MAJs de securité

Ustilago · Février 21, 2016, 2:01pm

Bonsoir,

4 mises à jour de sécurité aujourd’hui :

[quote]Package : moin
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : not available yet

It was discovered that missing input validation in the twikidraw and
anywikidraw actions can result in the execution of arbitrary code.
This security issue in being actively exploited.

This update also addresses path traversal in AttachFile.

For the stable distribution (squeeze), this problem has been fixed in
version 1.9.3-1+squeeze4.

For the unstable distribution (sid), this problem has been fixed in
version 1.9.5-4.

We recommend that you upgrade your moin packages.[/quote]

[quote]
Package : virtualbox-ose
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-3221

“halfdog” discovered that incorrect interrupt handling in Virtualbox,
a x86 virtualization solution - can lead to denial of service.

For the stable distribution (squeeze), this problem has been fixed in
version 3.2.10-dfsg-1+squeeze1.

For the testing distribution (wheezy) and the unstable distribution
(sid), this problem has been fixed in version 4.1.18-dfsg-1.1 of
the virtualbox source package.

We recommend that you upgrade your virtualbox-ose packages.[/quote]

[quote]
Package : ghostscript
Vulnerability : integer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-4405

Marc Schoenefeld discovered that an integer overflow in the ICC parsing
code of Ghostscript can lead to the execution of arbitrary code.

For the stable distribution (squeeze), this problem has been fixed in
version 8.71~dfsg2-9+squeeze1.

For the testing distribution (wheezy), this problem has been fixed in
version 9.05~dfsg-6.1.

For the unstable distribution (sid), this problem has been fixed in
version 9.05~dfsg-6.1.

We recommend that you upgrade your ghostscript packages.[/quote]

[quote]Package : mediawiki-extensions
Vulnerability : cross-site scripting
Problem type : remote
Debian-specific: no
CVE ID : not yet assigned
Debian Bug : 696179

Thorsten Glaser discovered that the RSSReader extension for mediawiki, a
website engine for collaborative work, does not properly escape tags in
feeds. This could allow a malicious feed to inject JavaScript into the
mediawiki pages.

For the stable distribution (squeeze), this problem has been fixed in
version 2.3squeeze2.

For the testing distribution (wheezy), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 2.11.

We recommend that you upgrade your mediawiki-extensions packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:05pm

Bonjour,

J’en ai loupé quelques-unes, un peu occupé ces derniers temps

[quote]Package : proftpd-dfsg
Vulnerability : symlink race
Problem type : local
Debian-specific: no
CVE ID : CVE-2012-6095
Debian Bug : 697524

It has been discovered that in ProFTPd, an FTP server, an attacker on
the same physical host as the server may be able to perform a symlink
attack allowing to elevate privileges in some configurations.

For the stable distribution (squeeze), this problem has been fixed in
version 1.3.3a-6squeeze5.

For the testing distribution (wheezy), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 1.3.4a-3.

We recommend that you upgrade your proftpd-dfsg packages.[/quote]

[quote]Package : asterisk
Vulnerability : several issues
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-5976 CVE-2012-5977
Debian Bug : 697230

Several vulnerabilities were discovered in Asterisk, a PBX and telephony
toolkit, that allow remote attackers to perform denial of service
attacks.

For the stable distribution (squeeze), these problems have been fixed in
version 1:1.6.2.9-2+squeeze9.

For the testing distribution (wheezy) and unstable distribution (sid),
these problems will be fixed soon.

We recommend that you upgrade your asterisk packages.[/quote]

[quote]Package : qemu-kvm
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-6075
Debian Bug : 696051

It was discovered that the e1000 emulation code in QEMU does not
enforce frame size limits in the same way as the real hardware does.
This could trigger buffer overflows in the guest operating system
driver for that network card, assuming that the host system does not
discard such frames (which it will by default).

For the stable distribution (squeeze), this problem has been fixed in
version 0.12.5+dfsg-5+squeeze10.

For the unstable distribution (sid), this problem has been fixed in
version 1.1.2+dfsg-4.

