 [117] | firefox-esr [118]           |
|                |                             |
| DSA-4623 [119] | postgresql-11 [120]         |
|                |                             |
| DSA-4624 [121] | evince [122]                |
|                |                             |
| DSA-4625 [123] | thunderbird [124]           |
|                |                             |
| DSA-4627 [125] | webkit2gtk [126]            |
|                |                             |
| DSA-4629 [127] | python-django [128]         |
|                |                             |
| DSA-4630 [129] | python-pysaml2 [130]        |
|                |                             |
| DSA-4631 [131] | pillow [132]                |
|                |                             |
| DSA-4632 [133] | ppp [134]                   |
|                |                             |
| DSA-4633 [135] | curl [136]                  |
|                |                             |
| DSA-4634 [137] | opensmtpd [138]             |
|                |                             |
| DSA-4635 [139] | proftpd-dfsg [140]          |
|                |                             |
| DSA-4636 [141] | python-bleach [142]         |
|                |                             |
| DSA-4637 [143] | network-manager-ssh [144]   |
|                |                             |
| DSA-4638 [145] | chromium [146]              |
|                |                             |
| DSA-4639 [147] | firefox-esr [148]           |
|                |                             |
| DSA-4640 [149] | graphicsmagick [150]        |
|                |                             |
| DSA-4641 [151] | webkit2gtk [152]            |
|                |                             |
| DSA-4642 [153] | thunderbird [154]           |
|                |                             |
| DSA-4643 [155] | python-bleach [156]         |
|                |                             |
| DSA-4644 [157] | tor [158]                   |
|                |                             |
| DSA-4645 [159] | chromium [160]              |
|                |                             |
| DSA-4646 [161] | icu [162]                   |
|                |                             |
| DSA-4647 [163] | bluez [164]                 |
|                |                             |
| DSA-4648 [165] | libpam-krb5 [166]           |
|                |                             |
| DSA-4649 [167] | haproxy [168]               |
|                |                             |
| DSA-4650 [169] | qbittorrent [170]           |
|                |                             |
| DSA-4651 [171] | mediawiki [172]             |
|                |                             |
| DSA-4652 [173] | gnutls28 [174]              |
|                |                             |
| DSA-4653 [175] | firefox-esr [176]           |
|                |                             |
| DSA-4654 [177] | chromium [178]              |
|                |                             |
| DSA-4655 [179] | firefox-esr [180]           |
|                |                             |
| DSA-4656 [181] | thunderbird [182]           |
|                |                             |
| DSA-4657 [183] | git [184]                   |
|                |                             |
| DSA-4658 [185] | webkit2gtk [186]            |
|                |                             |
| DSA-4659 [187] | git [188]                   |
|                |                             |
| DSA-4660 [189] | awl [190]                   |
|                |                             |
| DSA-4661 [191] | openssl [192]               |
|                |                             |
| DSA-4663 [193] | python-reportlab [194]      |
|                |                             |
| DSA-4664 [195] | mailman [196]               |
|                |                             |
| DSA-4665 [197] | qemu [198]                  |
|                |                             |
| DSA-4666 [199] | openldap [200]              |
|                |                             |
| DSA-4667 [201] | linux-signed-amd64 [202]    |
|                |                             |
| DSA-4667 [203] | linux-signed-arm64 [204]    |
|                |                             |
| DSA-4667 [205] | linux-signed-i386 [206]     |
|                |                             |
| DSA-4667 [207] | linux [208]                 |
|                |                             |
| DSA-4669 [209] | nodejs [210]                |
|                |                             |
| DSA-4671 [211] | vlc [212]                   |
|                |                             |
| DSA-4672 [213] | trafficserver [214]         |
|                |                             |
+----------------+-----------------------------+

Removed packages
----------------

The following packages were removed due to circumstances beyond our
control:

+-------------------------+--------------------------------------------+
| Package                 | Reason                                     |
+-------------------------+--------------------------------------------+
| getlive [215]           | Broken due to Hotmail changes              |
|                         |                                            |
| gplaycli [216]          | Broken by Google API changes               |
|                         |                                            |
| kerneloops [217]        | Upstream service no longer available       |
|                         |                                            |
| lambda-align2 [218]     | [arm64 armel armhf i386 mips64el ppc64el   |
|                         | s390x] Broken on non-amd64 architectures   |
|                         |                                            |
| libmicrodns [219]       | Security issues                            |
|                         |                                            |
| libperlspeak-perl [220] | Security issues; unmaintained              |
|                         |                                            |
| quotecolors [221]       | Incompatible with newer Thunderbird        |
|                         | versions                                   |
|                         |                                            |
| torbirdy [222]          | Incompatible with newer Thunderbird        |
|                         | versions                                   |
|                         |                                            |
| ugene [223]             | Non-free; fails to build                   |
|                         |                                            |
| yahoo2mbox [224]        | Broken for several years                   |
|                         |                                            |
+-------------------------+--------------------------------------------+

Debian Installer
----------------

The installer has been updated to include the fixes incorporated into
stable by the point release.


