en

Sicherheitsupdates für vim, imagemagick, imagemagick, icu, firefox-esr, weechat, ghostscript, libxstream-java, tomcat7, tomcat8, tiff, libtirpc, libytnef, xen, git, kde4libs, rtmpdump, bitlbee, bind9, jbig2dec,

deluge, mysql-connector-java, puppet, imagemagick, fop, mosquitto, strongswan, sudo, openldap, tnef, wordpress, perl, ettercap, libmwaw, otrs2, tor, zziplib, libosip2, libgcrypt20, firefox-esr, request-tracker4, gnutls28, irssi.

Sicherheitsanfälligkeit

DSA-3786-1 vim —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Sprachdateien des vim (Vi IMproved) Texteditors können zu einem Integer-Speicherüberlauf bei der Speicherreservierung führen, die einen Pufferüberlauf auslösen, durch welchen potentiell die Möglichkeit zum Ausführen von beliebigem Programmcode besteht oder die Gefahr für Denial-Of-Service.

 

DSA-3799-1 imagemagick —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TIFF, WPG, IPL, MPC or PSB files are processed.

 

DSA-3808-1 imagemagick —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service or the execution of arbitrary code if malformed TGA, Sun or PSD files are processed.

This update also fixes visual artefacts when running -sharpen on CMYK images (no security impact, but piggybacked on top of the security update with approval of the Debian stable release managers since it's a regression in jessie compared to wheezy).

 

DSA-3830-1 icu —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that icu, the International Components for Unicode library, did not correctly validate its input. An attacker could use this problem to trigger an out-of-bound write through a heap-based buffer overflow, thus causing a denial of service via application crash, or potential execution of arbitrary code.

 

DSA-3831-1 firefox-esr —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Multiple security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service.

 

DSA-3836-1 weechat —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that weechat, a fast and light chat client, is prone to a buffer overflow vulnerability in the IRC plugin, allowing a remote attacker to cause a denial-of-service by sending a specially crafted filename via DCC.

 

DSA-3838-1 ghostscript —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is processed.

 

DSA-3841-1 libxstream-java —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that XStream, a Java library to serialise objects to XML and back again, was suspectible to denial of service during unmarshalling.

 

DSA-3842-1 tomcat7 —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Two vulnerabilities were discovered in tomcat7, a servlet and JSP engine.

  • CVE-2017-5647 : Pipelined requests were processed incorrectly, which could result in some responses appearing to be sent for the wrong request.
  • CVE-2017-5648: Some application listeners calls were issued against the wrong objects, allowing untrusted applications running under a SecurityManager to bypass that protection mechanism and access or modify information associated with other web applications.

 

DSA-3843-1 tomcat8 —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Two vulnerabilities were discovered in tomcat8, a servlet and JSP engine.

  • CVE-2017-5647: Pipelined requests were processed incorrectly, which could result in some responses appearing to be sent for the wrong request.
  • CVE-2017-5648: Some application listeners calls were issued against the wrong objects, allowing untrusted applications running under a SecurityManager to bypass that protection mechanism and access or modify information associated with other web applications.

 

DSA-3844-1 tiff  —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Mehrere Angriffsmöglichkeiten wurden in der libtiff Bibliothek und seinen zugehörigen Tools entdeckt. Dies könnte den Dienst zum Absturz zu bringen, Speicherlecks verursachen oder bösartige Code ausführen.

 

DSA-3845-1 libtirpc —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Guido Vranken discovered that incorrect memory management in libtirpc, a transport-independent RPC library used by rpcbind and other programs may result in denial of service via memory exhaustion (depending on memory management settings).

 

DSA-3846-1 libytnef —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. Multiple heap overflows, out-of-bound writes and reads, NULL pointer dereferences and infinite loops could be exploited by tricking a user into opening a maliciously crafted winmail.dat file.

 

DSA-3847-1 xen —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Jan Beulich and Jann Horn discovered multiple vulnerabilities in the Xen hypervisor, which may lead to privilege escalation, guest-to-host breakout, denial of service or information leaks.

 

DSA-3848-1 git —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn "git upload-pack --help".

 

DSA-3849-1 kde4libs —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Several vulnerabilities were discovered in kde4libs, the core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2017-6410: Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs reported that URLs are not sanitized before passing them to FindProxyForURL, potentially allowing a remote attacker to obtain sensitive information via a crafted PAC file.
  • CVE-2017-8422: Sebastian Krahmer from SUSE discovered that the KAuth framework contains a logic flaw in which the service invoking dbus is not properly checked. This flaw allows spoofing the identity of the caller and gaining root privileges from an unprivileged account.

