Debian Security Advisory

    • Offizieller Beitrag

    Package : ghostscript

    CVE ID : CVE-2018-11645 CVE-2018-17961 CVE-2018-18073 CVE-2018-18284

    Debian Bug : 910678 910758 911175

    Several vulnerabilities were discovered in Ghostscript, the GPL

    PostScript/PDF interpreter, which may result in denial of service,

    disclosure of existence and size of arbitrary files, or the execution of

    arbitrary code if a malformed Postscript file is processed (despite the

    dSAFER sandbox being enabled).

    This update rebases ghostscript for stretch to the upstream version 9.25

    which includes additional non-security related changes.

    For the stable distribution (stretch), these problems have been fixed in

    version 9.25~dfsg-0+deb9u1.

    We recommend that you upgrade your ghostscript packages.

    For the detailed security status of ghostscript please refer to its

    security tracker page at:

    https://security-tracker.debian.org/tracker/ghostscript

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : thunderbird

    CVE ID : CVE-2018-12389 CVE-2018-12390 CVE-2018-12392

    CVE-2018-12393

    Multiple security issues have been found in Thunderbird: Multiple memory

    safety errors may lead to the execution of arbitrary code or denial of

    service.

    For the stable distribution (stretch), these problems have been fixed in

    version 1:60.3.0-1~deb9u1.

    We recommend that you upgrade your thunderbird packages.

    For the detailed security status of thunderbird please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/thunderbird

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : qemu

    CVE ID : CVE-2018-10839 CVE-2018-17962 CVE-2018-17963

    Debian Bug : 908682 910431 911468 911469

    Integer overflows in the processing of packets in network cards emulated

    by QEMU, a fast processor emulator, could result in denial of service.

    In addition this update backports support to passthrough the new CPU

    features added in the intel-microcode update shipped in DSA 4273 to

    x86-based guests.

    For the stable distribution (stretch), these problems have been fixed in

    version 1:2.8+dfsg-6+deb9u5.

    We recommend that you upgrade your qemu packages.

    For the detailed security status of qemu please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/qemu

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : ceph

    CVE ID : CVE-2017-7519 CVE-2018-1086 CVE-2018-1128 CVE-2018-1129

    Multiple vulnerabilities were discovered in Ceph, a distributed storage

    and file system: The cephx authentication protocol was suspectible to

    replay attacks and calculated signatures incorrectly, "ceph mon" did not

    validate capabilities for pool operations (resulting in potential

    corruption or deletion of snapshot images) and a format string

    vulnerability in libradosstriper could result in denial of service.

    For the stable distribution (stretch), these problems have been fixed in

    version 10.2.11-1.

    We recommend that you upgrade your ceph packages.

    For the detailed security status of ceph please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/ceph

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : chromium-browser

    CVE ID : CVE-2018-17478

    An out-of-bounds bounds memory access issue was discovered in chromium's

    v8 javascript library by cloudfuzzer.

    This update also fixes two problems introduced by the previous security

    upload. Support for arm64 has been restored and gconf-service is no longer

    a package dependency.

    For the stable distribution (stretch), this problem has been fixed in

    version 70.0.3538.102-1~deb9u1.

    We recommend that you upgrade your chromium-browser packages.

    For the detailed security status of chromium-browser please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/chromium-browser

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : mariadb-10.1

    CVE ID : CVE-2017-10268 CVE-2017-10378 CVE-2017-15365 CVE-2018-2562

    CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665

    CVE-2018-2668 CVE-2018-2755 CVE-2018-2761 CVE-2018-2766

    CVE-2018-2767 CVE-2018-2771 CVE-2018-2781 CVE-2018-2782

    CVE-2018-2784 CVE-2018-2787 CVE-2018-2813 CVE-2018-2817

    CVE-2018-2819 CVE-2018-3058 CVE-2018-3063 CVE-2018-3064

    CVE-2018-3066 CVE-2018-3081 CVE-2018-3143 CVE-2018-3156

    CVE-2018-3174 CVE-2018-3251 CVE-2018-3282

    Debian Bug : 885345 898444 898445 912848

    Several issues have been discovered in the MariaDB database server. The

    vulnerabilities are addressed by upgrading MariaDB to the new upstream

    version 10.1.37. Please see the MariaDB 10.1 Release Notes for further

    details:

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    https://mariadb.com/kb/en/mariadb/…-release-notes/

    For the stable distribution (stretch), these problems have been fixed in

    version 10.1.37-0+deb9u1.

