Debian Security Advisory

    • Offizieller Beitrag

    Package : libmspack

    CVE ID : CVE-2018-14679 CVE-2018-14680 CVE-2018-14681 CVE-2018-14682

    Debian Bug : 904799 904800 904801 904802

    Several vulnerabilities were discovered in libsmpack, a library used to

    handle Microsoft compression formats. A remote attacker could craft

    malicious CAB, CHM or KWAJ files and use these flaws to cause a denial

    of service via application crash, or potentially execute arbitrary code.

    For the stable distribution (stretch), these problems have been fixed in

    version 0.5-1+deb9u2.

    We recommend that you upgrade your libmspack packages.

    For the detailed security status of libmspack please refer to its

    security tracker page at:

    https://security-tracker.debian.org/tracker/libmspack

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : vim-syntastic

    CVE ID : CVE-2018-11319

    Enrico Zini discovered a vulnerability in Syntastic, an addon

    module for the Vim editor that runs a file through external checkers

    and displays any resulting errors. Config files were looked up in the

    current working directory which could result in arbitrary

    shell code execution if a malformed source code file is opened.

    For the stable distribution (stretch), this problem has been fixed in

    version 3.7.0-1+deb9u2.

    We recommend that you upgrade your vim-syntastic packages.

    For the detailed security status of vim-syntastic please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/vim-syntastic

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : symfony

    CVE ID : CVE-2016-2403 CVE-2017-1665 CVE-2017-16653

    CVE-2017-16654 CVE-2017-16790 CVE-2018-11385

    CVE-2018-11386 CVE-2018-11406

    Multiple vulnerabilities have been found in the Symfony PHP framework

    which could lead to open redirects, cross-site request forgery,

    information disclosure, session fixation or denial of service.

    For the stable distribution (stretch), these problems have been fixed in

    version 2.8.7+dfsg-1.3+deb9u1.

    We recommend that you upgrade your symfony packages.

    For the detailed security status of symfony please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/symfony

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : cgit

    CVE ID : CVE-2018-14912

    Debian Bug : 905382

    Jann Horn discovered a directory traversal vulnerability in cgit, a fast

    web frontend for git repositories written in C. A remote attacker can

    take advantage of this flaw to retrieve arbitrary files via a specially

    crafted request, when 'enable-http-clone=1' (default) is not turned off.

    For the stable distribution (stretch), this problem has been fixed in

    version 1.1+git2.10.2-3+deb9u1.

    We recommend that you upgrade your cgit packages.

    For the detailed security status of cgit please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/cgit

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : python-django

    CVE ID : CVE-2018-14574

    Andreas Hug discovered an open redirect in Django, a Python web

    development framework, which is exploitable if

    django.middleware.common.CommonMiddleware is used and the APPEND_SLASH

    setting is enabled.

    For the stable distribution (stretch), this problem has been fixed in

    version 1:1.10.7-2+deb9u2.

    We recommend that you upgrade your python-django packages.

    For the detailed security status of python-django please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/python-django

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : xml-security-c

    CVE ID : not yet available

    It was discovered that the Apache XML Security for C++ library performed

    insufficient validation of KeyInfo hints, which could result in denial

    of service via NULL pointer dereferences when processing malformed XML

    data.

    For the stable distribution (stretch), this problem has been fixed in

    version 1.7.3-4+deb9u1.

    We recommend that you upgrade your xml-security-c packages.

    For the detailed security status of xml-security-c please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/xml-security-c

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : linux

    CVE ID : CVE-2018-5390 CVE-2018-13405

    Several vulnerabilities have been discovered in the Linux kernel that

    may lead to a privilege escalation or denial of service.

    CVE-2018-5390

    Juha-Matti Tilli discovered that a remote attacker can trigger the

    worst case code paths for TCP stream reassembly with low rates of

    specially crafted packets leading to remote denial of service.

    CVE-2018-13405

    Jann Horn discovered that the inode_init_owner function in

    fs/inode.c in the Linux kernel allows local users to create files

    with an unintended group ownership allowing attackers to escalate

    privileges by making a plain file executable and SGID.

