Advisories

Linux Advisory Watch

Don't want to miss that crucial security notice?. The editorial staff at Guardian Digital will bring you complete coverage and in-depth
descriptions of all security bulletins, vulnerabilities and updated packages, all in one convenient weekly newsletter.

Linux Advisory Watch: January 1st, 2021

Linux Advisory Watch: January 1st, 2021

Thank you for reading the LinuxSecurity Linux Advisory Watch newsletter! Staying on top of the latest security advisories issued by the distro(s) you use is essential in maintaining an updated, secure Linux system. Our weekly newsletter is an easy, convenient way to track distribution security advisories - helping you keep your Linux environment safe from malware and other exploits.

Important advisories issued this week include warnings from Gentoo of multiple vulnerabilities in Samba, the worst of which could result in a Denial of Service condition, and a flaw in Apache Tomcat that allows for the disclosure of sensitive information. ArchLinux advises that Firefox before version 84.0-1 and Thunderbird before version 78.6.0-1 are vulnerable to multiple issues including arbitrary code execution, content spoofing and information disclosure. Continue reading to learn about other significant advisories issued this week. Happy New Year - wishing you a healthy, safe and secure 2021!

Yours in Open Source,

Brittany Day Signature


LinuxSecurity.com Feature Extras:

How Reverse Engineering Can Help Secure Your Linux Systems Against Malware - This article will examine how reverse engineering can be used to secure Linux systems against malware and other exploits, and will introduce our favorite tools, toolkits and utilities for reverse engineering and malware scanning available to Linux users.

Modernize Your Intrusion Detection Strategy with an AI-Powered, Open-Source NIDS - To help you modernize your intrusion detection strategy heading into the new year, we’ll examine the benefits and potential drawbacks of implementing an AI-powered network intrusion detection system (NIDS) and introduce you to a fast and flexible open-source NIDS we love called AIEngine.


  Debian: DSA-4822-1: p11-kit security update (Jan 1)
 

David Cook reported several memory safety issues affecting the RPC protocol in p11-kit, a library providing a way to load and enumerate PKCS#11 modules.

  Debian: DSA-4821-1: roundcube security update (Dec 28)
 

Alex Birnberg discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, is prone to a cross-site scripting vulnerability in handling HTML or Plain text messages with malicious content.

  Debian: DSA-4820-1: horizon security update (Dec 27)
 

Pritam Singh discovered an open redirect in the workflow forms of OpenStack Horizon. For the stable distribution (buster), this problem has been fixed in

  Debian: DSA-4809-2: python-apt regression update (Dec 27)
 

The update for python-apt released as DSA 4809-1 introduced a regression when passing a file descriptor to apt_inst.ArFile or apt_inst.DebFile causing a segmentation fault. Updated python-apt packages are now available to correct this issue.

  Debian: DSA-4819-1: kitty security update (Dec 26)
 

Stephane Chauveau discovered that the graphics protocol implementation in Kitty, a GPU-based terminal emulator, did not sanitise a filename when returning an error message, which could result in the execution of arbitrary shell commands when displaying a file with cat.

  Fedora 33: mediawiki 2020-0be2d40e13 (Dec 26)
 

https://lists.wikimedia.org/pipermail/mediawiki- announce/2020-December/000268.html

  Fedora 33: mingw-binutils 2020-18ec0bf4bb (Dec 26)
 

Backport patches for CVE-2020-16592 and CVE-2020-16598

  Fedora 32: mingw-binutils 2020-f903e139b1 (Dec 26)
 

Backport patches for CVE-2020-16592 and CVE-2020-16598

  Fedora 32: thunderbird 2020-b9644a6038 (Dec 26)
 

Update to latest upstream version.

  Fedora 33: libmaxminddb 2020-8a8f8b244f (Dec 25)
 

New version 1.4.3. Security fix for CVE-2020-28241.

  Fedora 32: libmaxminddb 2020-1fb1785fa1 (Dec 25)
 

New version 1.4.3. Security fix for CVE-2020-28241.