We recommend that you upgrade your qemu-kvm packages.[/quote]

et

[quote]Package : qemu
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-6075
Debian Bug : 696051

It was discovered that the e1000 emulation code in QEMU does not
enforce frame size limits in the same way as the real hardware does.
This could trigger buffer overflows in the guest operating system
driver for that network card, assuming that the host system does not
discard such frames (which it will by default).

For the stable distribution (squeeze), this problem has been fixed in
version 0.12.5+dfsg-3squeeze3.

For the unstable distribution (sid), this problem has been fixed in
version 1.1.2+dfsg-4.

We recommend that you upgrade your qemu packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:05pm

Bonjour,

Une petite mise à jour de sécurité :

[quote]Package : rails
Vulnerability : SQL query manipulation
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0155

An interpretation conflict can cause the Active Record component of
Rails, a web framework for the Ruby programming language, to truncate
queries in unexpected ways. This may allow attackers to elevate their
privileges.

For the stable distribution (squeeze), this problem has been fixed in
version 2.3.5-1.2+squeeze5.

We recommend that you upgrade your rails packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:06pm

Bonjour,

Une mise à jour de sécurité pour Asterix :

[quote][Package : asterisk
Vulnerability : several issues
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-5976 CVE-2012-5977
Debian Bug : 697230 698112 698118

The security update released in DSA 2605 for Asterisk, caused a
regression that could lead to crashes. Updated packages have now been
made available to correct that behaviour. For reference, the original
advisory text follows.

Several vulnerabilities were discovered in Asterisk, a PBX and telephony
toolkit, that allow remote attackers to perform denial of service
attacks.

For the stable distribution (squeeze), these problems have been fixed in
version 1:1.6.2.9-2+squeeze10.

For the testing distribution (wheezy) and unstable distribution (sid),
these problems will be fixed soon.

We recommend that you upgrade your asterisk packages./quote]

Usti

Ustilago · Février 21, 2016, 2:06pm

Bonjour,

Deux nouvelles mises à jour de sécurité :

[quote]Package : ganglia
Vulnerability : arbitrary script execution
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-3448
Debian Bug : 683584

Insufficient input sanitization in Ganglia, a web based monitoring system,
could lead to remote PHP script execution with permissions of the user running
the web browser.

For the stable distribution (squeeze), this problem has been fixed in
version 3.1.7-1+squeeze1.

For the testing distribution (wheezy), this problem has been fixed in
version 3.3.8-1.

For the unstable distribution (sid), this problem has been fixed in
version 3.3.8-1.

We recommend that you upgrade your ganglia packages.[/quote]

[quote]Package : movabletype-opensource
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0209
Debian Bug : 697666

An input sanitation problem has been found in upgrade functions of
movabletype-opensource, a web-based publishing platform. Using carefully
crafted requests to the mt-upgrade.cgi file, it would be possible to inject OS
command and SQL queries.

For the stable distribution (squeeze), this problem has been fixed in
version 4.3.8+dfsg-0+squeeze3.

For the testing distribution (wheezy), this problem has been fixed in
version 5.1.2+dfsg-1.

For the unstable distribution (sid), this problem has been fixed in
version 5.1.2+dfsg-1.

We recommend that you upgrade your movabletype-opensource packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:07pm

Bonjour,

Une mise à jour de sécurité :

[quote]Package : ircd-ratbox
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-6084

It was discovered that a bug in the server capability negotiation code of
ircd-ratbox could result in denial of service.

For the stable distribution (squeeze), this problem has been fixed in
version 3.0.6.dfsg-2squeeze1.

For the testing distribution (wheezy), this problem has been fixed in
version 3.0.7.dfsg-3.

For the unstable distribution (sid), this problem has been fixed in
version 3.0.7.dfsg-3.

We recommend that you upgrade your ircd-ratbox packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:09pm

J’ai pris un peu de retard, 3 mises à jour de sécurité :

[quote]Package : rails
Vulnerability : insufficient input validation
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0333
Debian Bug : 699226

Lawrence Pit discovered that Ruby on Rails, a web development framenwork,
is vulnerable to a flaw in the parsing of JSON to YAML. Using a specially
crafted payload attackers can trick the backend into decoding a subset of
YAML.