URLs
----

The complete lists of packages that have changed with this revision:

http://ftp.debian.org/debian/dists/buster/ChangeLog


The current stable distribution:

http://ftp.debian.org/debian/dists/stable/


Proposed updates to the stable distribution:

http://ftp.debian.org/debian/dists/proposed-updates


stable distribution information (release notes, errata etc.):

https://www.debian.org/releases/stable/


Security announcements and information:

https://www.debian.org/security/


Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4684-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 13, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreswan
CVE ID         : CVE-2020-1763
Debian Bug     : 960458

Stephan Zeisberg discovered that the libreswan IPsec implementation
could be forced into a crash/restart via a malformed IKEv1 Informational
Exchange packet, resulting in denial of service.

For the stable distribution (buster), this problem has been fixed in
version 3.27-6+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4685-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 14, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : apt
CVE ID         : CVE-2020-3810

Shuaibing Lu discovered that missing input validation in the ar/tar
implementations of APT, the high level package manager, could result in
denial of service when processing specially crafted deb files.

For the oldstable distribution (stretch), this problem has been fixed
in version 1.4.10.

For the stable distribution (buster), this problem has been fixed in
version 1.8.2.1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4686-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 16, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : apache-log4j1.2
CVE ID         : CVE-2019-17571
Debian Bug     : 947124

It was discovered that the SocketServer class included in
apache-log4j1.2, a logging library for java, is vulnerable to
deserialization of untrusted data. An attacker can take advantage of
this flaw to execute arbitrary code in the context of the logger
application by sending a specially crafted log event.

For the oldstable distribution (stretch), this problem has been fixed
in version 1.2.17-7+deb9u1.

For the stable distribution (buster), this problem has been fixed in
version 1.2.17-8+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4687-1                   security@debian.org
https://www.debian.org/security/                           Florian Weimer
May 16, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : exim4
CVE ID         : CVE-2020-12783

It was discovered that exim4, a mail transport agent, suffers from a
authentication bypass vulnerability in the spa authentication driver.
The spa authentication driver is not enabled by default.

For the oldstable distribution (stretch), this problem has been fixed
in version 4.89-2+deb9u7.

For the stable distribution (buster), this problem has been fixed in
version 4.92-8+deb10u4.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4688-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 18, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : dpdk
CVE ID         : CVE-2020-10722 CVE-2020-10723 CVE-2020-10724

Multiple vulnerabilities were discovered in the vhost code of DPDK,
a set of libraries for fast packet processing, which could result
in denial of service or the execution of arbitrary code by malicious
guests/containers.

For the oldstable distribution (stretch), these problems have been fixed
in version 16.11.11-1+deb9u2.

For the stable distribution (buster), these problems have been fixed in
version 18.11.6-1~deb10u2.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4689-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 19, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : bind9
CVE ID         : CVE-2019-6477 CVE-2020-8616 CVE-2020-8617
Debian Bug     : 945171

Several vulnerabilities were discovered in BIND, a DNS server
implementation.

CVE-2019-6477

    It was discovered that TCP-pipelined queries can bypass tcp-client
    limits resulting in denial of service.

CVE-2020-8616

    It was discovered that BIND does not sufficiently limit the number
    of fetches performed when processing referrals. An attacker can take
    advantage of this flaw to cause a denial of service (performance
    degradation) or use the recursing server in a reflection attack with
    a high amplification factor.

CVE-2020-8617

    It was discovered that a logic error in the code which checks TSIG
    validity can be used to trigger an assertion failure, resulting in
    denial of service.

For the oldstable distribution (stretch), these problems have been fixed
in version 1:9.10.3.dfsg.P4-12.3+deb9u6.

For the stable distribution (buster), these problems have been fixed in
version 1:9.11.5.P4+dfsg-5.1+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4690-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 20, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : dovecot
CVE ID         : CVE-2020-10957 CVE-2020-10958 CVE-2020-10967
Debian Bug     : 960963

Several vulnerabilities were discovered in the Dovecot email server,
which could cause crashes in the submission, submission-login or lmtp
services, resulting in denial of service.

For the stable distribution (buster), these problems have been fixed in
version 1:2.3.4.1-5+deb10u2.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4691-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 21, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : pdns-recursor
CVE ID         : CVE-2020-10955 CVE-2020-12244

Two vulnerabiliites have been discovered in PDNS Recursor, a resolving
name server; a traffic amplification attack against third party
authoritative name servers (NXNSAttack) and insufficient validation of
NXDOMAIN responses lacking an SOA.

The version of pdns-recursor in the oldstable distribution (stretch) is
no longer supported. If these security issues affect your setup, you
should upgrade to the stable distribution (buster).

For the stable distribution (buster), these problems have been fixed in
version 4.1.11-1+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4692-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 24, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : netqmail
CVE ID         : CVE-2005-1513 CVE-2005-1514 CVE-2005-1515 CVE-2020-3811
                 CVE-2020-3812
Debian Bug     : 961060

Georgi Guninski and the Qualys Research Labs discovered multiple
vulnerabilities in qmail (shipped in Debian as netqmail with additional
patches) which could result in the execution of arbitrary code, bypass
of mail address verification and a local information leak whether a file
exists or not.

For the oldstable distribution (stretch), these problems have been fixed
in version 1.06-6.2~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 1.06-6.2~deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4693-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 26, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : drupal7
CVE ID         : CVE-2020-11022 CVE-2020-11023 SA-CORE-2020-003

Several vulnerabilities were discovered in Drupal, a fully-featured
content management framework, which could result in an open redirect or
cross-site scripting.

