Linux Advisory Watch: April 17th, 2020

The following vulnerability has been discovered in the webkit2gtk web engine: CVE-2020-11793

Felix Wilhelm of Google Project Zero discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline, the credential helper machinery can be fooled to return credential information for a wrong host.

Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code. For the oldstable distribution (stretch), these problems have been fixed

- New Firefox and NSS upstream update - More info at https://www.mozilla.org/en-US/firefox/75.0/releasenotes/

- New Firefox and NSS upstream update - More info at https://www.mozilla.org/en-US/firefox/75.0/releasenotes/

Update to latest upstream version

The 5.5.16 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.15 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.13 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.11 stable kernel update contains a number of important fixes across the tree.

The 5.5.16 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.15 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.13 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.11 stable kernel update contains a number of important fixes across the tree.

The 5.5.16 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.15 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.13 stable kernel update contains a number of important fixes across the tree. ---- The 5.5.11 stable kernel update contains a number of important fixes across the tree.

- Update to 1.2.11 Release notes:

- Update to 1.2.11 Release notes:

Bugfix release from Google for 80.0.3987.162. ---- Update to 80.0.3987.162. Fixes the following CVEs: * CVE-2020-6450 * CVE-2020-6451 * CVE-2020-6452

- Update to 1.2.11 Release notes:

- Update to 1.2.11 Release notes:

Multiple bug fixes, including a fix for CVE-2020-10675 .

New upstream version, fix CVEs

## 1.4.3 (12, Nov 2019) ### Security Improvements: - Insure only a single SignedInfo element exists within a signature during verification. Refs [CVE-2019-3465](https://nvd.nist.gov/vuln/detail/CVE-2019-3465).

- https://www.drupal.org/project/ckeditor/releases/7.x-1.19 - https://www.drupal.org/sa-contrib-2020-007

New upstream version, fix CVEs

## 1.4.3 (12, Nov 2019) ### Security Improvements: - Insure only a single SignedInfo element exists within a signature during verification. Refs [CVE-2019-3465](https://nvd.nist.gov/vuln/detail/CVE-2019-3465).

- https://www.drupal.org/project/ckeditor/releases/7.x-1.19 - https://www.drupal.org/sa-contrib-2020-007

Security fix for CVE-2020-11100)

- New Firefox and NSS upstream update - More info at https://www.mozilla.org/en-US/firefox/75.0/releasenotes/

- New Firefox and NSS upstream update - More info at https://www.mozilla.org/en-US/firefox/75.0/releasenotes/

Security fix for CVE-2020-5247, CVE-2020-5249

Security fix for CVE-2020-5247, CVE-2020-5249

This update incorporates fixes from the upstream glibc 2.29 stable release branch, including 3 fixes for medium severity security vulnerabilities. (CVE-2020-10029, CVE-2020-1752, CVE-2020-1751)

- New Firefox and NSS upstream update - More info at https://www.mozilla.org/en-US/firefox/75.0/releasenotes/

- New Firefox and NSS upstream update - More info at https://www.mozilla.org/en-US/firefox/75.0/releasenotes/

Update to 2.1.4 (CVE-2010-11100, #1820200)

Security fix for CVE-2020-5247, CVE-2020-5249

**Version 4.4.7** (2020-03-30) * security #cve-2020-5255 [HttpFoundation] Do not set the default Content-Type based on the Accept header (yceruto) * security #cve-2020-5275 [Security] Fix access_control behavior with unanimous decision strategy (chalasr) * bug #36262 [DI] fix generating TypedReference from PriorityTaggedServiceTrait (nicolas-grekas) * bug #36252 [Security/Http]

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. [More...]

A vulnerability in libssh could allow a remote attacker to cause a Denial of Service condition.

An update for tigervnc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for thunderbird is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for ipmitool is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Red Hat CodeReady Workspaces 2.1.0 has been released. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

An update for nss-softokn is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for elfutils is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

An update for ntp is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

An update for procps-ng is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for python is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for podman is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update is now available for Red Hat Satellite 6.7 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Red Hat AMQ Broker 7.4.3 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for openshift-enterprise-builder-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Red Hat OpenShift Container Platform release 4.2.28 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score,

An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Open Liberty 20.0.0.4 Runtime is now available from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

New openvpn packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

New git packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

An update that solves two vulnerabilities and has one errata is now available.

An update that solves three vulnerabilities and has one errata is now available.

An update that solves two vulnerabilities and has one errata is now available.