The vulnerability has been addressed by removing the YAML backend and
adding the OkJson backend.

For the stable distribution (squeeze), this problem has been fixed in
version 2.3.5-1.2+squeeze6.

For the testing distribution (wheezy), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 2.3.14-6 of the ruby-activesupport-2.3 package.

The 3.2 version of rails as found in Debian wheezy and sid is not
affected by the problem.

We recommend that you upgrade your rails packages.[/quote]

[quote]Package : libupnp
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2012-5961
CVE-2012-5962 CVE-2012-5963 CVE-2012-5964 CVE-2012-5965
Debian Bug : 699316

Multiple stack-based buffer overflows were discovered in libupnp, a library
used for handling the Universal Plug and Play protocol. HD Moore from Rapid7
discovered that SSDP queries where not correctly handled by the
unique_service_name() function.

An attacker sending carefully crafted SSDP queries to a daemon built on libupnp
could generate a buffer overflow, overwriting the stack, leading to the daemon
crash and possible remote code execution.

For the stable distribution (squeeze), these problems have been fixed in
version 1:1.6.6-5+squeeze1.

For the testing distribution (wheezy), these problems have been fixed in
version 1:1.6.17-1.2.

For the unstable distribution (sid), these problems have been fixed in
version 1:1.6.17-1.2.

We recommend that you upgrade your libupnp packages.[/quote]

[quote]Package : libupnp4
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2012-5961
CVE-2012-5962 CVE-2012-5963 CVE-2012-5964 CVE-2012-5965
Debian Bug : 699459

Multiple stack-based buffer overflows were discovered in libupnp4, a library
used for handling the Universal Plug and Play protocol. HD Moore from Rapid7
discovered that SSDP queries where not correctly handled by the
unique_service_name() function.

An attacker sending carefully crafted SSDP queries to a daemon built on
libupnp4 could generate a buffer overflow, overwriting the stack, leading to
the daemon crash and possible remote code execution.

For the stable distribution (squeeze), these problems have been fixed in
version 1.8.0~svn20100507-1+squeeze1.

For the testing distribution (wheezy), these problems have been fixed in
version 1.8.0~svn20100507-1.2.

For the unstable distribution (sid), these problems have been fixed in
version 1.8.0~svn20100507-1.2.

We recommend that you upgrade your libupnp4 packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:13pm

Pwët,

Petit retard … rattrapé !

[quote]Package : samba
Vulnerability : several issues
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0213 CVE-2013-0214

Jann Horn had reported two vulnerabilities in Samba, a popular
cross-platform network file and printer sharing suite. In particular,
these vulnerabilities affect to SWAT, the Samba Web Administration Tool.

CVE-2013-0213: Clickjacking issue in SWAT
An attacker can integrate a SWAT page into a malicious web page via a
frame or iframe and then overlaid by other content. If an
authenticated valid user interacts with this malicious web page, she
might perform unintended changes in the Samba settings.

CVE-2013-0214: Potential Cross-site request forgery
An attacker can persuade a valid SWAT user, who is logged in, to
click in a malicious link and trigger arbitrary unintended changes in
the Samba settings.

For the stable distribution (squeeze), these problems have been fixed in
version 3.5.6~dfsg-3squeeze9.

For the testing distribution (wheezy), these problems have been fixed in
version 2:3.6.6-5.

For the unstable distribution (sid), these problems have been fixed in
version 2:3.6.6-5.

We recommend that you upgrade your samba packages.[/quote]

[quote]Package : nagios3
Vulnerability : buffer overflow in CGI scripts
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-6096
Debian Bug : 697930

A buffer overflow problem has been found in nagios3, a host/service/network
monitoring and management system. A mailicious client could craft a
request to history.cgi and cause application crashes.

For the stable distribution (squeeze), this problem has been fixed in
version 3.2.1-2+squeeze1.

For the testing distribution (wheezy), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 3.4.1-3.