    We recommend that you upgrade your mariadb-10.1 packages.

    For the detailed security status of mariadb-10.1 please refer to its

    security tracker page at:

    https://security-tracker.debian.org/tracker/mariadb-10.1

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : ceph

    Debian Bug : 913909

    The update for ceph issued as DSA-4339-1 caused a build regression for

    the i386 builds. Updated packages are now available to address this

    issue. For reference, the original advisory text follows.

    Multiple vulnerabilities were discovered in Ceph, a distributed storage

    and file system: The cephx authentication protocol was susceptible to

    replay attacks and calculated signatures incorrectly, "ceph mon" did not

    validate capabilities for pool operations (resulting in potential

    corruption or deletion of snapshot images) and a format string

    vulnerability in libradosstriper could result in denial of service.

    For the stable distribution (stretch), this problem has been fixed in

    version 10.2.11-2.

    We recommend that you upgrade your ceph packages.

    For the detailed security status of ceph please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/ceph

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : liblivemedia

    CVE ID : CVE-2018-4013

    It was discovered that a buffer overflow in liveMedia, a set of C++

    libraries for multimedia streaming could result in the execution of

    arbitrary code when parsing a malformed RTSP stream.

    For the stable distribution (stretch), this problem has been fixed in

    version 2016.11.28-1+deb9u1.

    We recommend that you upgrade your liblivemedia packages.

    For the detailed security status of liblivemedia please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/liblivemedia

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : roundcube

    CVE ID : CVE-2018-19206

    Aidan Marlin discovered that roundcube, a skinnable AJAX based webmail

    solution for IMAP servers, is prone to a cross-site scripting

    vulnerability in handling invalid style tag content.

    For the stable distribution (stretch), this problem has been fixed in

    version 1.2.3+dfsg.1-4+deb9u3.

    We recommend that you upgrade your roundcube packages.

    For the detailed security status of roundcube please refer to its

    security tracker page at:

    https://security-tracker.debian.org/tracker/roundcube

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : samba

    CVE ID : CVE-2018-14629 CVE-2018-16841 CVE-2018-16851

    Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,

    print, and login server for Unix. The Common Vulnerabilities and

    Exposures project identifies the following issues:

    CVE-2018-14629

    Florian Stuelpner discovered that Samba is vulnerable to

    infinite query recursion caused by CNAME loops, resulting in

    denial of service.

    https://www.samba.org/samba/security/CVE-2018-14629.html

    CVE-2018-16841

    Alex MacCuish discovered that a user with a valid certificate or

    smart card can crash the Samba AD DC's KDC when configured to accept

    smart-card authentication.

    https://www.samba.org/samba/security/CVE-2018-16841.html

    CVE-2018-16851

    Garming Sam of the Samba Team and Catalyst discovered a NULL pointer

    dereference vulnerability in the Samba AD DC LDAP server allowing a

    user able to read more than 256MB of LDAP entries to crash the Samba

    AD DC's LDAP server.

    https://www.samba.org/samba/security/CVE-2018-16851.html

    For the stable distribution (stretch), these problems have been fixed in

    version 2:4.5.12+dfsg-2+deb9u4.

    We recommend that you upgrade your samba packages.

    For the detailed security status of samba please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/samba

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : ghostscript

    CVE ID : CVE-2018-19409 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477

    Several vulnerabilities were discovered in Ghostscript, the GPL

    PostScript/PDF interpreter, which may result in denial of service or the

    execution of arbitrary code if a malformed Postscript file is processed

    (despite the -dSAFER sandbox being enabled).

    This update rebases ghostscript for stretch to the upstream version 9.26

    which includes additional changes.

    For the stable distribution (stretch), these problems have been fixed in

    version 9.26~dfsg-0+deb9u1.

    We recommend that you upgrade your ghostscript packages.

    For the detailed security status of ghostscript please refer to its

    security tracker page at:

    https://security-tracker.debian.org/tracker/ghostscript

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : perl

    CVE ID : CVE-2018-18311 CVE-2018-18312 CVE-2018-18313 CVE-2018-18314

    Multiple vulnerabilities were discovered in the implementation of the

    Perl programming language. The Common Vulnerabilities and Exposures

    project identifies the following problems:

    CVE-2018-18311

    Jayakrishna Menon and Christophe Hauser discovered an integer

    overflow vulnerability in Perl_my_setenv leading to a heap-based

    buffer overflow with attacker-controlled input.

