Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.

LinuxSecurity.com Feature Extras:

- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.

- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.


  (Feb 27)
 

Two vulnerabilities have been found in Solr, a search server based on Lucene, which could result in the execution of arbitrary code or path traversal.

  (Feb 27)
 

Kelby Ludwig and Scott Cantor discovered that the Shibboleth service provider is vulnerable to impersonation attacks and information disclosure due to incorrect XML parsing. For additional details please refer to the upstream advisory at

  (Feb 27)
 

Joonun Jang discovered several problems in wavpack, an audio compression format suite. Incorrect processing of input resulted in several heap- and stack-based buffer overflows, leading to application crash or potential code execution.

  (Feb 24)
 

Multiple vulnerabilities have been found in the Drupal content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-001

  (Feb 22)
 

Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache. The Common Vulnerabilities and Exposures project identifies the following issues:

  (Feb 22)
 

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5715

  (Feb 22)
 

This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates. For the stable distribution (stretch), this problem has been fixed in


  Fedora 27: libvirt Security Update (Mar 1)
 

* CVE-2018-5748: resource exhaustion via qemuMonitorIORead() (bz #1535785) * CVE-2018-6764: code injection via libvirt_lxc (bz #1542815) * Fix hotplug disk failure (bz #1540872)

  Fedora 26: krb5 Security Update (Mar 1)
 

Fix CVE-2018-5729, CVE-2018-5730. These are low-impact, requiring administrator access to exploit. ---- Fix leak in previous version. ---- Always read config snippets in alphabetical order per-directory.

  Fedora 26: phpMyAdmin Security Update (Mar 1)
 

From upstream announcement: **Security fix: phpMyAdmin 4.7.8 is released** Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes. The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya

  Fedora 26: php-phpmyadmin-motranslator Security Update (Mar 1)
 

From upstream announcement: **Security fix: phpMyAdmin 4.7.8 is released** Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes. The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya

  Fedora 26: php-phpmyadmin-sql-parser Security Update (Mar 1)
 

From upstream announcement: **Security fix: phpMyAdmin 4.7.8 is released** Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes. The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya

  Fedora 27: mbedtls Security Update (Feb 28)
 

- Update to 2.7.0 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory:

  Fedora 26: mbedtls Security Update (Feb 28)
 

- Update to 2.7.0 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory:

  Fedora 27: wavpack Security Update (Feb 27)
 

* CVE-2018-6767 * CVE-2018-7253

  Fedora 27: libsamplerate Security Update (Feb 27)
 

New upstream bug fix release. This version includes a fix for CVE-2017-7697.

  Fedora 27: systemd Security Update (Feb 27)
 

- a few memory leaks and unitialized memory accesses - systemd-networkd Remote= must be a unicast address (upstream issue #8088) - add /run/systemd/user to the unit lookup path (upstream issue #8119) - various fixes for journalctl leaking file descriptors on very quick file rotation (upstream issues #7998, #8198) - systemd-resolved aborting on malformed packets (upstream issue #7888, oss-fuzz

  Fedora 27: unbound Security Update (Feb 27)
 

Use default RPM build flags and configure parameters (#1539097) Remove group writable bit from some config files (#1528445)

  Fedora 27: python-crypto Security Update (Feb 27)
 

The textbook ElGamal implementation is not secure. PyCrypto and some other implementations use the wrong algorithm, which may lead to some information disclosure simply by looking at the encrypted text. For a full description, see https://github.com/pycrypto/pycrypto/issues/253 This update includes a fix for this problem backported from pycryptodome.

  Fedora 27: dnsmasq Security Update (Feb 27)
 

create a separate user for dnsmasq.

  Fedora 27: knot-resolver Security Update (Feb 27)
 

Knot Resolver 2.1.0 (2018-02-16) changes -------------------- - stats: remove tracking of expiring records (predict uses another way) - systemd: re-use a single kresd.socket and kresd- tls.socket - ta_sentinel: implement protocol draft-ietf-dnsop-kskroll- sentinel-01 (our draft-ietf-dnsop-kskroll-sentinel-00 implementation had

  Fedora 27: mingw-OpenEXR Security Update (Feb 27)
 

This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596

  Fedora 26: mingw-poppler Security Update (Feb 27)
 

This update fixes CVE-2017-15565.