For the oldstable distribution (stretch), these problems have been fixed
in version 7.52-2+deb9u10.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4694-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 26, 2020                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : unbound
CVE ID         : CVE-2020-12662 CVE-2020-12663

Two vulnerabiliites have been discovered in Unbound, a recursive-only
caching DNS server; a traffic amplification attack against third party
authoritative name servers (NXNSAttack) and insufficient sanitisation
of replies from upstream servers could result in denial of service via
an infinite loop.

The version of Unbound in the oldstable distribution (stretch) is
no longer supported. If these security issues affect your setup, you
should upgrade to the stable distribution (buster).

For the stable distribution (buster), these problems have been fixed in
version 1.9.0-2+deb10u2.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4695-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 03, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or a timing attack on cryptographic keys.

For the oldstable distribution (stretch), these problems have been fixed
in version 68.9.0esr-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 68.9.0esr-1~deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4696-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 06, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : nodejs
CVE ID         : CVE-2020-8174 CVE-2020-11080
Debian Bug     : 962145

Two vulnerabilities were discovered in Node.js, which could result in
denial of service and potentially the execution of arbitrary code.

For the stable distribution (buster), these problems have been fixed in
version 10.21.0~dfsg-1~deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4697-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
June 06, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : gnutls28
CVE ID         : CVE-2020-13777
Debian Bug     : 962289

A flaw was reported in the TLS session ticket key construction in
GnuTLS, a library implementing the TLS and SSL protocols. The flaw
caused the TLS server to not securely construct a session ticket
encryption key considering the application supplied secret, allowing a
man-in-the-middle attacker to bypass authentication in TLS 1.3 and
recover previous conversations in TLS 1.2.

For the stable distribution (buster), this problem has been fixed in
version 3.6.7-4+deb10u4.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4698-1                   security@debian.org
https://www.debian.org/security/                            Ben Hutchings
June 09, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2019-2182 CVE-2019-5108 CVE-2019-19319 CVE-2019-19462
                 CVE-2019-19768 CVE-2019-20806 CVE-2019-20811 CVE-2020-0543
                 CVE-2020-2732 CVE-2020-8428 CVE-2020-8647 CVE-2020-8648
                 CVE-2020-8649 CVE-2020-9383 CVE-2020-10711 CVE-2020-10732
                 CVE-2020-10751 CVE-2020-10757 CVE-2020-10942 CVE-2020-11494
                 CVE-2020-11565 CVE-2020-11608 CVE-2020-11609 CVE-2020-11668
                 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653
                 CVE-2020-12654 CVE-2020-12770 CVE-2020-13143
Debian Bug     : 952660

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2019-2182

    Hanjun Guo and Lei Li reported a race condition in the arm64
    virtual memory management code, which could lead to an information
    disclosure, denial of service (crash), or possibly privilege
    escalation.

CVE-2019-5108

    Mitchell Frank of Cisco discovered that when the IEEE 802.11
    (WiFi) stack was used in AP mode with roaming, it would trigger
    roaming for a newly associated station before the station was
    authenticated.  An attacker within range of the AP could use this
    to cause a denial of service, either by filling up a switching
    table or by redirecting traffic away from other stations.

CVE-2019-19319

    Jungyeon discovered that a crafted filesystem can cause the ext4
    implementation to deallocate or reallocate journal blocks.  A user
    permitted to mount filesystems could use this to cause a denial of
    service (crash), or possibly for privilege escalation.

CVE-2019-19462

    The syzbot tool found a missing error check in the 'relay'
    library used to implement various files under debugfs.  A local
    user permitted to access debugfs could use this to cause a denial
    of service (crash) or possibly for privilege escalation.

CVE-2019-19768

    Tristan Madani reported a race condition in the blktrace debug
    facility that could result in a use-after-free.  A local user able
    to trigger removal of block devices could possibly use this to
    cause a denial of service (crash) or for privilege escalation.

CVE-2019-20806

    A potential null pointer dereference was discovered in the tw5864
    media driver.  The security impact of this is unclear.

CVE-2019-20811

    The Hulk Robot tool found a reference-counting bug in an error
    path in the network subsystem.  The security impact of this is
    unclear.

CVE-2020-0543

    Researchers at VU Amsterdam discovered that on some Intel CPUs
    supporting the RDRAND and RDSEED instructions, part of a random
    value generated by these instructions may be used in a later
    speculative execution on any core of the same physical CPU.
    Depending on how these instructions are used by applications, a
    local user or VM guest could use this to obtain sensitive
    information such as cryptographic keys from other users or VMs.

    This vulnerability can be mitigated by a microcode update, either
    as part of system firmware (BIOS) or through the intel-microcode
    package in Debian's non-free archive section.  This kernel update
    only provides reporting of the vulnerability and the option to
    disable the mitigation if it is not needed.

CVE-2020-2732

    Paulo Bonzini discovered that the KVM implementation for Intel
    processors did not properly handle instruction emulation for L2
    guests when nested virtualization is enabled. This could allow an
    L2 guest to cause privilege escalation, denial of service, or
    information leaks in the L1 guest.

CVE-2020-8428

    Al Viro discovered a potential use-after-free in the filesystem
    core (vfs).  A local user could exploit this to cause a denial of
    service (crash) or possibly to obtain sensitive information from
    the kernel.

CVE-2020-8647, CVE-2020-8649

    The Hulk Robot tool found a potential MMIO out-of-bounds access in
    the vgacon driver.  A local user permitted to access a virtual
    terminal (/dev/tty1 etc.) on a system using the vgacon driver
    could use this to cause a denial of service (crash or memory
    corruption) or possibly for privilege escalation.