We recommend that you upgrade your nagios3 packages.[/quote]

[quote]Package : ircd-hybrid
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0238
Debian Bug : 699267

Bob Nomnomnom reported a Denial of Service vulnerability in IRCD-Hybrid,
an Internet Relay Chat server. A remote attacker may use an error in
the masks validation and crash the server.

For the stable distribution (squeeze), this problem has been fixed in
version 7.2.2.dfsg.2-6.2+squeeze1.

For the testing distribution (wheezy), this problem has been fixed in
version 1:7.2.2.dfsg.2-10.

For the unstable distribution (sid), this problem has been fixed in
version 1:7.2.2.dfsg.2-10.

We recommend that you upgrade your ircd-hybrid packages.[/quote]

[quote]Package : xen-qemu-dm-4.0
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-6075

A buffer overflow was found in the e1000e emulation, which could be
triggered when processing jumbo frames.

For the stable distribution (squeeze), this problem has been fixed in
version 4.0.1-2+squeeze3.

For the unstable distribution (sid), this problem has been fixed in
version 4.1.3-8 of the xen source package.

We recommend that you upgrade your xen-qemu-dm-4.0 packages.[/quote]

[quote]Package : ircd-ratbox
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-6084

This update to the previous ircd-ratbox DSA only raises the version number
to ensure that a higher version is used than a previously binNMU on some
architectures.

For the stable distribution (squeeze), this problem has been fixed in
version 3.0.6.dfsg-2+squeeze1.

We recommend that you upgrade your ircd-ratbox packages.[/quote]

[quote]Package : rails
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0276 CVE-2013-0277

Two vulnerabilities were discovered in Ruby on Rails, a Ruby framework
for web application development.

CVE-2013-0276
The blacklist provided by the attr_protected method could be
bypassed with crafted requests, having an application-specific
impact.

CVE-2013-0277
In some applications, the +serialize+ helper in ActiveRecord
could be tricked into deserializing arbitrary YAML data,
possibly leading to remote code execution.

For the stable distribution (squeeze), these problems have been fixed
in version 2.3.5-1.2+squeeze7.

We recommend that you upgrade your rails packages.[/quote]

[quote]Package : openssl
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0166 CVE-2013-0169
Debian Bug : 699889

Multiple vulnerabilities have been found in OpenSSL. The Common
Vulnerabilities and Exposures project identifies the following issues:

CVE-2013-0166

OpenSSL does not properly perform signature verification for OCSP
responses, which allows remote attackers to cause a denial of
service via an invalid key.

CVE-2013-0169

A timing side channel attack has been found in CBC padding
allowing an attacker to recover pieces of plaintext via statistical
analysis of crafted packages, known as the "Lucky Thirteen" issue.

For the stable distribution (squeeze), these problems have been fixed in
version 0.9.8o-4squeeze14.

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 1.0.1e-1.

We recommend that you upgrade your openssl packages.[/quote]

[quote]Package : polarssl
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0169 CVE-2013-1621 CVE-2013-1622
Debian Bug : 699887

Multiple vulnerabilities have been found in OpenSSL. The Common
Vulnerabilities and Exposures project identifies the following issues:

CVE-2013-0169

A timing side channel attack has been found in CBC padding
allowing an attacker to recover pieces of plaintext via statistical
analysis of crafted packages, known as the "Lucky Thirteen" issue.

CVE-2013-1621

An array index error might allow remote attackers to cause a denial
of service via vectors involving a crafted padding-length value
during validation of CBC padding in a TLS session

CVE-2013-1622

Malformed CBC data in a TLS session could allow remote attackers to
conduct distinguishing attacks via statistical analysis of timing
side-channel data for crafted packets.

For the stable distribution (squeeze), these problems have been fixed in
version 0.12.1-1squeeze1.

For the testing distribution (wheezy), and the unstable distribution
(sid), these problems have been fixed in version 1.1.4-2.

We recommend that you upgrade your polarssl packages.[/quote]

[quote]Package : openconnect
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-6128

Kevin Cernekee discovered that a malicious VPN gateway can send
crafted responses which trigger stack-based buffer overflows.

