Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.
| |
(Jan 19) |
| |
The cPanel Security Team discovered that awstats, a log file analyzer, was vulnerable to path traversal attacks. A remote unauthenticated attacker could leverage that to perform arbitrary code execution.
|
| |
(Jan 18) |
| |
Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.59, which includes additional changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for
|
| |
(Jan 17) |
| |
Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injections and various Cross-Side Scripting (XSS) and Server-Side Request Forgery (SSRF) attacks, as well as bypass some access restrictions.
|
| |
(Jan 16) |
| |
Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server implementation, was improperly sequencing cleanup operations, leading in some cases to a use-after-free error, triggering an assertion failure and crash in named.
|
| |
(Jan 15) |
| |
It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened.
|
| |
(Jan 14) |
| |
Tavis Ormandy discovered a vulnerability in the Transmission BitTorrent client; insecure RPC handling between the Transmission daemon and the client interface(s) may result in the execution of arbitrary code if a user visits a malicious website while Transmission is running.
|
| |
(Jan 13) |
| |
Nick Wellnhofer discovered that certain function calls inside XPath predicates can lead to use-after-free and double-free errors when executed by libxml2's XPath engine via an XSLT transformation.
|
| |
(Jan 12) |
| |
Philip Huppert discovered the Shibboleth service provider is vulnerable to impersonation attacks and information disclosure due to mishandling of DTDs in the XMLTooling XML parsing library. For additional details please refer to the upstream advisory at
|
| |
(Jan 12) |
| |
It was discovered that gifsicle, a tool for manipulating GIF image files, contained a flaw that could lead to arbitrary code execution. For the oldstable distribution (jessie), this problem has been fixed
|
| |
(Jan 11) |
| |
Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files.
|
|
|
| |
Fedora 27: keycloak-httpd-client-install Security Update (Jan 18) |
| |
Security fix for CVE-2017-15111, CVE-2017-15112 Two minor security issues were discovered and were assigned CVE's. CVE-2017-15112 concerns the ability to pass a password on the command line where it could be exposed. That option has been deprecated. See the man page for multiple ways to pass the password. CVE-2017-15111 corrects the default location of a log file when running the low
|
| |
Fedora 27: rootsh Security Update (Jan 18) |
| |
Fix permissions on rootsh log directory to limit it to root.
|
| |
Fedora 26: rootsh Security Update (Jan 18) |
| |
Fix permissions on rootsh log directory to limit it to root.
|
| |
Fedora 27: icecat Security Update (Jan 18) |
| |
- Update to 52.5.3 - Patched for mozilla bug-1427870 (spectre mitigation)
|
| |
Fedora 27: transmission Security Update (Jan 18) |
| |
Security fix for CVE-2018-5702 (Mitigate dns rebinding attacks against daemon)
|
| |
Fedora 26: icecat Security Update (Jan 17) |
| |
- Update to 52.5.3 - Patched for mozilla bug-1427870 (spectre mitigation)
|
| |
Fedora 27: docker Security Update (Jan 17) |
| |
- Resolves: #1510351 - CVE-2017-14992 - built docker @projectatomic/docker-1.13.1 commit 584d391 - built docker-novolume-plugin commit 385ec70 - built rhel-push-plugin commit af9107b - built docker-lvm-plugin commit 8647404 - built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 - built docker-containerd @projectatomic/docker-1.13.1 commit 62a9c60 - built
|
| |
Fedora 27: irssi Security Update (Jan 17) |
| |
This is new version of irssi. It contains security fixes for CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208 .
|
| |
Fedora 26: irssi Security Update (Jan 17) |
| |
This is new version of irssi. It contains security fixes for CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208.