CVE-2020-8648

    The syzbot tool found a race condition in the the virtual terminal
    driver, which could result in a use-after-free.  A local user
    permitted to access a virtual terminal could use this to cause a
    denial of service (crash or memory corruption) or possibly for
    privilege escalation.

CVE-2020-9383

    Jordy Zomer reported an incorrect range check in the floppy driver
    which could lead to a static out-of-bounds access.  A local user
    permitted to access a floppy drive could use this to cause a
    denial of service (crash or memory corruption) or possibly for
    privilege escalation.

CVE-2020-10711

    Matthew Sheets reported NULL pointer dereference issues in the
    SELinux subsystem while receiving CIPSO packet with null category. A
    remote attacker can take advantage of this flaw to cause a denial of
    service (crash). Note that this issue does not affect the binary
    packages distributed in Debian as CONFIG_NETLABEL is not enabled.

CVE-2020-10732

    An information leak of kernel private memory to userspace was found
    in the kernel's implementation of core dumping userspace processes.

CVE-2020-10751

    Dmitry Vyukov reported that the SELinux subsystem did not properly
    handle validating multiple messages, which could allow a privileged
    attacker to bypass SELinux netlink restrictions.

CVE-2020-10757

    Fan Yang reported a flaw in the way mremap handled DAX hugepages,
    allowing a local user to escalate their privileges

CVE-2020-10942

    It was discovered that the vhost_net driver did not properly
    validate the type of sockets set as back-ends. A local user
    permitted to access /dev/vhost-net could use this to cause a stack
    corruption via crafted system calls, resulting in denial of
    service (crash) or possibly privilege escalation.

CVE-2020-11494

    It was discovered that the slcan (serial line CAN) network driver
    did not fully initialise CAN headers for received packets,
    resulting in an information leak from the kernel to user-space or
    over the CAN network.

CVE-2020-11565

    Entropy Moe reported that the shared memory filesystem (tmpfs) did
    not correctly handle an "mpol" mount option specifying an empty
    node list, leading to a stack-based out-of-bounds write. If user
    namespaces are enabled, a local user could use this to cause a
    denial of service (crash) or possibly for privilege escalation.

CVE-2020-11608, CVE-2020-11609, CVE-2020-11668

    It was discovered that the ov519, stv06xx, and xirlink_cit media
    drivers did not properly validate USB device descriptors.  A
    physically present user with a specially constructed USB device
    could use this to cause a denial-of-service (crash) or possibly
    for privilege escalation.

CVE-2020-12114

    Piotr Krysiuk discovered a race condition between the umount and
    pivot_root operations in the filesystem core (vfs).  A local user
    with the CAP_SYS_ADMIN capability in any user namespace could use
    this to cause a denial of service (crash).

CVE-2020-12464

    Kyungtae Kim reported a race condition in the USB core that can
    result in a use-after-free.  It is not clear how this can be
    exploited, but it could result in a denial of service (crash or
    memory corruption) or privilege escalation.

CVE-2020-12652

    Tom Hatskevich reported a bug in the mptfusion storage drivers.
    An ioctl handler fetched a parameter from user memory twice,
    creating a race condition which could result in incorrect locking
    of internal data structures.  A local user permitted to access
    /dev/mptctl could use this to cause a denial of service (crash or
    memory corruption) or for privilege escalation.

CVE-2020-12653

    It was discovered that the mwifiex WiFi driver did not
    sufficiently validate scan requests, resulting a potential heap
    buffer overflow.  A local user with CAP_NET_ADMIN capability could
    use this to cause a denial of service (crash or memory corruption)
    or possibly for privilege escalation.

CVE-2020-12654

    It was discovered that the mwifiex WiFi driver did not
    sufficiently validate WMM parameters received from an access point
    (AP), resulting a potential heap buffer overflow.  A malicious AP
    could use this to cause a denial of service (crash or memory
    corruption) or possibly to execute code on a vulnerable system.

CVE-2020-12770

    It was discovered that the sg (SCSI generic) driver did not
    correctly release internal resources in a particular error case.
    A local user permitted to access an sg device could possibly use
    this to cause a denial of service (resource exhaustion).

CVE-2020-13143

    Kyungtae Kim reported a potential heap out-of-bounds write in
    the USB gadget subsystem.  A local user permitted to write to
    the gadget configuration filesystem could use this to cause a
    denial of service (crash or memory corruption) or potentially
    for privilege escalation.

For the oldstable distribution (stretch), these problems have been
fixed in version 4.9.210-1+deb9u1.  This version also fixes some
related bugs that do not have their own CVE IDs, and a regression in
the macvlan driver introduced in the previous point release (bug
#952660).

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4699-1                   security@debian.org
https://www.debian.org/security/                            Ben Hutchings
June 09, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2019-3016 CVE-2019-19462 CVE-2020-0543 CVE-2020-10711
                 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-12114
                 CVE-2020-12464 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143
Debian Bug     : 960271

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2019-3016

    It was discovered that the KVM implementation for x86 did not
    always perform TLB flushes when needed, if the paravirtualised
    TLB flush feature was enabled.  This could lead to disclosure of
    sensitive information within a guest VM.