For the stable distribution (squeeze), this problem has been fixed in
version 2.25-0.1+squeeze2.

We recommend that you upgrade your openconnect packages.[/quote]

À vos apt-get/aptitude si vous n’avez pas encore mis à jour !

Usti

lol · Février 21, 2016, 2:23pm

Salut,

[20 février 2013] DSA-2630 postgresql-8.4 - Erreur de programmation
[18 février 2013] DSA-2628 nss-pam-ldapd - Dépassement de tampon
[17 février 2013] DSA-2627 nginx - Fuite d’informations
[17 février 2013] DSA-2626 lighttpd - Plusieurs problèmes
[17 février 2013] DSA-2625 wireshark - Plusieurs vulnérabilités
[16 février 2013] DSA-2624 ffmpeg - Plusieurs vulnérabilités

Et la plus récente (pas encore sur le site):

[quote]Package : squid3
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-5643 CVE-2013-0189
Debian Bug : 696187

Squid3, a fully featured Web proxy cache, is prone to a denial of
service attack due to memory consumption caused by memory leaks in
cachemgr.cgi:[/quote]

Ustilago · Février 21, 2016, 2:24pm

Bonjour,

4 nouvelles alertes :

[quote]Package : openjpeg
Vulnerability : several issues
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2009-5030 CVE-2012-3358 CVE-2012-3535
Debian Bug : 672455 681075 685970

CVE-2009-5030

Heap memory corruption leading to invalid free when processing certain
Gray16 TIFF images.

CVE-2012-3358

Huzaifa Sidhpurwala of the Red Hat Security Response Team found a
heap-based buffer overflow in JPEG2000 image parsing.

CVE-2012-3535

Huzaifa Sidhpurwala of the Red Hat Security Response Team found a
heap-based buffer overflow when decoding JPEG2000 images.

For the stable distribution (squeeze), these problems have been fixed in
version 1.3+dfsg-4+squeeze1.

For the testing (wheezy) and unstable (sid) distributions, these problems
have been fixed in version 1.3+dfsg-4.6.

We recommend that you upgrade your openjpeg packages.[/quote]

[quote]Package : linux-2.6
Vulnerability : privilege escalation/denial of service
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2013-0231 CVE-2013-0871

Several vulnerabilities have been discovered in the Linux kernel that may lead
to a denial of service or privilege escalation. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2013-0231

Jan Beulich provided a fix for an issue in the Xen PCI backend drivers.
Users of guests on a system using passed-through PCI devices can create
a denial of service of the host system due to the use of non-ratelimited
kernel log messages.

CVE-2013-0871

Suleiman Souhlal and Salman Qazi of Google, with help from Aaron Durbin
and Michael Davidson of Google, discovered an issue in the
ptrace subsystem. Due to a race condition with PTRACE_SETREGS, local users
can cause kernel stack corruption and execution of arbitrary code.

For the stable distribution (squeeze), this problem has been fixed in version
2.6.32-48squeeze1.

The following matrix lists additional source packages that were rebuilt for
compatibility with or to take advantage of this update:

                                         Debian 6.0 (squeeze)
 user-mode-linux                         2.6.32-1um-4+48squeeze1

We recommend that you upgrade your linux-2.6 and user-mode-linux packages.[/quote]

[quote]Package : fusionforge
Vulnerability : privilege escalation
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-1423
Debian Bug :

Helmut Grohne discovered multiple privilege escalation flaws in FusionForge, a
web-based project-management and collaboration software. Most of the
vulnerabilities are related to the bad handling of privileged operations on
user-controlled files or directories.

For the stable distribution (squeeze), this problem has been fixed in
version 5.0.2-5+squeeze2.

For the testing (wheezy) and unstable (sid) distribution, theses problems will
be fixed soon.

We recommend that you upgrade your fusionforge packages.[/quote]

[quote]Package : python-django
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-4520 CVE-2013-0305 CVE-2013-0306 CVE-2013-1665
Debian Bug : 701186 696535 691145

Several vulnerabilities have been discovered in python-django, a high-level
python web development framework. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2012-4520

James Kettle discovered that django did not properly filter the HTTP
Host header when processing certain requests. An attacker could exploit
this to generate and cause parts of django, particularly the
password-reset mechanism, to display arbitrary URLs to users.