    CVE-2018-18312

    Eiichi Tsukata discovered that a crafted regular expression could

    cause a heap-based buffer overflow write during compilation,

    potentially allowing arbitrary code execution.

    CVE-2018-18313

    Eiichi Tsukata discovered that a crafted regular expression could

    cause a heap-based buffer overflow read during compilation which

    leads to information leak.

    CVE-2018-18314

    Jakub Wilk discovered that a specially crafted regular expression

    could lead to a heap-based buffer overflow.

    For the stable distribution (stretch), these problems have been fixed in

    version 5.24.1-3+deb9u5.

    We recommend that you upgrade your perl packages.

    For the detailed security status of perl please refer to its security

    tracker page at:

    https://security-tracker.debian.org/tracker/perl

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : openssl

    CVE ID : CVE-2018-0732 CVE-2018-0734 CVE-2018-0735 CVE-2018-0737

    CVE-2018-5407

    Several local side channel attacks and a denial of service via large

    Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets

    Layer toolkit.

    For the stable distribution (stretch), these problems have been fixed in

    version 1.1.0j-1~deb9u1. Going forward, openssl security updates for

    stretch will be based on the 1.1.0x upstream releases.

    We recommend that you upgrade your openssl packages.

    For the detailed security status of openssl please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/openssl

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : tiff

    CVE ID : CVE-2017-11613 CVE-2017-17095 CVE-2018-5784

    CVE-2018-7456 CVE-2018-8905 CVE-2018-10963

    CVE-2018-17101 CVE-2018-18557 CVE-2018-15209

    CVE-2018-16335

    Multiple vulnerabilities have been discovered in the libtiff library and

    the included tools, which may result in denial of service or the

    execution of arbitrary code if malformed image files are processed.

    For the stable distribution (stretch), these problems have been fixed in

    version 4.0.8-2+deb9u4.

    We recommend that you upgrade your tiff packages.

    For the detailed security status of tiff please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/tiff

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : policykit-1

    CVE ID : CVE-2018-19788

    Debian Bug : 915332

    It was discovered that incorrect processing of very high UIDs in

    Policykit, a framework for managing administrative policies and

    privileges, could result in authentication bypass.

    For the stable distribution (stretch), this problem has been fixed in

    version 0.105-18+deb9u1.

    We recommend that you upgrade your policykit-1 packages.

    For the detailed security status of policykit-1 please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/policykit-1

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : libphp-phpmailer

    CVE ID : CVE-2018-19296

    Debian Bug : 913912

    It was discovered that PHPMailer, a library to send email from PHP

    applications, is prone to a PHP object injection vulnerability,

    potentially allowing a remote attacker to execute arbitrary code.

    For the stable distribution (stretch), this problem has been fixed in

    version 5.2.14+dfsg-2.3+deb9u1.

    We recommend that you upgrade your libphp-phpmailer packages.

    For the detailed security status of libphp-phpmailer please refer to its

    security tracker page at:

    https://security-tracker.debian.org/tracker/libphp-phpmailer

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : chromium-browser

    CVE ID : CVE-2018-17480 CVE-2018-17481 CVE-2018-18335 CVE-2018-18336

    CVE-2018-18337 CVE-2018-18338 CVE-2018-18339 CVE-2018-18340

    CVE-2018-18341 CVE-2018-18342 CVE-2018-18343 CVE-2018-18344

    CVE-2018-18345 CVE-2018-18346 CVE-2018-18347 CVE-2018-18348

    CVE-2018-18349 CVE-2018-18350 CVE-2018-18351 CVE-2018-18352

    CVE-2018-18353 CVE-2018-18354 CVE-2018-18355 CVE-2018-18356

    CVE-2018-18357 CVE-2018-18358 CVE-2018-18359

    Several vulnerabilities have been discovered in the chromium web browser.

    CVE-2018-17480

    Guang Gong discovered an out-of-bounds write issue in the v8 javascript

    library.

    CVE-2018-17481

    Several use-after-free issues were discovered in the pdfium library.

    CVE-2018-18335

    A buffer overflow issue was discovered in the skia library.

    CVE-2018-18336

    Huyna discovered a use-after-free issue in the pdfium library.

    CVE-2018-18337

    cloudfuzzer discovered a use-after-free issue in blink/webkit.

    CVE-2018-18338

    Zhe Jin discovered a buffer overflow issue in the canvas renderer.