  Fedora 26: mingw-OpenEXR Security Update (Feb 27)
 

This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596

  Fedora 26: knot-resolver Security Update (Feb 27)
 

Knot Resolver 2.1.0 (2018-02-16) changes -------------------- - stats: remove tracking of expiring records (predict uses another way) - systemd: re-use a single kresd.socket and kresd- tls.socket - ta_sentinel: implement protocol draft-ietf-dnsop-kskroll- sentinel-01 (our draft-ietf-dnsop-kskroll-sentinel-00 implementation had

  Fedora 26: qt5-qtwebengine Security Update (Feb 27)
 

This update updates QtWebEngine to the 5.10.1 bugfix and security release. QtWebEngine 5.10.1 is part of the Qt 5.10.1 release, but only the QtWebEngine component is included in this update. This update includes: * Security fixes from Chromium up to version 64.0.3282.140. Including: CVE-2017-15407, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15415, CVE-2017-15416,

  Fedora 26: ldns Security Update (Feb 27)
 

Fix memory corruption in ldns_rr_new_frm_fp_l (#1511046) Fix memory corruption in ldns_str2rdf_long_str (#1511046)

  Fedora 26: gimp Security Update (Feb 27)
 

Security fix for CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 CVE-2017-17787 CVE-2017-17788 CVE-2017-17789

  Fedora 26: golang Security Update (Feb 27)
 

* Security fix for CVE-2018-6574 * Rebase to latest point release

  Fedora 26: gcab Security Update (Feb 27)
 

New upstream release - This fixes the security bug known as CVE-2018-5345 - Do not encode timezone in generated files - Fix countless memory leaks when parsing corrupt files

  Fedora 27: irssi Security Update (Feb 26)
 

This is new version fixing multiple vulnerabilities: CVE-2018-7050, CVE-2018-7051, CVE-2018-7052, CVE-2018-7053, CVE-2018-7054.

  Fedora 27: exim Security Update (Feb 26)
 

This is an update fixing mysql module. ---- This is new version fixing CVE-2018-6789.

  Fedora 27: seamonkey Security Update (Feb 26)
 

Update to 2.49.2 Based on the Firefox/Thunderbird ESR (extension support release) code version 52.6.1 Fixes various security issues, see https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ and https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ for more info.

  Fedora 27: php-phpmyadmin-motranslator Security Update (Feb 26)
 

From upstream announcement: **Security fix: phpMyAdmin 4.7.8 is released** Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes. The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya

  Fedora 27: phpMyAdmin Security Update (Feb 26)
 

From upstream announcement: **Security fix: phpMyAdmin 4.7.8 is released** Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes. The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya

  Fedora 27: php-phpmyadmin-sql-parser Security Update (Feb 26)
 

From upstream announcement: **Security fix: phpMyAdmin 4.7.8 is released** Welcome to phpMyAdmin 4.7.8, a security releaes also containing regular maintenance bug fixes. The security fix relates to a self-XSS vulnerability in the central columns feature that is reported as PMASA-2018-1 https://www.phpmyadmin.net/security/PMASA-2018-1/. Thanks to Mayur Udiniya

  Fedora 26: irssi Security Update (Feb 26)
 

This is new version fixing multiple vulnerabilities: CVE-2018-7050, CVE-2018-7051, CVE-2018-7052, CVE-2018-7053, CVE-2018-7054.

  Fedora 26: seamonkey Security Update (Feb 26)
 

Update to 2.49.2 Based on the Firefox/Thunderbird ESR (extension support release) code version 52.6.1 Fixes various security issues, see https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ and https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ for more info.

  Fedora 26: exim Security Update (Feb 26)
 

This is an update fixing mysql module. ---- This is new version fixing CVE-2018-6789.

  Fedora 27: milkytracker Security Update (Feb 25)
 

New upstream version Security fix for upstream issue 35 https://github.com/milkytracker/MilkyTracker/issues/35

  Fedora 27: qt5-qtwebengine Security Update (Feb 25)
 

This update updates QtWebEngine to the 5.10.1 bugfix and security release. QtWebEngine 5.10.1 is part of the Qt 5.10.1 release, but only the QtWebEngine component is included in this update. This update includes: * Security fixes from Chromium up to version 64.0.3282.140. Including: CVE-2017-15407, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15415, CVE-2017-15416,

  Fedora 26: milkytracker Security Update (Feb 25)
 

New upstream version Security fix for upstream issue 35 https://github.com/milkytracker/MilkyTracker/issues/35

  Fedora 27: suricata Security Update (Feb 23)
 

fixes bz#1543250 and bz#1543251

  Fedora 27: kernel Security Update (Feb 23)
 

The 4.15.4 update contains a number of important fixes across the tree

  Fedora 26: kernel Security Update (Feb 23)
 

The 4.15.4 update contains a number of important fixes across the tree.