CVE-2013-0305

Orange Tsai discovered that the bundled administrative interface
of django could expose supposedly-hidden information via its history
log.

CVE-2013-0306

Mozilla discovered that an attacker can abuse django's tracking of
the number of forms in a formset to cause a denial-of-service attack
due to extreme memory consumption.

CVE-2013-1665

Michael Koziarski discovered that django's XML deserialization is
vulnerable to entity-expansion and external-entity/DTD attacks.

For the stable distribution (squeeze), these problems have been fixed in
version 1.2.3-3+squeeze5.

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 1.4.4-1.

We recommend that you upgrade your python-django packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:24pm

Bonjour,

Une mise à jour de sécurité encore toute chaude

[quote]Package : cfingerd
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: yes
CVE ID : CVE-2013-1049
Debian Bug : 700098

Malcolm Scott discovered a remote-exploitable buffer overflow in the
rfc1413 (ident) client of cfingerd, a configurable finger daemon. This
vulnerability was introduced in a previously applied patch to the
cfingerd package in 1.4.3-3.

For the stable distribution (squeeze), this problem has been fixed in
version 1.4.3-3+squeeze1.

For the testing distribution (wheezy), this problem has been fixed in
version 1.4.3-3.1.

For the unstable distribution (sid), this problem has been fixed in
version 1.4.3-3.1.

We recommend that you upgrade your cfingerd packages.[/quote]

Usti

BelZeButh · Février 21, 2016, 2:28pm

[quote]/etc/cron.daily/apt-listbugs:
Fixed packages : epiphany-browser[/quote]

Ustilago · Février 21, 2016, 2:28pm

Bonjour,

Une mise à jour de sécurité, et une régression, les deux pour xen :

[quote]Package : xen
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-4544 CVE-2012-5511 CVE-2012-5634 CVE-2013-0153
Debian Bug :

Multiple vulnerabilities have been discovered in the Xen hypervisor. The
Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2012-4544

Insufficient validation of kernel or ramdisk sizes in the Xen PV
domain builder could result in denial of service.

CVE-2012-5511

Several HVM control operations performed insufficient validation of
input, which could result in denial of service through resource
exhaustion.

CVE-2012-5634

Incorrect interrupt handling when using VT-d hardware could result
in denial of service.

CVE-2013-0153

Insufficient restriction of interrupt access could result in denial
of service.

For the stable distribution (squeeze), these problems have been fixed in
version 4.0.1-5.7.

For the testing distribution (wheezy), these problems have been fixed in
version 4.1.4-2.

For the unstable distribution (sid), these problems have been fixed in
version 4.1.4-2.

We recommend that you upgrade your xen packages.[/quote]

[quote]Package : xen
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-4544 CVE-2012-5511 CVE-2012-5634 CVE-2013-0153

A regression in combination with pygrub has been discovered. For the
stable distribution (squeeze), these problems have been fixed in version
4.0.1-5.8.

We recommend that you upgrade your xen packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:29pm

Bonsoir,

Deux nouvelles mises à jour de sécurité :

[quote]Package : apache2
Vulnerability : several issues
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-3499 CVE-2012-4558 CVE-2013-1048

Several vulnerabilities have been found in the Apache HTTPD server.

CVE-2012-3499

The modules mod_info, mod_status, mod_imagemap, mod_ldap, and
mod_proxy_ftp did not properly escape hostnames and URIs in
HTML output, causing cross site scripting vulnerabilities.

CVE-2012-4558

Mod_proxy_balancer did not properly escape hostnames and URIs
in its balancer-manager interface, causing a cross site scripting
vulnerability.

CVE-2013-1048

Hayawardh Vijayakumar noticed that the apache2ctl script created
the lock directory in an unsafe manner, allowing a local attacker
to gain elevated privileges via a symlink attack. This is a Debian
specific issue.