CVE-2019-19462

    The syzkaller tool found a missing error check in the 'relay'
    library used to implement various files under debugfs.  A local
    user permitted to access debugfs could use this to cause a denial
    of service (crash) or possibly for privilege escalation.

CVE-2020-0543

    Researchers at VU Amsterdam discovered that on some Intel CPUs
    supporting the RDRAND and RDSEED instructions, part of a random
    value generated by these instructions may be used in a later
    speculative execution on any core of the same physical CPU.
    Depending on how these instructions are used by applications, a
    local user or VM guest could use this to obtain sensitive
    information such as cryptographic keys from other users or VMs.

    This vulnerability can be mitigated by a microcode update, either
    as part of system firmware (BIOS) or through the intel-microcode
    package in Debian's non-free archive section.  This kernel update
    only provides reporting of the vulnerability and the option to
    disable the mitigation if it is not needed.

CVE-2020-10711

    Matthew Sheets reported NULL pointer dereference issues in the
    SELinux subsystem while receiving CIPSO packet with null category. A
    remote attacker can take advantage of this flaw to cause a denial of
    service (crash). Note that this issue does not affect the binary
    packages distributed in Debian as CONFIG_NETLABEL is not enabled.

CVE-2020-10732

    An information leak of kernel private memory to userspace was found
    in the kernel's implementation of core dumping userspace processes.

CVE-2020-10751

    Dmitry Vyukov reported that the SELinux subsystem did not properly
    handle validating multiple messages, which could allow a privileged
    attacker to bypass SELinux netlink restrictions.

CVE-2020-10757

    Fan Yang reported a flaw in the way mremap handled DAX hugepages,
    allowing a local user to escalate their privileges.

CVE-2020-12114

    Piotr Krysiuk discovered a race condition between the umount and
    pivot_root operations in the filesystem core (vfs).  A local user
    with the CAP_SYS_ADMIN capability in any user namespace could use
    this to cause a denial of service (crash).

CVE-2020-12464

    Kyungtae Kim reported a race condition in the USB core that can
    result in a use-after-free.  It is not clear how this can be
    exploited, but it could result in a denial of service (crash or
    memory corruption) or privilege escalation.

CVE-2020-12768

    A bug was discovered in the KVM implementation for AMD processors,
    which could result in a memory leak.  The security impact of this
    is unclear.

CVE-2020-12770

    It was discovered that the sg (SCSI generic) driver did not
    correctly release internal resources in a particular error case.
    A local user permitted to access an sg device could possibly use
    this to cause a denial of service (resource exhaustion).

CVE-2020-13143

    Kyungtae Kim reported a potential heap out-of-bounds write in
    the USB gadget subsystem.  A local user permitted to write to
    the gadget configuration filesystem could use this to cause a
    denial of service (crash or memory corruption) or potentially
    for privilege escalation.

For the stable distribution (buster), these problems have been fixed
in version 4.19.118-2+deb10u1.  This version also fixes some related
bugs that do not have their own CVE IDs, and a regression in the
<linux/swab.h> UAPI header introduced in the previous point release
(bug #960271).

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4700-1                   security@debian.org
https://www.debian.org/security/                       Sebastien Delafond
June 11, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : roundcube
CVE ID         : CVE-2020-13964 CVE-2020-13965
Debian Bug     : 962123 962124

Matei Badanoiu and LoRexxar@knownsec discovered that roundcube, a
skinnable AJAX based webmail solution for IMAP servers, did not
correctly process and sanitize requests. This would allow a remote
attacker to perform a Cross-Side Scripting (XSS) attack leading to the
execution of arbitrary code.

For the oldstable distribution (stretch), these problems have been fixed
in version 1.2.3+dfsg.1-4+deb9u5.

For the stable distribution (buster), these problems have been fixed in
version 1.3.13+dfsg.1-1~deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4701-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
June 11, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : intel-microcode
CVE ID         : CVE-2020-0543 CVE-2020-0548 CVE-2020-0549

This update ships updated CPU microcode for some types of Intel CPUs and
provides mitigations for the Special Register Buffer Data Sampling
(CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D
Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.

The microcode update for HEDT and Xeon CPUs with signature 0x50654 which
was reverted in DSA 4565-2 is now included again with a fixed release.

The upstream update for Skylake-U/Y (signature 0x406e3) had to be
excluded from this update due to reported hangs on boot.

For details refer to
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html

For the oldstable distribution (stretch), these problems have been fixed
in version 3.20200609.2~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 3.20200609.2~deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4702-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 11, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2020-12410 CVE-2020-12406 CVE-2020-12405
                 CVE-2020-12399 CVE-2020-12398

Multiple security issues have been found in Thunderbird which could
result in the setup of a non-encrypted IMAP connection, denial of service
or potentially the execution of arbitrary code.
	
For the oldstable distribution (stretch), this problem has been fixed
in version 1:68.9.0-1~deb9u1.

For the stable distribution (buster), this problem has been fixed in
version 1:68.9.0-1~deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4703-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 11, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mysql-connector-java
CVE ID         : CVE-2020-2875 CVE-2020-2933 CVE-2020-2934

Three vulnerabilities have been found in the MySQL Connector/J JDBC
driver.
   
For the oldstable distribution (stretch), these problems have been fixed
in version 5.1.49-0+deb9u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4704-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 16, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : vlc
CVE ID         : CVE-2020-13428

A vulnerability was discovered in the VLC media player, which could
result in the execution of arbitrary code or denial of service if a
malformed video file is opened.

