1536 replies to this topic

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4379-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 01, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : golang-1.7
CVE ID         : CVE-2018-7187 CVE-2019-6486

A vulnerability was discovered in the implementation of the P-521 and
P-384 elliptic curves, which could result in denial of service and in
some cases key recovery.

In addition this update fixes a vulnerability in "go get", which could
result in the execution of arbitrary shell commands.

For the stable distribution (stretch), these problems have been fixed in
version 1.7.4-2+deb9u1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4380-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 01, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : golang-1.8
CVE ID         : CVE-2018-6574 CVE-2018-7187 CVE-2019-6486

A vulnerability was discovered in the implementation of the P-521 and
P-384 elliptic curves, which could result in denial of service and in
some cases key recovery.

In addition this update fixes two vulnerabilities in "go get", which
could result in the execution of arbitrary shell commands.

For the stable distribution (stretch), these problems have been fixed in
version 1.8.1-1+deb9u1.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4381-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 02, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreoffice
CVE ID         : CVE-2018-16858

Alex Infuehr discovered a directory traversal vulnerability which could
result in the execution of Python script code when opening a malformed
document.

For the stable distribution (stretch), this problem has been fixed in
version 1:5.2.7-1+deb9u5. In addition this update fixes a bug in the
validation of signed PDFs; it would display an incomplete status message
when dealing with a partial signature.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4382-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 02, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : rssh
CVE ID         : CVE-2019-3463 CVE-2019-3464

Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell
that allows users to perform only scp, sftp, cvs, svnserve (Subversion),
rdist and/or rsync operations. Missing validation in the rsync support
could result in the bypass of this restriction, allowing the execution
of arbitrary shell commands.

For the stable distribution (stretch), these problems have been fixed in
version 2.3.4-5+deb9u2.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4383-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 03, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libvncserver
CVE ID         : CVE-2018-6307 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019
                 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023
                 CVE-2018-20024
Debian Bug     : 916941

Pavel Cheremushkin discovered several vulnerabilities in libvncserver, a
library to implement VNC server/client functionalities, which might result in
the execution of arbitrary code, denial of service or information disclosure.

For the stable distribution (stretch), these problems have been fixed in
version 0.9.11+dfsg-1.3~deb9u1.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4384-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 04, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libgd2
CVE ID         : CVE-2019-6977 CVE-2019-6978
Debian Bug     : 920645 920728

Multiple vulnerabilities have been discovered in libgd2, a library for
programmatic graphics creation and manipulation, which may result in
denial of service or potentially the execution of arbitrary code if a
malformed file is processed.

For the stable distribution (stretch), these problems have been fixed in
version 2.2.4-2+deb9u4.


- -------------------------------------------------------------------------
Debian Security Advisory DSA-4385-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 05, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : dovecot
CVE ID         : CVE-2019-3814

halfdog discovered an authentication bypass vulnerability in the Dovecot
email server. Under some configurations Dovecot mistakenly trusts the
username provided via authentication instead of failing. If there is no
additional password verification, this allows the attacker to login as
anyone else in the system. Only installations using:

        auth_ssl_require_client_cert = yes
        auth_ssl_username_from_cert = yes

are affected by this flaw.

For the stable distribution (stretch), this problem has been fixed in
version 1:2.2.27-3+deb9u3.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4386-1                   security@debian.org
https://www.debian.org/security/                       Alessandro Ghedini
February 06, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : curl
CVE ID         : CVE-2018-16890 CVE-2019-3822 CVE-2019-3823

Multiple vulnerabilities were discovered in cURL, an URL transfer library.

CVE-2018-16890

    Wenxiang Qian of Tencent Blade Team discovered that the function
    handling incoming NTLM type-2 messages does not validate incoming
    data correctly and is subject to an integer overflow vulnerability,
    which could lead to an out-of-bounds buffer read.

CVE-2019-3822

    Wenxiang Qian of Tencent Blade Team discovered that the function
    creating an outgoing NTLM type-3 header is subject to an integer
    overflow vulnerability, which could lead to an out-of-bounds write.

CVE-2019-3823

    Brian Carpenter of Geeknik Labs discovered that the code handling
    the end-of-response for SMTP is subject to an out-of-bounds heap
    read.

For the stable distribution (stretch), these problems have been fixed in
version 7.52.1-5+deb9u9.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4387-1                   security@debian.org
https://www.debian.org/security/                        Yves-Alexis Perez
February 09, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openssh
CVE ID         : CVE-2018-20685 CVE-2019-6109 CVE-2019-6111
Debian Bug     : 793412 919101

Harry Sintonen from F-Secure Corporation discovered multiple vulnerabilities in
OpenSSH, an implementation of the SSH protocol suite. All the vulnerabilities
are in found in the scp client implementing the SCP protocol.

CVE-2018-20685

    Due to improper directory name validation, the scp client allows servers to
    modify permissions of the target directory by using empty or dot directory
    name.