For the stable distribution (squeeze), these problems have been fixed in
version 2.2.16-6+squeeze11.

For the testing distribution (wheezy), these problems will be fixed in
version 2.2.22-13.

For the unstable distribution (sid), these problems will be fixed in
version 2.2.22-13.

We recommend that you upgrade your apache2 packages.[/quote]

[quote]Package : openafs
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-1794 CVE-2013-1795

Multiple buffer overflows were discovered in OpenAFS, the implementation
of the distributed filesystem AFS, which might result in denial of
service or the execution of arbitrary code. Further information is
available at openafs.org/security.

For the stable distribution (squeeze), this problem has been fixed in
version 1.4.12.1+dfsg-4+squeeze1.

For the unstable distribution (sid), this problem has been fixed in
version 1.6.1-3.

We recommend that you upgrade your openafs packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:29pm

Bonjour,

Une mise à jour de sécurité pour php :

[quote]Package : php5
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-1635 CVE-2013-1643
Debian Bug : 702221

Several vulnerabilities have been discovered in PHP, the web scripting
language. The Common Vulnerabilities and Exposures project identifies
the following issues:

CVE-2013-1635

If a PHP application accepted untrusted SOAP object input remotely
from clients, an attacker could read system files readable for the
webserver.

CVE-2013-1643

The soap.wsdl_cache_dir function did not take PHP open_basedir
restrictions into account. Note that Debian advises against relying
on open_basedir restrictions for security.

For the stable distribution (squeeze), these problems have been fixed in
version 5.3.3-7+squeeze15.

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed in
version 5.4.4-14.

We recommend that you upgrade your php5 packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:31pm

Bonjour,

Deux mises à jour de sécurité :

[quote]Package : sudo
Vulnerability : several issues
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-1775 CVE-2013-1776
Debian Bug : 701838 701839

Several vulnerabilities have been discovered in sudo, a program designed
to allow a sysadmin to give limited root privileges to users. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2013-1775

Marco Schoepl discovered an authentication bypass when the clock is
set to the UNIX epoch [00:00:00 UTC on 1 January 1970].

CVE-2013-1776

Ryan Castellucci and James Ogden discovered aspects of an issue that
would allow session id hijacking from another authorized tty.

For the stable distribution (squeeze), these problems have been fixed in
version 1.7.4p4-2.squeeze.4.

For the testing (wheezy) and unstable (sid) distributions, these problems
have been fixed in version 1.8.5p2-1+nmu1.

We recommend that you upgrade your sudo packages.[/quote]

et

[quote]Package : perl
Vulnerability : rehashing flaw
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-1667
Debian Bug : 702296

Yves Orton discovered a flaw in the rehashing code of Perl. This flaw
could be exploited to carry out a denial of service attack against code
that uses arbitrary user input as hash keys. Specifically an attacker
could create a set of keys of a hash causing a denial of service via
memory exhaustion.

For the stable distribution (squeeze), this problem has been fixed in
version 5.10.1-17squeeze6.

For the testing distribution (wheezy), and the unstable distribution
(sid), this problem has been fixed in version 5.14.2-19.

We recommend that you upgrade your perl packages.[/quote]

Usti

ricardo · Février 21, 2016, 2:32pm

Pour “sudo”, il y a encore un bogue sur certaines archis, je crois.

Ustilago · Février 21, 2016, 2:32pm

Bonjour,

Une nouvelle mise à jour :

[quote]Package : puppet
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-1640 CVE-2013-1652 CVE-2013-1653 CVE-2013-1654
CVE-2013-1655 CVE-2013-2274 CVE-2013-2275
Debian Bug :

Multiple vulnerabilities were discovered in Puppet, a centralized
configuration management system.

CVE-2013-1640

An authenticated malicious client may request its catalog from the puppet
master, and cause the puppet master to execute arbitrary code. The puppet
master must be made to invoke the `template` or `inline_template` functions
during catalog compilation.

CVE-2013-1652

An authenticated malicious client may retrieve catalogs from the puppet
master that it is not authorized to access. Given a valid certificate and
private key, it is possible to construct an HTTP GET request that will
return a catalog for an arbitrary client.