For the oldstable distribution (stretch), this problem has been fixed
in version 3.0.11-0+deb9u1.

For the stable distribution (buster), this problem has been fixed in
version 3.0.11-0+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4705-1                   security@debian.org
https://www.debian.org/security/                       Sebastien Delafond
June 18, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : python-django
CVE ID         : CVE-2020-9402 CVE-2020-13254 CVE-2020-13596

It was discovered that Django, a high-level Python web development
framework, did not properly sanitize input. This would allow a remote
attacker to perform SQL injection attacks, Cross-Site Scripting (XSS)
attacks, or leak sensitive information.

For the oldstable distribution (stretch), these problems have been fixed
in version 1:1.10.7-2+deb9u9.

For the stable distribution (buster), these problems have been fixed in
version 1:1.11.29-1~deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4706-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 18, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : drupal7
CVE ID         : CVE-2020-13663

It was discovered that Drupal, a fully-featured content management
framework, was suspectible to cross site request forgery.

For additional information, please refer to the upstream advisory at
https://www.drupal.org/sa-core-2020-004

For the oldstable distribution (stretch), this problem has been fixed
in version 7.52-2+deb9u11.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4707-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 19, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mutt
CVE ID         : CVE-2020-14093

Damian Poddebniak and Fabian Ising discovered two security issues in the
STARTTLS handling of the Mutt mail client, which could enable MITM
attacks.

For the oldstable distribution (stretch), these problems have been fixed
in version 1.7.2-1+deb9u3.

For the stable distribution (buster), these problems have been fixed in
version 1.10.1-2.1+deb10u2.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4708-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 21, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : neomutt
CVE ID         : CVE-2020-14093 CVE-2020-14954

Damian Poddebniak and Fabian Ising discovered two security issues in the
STARTTLS handling of the Neomutt mail client, which could enable MITM
attacks.

For the stable distribution (buster), these problems have been fixed in
version 20180716+dfsg.1-1+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4709-1                   security@debian.org
https://www.debian.org/security/                       Sebastien Delafond
June 23, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wordpress
CVE ID         : CVE-2020-4046 CVE-2020-4047 CVE-2020-4048 CVE-2020-4049 
                 CVE-2020-4050
Debian Bug     : 962685

Several vulnerabilities were discovered in Wordpress, a web blogging
tool. They allowed remote attackers to perform various Cross-Side
Scripting (XSS) attacks, create open redirects, escalate privileges,
and bypass authorization access.

For the stable distribution (buster), these problems have been fixed in
version 5.0.10+dfsg1-0+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4710-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 27, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : trafficserver
CVE ID         : CVE-2020-9494
Debian Bug     : 963629

A vulnerability was discovered in Apache Traffic Server, a reverse and
forward proxy server, which could result in denial of service via
malformed HTTP/2 headers.

For the stable distribution (buster), this problem has been fixed in
version 8.0.2+ds-1+deb10u3.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4711-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
June 29, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : coturn
CVE ID         : CVE-2020-4067 CVE-2020-6061 CVE-2020-6062
Debian Bug     : 951876

Several vulnerabilities were discovered in coturn, a TURN and STUN
server for VoIP.

CVE-2020-4067

    Felix Doerre reported that the STUN response buffer was not properly
    initialised, which could allow an attacker to leak bytes in the
    padding bytes from the connection of another client.

CVE-2020-6061

    Aleksandar Nikolic reported that a crafted HTTP POST request can
    lead to information leaks and other misbehavior.

CVE-2020-6062

    Aleksandar Nikolic reported that a crafted HTTP POST request can
    lead to server crash and denial of service.

For the oldstable distribution (stretch), these problems have been fixed
in version 4.5.0.5-1+deb9u2.

For the stable distribution (buster), these problems have been fixed in
version 4.5.1.1-1.1+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4712-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 30, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : imagemagick
CVE ID         : CVE-2019-7175 CVE-2019-7395 CVE-2019-7396 CVE-2019-7397 
                 CVE-2019-7398 CVE-2019-10649 CVE-2019-11470 CVE-2019-11472 
                 CVE-2019-11597 CVE-2019-11598 CVE-2019-12974 CVE-2019-12975 
                 CVE-2019-12976 CVE-2019-12977 CVE-2019-12978 CVE-2019-12979 
                 CVE-2019-13135 CVE-2019-13137 CVE-2019-13295 CVE-2019-13297 
                 CVE-2019-13300 CVE-2019-13301 CVE-2019-13304 CVE-2019-13305 
                 CVE-2019-13307 CVE-2019-13308 CVE-2019-13309 CVE-2019-13311 
                 CVE-2019-13454 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140 
                 CVE-2019-16708 CVE-2019-16710 CVE-2019-16711 CVE-2019-16713 
                 CVE-2019-19948 CVE-2019-19949

This update fixes multiple vulnerabilities in Imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service, memory disclosure or potentially the
execution of arbitrary code if malformed image files are processed.

For the stable distribution (buster), these problems have been fixed in
version 8:6.9.10.23+dfsg-2.1+deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4713-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 01, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 
                 CVE-2020-12421

Multiple security issues have been found in the Mozilla Firefox
web browser, which could potentially result in the execution
of arbitrary code.