  RedHat: RHSA-2018-0380:01 Moderate: Red Hat CloudForms security, bug fix, (Mar 1)
 

An update is now available for CloudForms Management Engine 5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2018-0379:01 Moderate: .NET Core on Red Hat Enterprise Linux (Mar 1)
 

An update for rh-dotnet20-dotnet, rh-dotnetcore10-dotnetcore, and rh-dotnetcore11-dotnetcore is now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact

  (Feb 28)
 

An update for ruby is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  (Feb 28)
 

An update for quagga is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  (Feb 28)
 

This is the One-Year notification for the retirement of Red Hat Enterprise Linux 6.4 Advanced Mission Critical (AMC). This notification applies only to those customers subscribed to the Advanced Mission Critical (AMC) channel for Red Hat Enterprise Linux 6.4.

  (Feb 28)
 

An update is now available for CloudForms Management Engine 5.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  (Feb 27)
 

An update for openstack-nova and python-novaclient is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  (Feb 27)
 

An update for erlang is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

  (Feb 26)
 

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  (Feb 26)
 

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

  (Feb 26)
 

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

  (Feb 26)
 

An update for gcab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  (Feb 22)
 

An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,


  Slackware: 2018-060-02: ntp Security Update (Mar 1)
 

New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

  Slackware: 2018-060-01: dhcp Security Update (Mar 1)
 

New dhcp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.


  (Mar 2)
 

An update that solves one vulnerability and has one errata is now available.

  (Mar 1)
 

An update that solves one vulnerability and has one errata is now available.

  (Mar 1)
 

An update that solves one vulnerability and has one errata is now available.

  (Mar 1)
 

An update that solves one vulnerability and has one errata is now available.

  (Mar 1)
 

An update that solves one vulnerability and has one errata is now available.

  (Mar 1)
 

An update that fixes one vulnerability is now available.

  (Mar 1)
 

An update that fixes one vulnerability is now available.

  (Mar 1)
 

An update that fixes one vulnerability is now available.

  (Mar 1)
 

An update that solves one vulnerability and has one errata is now available.

  (Mar 1)
 

An update that solves one vulnerability and has one errata is now available.

  (Mar 1)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2018:0570-1: important: freexl (Mar 1)
 

An update that fixes 5 vulnerabilities is now available.

  (Mar 1)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2018:0569-1: important: freexl (Mar 1)
 

An update that fixes 5 vulnerabilities is now available.

  (Feb 28)
 

An update that fixes 5 vulnerabilities is now available.

  (Feb 28)
 

An update that fixes one vulnerability is now available.

  (Feb 27)
 

An update that solves 9 vulnerabilities and has 40 fixes is now available.

  openSUSE: 2018:0544-1: important: lame (Feb 26)
 

An update that fixes 12 vulnerabilities is now available.

  openSUSE: 2018:0543-1: important: lame (Feb 26)
 

An update that fixes 12 vulnerabilities is now available.

  openSUSE: 2018:0538-1: important: php5 (Feb 24)
 

An update that fixes one vulnerability is now available.

  (Feb 23)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2018:0529-1: important: postgresql95 (Feb 23)
 

An update that solves 6 vulnerabilities and has one errata is now available.

  (Feb 22)
 

An update that solves 8 vulnerabilities and has 19 fixes is now available.


  (Feb 23)
 

Several security issues were fixed in the Linux kernel.

  (Feb 23)
 

Several security issues were fixed in the Linux kernel.

  (Feb 23)
 

Several security issues were fixed in the Linux kernel.

  (Feb 23)
 

On February 22, fixes for CVE-2017-5715 were released into the Ubuntu Xenialkernel version 4.4.0-116.140. This CVE, also known as "Spectre," is caused by flaws in the design of speculative execution hardware in the computer'sCPU, and could be used to access sensitive information in kernel memory. [More...]

  (Feb 22)
 

Several security issues were fixed in WavPack.

  (Feb 22)
 

Several security issues were fixed in the Linux kernel.