CVE-2013-1653

An authenticated malicious client may execute arbitrary code on Puppet
agents that accept kick connections. Puppet agents are not vulnerable in
their default configuration. However, if the Puppet agent is configured to
listen for incoming connections, e.g. listen = true, and the agent's
auth.conf allows access to the `run` REST endpoint, then an authenticated
client can construct an HTTP PUT request to execute arbitrary code on the
agent. This issue is made worse by the fact that puppet agents typically
run as root.

CVE-2013-1654

A bug in Puppet allows SSL connections to be downgraded to SSLv2, which is
known to contain design flaw weaknesses This affects SSL connections
between puppet agents and master, as well as connections that puppet agents
make to third party servers that accept SSLv2 connections. Note that SSLv2
is disabled since OpenSSL 1.0.

CVE-2013-1655

An unauthenticated malicious client may send requests to the puppet master,
and have the master load code in an unsafe manner. It only affects users
whose puppet masters are running ruby 1.9.3 and above.

CVE-2013-2274

An authenticated malicious client may execute arbitrary code on the
puppet master in its default configuration. Given a valid certificate and
private key, a client can construct an HTTP PUT request that is authorized
to save the client's own report, but the request will actually cause the
puppet master to execute arbitrary code.

CVE-2013-2275

The default auth.conf allows an authenticated node to submit a report for
any other node, which is a problem for compliance. It has been made more
restrictive by default so that a node is only allowed to save its own
report.

For the stable distribution (squeeze), these problems have been fixed in
version 2.6.2-5+squeeze7.

For the testing distribution (wheezy), these problems have been fixed in
version 2.7.18-3.

For the unstable distribution (sid), these problems have been fixed in
version 2.7.18-3.

We recommend that you upgrade your puppet packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:32pm

Bonjour,

2 mises à jour de sécurité :

[quote]Package : wireshark
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-2478 CVE-2013-2480 CVE-2013-2481 CVE-2013-2483
CVE-2013-2484 CVE-2013-2488

Multiple vulnerabilities were discovered in the dissectors for the
MS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could
result in denial of service or the execution of arbitrary code.

For the stable distribution (squeeze), these problems have been fixed in
version 1.2.11-6+squeeze10.

For the unstable distribution (sid), these problems have been fixed in
version 1.8.2-5.

We recommend that you upgrade your wireshark packages.[/quote]

et

[quote]Package : zoneminder
Vulnerability : several issues
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-0232 CVE-2013-0332
Debian Bug : 698910 700912

Multiple vulnerabilities were discovered in zoneminder, a Linux video
camera security and surveillance solution. The Common Vulnerabilities
and Exposures project identifies the following problems:

CVE-2013-0232

Brendan Coles discovered that zoneminder is prone to an arbitrary
command execution vulnerability. Remote (authenticated) attackers
could execute arbitrary commands as the web server user.

CVE-2013-0332

zoneminder is prone to a local file inclusion vulnerability. Remote
attackers could examine files on the system running zoneminder.

For the stable distribution (squeeze), these problems have been fixed in
version 1.24.2-8+squeeze1.

For the testing distribution (wheezy), these problems have been fixed in
version 1.25.0-4.

For the unstable distribution (sid), these problems have been fixed in
version 1.25.0-4.

We recommend that you upgrade your zoneminder packages.[/quote]

Usti

Ustilago · Février 21, 2016, 2:32pm

Re,

Une autre mise à jour :

[quote]Package : inetutils
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE ID : CVE-2010-2529
Debian Bug :

Ovidiu Mara reported in 2010 a vulnerability in the ping util, commonly used by
system and network administrators. By carefully crafting ICMP responses, an
attacker could make the ping command hangs.

For the stable distribution (squeeze), this problem has been fixed in
version 2:1.6-3.1+squeeze2.

For the testing distribution (wheezy), this problem has been fixed in
version 2:1.9-2.

For the unstable distribution (sid), this problem has been fixed in
version 2:1.9-2.

We recommend that you upgrade your inetutils packages.[/quote]

Usti