Debian Security Advisories: June 23 2017 - Critical Updates for Packages

Several vulnerabilities have been found in the Apache HTTPD server. CVE-2017-3167

It was discovered that Flatpak, an application deployment framework for desktop apps insufficiently restricted file permissinons in third-party repositories, which could result in privilege escalation.

Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed.

Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer.

Aniket Nandkishor Kulkarni discovered that in tomcat7, a servlet and JSP engine, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results,

Aniket Nandkishor Kulkarni discovered that in tomcat8, a servlet and JSP engine, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results,

Emeric Boit of ANSSI reported that SPIP, a website engine for publishing, insufficiently sanitises the value from the X-Forwarded-Host HTTP header field. An unauthenticated attacker can take advantage of this flaw to cause remote code execution.

libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, like for example

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

The Qualys Research Labs discovered a memory leak in the Exim mail transport agent. This is not a security vulnerability in Exim by itself, but can be used to exploit a vulnerability in stack handling. For the full details, please refer to their advisory published at:

The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack. For the full details, please refer to their advisory published at:

Multiple vulnerabilities have been discovered in Irssi, a terminal based IRC client. The Common Vulnerabilities and Exposures project identifies the following problems:

Hubert Kario discovered that GnuTLS, a library implementing the TLS and SSL protocols, does not properly decode a status response TLS extension, allowing a remote attacker to cause an application using the GnuTLS library to crash (denial of service).

It was discovered that RT::Authen::ExternalAuth, an external authentication module for Request Tracker, is vulnerable to timing side-channel attacks for user passwords. Only ExternalAuth in DBI (database) mode is vulnerable.

Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system. The Common Vulnerabilities and Exposures project identifies the following problems:

For changes see https://www.thunderbird.net/en-US/thunderbird/52.2.0/releasenotes/

This update addresses CVE-2017-1000366, a vulnerability in the dynamic linker allowing local privilege escalation.

Disable executable stack for aarch64 builds.

This update addresses CVE-2017-1000366, a vulnerability in the dynamic linker allowing local privilege escalation.

CVE-2017-1000381: c-ares NAPTR parser out of bounds access

Update to .104. Fix mp3 playback. Security fix for CVE-2017-5087, CVE-2017-5088, CVE-2017-5089

Rebuild for new luajit

For changes see https://www.thunderbird.net/en-US/thunderbird/52.2.0/releasenotes/

Fixes CVE-2017-9502 (Windows builds only)

**Version 3.0.1** - This release contains a fix for a **security advisory** related to the improper handling of a shell command - A properly crafted filename would allow for arbitrary code execution when using the --filter=gitmodified command line option - All version 3 users are encouraged to upgrade to this version, especially if you are checking 3rd-party

Rebase to the newest upstream version. This release contains mostly bugfixes and no new features. ---- This update enables Lua support and also moves binaries into /usr/bin directory. The bug with scriptlets is resolved by removing the whole alternatives group prior to installing new packages. ---- New upstream release 2.2.6 with many CVE fixes ---- New upstream version and fixed issues

Security fix for CVE-2017-9264 ---- Security fix for CVE-2017-9214

Update to a bugfix release of yara.

Upstream 3.2.8 ---- Upstream 3.2.7 (important security fix) ---- Security fix for CVE-2013-7458

Update to a bugfix release of yara.

Security fix for CVE-2017-9433

Mostly a bugfix update, but includes an update of the keyboard/mouse hwdb and various small fixes and a minor security issue and a boot issue on virtualized systems with no VGA console. No need to reboot or log out.

- new upstream update (54.0)

**Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-

This release fixes a possible setting arbitrary mode on an arbitrary file in rmtree() and remove_tree() calls known as CVE-2017-6512.

* Bump to 1.7.6 * Security fix for CVE-2017-8932

Rebuild with new bochs version

**Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-

Rebuild with new bochs version

This release fixes a possible setting arbitrary mode on an arbitrary file in rmtree() and remove_tree() calls known as CVE-2017-6512.