|
| |
Fedora 27: osc-source_validator Security Update (Jan 16) |
| |
Rebase `osc` and `osc-source_validator` to new versions for security fixes for CVE-2017-9274
|
| |
Fedora 27: osc Security Update (Jan 16) |
| |
Rebase `osc` and `osc-source_validator` to new versions for security fixes for CVE-2017-9274
|
| |
Fedora 27: php Security Update (Jan 16) |
| |
**PHP version 7.1.13** (04 Jan 2018) **Core:** * Fixed bug php#75573 (Segmentation fault in 7.1.12 and 7.0.26). (Laruence) * Fixed bug php#75384 (PHP seems incompatible with OneDrive files on demand). (Anatol) * Fixed bug php#74862 (Unable to clone instance when private __clone defined). (Daniel Ciochiu) * Fixed bug php#75074 (php-process crash when is_file() is used with
|
| |
Fedora 27: nasm Security Update (Jan 16) |
| |
Security fix for CVE-2017-17810 CVE-2017-17811 CVE-2017-17812 CVE-2017-17813 CVE-2017-17814 CVE-2017-17815 CVE-2017-17816 CVE-2017-17817 CVE-2017-17818 CVE-2017-17819 CVE-2017-17820
|
| |
Fedora 26: mupdf Security Update (Jan 16) |
| |
rebase to 1.12 CVE-2017-17866
|
| |
Fedora 26: nasm Security Update (Jan 16) |
| |
Security fix for CVE-2017-17810 CVE-2017-17811 CVE-2017-17812 CVE-2017-17813 CVE-2017-17814 CVE-2017-17815 CVE-2017-17816 CVE-2017-17817 CVE-2017-17818 CVE-2017-17819 CVE-2017-17820
|
| |
Fedora 26: awstats Security Update (Jan 16) |
| |
Security fix for CVE-2017-1000501
|
| |
Fedora 26: php Security Update (Jan 16) |
| |
**PHP version 7.1.13** (04 Jan 2018) **Core:** * Fixed bug php#75573 (Segmentation fault in 7.1.12 and 7.0.26). (Laruence) * Fixed bug php#75384 (PHP seems incompatible with OneDrive files on demand). (Anatol) * Fixed bug php#74862 (Unable to clone instance when private __clone defined). (Daniel Ciochiu) * Fixed bug php#75074 (php-process crash when is_file() is used with
|
| |
Fedora 26: gifsicle Security Update (Jan 16) |
| |
Update to 1.90 - Fixes CVE-2017-1000421
|
| |
Fedora 26: microcode_ctl Security Update (Jan 16) |
| |
Update to upstream 2.1-15. 20180108. Includes fix for Spectre.
|
| |
Fedora 26: osc-source_validator Security Update (Jan 16) |
| |
Rebase `osc` and `osc-source_validator` to new versions for security fixes for CVE-2017-9274.
|
| |
Fedora 26: osc Security Update (Jan 16) |
| |
Rebase `osc` and `osc-source_validator` to new versions for security fixes for CVE-2017-9274.
|
| |
Fedora 27: qtpass Security Update (Jan 15) |
| |
Qtpass password generation had a bug where only a 1000 different passwords where possible https://github.com/IJHack/QtPass/issues/338 ---- Upstream release
|
| |
Fedora 26: qtpass Security Update (Jan 15) |
| |
Qtpass password generation had a bug where only a 1000 different passwords where possible https://github.com/IJHack/QtPass/issues/338
|
| |
Fedora 27: qpid-cpp Security Update (Jan 13) |
| |
Rebased to 1.37.0.
|
| |
Fedora 26: qpid-cpp Security Update (Jan 13) |
| |
Rebased to 1.37.0. ---- Rebuilt against qpid-proton 0.18.1.
|
| |
Fedora 26: kernel Security Update (Jan 13) |
| |
The 4.14.13 stable kernel update contains a number of important fixes across the tree. This is also the first update to contain some spectre mitigations. Some patches for variant 1 as well as the initial retpoline build for variant 2. These variant 2 mitigations will improve with further patches, and once compiler support is improved.