    For the stable distribution (stretch), these problems have been fixed in

    version 4.9.110-3+deb9u1. This update includes fixes for several

    regressions in the latest point release.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : kamailio

    CVE ID : CVE-2018-14767

    Henning Westerholt discovered a flaw related to the To header processing

    in kamailio, a very fast, dynamic and configurable SIP server. Missing

    input validation in the build_res_buf_from_sip_req function could result

    in denial of service and potentially the execution of arbitrary code.

    For the stable distribution (stretch), this problem has been fixed in

    version 4.4.4-2+deb9u2.

    We recommend that you upgrade your kamailio packages.

    For the detailed security status of kamailio please refer to its

    security tracker page at:

    https://security-tracker.debian.org/tracker/kamailio

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : openjdk-8

    CVE ID : CVE-2018-2952

    It was discovered that the PatternSyntaxException class in the

    Concurrency component of OpenJDK, an implementation of the Oracle Java

    platform could result in denial of service via excessive memory

    consumption.

    For the stable distribution (stretch), this problem has been fixed in

    version 8u181-b13-1~deb9u1.

    We recommend that you upgrade your openjdk-8 packages.

    For the detailed security status of openjdk-8 please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/openjdk-8

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : postgresql-9.6

    CVE ID : CVE-2018-10915 CVE-2018-10925

    Two vulnerabilities have been found in the PostgreSQL database system:

    CVE-2018-10915

    Andrew Krasichkov discovered that libpq did not reset all its

    connection state during reconnects.

    CVE-2018-10925

    It was discovered that some "CREATE TABLE" statements could

    disclose server memory.

    For additional information please refer to the upstream announcement

    at https://www.postgresql.org/about/news/1878/

    For the stable distribution (stretch), these problems have been fixed in

    version 9.6.10-0+deb9u1.

    We recommend that you upgrade your postgresql-9.6 packages.

    For the detailed security status of postgresql-9.6 please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/postgresql-9.6

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : gdm3

    CVE ID : CVE-2018-14424

    Chris Coulson discovered a use-after-free flaw in the GNOME Display

    Manager, triggerable by an unprivileged user via a specially crafted

    sequence of D-Bus method calls, leading to denial of service or

    potentially the execution of arbitrary code.

    For the stable distribution (stretch), this problem has been fixed in

    version 3.22.3-3+deb9u2.

    We recommend that you upgrade your gdm3 packages.

    For the detailed security status of gdm3 please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/gdm3

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : samba

    CVE ID : CVE-2018-10858 CVE-2018-10919

    Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,

    print, and login server for Unix. The Common Vulnerabilities and

    Exposures project identifies the following issues:

    CVE-2018-10858

    Svyatoslav Phirsov discovered that insufficient input validation in

    libsmbclient allowed a malicious Samba server to write to the

    client's heap memory.

    CVE-2018-10919

    Phillip Kuhrt discovered that Samba when acting as an Active Domain

    controller disclosed some sensitive attributes.

    For the stable distribution (stretch), these problems have been fixed in

    version 2:4.5.12+dfsg-2+deb9u3.

    We recommend that you upgrade your samba packages.

    For the detailed security status of samba please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/samba

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : linux

    CVE ID : CVE-2018-5391

    CVE-2018-5391 (FragmentSmack)

    Juha-Matti Tilli discovered a flaw in the way the Linux kernel

    handled reassembly of fragmented IPv4 and IPv6 packets. A remote

    attacker can take advantage of this flaw to trigger time and

    calculation expensive fragment reassembly algorithms by sending

    specially crafted packets, leading to remote denial of service.

    This is mitigated by reducing the default limits on memory usage

    for incomplete fragmented packets. The same mitigation can be

    achieved without the need to reboot, by setting the sysctls:

    net.ipv4.ipfrag_high_thresh = 262144

    net.ipv6.ip6frag_high_thresh = 262144

    net.ipv4.ipfrag_low_thresh = 196608

    net.ipv6.ip6frag_low_thresh = 196608

    The default values may still be increased by local configuration

    if necessary.

    For the stable distribution (stretch), this problem has been fixed in

    version 4.9.110-3+deb9u2.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : intel-microcode

    CVE ID : CVE-2018-3639 CVE-2018-3640

    This update ships updated CPU microcode for some types of Intel CPUs and

    provides SSBD support (needed to address "Spectre v4") and fixes for

    "Spectre v3a".