  Fedora 32: xen 2020-df772b417b (Dec 24)
 

xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) Xenstore: guests can disturb domain cleanup

  Fedora 33: xen 2020-64859a826b (Dec 24)
 

xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) Xenstore: guests can disturb domain cleanup

  Gentoo: GLSA-202012-24: Samba: Multiple vulnerabilities (Dec 24)
 

Multiple vulnerabilities have been found in Samba, the worst of which could result in a Denial of Service condition.

  Gentoo: GLSA-202012-23: Apache Tomcat: Information disclosure (Dec 24)
 

A vulnerability has been discovered in Apache Tomcat that allows for the disclosure of sensitive information.

  Gentoo: GLSA-202012-22: HAProxy: Arbitrary code execution (Dec 24)
 

A buffer overflow in HAProxy might allow an attacker to execute arbitrary code.

  SUSE: 2020:860-1 suse/sles12sp5 Security Update (Dec 29)
 

The container suse/sles12sp5 was updated. The following patches have been included in this update:

  Debian LTS: DLA-2507-1: libxstream-java security update (Dec 31)
 

Several security vulnerabilities were discovered in XStream, a Java library to serialize objects to XML and back again. CVE-2020-26258

  Debian LTS: DLA-2511-1: highlight.js security update (Dec 30)
 

An issue has been found in highlight.js, a JavaScript library for syntax highlighting. If a website or application renders user provided data it might be affected by a Prototype Pollution. This might result in strange

  Debian LTS: DLA-2510-1: libdatetime-timezone-perl new upstream release (Dec 29)
 

This update includes the changes in tzdata 2020e for the Perl bindings. For the list of changes, see DLA-2510-1. For Debian 9 stretch, this problem has been fixed in version

  Debian LTS: DLA-2509-1: tzdata new upstream version (Dec 29)
 

This update includes the changes in tzdata 2020e. Notable changes are: - - Volgograd switched to Moscow time on 2020-12-27 at 02:00.

  Debian LTS: DLA-2508-1: roundcube security update (Dec 28)
 

An issue was discovered in roundcube where in a cross-site scripting (XSS) via HTML or plain text messages with malicious content was possible.

  Debian LTS: DLA-2488-2: python-apt regression update (Dec 26)
 

The update for python-apt released as 2488-1 introduced a regression by causing a segmentation fault, which is now fixed with this update. For Debian 9 stretch, this problem has been fixed in version

  ArchLinux: 202012-26: qemu: multiple issues (Dec 31)
 

The package qemu before version 5.2.0-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.

  ArchLinux: 202012-25: firefox: multiple issues (Dec 31)
 

The package firefox before version 84.0-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing and information disclosure.

  ArchLinux: 202012-24: openssl: denial of service (Dec 31)
 

The package openssl before version 1.1.1.i-1 is vulnerable to denial of service.

  ArchLinux: 202012-23: thunderbird: multiple issues (Dec 31)
 

The package thunderbird before version 78.6.0-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing and information disclosure.

  ArchLinux: 202012-22: tensorflow: multiple issues (Dec 31)
 

The package tensorflow before version 2.4.0-1 is vulnerable to multiple issues including information disclosure and denial of service.

  ArchLinux: 202012-21: openjpeg2: multiple issues (Dec 31)
 

The package openjpeg2 before version 2.4.0-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.

  openSUSE: 2020:2367-1 moderate: groovy (Dec 31)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2363-1 important: kdeconnect-kde (Dec 30)
 

An update that contains security fixes can now be installed.

  openSUSE: 2020:2361-1 important: kdeconnect-kde (Dec 29)
 

An update that contains security fixes can now be installed.

  openSUSE: 2020:2359-1 important: opera (Dec 29)
 

An update that fixes 6 vulnerabilities is now available.

  openSUSE: 2020:2360-1 important: opera (Dec 29)
 

An update that fixes 6 vulnerabilities is now available.

  openSUSE: 2020:2357-1 important: gimp (Dec 28)
 

An update that solves one vulnerability and has one errata is now available.

  openSUSE: 2020:2350-1 moderate: flac (Dec 28)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:2351-1 moderate: openexr (Dec 28)
 

An update that fixes three vulnerabilities is now available.

  openSUSE: 2020:2349-1 moderate: openexr (Dec 27)
 