CVE-2019-6109

    Due to missing character encoding in the progress display, the object name
    can be used to manipulate the client output, for example to employ ANSI
    codes to hide additional files being transferred.

CVE-2019-6111

    Due to scp client insufficient input validation in path names sent by
    server, a malicious server can do arbitrary file overwrites in target
    directory. If the recursive (-r) option is provided, the server can also
    manipulate subdirectories as well.
    .
    The check added in this version can lead to regression if the client and
    the server have differences in wildcard expansion rules. If the server is
    trusted for that purpose, the check can be disabled with a new -T option to
    the scp client.

For the stable distribution (stretch), these problems have been fixed in
version 1:7.4p1-10+deb9u5.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4388-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 10, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mosquitto
CVE ID         : CVE-2018-12546 CVE-2018-12550 CVE-2018-12551

Three vulnerabilities were discovered in the Mosquitto MQTT broker, which
could result in authentication bypass. Please refer to
https://mosquitto.or...1-5-6-released/ for additional
information.

For the stable distribution (stretch), these problems have been fixed in
version 1.4.10-3+deb9u3.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4389-1                   security@debian.org
https://www.debian.org/security/                       Sebastien Delafond
February 11, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libu2f-host
CVE ID         : CVE-2018-20340
Debian Bug     : 921725

Christian Reitter discovered that libu2f-host, a library implementing
the host-side of the U2F protocol, failed to properly check for a
buffer overflow. This would allow an attacker with a custom made
malicious USB device masquerading as a security key, and physical
access to a computer where PAM U2F or an application with libu2f-host
integrated, to potentially execute arbitrary code on that computer.

For the stable distribution (stretch), this problem has been fixed in
version 1.1.2-2+deb9u1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4377-2                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 11, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : rssh
Debian Bug     : 921655

The update for rssh issued as DSA 4377-1 introduced a regression that
blocked scp of multiple files from a server using rssh. Updated packages
are now available to correct this issue.

For the stable distribution (stretch), this problem has been fixed in
version 2.3.4-5+deb9u3.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4390-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 12, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : flatpak
CVE ID         : not yet available
Debian Bug     : 922059

It was discovered that Flatpak, an application deployment framework for
desktop apps, insufficiently restricted the execution of "apply_extra"
scripts which could potentially result in privilege escalation.

For the stable distribution (stretch), this problem has been fixed in
version 0.8.9-0+deb9u2.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4391-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 14, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2018-18356 CVE-2019-5785

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code.

For the stable distribution (stretch), these problems have been fixed in
version 60.5.1esr-1~deb9u1.

[sunrat]

------------------------------------------------------------------------
The Debian Project    https://www.debian.org/
Updated Debian 9: 9.8 released   press@debian.org
February 16th, 2019     https://www.debian.o...s/2019/20190216
------------------------------------------------------------------------


The Debian project is pleased to announce the eighth update of its
stable distribution Debian 9 (codename "stretch"). This point release
mainly adds corrections for security issues, along with a few
adjustments for serious problems. Security advisories have already been
published separately and are referenced where available.

Please note that the point release does not constitute a new version of
Debian 9 but only updates some of the packages included. There is no
need to throw away old "stretch" media. After installation, packages can
be upgraded to the current versions using an up-to-date Debian mirror.

Those who frequently install updates from security.debian.org won't have
to update many packages, and most such updates are included in the point
release.

New installation images will be available soon at the regular locations.

The complete lists of packages that have changed with this revision:

http://ftp.debian.or...retch/ChangeLog



- -------------------------------------------------------------------------
Debian Security Advisory DSA-4392-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 16, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2018-18356 CVE-2018-18500 CVE-2018-18501
                 CVE-2018-18505 CVE-2018-18509 CVE-2019-5785

Multiple security issues have been found in the Thunderbird mail client,
which could lead to the execution of arbitrary code, denial of service
or spoofing of S/MIME signatures.

For the stable distribution (stretch), these problems have been fixed in
version 1:60.5.1-1~deb9u1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4388-2                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 17, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : mosquitto
Debian Bug     : 922071

Kushal Kumaran reported that the update for mosquitto issued as DSA
4388-1 causes mosquitto to crash when reloading the persistent database.
Updated packages are now available to correct this issue.

For the stable distribution (stretch), this problem has been fixed in
version 1.4.10-3+deb9u4.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4393-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
February 18, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : systemd
CVE ID         : CVE-2019-6454

Chris Coulson discovered a flaw in systemd leading to denial of service.
An unprivileged user could take advantage of this issue to crash PID1 by
sending a specially crafted D-Bus message on the system bus.

For the stable distribution (stretch), this problem has been fixed in
version 232-25+deb9u9.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4394-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 18, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : rdesktop
CVE ID         : CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794
                 CVE-2018-8795 CVE-2018-8796 CVE-2018-8797 CVE-2018-8798
                 CVE-2018-8799 CVE-2018-8800 CVE-2018-20174
CVE-2018-20175 CVE-2018-20176 CVE-2018-20177
CVE-2018-20178 CVE-2018-20179 CVE-2018-20180
CVE-2018-20181 CVE-2018-20182

Multiple security issues were found in the rdesktop RDP client, which
could result in denial of service, information disclosure and the
execution of arbitrary code.

