Articles / Debian

All articles tagged with Debian

June 09, 2012 16:21 Debian: Security update for sympa

0

Several vulnerabilities have been discovered in Sympa, a mailing list manager, that allow to skip the scenario-based authorization mechanisms. This vulnerability allows to display the archives management page, and download and delete the list archives by unauthorized users. Updated packages are available from security.debian.org.

June 09, 2012 16:20 Debian: Security update for pidgin-otr

0

intrigeri discovered a format string error in pidgin-otr, an off-the-record messaging plugin for Pidgin. This could be exploited by a remote attacker to cause arbitrary code to be executed on the user’s machine. Updated packages are available from security.debian.org.

June 09, 2012 16:19 Debian: Security update for OpenSSL

0

It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service (application crash.) Updated packages are available from security.debian.org.

June 07, 2012 10:51 Debian: Security update for ikiwiki

0

Raúl Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks. Updated packages are available from security.debian.org.

June 07, 2012 10:50 Debian: Security update for OpenOffice.org

0

Tielei Wang discovered that OpenOffice.org does not allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution. Updated packages are available from security.debian.org.

June 07, 2012 10:47 Debian: Security update for Grid Engine

0

Dave Love discovered that users who are allowed to submit jobs to a Grid Engine installation can escalate their privileges to root because the environment is not properly sanitized before creating processes. Updated packages are available from security.debian.org.

June 05, 2012 08:13 Debian: Security update for ffmpeg

0

Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code. Updated packages are available from security.debian.org.

June 05, 2012 08:12 Debian: Security update for Wordpress

0

Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches. Updated packages are available from security.debian.org.

June 05, 2012 08:10 Debian: Security update for Linux

0

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. Eric Sandeen reported an issue in the journaling layer for EXT4 filesystems (jbd2). Local users can cause buffers to be accessed after they have been torn down, resulting in a denial of service (DoS) due to a system crash. Louis Rilling reported two reference counting issues in the CLONE_IO feature of the kernel. Local users can prevent io context structures from being freed, resulting in a denial of service.

Michael Ellerman reported an issue in the KVM subsystem. Local users could cause a denial of service (NULL pointer dereference) by creating VCPUs before a call to KVM_CREATE_IRQCHIP. Steve Grubb reported in an issue in fcaps, a filesystem-based capabilities system. Personality flags set using this mechanism, such as the disabling of address space randomization, may persist across suid calls. Shachar Raindel discovered a use-after-free bug in the hugepages quota implementation. Local users with permission to use hugepages via the hugetlbfs implementation may be able to cause a denial of service (system crash).

Updated packages are available from security.debian.org.

June 03, 2012 15:18 Debian: Security update for libjakarta-poi-java

0

It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine. Updated packages are available from security.debian.org.

June 03, 2012 15:17 Debian: Security update for Mahara

0

It was discovered that Mahara, the portfolio, weblog, and resume builder, had an insecure default with regards to SAML-based authentication used with more than one SAML identity provider. Someone with control over one IdP could impersonate users from other IdP’s. Updated packages are available from security.debian.org.

June 03, 2012 15:16 Debian: Security update for Rails

0

Sergey Nartimov discovered that in Rails, a Ruby based framework for web development, when developers generate html options tags manually, user input concatenated with manually built tags may not be escaped and an attacker can inject arbitrary HTML into the document. Updated packages are available from security.debian.org.

May 31, 2012 08:50 Debian: Security update for PHP

0

De Eindbazen discovered that PHP, when run with mod_cgi, will interpret a query string as command line parameters, allowing to execute arbitrary code. Updated packages are available from security.debian.org.

May 29, 2012 04:57 Debian: Security update for Icedove

0

Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. Security researchers discovered memory corruption bugs, which may lead to the execution of arbitrary code. Atte Kettunen discovered that a memory corruption bug in gfxImageSurface may lead to the execution of arbitrary code.

Anne van Kesteren discovered that incorrect multibyte octet decoding may lead to cross-site scripting. Masato Kinugawa discovered that incorrect encoding of Korean and Chinese character sets may lead to cross-site scripting. Jeroen van der Gun discovered a spoofing vulnerability in the presentation of Atom and RSS feeds over HTTPS.

