Jump to content

Bruno

Recommended Posts

V.T. Eric Layton

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-2049-1 security@debian.orghttp://www.debian.org/security/ Steffen JoerisMay 23, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : barnowlVulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE Id : CVE-2010-0793Debian Bug : 574418It has been discovered that barnowl, a curses-based tty Jabber, IRC, AIMand Zephyr client, is prone to a buffer overflow via its "CC:" handling,which could lead to the execution of arbitrary code.~Eric

Link to comment
Share on other sites

  • 4 months later...
V.T. Eric Layton

NOTICE

I'm would like to apologize for the lack of update posting in this area over the past few months. I will attempt to start posting the updates again soon. In the meantime, you can click HERE for a complete listing of all the Debian 2010 Security notices.Thank you for your patience and understanding.~Eric

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2115-2 security@debian.orghttp://www.debian.org/security/ Florian WeimerOctober 11, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : moodleVulnerability : severalProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-1613 CVE-2010-1614 CVE-2010-1615 CVE-2010-1616 CVE-2010-1617 CVE-2010-1618 CVE-2010-1619 CVE-2010-2228 CVE-2010-2229 CVE-2010-2230 CVE-2010-2231DSA-2115-1 introduced a regression because it lacked a dependency onthe wwwconfig-common package, leading to installations problems. Thisupdate addresses this issue. For reference, the text of the originaladvisory is provided below.Several remote vulnerabilities have been discovered in Moodle, acourse management system. The Common Vulnerabilities and Exposuresproject identifies the following problems:

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2116-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffOctober 12, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : popplerVulnerability : severalProblem type : local(remote)Debian-specific: noCVE Id(s) : CVE-2010-3702 CVE-2010-3704Debian Bug : 599165Joel Voss of Leviathan Security Group discovered two vulnerabilities inthe Poppler PDF rendering library, which may lead to the execution ofarbitrary code if a malformed PDF file is opened.- ------------------------------------------------------------------------Debian Security Advisory DSA-2120-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerOctober 12, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : postgresql-8.3Vulnerability : privilege escalationProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-3433Tim Bunce discovered that PostgreSQL, a database server software, doesnot properly separate interpreters for server-side stored procedureswhich run in different security contexts. As a result, non-privilegedauthenticated database users might gain additional privileges.Note that this security update may impact intended communication throughglobal variables between stored procedures. It might be necessary toconvert these functions to run under the plperlu or pltclu languages,with database superuser privileges.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2121-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerOctober 19, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : typo3-srcVulnerability : severalProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-3714 CVE-2010-3715 CVE-2010-3716 CVE-2010-3717Several remote vulnerabilities have been discovered in TYPO3. TheCommon Vulnerabilities and Exposures project identifies the followingproblems:CVE-2010-3714 Multiple remote file disclosure vulnerabilities in the jumpUrl mechanism and the Extension Manager allowed attackers to read files with the privileges of the account under which the web server was running.CVE-2010-3715 The TYPO3 backend contained several cross-site scripting vulnerabilities, and the RemoveXSS function did not filter all Javascript code.CVE-2010-3716 Malicious editors with user creation permission could escalate their privileges by creating new users in arbitrary groups, due to lack of input validation in the taskcenter. CVE-2010-3717 TYPO3 exposed a crasher bug in the PHP filter_var function, enabling attackers to cause the web server process to crash and thus consume additional system resources.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2122-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerOctober 22, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : glibcVulnerability : missing input sanitizationProblem type : localDebian-specific: noCVE Id(s) : CVE-2010-3847 CVE-2010-3856Debian Bug : 600667Ben Hawkes and Tavis Ormandy discovered that the dynamic loader in GNUlibc allows local users to gain root privileges using a craftedLD_AUDIT environment variable.

Link to comment
Share on other sites

  • 2 weeks later...
V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2124-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerNovember 01, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : xulrunnerVulnerability : severalProblem type : local (remote)Debian-specific: noCVE Id(s) : CVE-2010-3765 CVE-2010-3174 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3183Several vulnerabilities have been discovered in Xulrunner, thecomponent that provides the core functionality of Iceweasel, Debian'svariant of Mozilla's browser technology.=====- ------------------------------------------------------------------------Debian Security Advisory DSA-2123-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerNovember 01, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : nssVulnerability : severalProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-3170 CVE-2010-3173Several vulnerabilities have been discovered in Mozilla's NetworkSecurity Services (NSS) library.

