Advisory: Debian LTS Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
It was discovered that there were multiple out-of-bounds memory read vulnerabilities in openvpn, a popular virtual private network (VPN) daemon. If clients used a HTTP proxy with NTLM authentication, a man-in-the-middle
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries.
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the
CVE-2017-8400 In SWFTools 0.9.2, an out-of-bounds write of heap data can occur in the function png_load() in lib/png.c:755. This issue can be triggered by a malformed PNG file that is mishandled by png2swf.
CVE-2017-5974 Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib allows remote attackers to cause a denial of service (crash) via a crafted ZIP file.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack. For the full details, please refer to their advisory published at:
Alvaro Munoz and Christian Schneider discovered that Jython, an implementation of the Python language seamlessly integrated with Java, would execute arbitrary code when deserializing objects.
Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or domain spoofing.
It was discovered that there was an infinite loop vulnerability in expat, a XML parsing C library: https://libexpat.github.io/doc/cve-2017-9233/
It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI (database) mode is vulnerable.
Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. The Common Vulnerabilities and Exposures project identifies the following problems:
It was discovered that Zookeeper, a service for maintaining configuration information, didn't restrict access to the computationally expensive wchp/wchc commands which could result in denial of service by elevated CPU consumption.
It was discovered that there was a vulnerability in libsndfile, a library for reading/writing audio files. A specially-crafted AIFF ("Audio Interchange File Format") file could result in an out-of-bounds memory read.
tiff3 was affected by multiple memory leaks (CVE-2017-9403, CVE-2017-9404) that could result in denial of service. Furthermore, while the current version in Debian was already patched for _TIFFVGetField issues (CVE-2016-10095, CVE-2017-9147), we replaced our Debian-specific patches
tiff was affected by multiple memory leaks (CVE-2017-9403, CVE-2017-9404) that could result in denial of service. Furthermore, while the current version in Debian was already patched for _TIFFVGetField issues (CVE-2016-10095, CVE-2017-9147), we replaced our Debian-specific patches
It has been discovered that Tor, a connection-based low-latency anonymous communication system, contains a flaw in the hidden service code. A remote attacker can take advantage of this flaw to cause a hidden service to crash with an assertion failure (TROVE-2017-005).
Besides bringing the package up to date regarding translations this update marks several packages as no longer supported by wheezy-lts: autotrace, inspircd, ioquake3, kfreebsd-8, kfreebsd-9, matrixssl,
It was discovered that apng2gif was vulnerable to an integer overflow resulting in a heap-based buffer over-read/write. A remote attacker could use this flaw to cause a denial of service (application crash) via a crafted APNG file.
It was found that ming, a library to parse and generate SWF (Flash) files, is susceptible to an integer overflow that would lead into out of bound memory writes via a maliciously crafted file.