An update that solves two vulnerabilities and has one errata is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that solves one vulnerability and has one errata is now available.

An update that fixes one vulnerability is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that contains security fixes can now be installed.

An update that fixes one vulnerability is now available.

Several security issues were fixed in PHP.

Git could be made to expose sensitive information.

Several security issues were fixed in Thunderbird.

Several security issues were fixed in the kernel.

libssh could be made to crash if it received specially crafted network traffic.

Felix Wilhelm of Google Project Zero discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline, the credential helper machinery can be fooled to

A directory traversal vulnerability resulting from insufficient input sanitization was discovered in the Horde Application Framework. An authenticated remote attacker could use this flaw to execute code in the

A remote code execution vulnerability was discovered in the Horde Application Framework. An authenticated remote attacker could use this flaw to cause execution of uploaded CSV data.

A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that results in a heap overflow in 32-bit applications because of a signed overflow on range check in the HuffmanDecodeImage

It was discovered that there was a header-splitting vulnerability in ceph, a distributed storage and file system. For Debian 8 "Jessie", this issue has been fixed in ceph version

The package chromium before version 81.0.4044.113-1 is vulnerable to arbitrary code execution.

The package apache before version 2.4.43-1 is vulnerable to multiple issues including information disclosure and open redirect.

The package git before version 2.26.1-1 is vulnerable to information disclosure.

The package thunderbird before version 68.7.0-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.

The package libssh before version 0.9.4-1 is vulnerable to denial of service.

The package wireshark-cli before version 3.2.3-1 is vulnerable to arbitrary code execution.

The package chromium before version 81.0.4044.92-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure, access restriction bypass and insufficient validation.

The package firefox before version 75.0-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and access restriction bypass.

The package haproxy before version 2.1.4-1 is vulnerable to arbitrary code execution.

Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) * Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) * Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) * Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) * Mozilla: Out of bounds write in GMPDecodeDat [More...]

An update that contains security fixes can now be installed.

An update that fixes one vulnerability is now available.

An update that solves 8 vulnerabilities and has two fixes is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes 26 vulnerabilities is now available.

An update that fixes 5 vulnerabilities is now available.

An update that solves 8 vulnerabilities and has two fixes is now available.

An update that contains security fixes can now be installed.

An update that fixes three vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that solves one vulnerability and has one errata is now available.

An update that solves one vulnerability and has three fixes is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes 5 vulnerabilities is now available.

An update that contains security fixes can now be installed.

An update that solves one vulnerability and has one errata is now available.

With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol (CVE-2020-5260).

Chromium-browser 81.0.4044.92 fixes security issues: Multiple flaws were found in the way Chromium 80.0.3987.149 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code,

Updated golang packages fix security vulnerability: An integer overflow vulnerability was found in the Go crypto/x509 and golang.org/x/crypto/cryptobyte libraries on 32-bit architectures. A remote attacker could exploit this by supplying a crafted x.509 certificate, or

Updated wireshark packages fix security vulnerability: The BACapp dissector could crash (CVE-2020-11647). References:

Updated libssh packages fix security vulnerability: A malicious client or server could crash the counterpart implemented with libssh AES-CTR ciphers are used and don't get fully initialized. It will crash when it tries to cleanup the AES-CTR ciphers when

The updated packages fix security vulnerabilities: Use-after-free while running the nsDocShell destructor. (CVE-2020-6819) Use-after-free when handling a ReadableStream. (CVE-2020-6820)

Updated krb5-appl packages fix security vulnerability: A vulnerability was found where incorrect bounds checks in the telnet servers (telnetd) handling of short writes and urgent data, could lead to information disclosure and corruption of heap data. An unauthenticated

Updated gnutls packages fix security vulnerability: A flaw was reported in the DTLS protocol implementation in GnuTLS. The DTLS client would not contribute any randomness to the DTLS negotiation, breaking the security guarantees of the DTLS protocol (CVE-2020-11501).

Updated mediawiki packages fix security vulnerability: In MediaWiki before 1.31.7, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki

Updated apache packages fix security vulnerabilities: In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within

Updated tor package fixes security vulnerabilities: Tor before 0.3.5.10 allows remote attackers to cause a Denial of Service (CPU consumption) (CVE-2020-10592).

Updated libvncserver packages fix security vulnerability: In libvncserver, through libvncclient/cursor.c, there is a possibility of a heap overflow, as reported by Pavel Cheremushkin (CVE-2019-15690).