|
| |
Fedora 27: kernel Security Update (Jan 12) |
| |
The 4.14.13 stable kernel update contains a number of important fixes across the tree. This is also the first update to contain some spectre mitigations. Some patches for variant 1 as well as the initial retpoline build for variant 2. These variant 2 mitigations will improve with further patches, and once compiler support is improved.
|
| |
Fedora 27: awstats Security Update (Jan 12) |
| |
Security fix for CVE-2017-1000501
|
|
|
| |
(Jan 17) |
| |
Insufficient input validation in Newsbeuter may allow remote attackers to execute arbitrary shell commands.
|
| |
(Jan 17) |
| |
Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code.
|
| |
(Jan 17) |
| |
Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to bypass access restrictions.
|
| |
(Jan 15) |
| |
Multiple vulnerabilities have been found in PolarSSL, the worst of which may allow remote attackers to execute arbitrary code.
|
| |
(Jan 15) |
| |
Multiple vulnerabilities have been found in Xen, the worst of which could allow for privilege escalation.
|
| |
(Jan 11) |
| |
A vulnerability in PySAML2 might allow remote attackers to bypass authentication.
|
| |
(Jan 11) |
| |
Multiple vulnerabilities have been found in TigerVNC, the worst of which may lead to arbitrary code execution.
|
| |
(Jan 11) |
| |
Multiple vulnerabilities have been found in icoutils, the worst of which may lead to arbitrary code execution.
|
|
|
| |
(Jan 18) |
| |
An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
(Jan 18) |
| |
An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
(Jan 17) |
| |
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
(Jan 16) |
| |
An update for microcode_ctl is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red
|
| |
(Jan 16) |
| |
An update for linux-firmware is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 7.3
|
| |
(Jan 16) |
| |
An update is now available for Red Hat CloudForms 4.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
(Jan 15) |
| |
An update is now available for Red Hat CloudForms 4.5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
(Jan 15) |
| |
An update is now available for Red Hat CloudForms 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
(Jan 15) |
| |
An update is now available for Red Hat CloudForms 4.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
|
|
| |
Slackware: 2018-017-01: bind Security Update (Jan 17) |
| |
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
|
| |
Slackware: 2018-016-01: kernel Security Update (Jan 16) |
| |
New kernel packages are available for Slackware 14.0 and 14.2 to fix security issues.
|
|
|
| |
SUSE: 2018:0140-1: important: xmltooling (Jan 19) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2018:0131-1: important: the Linux Kernel (Jan 18) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2018:0115-1: important: the Linux Kernel (Jan 16) |
| |
An update that solves 14 vulnerabilities and has one errata is now available.
|
| |
SUSE: 2018:0113-1: important: the Linux Kernel (Jan 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2018:0114-1: important: the Linux Kernel (Jan 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2018:0112-1: important: openssl (Jan 16) |
| |
An update that solves 5 vulnerabilities and has 10 fixes is now available.
|
| |
openSUSE: 2018:0097-1: important: tiff (Jan 15) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
openSUSE: 2018:0089-1: important: glibc (Jan 15) |
| |
An update that solves 7 vulnerabilities and has three fixes is now available.
|
| |
SUSE: 2018:0075-1: important: glibc (Jan 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2018:0076-1: important: glibc (Jan 12) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2018:0074-1: important: glibc (Jan 12) |
| |
An update that solves 7 vulnerabilities and has three fixes is now available.
|
| |
SUSE: 2018:0073-1: important: tiff (Jan 12) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
SUSE: 2018:0071-1: important: glibc (Jan 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2018:0069-1: important: the Linux Kernel (Jan 11) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2018:0067-1: important: ucode-intel (Jan 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2018:0068-1: important: microcode_ctl (Jan 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2018:0066-1: important: ucode-intel (Jan 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2018:0065-1: important: Fixing security issues on OBS toolchain (Jan 11) |
| |
An update that solves three vulnerabilities and has 5 fixes is now available.
|
|
|
| |
(Jan 17) |
| |
Bind could be made to crash if it received specially crafted network traffic.