For the oldstable distribution (stretch), these problems have been fixed
in version 68.10.0esr-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 68.10.0esr-1~deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4714-1                   security@debian.org
https://www.debian.org/security/                          Michael Gilbert
July 01, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : chromium
CVE ID         : CVE-2020-6423 CVE-2020-6430 CVE-2020-6431 CVE-2020-6432
                 CVE-2020-6433 CVE-2020-6434 CVE-2020-6435 CVE-2020-6436
                 CVE-2020-6437 CVE-2020-6438 CVE-2020-6439 CVE-2020-6440
                 CVE-2020-6441 CVE-2020-6442 CVE-2020-6443 CVE-2020-6444
                 CVE-2020-6445 CVE-2020-6446 CVE-2020-6447 CVE-2020-6448
                 CVE-2020-6454 CVE-2020-6455 CVE-2020-6456 CVE-2020-6457
                 CVE-2020-6458 CVE-2020-6459 CVE-2020-6460 CVE-2020-6461
                 CVE-2020-6462 CVE-2020-6463 CVE-2020-6464 CVE-2020-6465
                 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469
                 CVE-2020-6470 CVE-2020-6471 CVE-2020-6472 CVE-2020-6473
                 CVE-2020-6474 CVE-2020-6475 CVE-2020-6476 CVE-2020-6478
                 CVE-2020-6479 CVE-2020-6480 CVE-2020-6481 CVE-2020-6482
                 CVE-2020-6483 CVE-2020-6484 CVE-2020-6485 CVE-2020-6486
                 CVE-2020-6487 CVE-2020-6488 CVE-2020-6489 CVE-2020-6490
                 CVE-2020-6491 CVE-2020-6493 CVE-2020-6494 CVE-2020-6495
                 CVE-2020-6496 CVE-2020-6497 CVE-2020-6498 CVE-2020-6505
                 CVE-2020-6506 CVE-2020-6507 CVE-2020-6509 CVE-2020-6831

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2020-6423

    A use-after-free issue was found in the audio implementation.

CVE-2020-6430

    Avihay Cohen discovered a type confusion issue in the v8 javascript
    library.

CVE-2020-6431

    Luan Herrera discovered a policy enforcement error.

CVE-2020-6432

    Luan Herrera discovered a policy enforcement error.

CVE-2020-6433

    Luan Herrera discovered a policy enforcement error in extensions.

CVE-2020-6434

    HyungSeok Han discovered a use-after-free issue in the developer tools.

CVE-2020-6435

    Sergei Glazunov discovered a policy enforcement error in extensions.

CVE-2020-6436

    Igor Bukanov discovered a use-after-free issue.

CVE-2020-6437

    Jann Horn discovered an implementation error in WebView.

CVE-2020-6438

    Ng Yik Phang discovered a policy enforcement error in extensions.

CVE-2020-6439

    remkoboonstra discovered a policy enforcement error.

CVE-2020-6440

    David Erceg discovered an implementation error in extensions.

CVE-2020-6441

    David Erceg discovered a policy enforcement error.

CVE-2020-6442

    B@rMey discovered an implementation error in the page cache.

CVE-2020-6443

    @lovasoa discovered an implementation error in the developer tools.

CVE-2020-6444

    mlfbrown discovered an uninitialized variable in the WebRTC
    implementation.

CVE-2020-6445

    Jun Kokatsu discovered a policy enforcement error.

CVE-2020-6446

    Jun Kokatsu discovered a policy enforcement error.

CVE-2020-6447

    David Erceg discovered an implementation error in the developer tools.

CVE-2020-6448

    Guang Gong discovered a use-after-free issue in the v8 javascript library.

CVE-2020-6454

    Leecraso and Guang Gong discovered a use-after-free issue in extensions.

CVE-2020-6455

    Nan Wang and Guang Gong discovered an out-of-bounds read issue in the
    WebSQL implementation.

CVE-2020-6456

    Michał Bentkowski discovered insufficient validation of untrusted input.

CVE-2020-6457

    Leecraso and Guang Gong discovered a use-after-free issue in the speech
    recognizer.

CVE-2020-6458

    Aleksandar Nikolic discoved an out-of-bounds read and write issue in the
    pdfium library.

CVE-2020-6459

    Zhe Jin discovered a use-after-free issue in the payments implementation.

CVE-2020-6460

    It was discovered that URL formatting was insufficiently validated.

CVE-2020-6461

    Zhe Jin discovered a use-after-free issue.

CVE-2020-6462

    Zhe Jin discovered a use-after-free issue in task scheduling.

CVE-2020-6463

    Pawel Wylecial discovered a use-after-free issue in the ANGLE library.

CVE-2020-6464

    Looben Yang discovered a type confusion issue in Blink/Webkit.

CVE-2020-6465

    Woojin Oh discovered a use-after-free issue.

CVE-2020-6466

    Zhe Jin discovered a use-after-free issue.

CVE-2020-6467

    ZhanJia Song discovered a use-after-free issue in the WebRTC
    implementation.

CVE-2020-6468

    Chris Salls and Jake Corina discovered a type confusion issue in the v8
    javascript library.

CVE-2020-6469

    David Erceg discovered a policy enforcement error in the developer tools.

CVE-2020-6470

    Michał Bentkowski discovered insufficient validation of untrusted input.

CVE-2020-6471

    David Erceg discovered a policy enforcement error in the developer tools.

CVE-2020-6472

    David Erceg discovered a policy enforcement error in the developer tools.