    CVE-2018-18339

    cloudfuzzer discovered a use-after-free issue in the WebAudio

    implementation.

    CVE-2018-18340

    A use-after-free issue was discovered in the MediaRecorder implementation.

    CVE-2018-18341

    cloudfuzzer discovered a buffer overflow issue in blink/webkit.

    CVE-2018-18342

    Guang Gong discovered an out-of-bounds write issue in the v8 javascript

    library.

    CVE-2018-18343

    Tran Tien Hung discovered a use-after-free issue in the skia library.

    CVE-2018-18344

    Jann Horn discovered an error in the Extensions implementation.

    CVE-2018-18345

    Masato Kinugawa and Jun Kokatsu discovered an error in the Site Isolation

    feature.

    CVE-2018-18346

    Luan Herrera discovered an error in the user interface.

    CVE-2018-18347

    Luan Herrera discovered an error in the Navigation implementation.

    CVE-2018-18348

    Ahmed Elsobky discovered an error in the omnibox implementation.

    CVE-2018-18349

    David Erceg discovered a policy enforcement error.

    CVE-2018-18350

    Jun Kokatsu discovered a policy enforcement error.

    CVE-2018-18351

    Jun Kokatsu discovered a policy enforcement error.

    CVE-2018-18352

    Jun Kokatsu discovered an error in Media handling.

    CVE-2018-18353

    Wenxu Wu discovered an error in the network authentication implementation.

    CVE-2018-18354

    Wenxu Wu discovered an error related to integration with GNOME Shell.

    CVE-2018-18355

    evil1m0 discovered a policy enforcement error.

    CVE-2018-18356

    Tran Tien Hung discovered a use-after-free issue in the skia library.

    CVE-2018-18357

    evil1m0 discovered a policy enforcement error.

    CVE-2018-18358

    Jann Horn discovered a policy enforcement error.

    CVE-2018-18359

    cyrilliu discovered an out-of-bounds read issue in the v8 javascript

    library.

    Several additional security relevant issues are also fixed in this update

    that have not yet received CVE identifiers.

    For the stable distribution (stretch), these problems have been fixed in

    version 71.0.3578.80-1~deb9u1.

    We recommend that you upgrade your chromium-browser packages.

    For the detailed security status of chromium-browser please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/chromium-browser

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : php7.0

    CVE ID : CVE-2018-14851 CVE-2018-14883 CVE-2018-17082

    CVE-2018-19518 CVE-2018-19935

    Multiple security issues were found in PHP, a widely-used open source

    general purpose scripting language: The EXIF module was susceptible to

    denial of service/information disclosure when parsing malformed images,

    the Apache module allowed cross-site-scripting via the body of a

    "Transfer-Encoding: chunked" request and the IMAP extension performed

    insufficient input validation which can result in the execution of

    arbitrary shell commands in the imap_open() function and denial of

    service in the imap_mail() function.

    For the stable distribution (stretch), these problems have been fixed in

    version 7.0.33-0+deb9u1.

    We recommend that you upgrade your php7.0 packages.

    For the detailed security status of php7.0 please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/php7.0

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : firefox-esr

    CVE ID : CVE-2018-12405 CVE-2018-17466 CVE-2018-18492

    CVE-2018-18493 CVE-2018-18494 CVE-2018-18498

    Multiple security issues have been found in the Mozilla Firefox web

    browser, which could potentially result in the execution of arbitrary

    code or bypass of the same-origin policy.

    For the stable distribution (stretch), these problems have been fixed in

    version 60.4.0esr-1~deb9u1.

    We recommend that you upgrade your firefox-esr packages.

    For the detailed security status of firefox-esr please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/firefox-esr

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/

    • Offizieller Beitrag

    Package : openssl1.0

    CVE ID : CVE-2018-0732 CVE-2018-0734 CVE-2018-0737 CVE-2018-5407

    Several local side channel attacks and a denial of service via large

    Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets

    Layer toolkit.

    For the stable distribution (stretch), these problems have been fixed in

    version 1.0.2q-1~deb9u1. Going forward, openssl1.0 security updates for

    stretch will be based on the 1.0.2x upstream releases.

    We recommend that you upgrade your openssl1.0 packages.

    For the detailed security status of openssl1.0 please refer to

    its security tracker page at:

    https://security-tracker.debian.org/tracker/openssl1.0

    Further information about Debian Security Advisories, how to apply

    these updates to your system and frequently asked questions can be

    found at: https://www.debian.org/security/