Link to comment
Share on other sites

  • 2 weeks later...
V.T. Eric Layton

------------------------------------------------------------------------Debian Security Advisory DSA-2038-3 security@debian.orghttp://www.debian.org/security/ Thijs KinkhorstNovember 13, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : pidginVulnerability : severalProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-0420 CVE-2010-0423Debian Bug : 566775 579601The packages for Pidgin released as DSA 2038-2 had a regression, as theyunintentionally disabled the Silc, Simple, and Yahoo instant messagingprotocols. This update restore that functionality.

Link to comment
Share on other sites

  • 2 weeks later...
V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2125-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschNovember 22, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : opensslVulnerability : buffer overflowProblem type : remoteDebian-specific: noDebian Bug : 603709CVE Id(s) : CVE-2010-3864A flaw has been found in the OpenSSL TLS server extension code parsingwhich on affected servers can be exploited in a buffer overrun attack.This allows an attacker to cause an appliation crash or potentially toexecute arbitrary code.However, not all OpenSSL based SSL/TLS servers are vulnerable: A serveris vulnerable if it is multi-threaded and uses OpenSSL's internal cachingmechanism. In particular the Apache HTTP server (which never uses OpenSSLinternal caching) and Stunnel (which includes its own workaround) are NOTaffected.This upgrade fixes this issue. After the upgrade, any services using theopenssl libraries need to be restarted. The checkrestart script from thedebian-goodies package or lsof can help to find out which services needto be restarted.A note to users of the tor packages from the Debian backports or Debianvolatile: This openssl update causes problems with some versions of tor.You need to update to tor 0.2.1.26-4~bpo50+1 or 0.2.1.26-1~lennyvolatile2,respectively. The tor package version 0.2.0.35-1~lenny2 from Debian stableis not affected by these problems.

Link to comment
Share on other sites

V.T. Eric Layton

- ----------------------------------------------------------------------Debian Security Advisory DSA-2126-1 security@debian.orghttp://www.debian.org/security/ dann frazierNovember 26, 2010 http://www.debian.org/security/faq- ----------------------------------------------------------------------Package : linux-2.6Vulnerability : privilege escalation/denial of service/information leakProblem type : local/remoteDebian-specific: noCVE Id(s) : CVE-2010-2963 CVE-2010-3067 CVE-2010-3296 CVE-2010-3297 CVE-2010-3310 CVE-2010-3432 CVE-2010-3437 CVE-2010-3442 CVE-2010-3448 CVE-2010-3477 CVE-2010-3705 CVE-2010-3848 CVE-2010-3849 CVE-2010-3850 CVE-2010-3858 CVE-2010-3859 CVE-2010-3873 CVE-2010-3874 CVE-2010-3875 CVE-2010-3876 CVE-2010-3877 CVE-2010-3880 CVE-2010-4072 CVE-2010-4073 CVE-2010-4074 CVE-2010-4078 CVE-2010-4079 CVE-2010-4080 CVE-2010-4081 CVE-2010-4083 CVE-2010-4164Read the entire security notice here --> http://www.debian.org/security/2010/dsa-2126

Link to comment
Share on other sites

V.T. Eric Layton

-------------------------------------------------------------------------The Debian Project http://www.debian.org/Updated Debian GNU/Linux: 5.0.7 released press@debian.orgNovember 27th, 2010 http://www.debian.org/News/2010/20101127-------------------------------------------------------------------------Updated Debian GNU/Linux: 5.0.7 releasedRead more about it here --> http://www.debian.org/News/2010/20101127

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2127-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschNovember 28, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : wiresharkVulnerability : denial of serviceProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-3445A flaw has been found in wireshark, a network protocol analyzer.It was found that the ASN.1 BER dissector was susceptible to a stackoverflow, causing the application to crash.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2128-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoDecember 01, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : libxml2Vulnerability : invalid memory accessProblem type : local (remote)Debian-specific: noCVE ID : CVE-2010-4008Bui Quang Minh discovered that libxml2, a library for parsing andhandling XML data files, does not well process a malformed XPATH,causing crash and allowing arbitrary code execution.=====- ------------------------------------------------------------------------Debian Security Advisory DSA-2129-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschDecember 1, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : krb5Vulnerability : checksum verification weaknessProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-1323A vulnerability has been found in krb5, the MIT implementation ofKerberos.MIT krb5 clients incorrectly accept an unkeyed checksums in the SAM-2preauthentication challenge: An unauthenticated remote attacker couldalter a SAM-2 challenge, affecting the prompt text seen by the user orthe kind of response sent to the KDC. Under some circumstances, thiscan negate the incremental security benefit of using a single-useauthentication mechanism token.MIT krb5 incorrectly accepts RFC 3961 key-derivation checksums usingRC4 keys when verifying KRB-SAFE messages: An unauthenticated remoteattacker has a 1/256 chance of forging KRB-SAFE messages in anapplication protocol if the targeted pre-existing session uses an RC4session key. Few application protocols use KRB-SAFE messages.The Common Vulnerabilities and Exposures project has assignedCVE-2010-1323 to these issues.