- new upstream update (54.0)

Update to version 1.8.2. The upstream release notes: https://mail.gnome.org/archives/ftp-release-list/2017-June/msg00015.html

**Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example-config-

Gajim 0.16.8 * Fix rejoining MUCs after connection loss * Fix Groupchat invites * Fix encoding problems with newer GnuPG versions * Fix old messages randomly reappearing in the chat window * Fix some problems with IBB filetransfer * Make XEP-0146 Commands opt-in * Improve sending messages to your own resources * Improve reliability of delivery recipes * Many minor

FIx for CVE-2017-8366

Gajim 0.16.8 * Fix rejoining MUCs after connection loss * Fix Groupchat invites * Fix encoding problems with newer GnuPG versions * Fix old messages randomly reappearing in the chat window * Fix some problems with IBB filetransfer * Make XEP-0146 Commands opt-in * Improve sending messages to your own resources * Improve reliability of delivery recipes * Many minor

FIx for CVE-2017-8366

fixes buffer overflows for flac and pcm

This update addresses the following vulnerabilities: * [CVE-2017-2496](https://www.cve.org/CVERecord?id=CVE-2017-2496), [CVE-2017-2539](https://www.cve.org/CVERecord?id=CVE-2017-2539), [CVE-2017-2510](https://www.cve.org/CVERecord?id=CVE-2017-2510) Additional fixes: * Fix URL shown in the title of beforeunload dialogs. * Focus

CVE-2017-7511 poppler: Null pointer dereference in pdfunite via crafted documents

Multiple vulnerabilities have been found in Vim and gVim, the worst of which might allow remote attackers to execute arbitrary code.

An out-of-bounds write in Graphite might allow remote attackers to execute arbitrary code.

Multiple vulnerabilities have been found in jbig2dec, the worst of which might allow remote attackers to execute arbitrary code.

Multiple vulnerabilities have been found in Urban Terror, the worst of which allows for the remote execution of arbitrary code.

Multiple vulnerabilities have been found in libksba which might allow remote attackers to obtain sensitive information or crash an libksba-based application. [More...]

A cache-related side channel vulnerability was found in nettle which might allow an attacker to obtain sensitive information.

Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code.

Multiple vulnerabilities have been found in the GNU C Library, the worst of which may allow execution of arbitrary code.

Multiple vulnerabilities have been found in mbed TLS, the worst of which could lead to the remote execution of arbitrary code.

Multiple vulnerabilities have been found in Kodi, the worst of which could allow remote attackers to execute arbitrary code.

A header injection vulnerability in GNU Wget might allow remote attackers to inject arbitrary HTTP headers.

New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

New mozilla-firefox packages are available for Slackware 14.2, and -current to fix security issues.

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

An update that fixes 12 vulnerabilities is now available. An update that fixes 12 vulnerabilities is now available. An update that fixes 12 vulnerabilities is now available.

An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.

An update that fixes three vulnerabilities is now available. An update that fixes three vulnerabilities is now available. An update that fixes three vulnerabilities is now available.

An update that solves four vulnerabilities and has 35 fixes An update that solves four vulnerabilities and has 35 fixes An update that solves four vulnerabilities and has 35 fixes is now available. is now available.

An update that solves 10 vulnerabilities and has one errata An update that solves 10 vulnerabilities and has one errata An update that solves 10 vulnerabilities and has one errata is now available. is now available.

An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.

An update that solves one vulnerability and has four fixes An update that solves one vulnerability and has four fixes An update that solves one vulnerability and has four fixes is now available. is now available.

An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.

An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.

An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.

An update that solves three vulnerabilities and has one An update that solves three vulnerabilities and has one An update that solves three vulnerabilities and has one errata is now available. errata is now available.

An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.

An update that fixes 26 vulnerabilities is now available. An update that fixes 26 vulnerabilities is now available. An update that fixes 26 vulnerabilities is now available.

An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.

An update that solves one vulnerability and has two fixes An update that solves one vulnerability and has two fixes An update that solves one vulnerability and has two fixes is now available. is now available.

An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.

An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.

An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available. An update that fixes two vulnerabilities is now available.

An update that solves one vulnerability and has two fixes An update that solves one vulnerability and has two fixes An update that solves one vulnerability and has two fixes is now available. is now available.

An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.

An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is now available. is now available.

Several security issues were fixed in OpenVPN.

Several security issues were fixed in the kernel.

Several security issues were fixed in the Linux kernel.

The system could be made to run programs as an administrator.

Valgrind could be made to crash or run programs if it opened a specially crafted file.

NSS could be made to crash if it received specially crafted network traffic.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

Several security issues were fixed in the Linux kernel.

libnl could be made to run programs as an administrator.

Exim could be made to run programs as an administrator.

Gnu C library could be made to run programs as an administrator.

libmwaw could be made to crash or run programs as your login if it opened a specially crafted file.

zziplib could be made to crash or run programs as your login if it opened a specially crafted file.

Firefox could be made to crash or run programs as your login if it opened a malicious website.