Updated packages are available from security.debian.org.

May 25, 2012 06:51 Debian: Security update for samba

0

Ivano Cristofolini discovered that insufficient security checks in Samba’s handling of LSA RPC calls could lead to privilege escalation by gaining the “take ownership” privilege. Updated packages are available from security.debian.org.

May 23, 2012 07:09 Debian: Security update for ImageMagick

0

Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service. Updated packages are available from security.debian.org.

May 23, 2012 07:00 Debian: Security update for SPIP

0

Several vulnerabilities have been found in SPIP, a website engine for publishing, resulting in cross-site scripting, script code injection and bypass of restrictions. Updated packages are available from security.debian.org.

May 21, 2012 07:46 Debian: Security update for Quagga

0

Several vulnerabilities have been discovered in Quagga, a routing daemon. A buffer overflow in the ospf_ls_upd_list_lsa function in the OSPFv2 implementation allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (aka LS Update) packet that is smaller than the length specified in its header. A buffer overflow in the OSPFv2 implementation allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for which the data-structure length is smaller than the value in the Length header field.

The BGP implementation does not properly use message buffers for OPEN messages, which allows remote attackers impersonating a configured BGP peer to cause a denial of service (assertion failure and daemon exit) via a message associated with a malformed AS4 capability.

Updated packages are available from security.debian.org.

May 21, 2012 07:45 Debian: Security update for asterisk

0

Several vulnerabilities were discovered in the Asterisk PBX and telephony toolkit. Russell Bryant discovered a buffer overflow in the Milliwatt application. David Woolley discovered a privilege escalation in the Asterisk manager interface. Russell Bryant discovered a buffer overflow in the Skinny driver.

Updated packages are available from security.debian.org.

May 19, 2012 19:11 Debian: Security update for Iceape

0

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Soroush Dalili discovered that a cross-site scripting countermeasure related to Javascript URLs could be bypassed. Atte Kettunen discovered an out of bounds read in the SVG Filters, resulting in memory disclosure. Mariusz Mlynski discovered that privileges could be escalated through a Javascript URL as the home page.

Bob Clary discovered memory corruption bugs, which may lead to the execution of arbitrary code. Security researchers discovered memory corruption bugs, which may lead to the execution of arbitrary code. Atte Kettunen discovered that a memory corruption bug in gfxImageSurface may lead to the execution of arbitrary code.

Anne van Kesteren discovered that incorrect multibyte octet encoding may lead to cross-site scripting. Masato Kinugawa discovered that incorrect encoding of Korean and Chinese character sets may lead to cross-site scripting. Jeroen van der Gun discovered a spoofing vulnerability in the presentation of Atom and RSS feeds over HTTPS.

Updated packages are available from security.debian.org.

May 17, 2012 14:30 Debian: Security update for Iceape

0

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Soroush Dalili discovered that a cross-site scripting countermeasure related to Javascript URLs could be bypassed. Atte Kettunen discovered an out of bounds read in the SVG Filters, resulting in memory disclosure. Mariusz Mlynski discovered that privileges could be escalated through a Javascript URL as the home page.

Bob Clary discovered memory corruption bugs, which may lead to the execution of arbitrary code. Security researchers discovered memory corruption bugs, which may lead to the execution of arbitrary code. Atte Kettunen discovered that a memory corruption bug in gfxImageSurface may lead to the execution of arbitrary code.

Anne van Kesteren discovered that incorrect multibyte octet encoding may lead to cross-site scripting. Masato Kinugawa discovered that incorrect encoding of Korean and Chinese character sets may lead to cross-site scripting. Jeroen van der Gun discovered a spoofing vulnerability in the presentation of Atom and RSS feeds over HTTPS.

Updated packages are available from security.debian.org.

May 17, 2012 14:27 Debian: Security update for Iceweasel

0

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. Security researchers discovered memory corruption bugs, which may lead to the execution of arbitrary code. Atte Kettunen discovered that a memory corruption bug in gfxImageSurface may lead to the execution of arbitrary code. Anne van Kesteren discovered that incorrect multibyte octet decoding may lead to cross-site scripting.