|
| |
(Jan 16) |
| |
Transmission could be made to run arbitraty code.
|
| |
(Jan 15) |
| |
Several security issues were fixed in GDK-PixBuf.
|
|
|
| |
(Jan 18) |
| |
The package bind before version 9.11.2.P1-1 is vulnerable to denial of service.
|
| |
(Jan 18) |
| |
The package perl-xml-libxml before version 2.0130-1 is vulnerable to arbitrary code execution.
|
| |
(Jan 18) |
| |
The package transmission-cli before version 2.92-8 is vulnerable to arbitrary command execution.
|
| |
(Jan 18) |
| |
The package nrpe before version 3.2.1-3 is vulnerable to arbitrary command execution.
|
| |
(Jan 18) |
| |
The package irssi before version 1.0.6-1 is vulnerable to denial of service.
|
| |
(Jan 14) |
| |
The package qtpass before version 1.2.1-1 is vulnerable to private key recovery.
|
| |
(Jan 11) |
| |
The package intel-ucode before version 20180108-1 is vulnerable to access restriction bypass.
|
|
|
| |
(Jan 17) |
| |
It was discovered that multiple encryption key classes in the Librariescomponent of OpenJDK did not properly synchronize access to their internaldata. This could possibly cause a multi-threaded Java application to applyweak encryption to data because of the use of a key that was zeroed out.(CVE-2018-2579)Note: If the web browser plug-in provided by the icedtea-web package wasinstalled, the issues exposed via Java applets could have been exploitedwithout user interaction if a user visited a malicious website.
|
| |
(Jan 17) |
| |
|
| |
(Jan 17) |
| |
|
|
|
| |
(Jan 19) |
| |
It was discovered that there was a code-injection vulnerability in smarty3, a PHP template engine. A via specially-crafted filename in comments could result in arbitray code
|
| |
(Jan 19) |
| |
It was discovered that there was a denial-of-service attack in the libgd2 image library. A corrupt file could have exploited a signedness confusion leading to an infinite loop.
|
| |
(Jan 19) |
| |
It was discovered that there was an injection vulnerability in the rsync file-copying tool. For Debian 7 "Wheezy", this issue has been fixed in rsync version
|
| |
(Jan 18) |
| |
Tavis Ormandy discovered a vulnerability in the Transmission BitTorrent client; insecure RPC handling between the Transmission daemon and the client interface(s) may result in the execution of arbitrary code if a user visits a malicious website while Transmission is running.
|
| |
(Jan 16) |
| |
The Check Point Research Team discovered that the XBMC media center allows arbitrary file write when a malicious subtitle file is downloaded in zip format. This update requires the new dependency libboost-regex1.49.
|
| |
(Jan 16) |
| |
This release does a complete update of the CA list. This includes removing the StartCom and WoSign certificates to as they are now untrusted by the major browser vendors.
|
| |
(Jan 16) |
| |
A vulnerability has been discovered in GraphicsMagick, a collection of image processing tools, which may result in a denial of service.
|
| |
(Jan 14) |
| |
Philip Huppert discovered the Shibboleth service provider is vulnerable to impersonation attacks and information disclosure due to mishandling of DTDs in the XMLTooling XML parsing library. For additional details please refer to the upstream advisory at
|
| |
(Jan 14) |
| |
David Sopas discovered that Kohana, a PHP framework, was vulnerable to a Cross-site scripting (XSS) attack that allowed remote attackers to inject arbitrary web script or HTML by bypassing the strip_image_tags protection mechanism in system/classes/Kohana/Security.php. This issue
|
| |
(Jan 11) |
| |
Multiple vulnerabilities have been discovered in Ming: CVE-2017-11732
|
|
|
| |
(Jan 18) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2018:0095
|
| |
(Jan 18) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2018:0095
|
| |
(Jan 17) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2018:0094
|
| |
(Jan 17) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2018:0093
|
| |
(Jan 17) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2018:0093
|