CVE-2020-6473

    Soroush Karami and Panagiotis Ilia discovered a policy enforcement error
    in Blink/Webkit.

CVE-2020-6474

    Zhe Jin discovered a use-after-free issue in Blink/Webkit.

CVE-2020-6475

    Khalil Zhani discovered a user interface error.

CVE-2020-6476

    Alexandre Le Borgne discovered a policy enforcement error.

CVE-2020-6478

    Khalil Zhani discovered an implementation error in full screen mode.

CVE-2020-6479

    Zhong Zhaochen discovered an implementation error.

CVE-2020-6480

    Marvin Witt discovered a policy enforcement error.

CVE-2020-6481

    Rayyan Bijoora discovered a policy enforcement error.

CVE-2020-6482

    Abdulrahman Alqabandi discovered a policy enforcement error in the
    developer tools.

CVE-2020-6483

    Jun Kokatsu discovered a policy enforcement error in payments.

CVE-2020-6484

    Artem Zinenko discovered insufficient validation of user data in the
    ChromeDriver implementation.

CVE-2020-6485

    Sergei Glazunov discovered a policy enforcement error.

CVE-2020-6486

    David Erceg discovered a policy enforcement error.

CVE-2020-6487

    Jun Kokatsu discovered a policy enforcement error.

CVE-2020-6488

    David Erceg discovered a policy enforcement error.

CVE-2020-6489

    @lovasoa discovered an implementation error in the developer tools.

CVE-2020-6490

    Insufficient validation of untrusted data was discovered.

CVE-2020-6491

    Sultan Haikal discovered a user interface error.

CVE-2020-6493

    A use-after-free issue was discovered in the WebAuthentication
    implementation.

CVE-2020-6494

    Juho Nurimen discovered a user interface error.

CVE-2020-6495

    David Erceg discovered a policy enforcement error in the developer tools.

CVE-2020-6496

    Khalil Zhani discovered a use-after-free issue in payments.

CVE-2020-6497

    Rayyan Bijoora discovered a policy enforcement issue.

CVE-2020-6498

    Rayyan Bijoora discovered a user interface error.

CVE-2020-6505

    Khalil Zhani discovered a use-after-free issue.

CVE-2020-6506

    Alesandro Ortiz discovered a policy enforcement error.

CVE-2020-6507

    Sergei Glazunov discovered an out-of-bounds write issue in the v8
    javascript library.

CVE-2020-6509

    A use-after-free issue was discovered in extensions.

CVE-2020-6831

    Natalie Silvanovich discovered a buffer overflow issue in the SCTP
    library.

For the oldstable distribution (stretch), security support for chromium
has been discontinued.

For the stable distribution (buster), these problems have been fixed in
version 83.0.4103.116-1~deb10u1.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4715-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 02, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : imagemagick
CVE ID         : CVE-2019-13300 CVE-2019-13304 CVE-2019-13306 CVE-2019-13307 
                 CVE-2019-15140 CVE-2019-19948

This update fixes multiple vulnerabilities in Imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service, memory disclosure or potentially the
execution of arbitrary code if malformed image files are processed.
      
For the oldstable distribution (stretch), these problems have been fixed
in version 8:6.9.7.4+dfsg-11+deb9u8.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4716-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 02, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : docker.io
CVE ID         : CVE-2020-13401
Debian Bug     : 962141

Etienne Champetier discovered that Docker, a Linux container runtime,
created network bridges which by default accept IPv6 router advertisements.
This could allow an attacker with the CAP_NET_RAW capability in a
container to spoof router advertisements, resulting in information
disclosure or denial of service.

For the stable distribution (buster), this problem has been fixed in
version 18.09.1+dfsg1-7.1+deb10u2.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4714-2                   security@debian.org
https://www.debian.org/security/                          Michael Gilbert
July 04, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : chromium
Debian Bug     : 964145

The previous update for chromium released as DSA 4714-1 was mistakenly
built without compiler optimizations.  This caused high CPU load and
frequent crashes.  Updated chromium packages are now available that
correct this issue.

For the oldstable distribution (stretch), security support for chromium
has been discontinued.

For the stable distribution (buster), this problem has been fixed in
version 83.0.4103.116-1~deb10u2.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4717-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
July 05, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php7.0
CVE ID         : CVE-2019-11048 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064
                 CVE-2020-7066 CVE-2020-7067

Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in information
disclosure, denial of service or potentially the execution of arbitrary
code.

For the oldstable distribution (stretch), these problems have been fixed
in version 7.0.33-0+deb9u8.

 

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4718-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 05, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2020-12417 CVE-2020-12418 CVE-2020-12419
                 CVE-2020-12420 CVE-2020-12421

Multiple security issues have been found in Thunderbird which could
result in denial of service or potentially the execution of arbitrary
code.
      
For the oldstable distribution (stretch), these problems have been fixed
in version 1:68.10.0-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 1:68.10.0-1~deb10u1.

Share this post


Link to post
Share on other sites
sunrat
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4719-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
July 06, 2020                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php7.3
CVE ID         : CVE-2019-11048 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064
                 CVE-2020-7065 CVE-2020-7066 CVE-2020-7067

Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in information
disclosure, denial of service or potentially the execution of arbitrary
code.

For the stable distribution (buster), these problems have been fixed in
version 7.3.19-1~deb10u1.

Share this post


Link to post
Share on other sites

×
×
  • Create New...