An update that fixes three vulnerabilities is now available.

  openSUSE: 2020:2348-1 moderate: flac (Dec 27)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:2344-1: (Dec 27)
 

An update that solves one vulnerability and has one errata is now available.

  openSUSE: 2020:2344-1: PackageKit (Dec 27)
 

An update that solves one vulnerability and has one errata is now available.

  openSUSE: 2020:2336-1 moderate: ovmf (Dec 26)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2337-1 moderate: blosc (Dec 26)
   
  openSUSE: 2020:2343-1 important: kdeconnect-kde (Dec 26)
 

An update that contains security fixes can now be installed.

  openSUSE: 2020:2334-1 important: kdeconnect-kde (Dec 26)
 

An update that contains security fixes can now be installed.

  openSUSE: 2020:2333-1 important: python3 (Dec 26)
   
  openSUSE: 2020:2332-1 important: python3 (Dec 26)
   
  openSUSE: 2020:2331-1 moderate: xen (Dec 26)
 

An update that solves 7 vulnerabilities and has two fixes is now available.

  openSUSE: 2020:2327-1 important: ceph (Dec 25)
 

An update that solves one vulnerability and has four fixes is now available.

  openSUSE: 2020:2325-1 critical: MozillaFirefox (Dec 25)
 

An update that fixes 8 vulnerabilities is now available.

  openSUSE: 2020:2324-1 critical: MozillaThunderbird (Dec 25)
 

An update that fixes 8 vulnerabilities is now available.

  Mageia 2020-0483: minidlna security update (Dec 31)
 

It was discovered that minidlna does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue (CVE-2020-12695).

  Mageia 2020-0482: curl security update (Dec 31)
 

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. (CVE-2020-8231). A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way

  Mageia 2020-0481: roundcubemail security update (Dec 29)
 

Fixes stored cross-site scripting (XSS) vulnerability via HTML or plain text messages with malicious content. (CVE-2020-35730). References: - https://bugs.mageia.org/show_bug.cgi?id=27957

  Mageia 2020-0480: flac security update (Dec 29)
 

In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation (CVE-2020-0499).

  Mageia 2020-0479: pngcheck security update (Dec 29)
 

Multiple buffer overflow flaws were found in pngcheck 2.4.0 and older (rhbz#1902806). References: - https://bugs.mageia.org/show_bug.cgi?id=27922

  Mageia 2020-0478: openjpeg2 security update (Dec 29)
 

There's a flaw in openjpeg in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability (CVE-2020-27841).

  Mageia 2020-0477: python3 security update (Dec 29)
 

In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP (CVE-2020-27619). References: - https://bugs.mageia.org/show_bug.cgi?id=27868

  Mageia 2020-0476: jackit security update (Dec 29)
 

posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 has a "double file descriptor close" issue during a failed connection attempt when jackd2 is not running. Exploitation success depends on multithreaded timing of that double close, which can result in unintended information disclosure, crashes, or file corruption due to having the wrong file associated with the file

  Mageia 2020-0475: kdeconnect-kde security update (Dec 29)
 

For the pairing procedure, the GUI component only presented the friendly 'deviceName' to identify peer devices, which is completely under attacker control. Furthermore the 'deviceName' is transmitted in cleartext in UDP broadcast messages for all other nodes in the network segment to see. Therefore malicious devices can attempt to confuse users by requesting a

  Mageia 2020-0474: spice-vdagent security update (Dec 29)
 

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the active_xfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service (CVE-2020-25650).

  Mageia 2020-0473: libvirt security update (Dec 29)
 

A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or

  Mageia 2020-0472: graphicsmagick security update (Dec 29)
 

GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c (CVE-2020-12672). References: - https://bugs.mageia.org/show_bug.cgi?id=26751

  Mageia 2020-0471: libmaxminddb security update (Dec 28)
 

libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c (CVE-2020-28241). References: - https://bugs.mageia.org/show_bug.cgi?id=27608

  Mageia 2020-0470: erlang-rebar3 security update (Dec 25)
 

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification (CVE-2020-13802). References: - https://bugs.mageia.org/show_bug.cgi?id=27511

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]