  (Feb 22)
 

Several security issues were fixed in the Linux kernel.

  (Feb 22)
 

Several security issues were fixed in the Linux kernel.

  (Feb 22)
 

Several security issues were fixed in the Linux kernel.

  (Feb 22)
 

Several security issues were fixed in the Linux kernel.


  (Feb 28)
 

The package mbedtls before version 2.7.0-1 is vulnerable to arbitrary code execution.

  (Feb 24)
 

The package unixodbc before version 2.3.5-1 is vulnerable to arbitrary code execution.

  (Feb 24)
 

The package lib32-wavpack before version 5.1.0-2 is vulnerable to arbitrary code execution.

  (Feb 24)
 

The package wavpack before version 5.1.0-2 is vulnerable to arbitrary code execution.

  (Feb 24)
 

The package phpmyadmin before version 4.7.8-1 is vulnerable to cross- site scripting.

  (Feb 22)
 

The package strongswan before version 5.6.2-1 is vulnerable to denial of service.


  (Feb 28)
 

It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploit this flaw to execute arbitrary commands by setting up a malicious FTP server and tricking a user or Ruby application into downloading files with specially crafted names using the Net::FTP module. (CVE-2017-17405) * A buffer underflow was found i [More...]

  (Feb 28)
 

quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code (CVE-2018-5379) SL7 x86_64 quagga-0.99.22.4-5.el7_4.i686.rpm quagga-0.99.22.4-5.el7_4.x86_64.rpm quagga-debuginfo-0.99.22.4-5.el7_4.i686.rpm quagga-debuginfo-0.99.22.4-5.el7_4.x86_64.rpm quagga-contrib-0.99.22.4-5.el7_4.x86_64. [More...]

  (Feb 26)
 

A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2018-2641) * It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE [More...]

  (Feb 26)
 

gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution (CVE-2018-5345) SL7 x86_64 gcab-debuginfo-0.7-4.el7_4.i686.rpm gcab-debuginfo-0.7-4.el7_4.x86_64.rpm libgcab1-0.7-4.el7_4.i686.rpm libgcab1-0.7-4.el7_4.x86_64.rpm gcab-0.7-4.el7_4.x86_64.rpm libgcab1-devel-0.7-4.el7_4.i686.rpm libgcab1-devel-0.7-4.el7_4.x86 [More...]


  Debian LTS: DLA-1297-1: simplesamlphp security update (Mar 2)
 

Several vulnerabilities have been discovered in SimpleSAMLphp, a framework for authentication, primarily via the SAML protocol. CVE-2016-9814 & CVE-2016-9955

  Debian LTS: DLA-1297-1: freexl security update (Mar 1)
 

Leon reported five heap-based buffer-overflow vulnerabilities in FreeXL. CVE-2018-7435

  (Mar 1)
 

Kelby Ludwig and Scott Cantor discovered that the Shibboleth service provider is vulnerable to impersonation attacks and information disclosure due to incorrect XML parsing. For additional details please refer to the upstream advisory at

  (Feb 28)
 

Multiple vulnerabilities have been found in the Drupal content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2018-001.

  (Feb 25)
 

It was discovered that there was an arbitrary command execution vulnerability in the Go programming language. The "go get" implementation did not correctly validate "import path"

  (Feb 25)
 

It was discovered that there was a remote denial of service vulnerability in the imagemagick graphics library via a specially- crafted TIFF file.

  (Feb 24)
 

This update includes the changes in tzdata 2018c for the Perl bindings. For the list of changes, see DLA-1291-1. For Debian 7 "Wheezy", these problems have been fixed in version

  (Feb 24)
 

This update includes the changes in tzdata 2018c. Notable changes are: - São Tomé and Príncipe switched from +00 to +01. - Brazil's DST will now start on November's first Sunday.

  (Feb 24)
 

CVE-2017-13194 Fix for a flaw in libvpx related to odd frame width, which may lead to a denial of service.

  (Feb 22)
 

It was discovered that there where a number of vulnerabilities in irssi, the terminal based IRC client: - CVE-2018-7050: Null pointer dereference for an "empty" nick.

  (Feb 22)
 

It was discovered that there was an issue in the CUPS printer framework where remote attackers could execute arbitrary commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding.


  (Feb 28)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0350

  (Feb 28)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0349

  (Feb 28)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0349