Link to comment
Share on other sites

  • 2 weeks later...
V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2131-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschDecember 10, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : exim4Vulnerability : arbitrary code executionProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-4344Several vulnerabilities have been found in exim4 that allow a remoteattacker to execute arbitrary code as root user. Exploits for theseissues have been seen in the wild.This update fixes a memory corruption issue that allows a remoteattacker to execute arbitrary code as the Debian-exim user(CVE-2010-4344).A fix for an additional issue that allows the Debian-exim user toobtain root privileges (CVE-2010-4345) is currently being checked forcompatibility issues. It is not yet included in this upgrade but willreleased soon in an update to this advisory.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2130-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerDecember 10, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : bind9Vulnerability : severalProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-3762 CVE-2010-3614 CVE-2010-3613Several remote vulnerabilities have been discovered in BIND, animplementation of the DNS protocol suite. The Common Vulnerabilitiesand Exposures project identifies the following problems:CVE-2010-3762 When DNSSEC validation is enabled, BIND does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (server crash) via a DNS query.CVE-2010-3614 BIND does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which may lead to zone unavailability during rollovers.CVE-2010-3613 BIND does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (server crash) via a query for cached data.In addition, this security update improves compatibility withpreviously installed versions of the bind9 package. As a result, itis necessary to initiate the update with "apt-get dist-upgrade"instead of "apt-get update".