For the stable distribution (stretch), these problems have been fixed in
version 1.8.4-1~deb9u1.

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4395-1                   security@debian.org
https://www.debian.org/security/                          Michael Gilbert
February 18, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : chromium
CVE ID         : CVE-2018-17481 CVE-2019-5754 CVE-2019-5755 CVE-2019-5756
                 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760
                 CVE-2019-5762 CVE-2019-5763 CVE-2019-5764 CVE-2019-5765
                 CVE-2019-5766 CVE-2019-5767 CVE-2019-5768 CVE-2019-5769
                 CVE-2019-5770 CVE-2019-5772 CVE-2019-5773 CVE-2019-5774
                 CVE-2019-5775 CVE-2019-5776 CVE-2019-5777 CVE-2019-5778
                 CVE-2019-5779 CVE-2019-5780 CVE-2019-5781 CVE-2019-5782
                 CVE-2019-5783 CVE-2019-5784

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2018-17481

    A use-after-free issue was discovered in the pdfium library.

CVE-2019-5754

    Klzgrad discovered an error in the QUIC networking implementation.

CVE-2019-5755

    Jay Bosamiya discovered an implementation error in the v8 javascript
    library.

CVE-2019-5756

    A use-after-free issue was discovered in the pdfium library.

CVE-2019-5757

    Alexandru Pitis discovered a type confusion error in the SVG image
    format implementation.

CVE-2019-5758

    Zhe Jin discovered a use-after-free issue in blink/webkit.

CVE-2019-5759

    Almog Benin discovered a use-after-free issue when handling HTML pages
    containing select elements.

CVE-2019-5760

    Zhe Jin discovered a use-after-free issue in the WebRTC implementation.

CVE-2019-5762

    A use-after-free issue was discovered in the pdfium library.

CVE-2019-5763

    Guang Gon discovered an input validation error in the v8 javascript
    library.

CVE-2019-5764

    Eyal Itkin discovered a use-after-free issue in the WebRTC implementation.

CVE-2019-5765

    Sergey Toshin discovered a policy enforcement error.

CVE-2019-5766

    David Erceg discovered a policy enforcement error.

CVE-2019-5767

     Haoran Lu, Yifan Zhang, Luyi Xing, and Xiaojing Liao reported an error
     in the WebAPKs user interface.

CVE-2019-5768

    Rob Wu discovered a policy enforcement error in the developer tools.

CVE-2019-5769

    Guy Eshel discovered an input validation error in blink/webkit.

CVE-2019-5770

    hemidallt discovered a buffer overflow issue in the WebGL implementation.

CVE-2019-5772

    Zhen Zhou discovered a use-after-free issue in the pdfium library.

CVE-2019-5773

    Yongke Wong discovered an input validation error in the IndexDB
    implementation.

CVE-2019-5774

    Jnghwan Kang and Juno Im discovered an input validation error in the
    SafeBrowsing implementation.

CVE-2019-5775

    evil1m0 discovered a policy enforcement error.

CVE-2019-5776

    Lnyas Zhang discovered a policy enforcement error.

CVE-2019-5777

    Khalil Zhani discovered a policy enforcement error.

CVE-2019-5778

    David Erceg discovered a policy enforcement error in the Extensions
    implementation.

CVE-2019-5779

    David Erceg discovered a policy enforcement error in the ServiceWorker
    implementation.

CVE-2019-5780

    Andreas Hegenberg discovered a policy enforcement error.

CVE-2019-5781

    evil1m0 discovered a policy enforcement error.

CVE-2019-5782

    Qixun Zhao discovered an implementation error in the v8 javascript library.

CVE-2019-5783

    Shintaro Kobori discovered an input validation error in the developer
    tools.

CVE-2019-5784

    Lucas Pinheiro discovered an implementation error in the v8 javascript
    library.

For the stable distribution (stretch), these problems have been fixed in
version 72.0.3626.96-1~deb9u1.

[sunrat]

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4396-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 19, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ansible
CVE ID         : CVE-2018-10855 CVE-2018-10875 CVE-2018-16837 CVE-2018-16876
                 CVE-2019-3828

Several vulnerabilities have been found in Ansible, a configuration
management, deployment, and task execution system:

CVE-2018-10855 / CVE-2018-16876

    The no_log task flag wasn't honored, resulting in an information leak.

CVE-2018-10875

    ansible.cfg was read from the current working directory.

CVE-2018-16837

    The user module leaked parameters passed to ssh-keygen to the process
    environment.

CVE-2019-3828

    The fetch module was susceptible to path traversal.

For the stable distribution (stretch), these problems have been fixed in
version 2.2.1.0-2+deb9u1.