    For the stable distribution (stretch), these problems have been fixed in

    version 3.20180703.2~deb9u1.

    We recommend that you upgrade your intel-microcode packages.

    For the detailed security status of intel-microcode please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/intel-microcode

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : xen

    CVE ID : CVE-2018-3620 CVE-2018-3646

    This update provides mitigations for the "L1 Terminal Fault"

    vulnerability affecting a range of Intel CPUs.

    For additional information please refer to

    https://xenbits.xen.org/xsa/advisory-273.html. The microcode updates

    mentioned there are not yet available in a form distributable by Debian.

    In addition two denial of service vulnerabilities have been fixed

    (XSA-268 and XSA-269).

    For the stable distribution (stretch), these problems have been fixed in

    version 4.8.4+xsa273+shim4.10.1+xsa273-1+deb9u10.

    We recommend that you upgrade your xen packages.

    For the detailed security status of xen please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/xen

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : keystone

    CVE ID : CVE-2018-14432

    Debian Bug : 904616

    Kristi Nikolla discovered an information leak in Keystone, the OpenStack

    identity service, if running in a federated setup.

    For the stable distribution (stretch), this problem has been fixed in

    version 2:10.0.0-9+deb9u1.

    We recommend that you upgrade your keystone packages.

    For the detailed security status of keystone please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/keystone

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : php-horde-image

    CVE ID : CVE-2017-9773 CVE-2017-9774 CVE-2017-14650

    Debian Bug : 865504 865505 876400

    Fariskhi Vidyan and Thomas Jarosch discovered several vulnerabilities

    in php-horde-image, the image processing library for the Horde

    groupware suite. They would allow an attacker to cause a

    denial-of-service or execute arbitrary code.

    For the stable distribution (stretch), these problems have been fixed in

    version 2.3.6-1+deb9u1.

    We recommend that you upgrade your php-horde-image packages.

    For the detailed security status of php-horde-image please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/php-horde-image

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : mutt

    CVE ID : CVE-2018-14349 CVE-2018-14350 CVE-2018-14351 CVE-2018-14352

    CVE-2018-14353 CVE-2018-14354 CVE-2018-14355 CVE-2018-14356

    CVE-2018-14357 CVE-2018-14358 CVE-2018-14359 CVE-2018-14360

    CVE-2018-14361 CVE-2018-14362 CVE-2018-14363

    Debian Bug : 904051

    Several vulnerabilities were discovered in Mutt, a text-based mailreader

    supporting MIME, GPG, PGP and threading, potentially leading to code

    execution, denial of service or information disclosure when connecting

    to a malicious mail/NNTP server.

    For the stable distribution (stretch), these problems have been fixed in

    version 1.7.2-1+deb9u1.

    We recommend that you upgrade your mutt packages.

    For the detailed security status of mutt please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/mutt

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : jetty9

    CVE ID : CVE-2017-7656 CVE-2017-7657 CVE-2017-7658

    Multiple vulnerabilities were discovered in Jetty, a Java servlet engine

    and webserver which could result in HTTP request smuggling.

    For the stable distribution (stretch), these problems have been fixed in

    version 9.2.21-1+deb9u1.

    We recommend that you upgrade your jetty9 packages.

    For the detailed security status of jetty9 please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/jetty9

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : linux

    CVE ID : CVE-2018-3620 CVE-2018-3646

    Multiple researchers have discovered a vulnerability in the way the

    Intel processor designs have implemented speculative execution of

    instructions in combination with handling of page-faults. This flaw

    could allow an attacker controlling an unprivileged process to read

    memory from arbitrary (non-user controlled) addresses, including from

    the kernel and all other processes running on the system or cross

    guest/host boundaries to read host memory.

    To fully resolve these vulnerabilities it is also necessary to install

    updated CPU microcode (only available in Debian non-free). Common server

    class CPUs are covered in the update released as DSA 4273-1.

    For the stable distribution (stretch), these problems have been fixed in

    version 4.9.110-3+deb9u3.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/