Masato Kinugawa discovered that incorrect encoding of Korean and Chinese character sets may lead to cross-site scripting. Jeroen van der Gun discovered a spoofing vulnerability in the presentation of Atom and RSS feeds over HTTPS.

Updated packages are available from security.debian.org.

May 17, 2012 14:26 Debian: Security update for Dropbear

0

Danny Fullerton discovered a use-after-free in the Dropbear SSH daemon, resulting in potential execution of arbitrary code. Exploitation is limited to users, who have been authenticated through public key authentication and for which command restrictions are in place. Updated packages are available from security.debian.org.

May 17, 2012 14:26 Debian: Security update for Dropbear

0

Danny Fullerton discovered a use-after-free in the Dropbear SSH daemon, resulting in potential execution of arbitrary code. Exploitation is limited to users, who have been authenticated through public key authentication and for which command restrictions are in place. Updated packages are available from security.debian.org.

May 13, 2012 18:55 Debian: Security update for Typo3

0

Helmut Hummel of the typo3 security team discovered that typo3, a web content management system, is not properly sanitizing output of the exception handler. This allows an attacker to conduct cross-site scripting attacks if either third-party extensions are installed that do not sanitize this output on their own or in the presence of extensions using the extbase MVC framework which accept objects to controller actions.

Updated packages are available from security.debian.org.

May 13, 2012 18:53 Debian: Security update for OpenSSL

0

Multiple vulnerabilities have been found in OpenSSL. Ivan Nestlerode discovered a weakness in the CMS and PKCS #7 implementations that could allow an attacker to decrypt data via a Million Message Attack (MMA). It was discovered that a NULL pointer could be dereferenced when parsing certain S/MIME messages, leading to denial of service. Tavis Ormandy discovered a vulnerability in the way DER-encoded ASN.1 data is parsed that can result in a heap overflow.

Updated packages are available from security.debian.org.

May 11, 2012 06:32 Debian: Security update for gajim

0

Several vulnerabilities have been discovered in gajim, a feature-rich jabber client. gajim is not properly sanitizing input before passing it to shell commands. An attacker can use this flaw to execute arbitrary code on behalf of the victim if the user e.g. clicks on a specially crafted URL in an instant message. gajim is using predictable temporary files in an insecure manner when converting instant messages containing LaTeX to images. A local attacker can use this flaw to conduct symlink attacks and overwrite files the victim has write access to.

gajim is not properly sanitizing input when logging conversations which results in the possibility to conduct SQL injection attacks.

Updated packages are available from security.debian.org.

May 09, 2012 06:48 Debian: Security update for Puppet

0

Several vulnerabilities have been discovered in puppet, a centralized configuration management system. Puppet is using predictable temporary file names when downloading Mac OS X package files. This allows a local attacker to either overwrite arbitrary files on the system or to install an arbitrary package. When handling requests for a file from a remote filebucket, puppet can be tricked into overwriting its defined location for filebucket storage. This allows an authorized attacker with access to the puppet master to read arbitrary files.

Puppet is incorrectly handling filebucket store requests. This allows an attacker to perform denial of service attacks against puppet by resource exhaustion. Puppet is incorrectly handling filebucket requests. This allows an attacker with access to the certificate on the agent and an unprivileged account on puppet master to execute arbitrary code via crafted file path names and making a filebucket request.

Updated packages are available from security.debian.org.

May 09, 2012 06:05 Debian: Security update for Samba

0

It was discovered that Samba, the SMB/CIFS file, print, and login server, contained a flaw in the remote procedure call (RPC) code which allowed remote code execution as the super user from an unauthenticated connection. Updated packages are available from security.debian.org.

May 07, 2012 06:46 Debian: Security update for sqlalchemy

0

It was discovered that sqlalchemy, an SQL toolkit and object relational mapper for python, is not sanitizing input passed to the limit/offset keywords to select() as well as the value passed to select.limit()/offset(). This allows an attacker to perform SQL injection attacks against applications using sqlalchemy that do not implement their own filtering. Updated packages are available from security.debian.org.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.