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2132-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffDecember 11, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : xulrunnerVulnerability : severalProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2010-3776 CVE-2010-3778 CVE-2010-3769 CVE-2010-3771 CVE-2010-3772 CVE-2010-3775 CVE-2010-3767 CVE-2010-3773 CVE-2010-3770Several remote vulnerabilities have been discovered in Xulrunner, aruntime environment for XUL applications. The Common Vulnerabilitiesand Exposures project identifies the following problems:For the stable distribution (lenny), these problems have been fixed inversion 1.9.0.19-7.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2133-1 security@debian.orghttp://www.debian.org/security/ Raphael GeissertDecember 13, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : collectdVulnerability : denial of serviceProblem type : remoteDebian-specific: noCVE Id : CVE-2010-4336Debian Bug : 605092It was discovered that collectd, a statistics collection and monitoringdaemon, is prone to a denial of service attach via a crafted networkpacket.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2134-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffDecember 18th, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Traditionally Debian security advisories have included MD5 check sumsof the updated packages. This was introduced at a time when apt didn'texist yet and BIND was at version 4.Since apt cryptographically enforces the integrity of the archive forquite some time now, we've decided to finally drop the hash valuesfrom our advisory mails.We'll also change some details of the advisory format in the upcomingmonths.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2135-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffDecember 21, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : xpdfVulnerability : severalProblem type : local(remote)Debian-specific: noCVE Id(s) : CVE-2010-3702 CVE-2010-3704Joel Voss of Leviathan Security Group discovered two vulnerabilitiesin xpdf rendering engine, which may lead to the execution of arbitrarycode if a malformed PDF file is opened.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2136-1 security@debian.orghttp://www.debian.org/security/ Raphael GeissertDecember 21, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : torVulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE Id : CVE-2010-1676Willem Pinckaers discovered that Tor, a tool to enable online anonymity,does not correctly handle all data read from the network. By supplyingspecially crafted packets a remote attacker can cause Tor to overflow itsheap, crashing the process. Arbitrary code execution has not beenconfirmed but there is a potential risk.In the stable distribution (lenny), this update also includes an update ofthe IP address for the Tor directory authority gabelmoo and addressesa weakness in the package's postinst maintainer script.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2137-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffDecember 26, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : libxml2Vulnerability : severalProblem type : local(remote)Debian-specific: noCVE Id(s) : CVE-2010-4494Yang Dingning discovered a double free in libxml's Xpath processing, which might allow the execution of arbitrary code.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2138-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoDecember 29, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : wordpressVulnerability : sql injectionProblem type : remoteDebian-specific: noCVE ID : CVE-2010-4257Vladimir Kolesnikov discovered a SQL injection vulnerability in wordpress,a weblog manager.An authenticated users could execute arbitrary SQL commands via the SendTrackbacks field.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2139-1 security@debian.orghttp://www.debian.org/security/ Thijs KinkhorstDecember 31, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : phpmyadminVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2010-4329 CVE-2010-4480 CVE-2010-4481Several vulnerabilities have been discovered in phpMyAdmin, a toolto administer MySQL over the web. The Common Vulnerabilities and Exposuresproject identifies the following problems:CVE-2010-4329 Cross site scripting was possible in search, that allowed a remote attacker to inject arbitrary web script or HTML.CVE-2010-4480 Cross site scripting was possible in errors, that allowed a remote attacker to inject arbitrary web script or HTML.CVE-2010-4481 Display of PHP's phpinfo() function was available to world, but only if this functionality had been enabled (defaults to off). This may leak some information about the host system.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2140-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 05, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : libapache2-mod-fcgidVulnerability : stack overflowProblem type : localDebian-specific: noCVE ID : CVE-2010-3872A vulnerability has been found in Apache mod_fcgid.The Common Vulnerabilities and Exposures project identifies thefollowing problem:CVE-2010-3872 A stack overflow could allow an untrusted FCGI application to cause a server crash or possibly to execute arbitrary code as the user running the web server.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2141-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 06, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : opensslVulnerability : SSL/TLS insecure renegotiation protocol design flawProblem type : remoteDebian-specific: noCVE ID : CVE-2009-3555 CVE-2010-4180Debian Bug : 555829CVE-2009-3555:Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLSand SSLv3 protocols. If an attacker could perform a man in the middleattack at the start of a TLS connection, the attacker could injectarbitrary content at the beginning of the user's session. This updateadds backported support for the new RFC5746 renegotiation extensionwhich fixes this issue.If openssl is used in a server application, it will by default nolonger accept renegotiation from clients that do not support theRFC5746 secure renegotiation extension. A separate advisory will addRFC5746 support for nss, the security library used by the iceweaselweb browser. For apache2, there will be an update which allows tore-enable insecure renegotiation.This version of openssl is not compatible with older versions of tor.You have to use at least tor version 0.2.1.26-1~lenny+1, which hasbeen included in the point release 5.0.7 of Debian stable.Currently we are not aware of other software with similar compatibilityproblems.CVE-2010-4180: In addition, this update fixes a flaw that allowed a client to bypassrestrictions configured in the server for the used cipher suite.======- ------------------------------------------------------------------------Debian Security Advisory DSA-2141-2 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 06, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : nssVulnerability : SSL/TLS insecure renegotiation protocol design flawProblem type : remoteDebian-specific: noCVE ID : CVE-2009-3555CVE-2009-3555:Marsh Ray, Steve Dispensa, and Martin Rex discovered a flaw in the TLSand SSLv3 protocols. If an attacker could perform a man in the middleattack at the start of a TLS connection, the attacker could injectarbitrary content at the beginning of the user's session. This updateadds backported support for the new RFC5746 renegotiation extensionwhich fixes this issue.The updated libraries allow to use shell environment variables toconfigure if insecure renegotiation is still allowed. The syntax ofthese environment variables is described in the release notes toversion 3.12.6 of nss: https://developer.mozilla.org/NSS_3.12.6_release_notesHowever, the default behaviour for nss in Debian 5.0 (Lenny) is NSS_SSL_ENABLE_RENEGOTIATION=3, which allows clients to continue torenegotiate with vulnerable servers.======- ------------------------------------------------------------------------Debian Security Advisory DSA-2141-3 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 06, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : apache2Vulnerability : backward compatibility option for SSL/TLS insecure renegotiationProblem type : remoteDebian-specific: noCVE ID : CVE-2009-3555Debian Bug : 587037DSA-2141-1 changed the behaviour of the openssl libraries in a serverenvironment to only allow SSL/TLS renegotiation for clients thatsupport the RFC5746 renegotiation extension. This update to apache2adds the new SSLInsecureRenegotiation configuration option that allowsto restore support for insecure clients. More information can be foundin the file /usr/share/doc/apache2.2-common/NEWS.Debian.gz .======- -------------------------------------------------------------------------Debian Security Advisory DSA-2142-1 security@debian.orghttp://www.debian.org/security/ Raphael GeissertJanuary 06, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : dpkgVulnerability : directory traversalProblem type : localDebian-specific: noCVE ID : CVE-2010-1679Jakub Wilk discovered that the dpkg-source component of dpkg, the Debianpackage management system, doesn't correctly handle paths in patches ofsource packages, which could make it traverse directories.Raphaël Hertzog additionally discovered that symbolic links in the .pcdirectory are followed, which could make it traverse directories too.Both issues only affect source packages using the "3.0 quilt" format atunpack-time.

Link to comment
Share on other sites

V.T. Eric Layton

- -------------------------------------------------------------------------Debian Security Advisory DSA-2122-2 security@debian.orghttp://www.debian.org/security/ Florian WeimerJanuary 11, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : glibcVulnerability : missing input sanitizationProblem type : localDebian-specific: noCVE ID : CVE-2010-3847 CVE-2010-3856Colin Watson discovered that the update for stable relased inDSA-2122-1 did not complete address the underlying security issue inall possible scenarios.

Link to comment
Share on other sites

V.T. Eric Layton

- ------------------------------------------------------------------------Debian Security Advisory DSA-2141-4 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 12, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : lighttpdVulnerability : compatibility problem with updated opensslDebian-specific: noCVE ID : CVE-2009-3555Debian Bug : 609124The openssl update in DSA-2141-1 caused a regression in lighttpd. Dueto a bug in lighttpd, the server fails to start in some configurationsif using the updated openssl libraries. This update fixes this problem.

Link to comment
Share on other sites

V.T. Eric Layton

- -------------------------------------------------------------------------Debian Security Advisory DSA-2143-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoJanuary 14, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : mysql-dfsg-5.0Vulnerability : several vulnerabilitiesProblem type : remoteDebian-specific: noCVE ID : CVE-2010-3677 CVE-2010-3680 CVE-2010-3681 CVE-2010-3682 CVE-2010-3833 CVE-2010-3834 CVE-2010-3835 CVE-2010-3836 CVE-2010-3837 CVE-2010-3838 CVE-2010-3840Several vulnerabilities have been discovered in the MySQLdatabase server.The Common Vulnerabilities and Exposures project identifies thefollowing problems:CVE-2010-3677 It was discovered that MySQL allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.CVE-2010-3680 It was discovered that MySQL allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables while using InnoDB, which triggers an assertion failure.CVE-2010-3681 It was discovered that MySQL allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.CVE-2010-3682 It was discovered that MySQL incorrectly handled use of EXPLAIN with certain queries. An authenticated user could crash the server.CVE-2010-3833 It was discovered that MySQL incorrectly handled propagation during evaluation of arguments to extreme-value functions. An authenticated user could crash the server.CVE-2010-3834 It was discovered that MySQL incorrectly handled materializing a derived table that required a temporary table for grouping. An authenticated user could crash the server.CVE-2010-3835 It was discovered that MySQL incorrectly handled certain user-variable assignment expressions that are evaluated in a logical expression context. An authenticated user could crash the server.CVE-2010-3836 It was discovered that MySQL incorrectly handled pre-evaluation of LIKE predicates during view preparation. An authenticated user could crash the server.CVE-2010-3837 It was discovered that MySQL incorrectly handled using GROUP_CONCAT() and WITH ROLLUP together. An authenticated user could crash the server.CVE-2010-3838 It was discovered that MySQL incorrectly handled certain queries using a mixed list of numeric and LONGBLOB arguments to the GREATEST() or LEAST() functions. An authenticated user could crash the server.CVE-2010-3840 It was discovered that MySQL incorrectly handled improper WKB data passed to the PolyFromWKB() function. An authenticated user could crash the server.

Link to comment
Share on other sites

V.T. Eric Layton

- -------------------------------------------------------------------------Debian Security Advisory DSA-2144-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffJanuary 15, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : wiresharkVulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE ID : CVE-2010-4538It was discovered that a buffer overflow in the ENTTEC dissector may lead to the execution of arbitrary code.

Link to comment
Share on other sites

V.T. Eric Layton

- -------------------------------------------------------------------------Debian Security Advisory DSA-2145-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffJanuary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : libsmiVulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE ID : CVE-2010-2891Andres Lopez Luksenberg discovered a buffer overflow in the OID parserof libsmi, a library to access SMI MIB data.

Link to comment
Share on other sites

×
×
  • Create New...