DSA-3850-1 rtmpdump —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Dave McDaniel discovered multiple vulnerabilities in rtmpdump, a small dumper/library for RTMP media streams, which may result in denial of service or the execution of arbitrary code if a malformed stream is dumped.

 

DSA-3853-1 bitlbee —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that bitlbee, an IRC to other chat networks gateway, contained issues that allowed a remote attacker to cause a denial of service (via application crash), or potentially execute arbitrary commands.

 

DSA-3854-1 bind9  —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Several vulnerabilities were discovered in BIND, a DNS server implementation. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2017-3136: Oleg Gorokhov of Yandex discovered that BIND does not properly handle certain queries when using DNS64 with the "break-dnssec yes;" option, allowing a remote attacker to cause a denial-of-service.
  • CVE-2017-3137: It was discovered that BIND makes incorrect assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records, leading to situations where BIND exits with an assertion failure. An attacker can take advantage of this condition to cause a denial-of-service.
  • CVE-2017-3138: Mike Lalumiere of Dyn, Inc. discovered that BIND can exit with a REQUIRE assertion failure if it receives a null command string on its control channel. Note that the fix applied in Debian is only applied as a hardening measure. Details about the issue can be found at https://kb.isc.org/article/AA-01471 .

DSA-3855-1 jbig2dec —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Multiple security issues have been found in the JBIG2 decoder library, which may lead to denial of service, disclosure of sensitive information from process memory or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened.

 

DSA-3856-1 deluge —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Two vulnerabilities have been discovered in the web interface of the Deluge BitTorrent client (directory traversal and cross-site request forgery).

 

DSA-3857-1 mysql-connector-java —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Two vulnerabilities have been found in the MySQL Connector/J JDBC driver.

 

DSA-3862-1 puppet  —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that unrestricted YAML deserialisation of data sent from agents to the server in the Puppet configuration management system could result in the execution of arbitrary code.

 

DSA-3863-1 imagemagick  —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.

 

DSA-3864-1 fop —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that an XML external entities vulnerability in the Apache FOP XML formatter may result in information disclosure.

 

DSA-3865-1 mosquitto —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that pattern-based ACLs in the Mosquitto MQTT broker could be bypassed.

 

DSA-3866-1 strongswan —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Two denial of service vulnerabilities were identified in strongSwan, an IKE/IPsec suite, using Google's OSS-Fuzz fuzzing project.

  • CVE-2017-9022: RSA public keys passed to the gmp plugin aren't validated sufficiently before attempting signature verification, so that invalid input might lead to a floating point exception and crash of the process. A certificate with an appropriately prepared public key sent by a peer could be used for a denial-of-service attack.
  • CVE-2017-9023: ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when parsing X.509 certificates with extensions that use such types. This could lead to infinite looping of the thread parsing a specifically crafted certificate.

DSA-3867-1 sudo —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

The Qualys Security team discovered that sudo, a program designed to provide limited super user privileges to specific users, does not properly parse "/proc/[pid]/stat" to read the device number of the tty from field 7 (tty_nr). A sudoers user can take advantage of this flaw on an SELinux-enabled system to obtain full root privileges.

 

DSA-3868-1 openldap —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Karsten Heymann discovered that the OpenLDAP directory server can be crashed by performing a paged search with a page size of 0, resulting in denial of service. This vulnerability is limited to the MDB storage backend.

 

DSA-3869-1 tnef —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that tnef, a tool used to unpack MIME attachments of type "application/ms-tnef", did not correctly validate its input. An attacker could exploit this by tricking a user into opening a malicious attachment, which would result in a denial-of-service by application crash.

 

DSA-3870-1 wordpress —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks.

 

DSA-3873-1 perl —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

The cPanel Security Team reported a time of check to time of use (TOCTTOU) race condition flaw in File::Path, a core module from Perl to create or remove directory trees. An attacker can take advantage of this flaw to set the mode on an attacker-chosen file to a attacker-chosen value.

 

DSA-3874-1 ettercap —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Agostino Sarubbo and AromalUllas discovered that ettercap, a network security tool for traffic interception, contains vulnerabilities that allowed an attacker able to provide maliciously crafted filters to cause a denial-of-service via application crash.

 

DSA-3875-1 libmwaw —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that a buffer overflow in libmwaw, a library to open old Mac text documents might result in the execution of arbitrary code if a malformed document is opened.

 

DSA-3876-1 otrs2 —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Joerg-Thomas Vogt discovered that the SecureMode was insufficiently validated in the OTRS ticket system, which could allow agents to escalate their privileges.

 

DSA-3877-1 tor —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It has been discovered that Tor, a connection-based low-latency anonymous communication system, contain a flaw in the hidden service code when receiving a BEGIN_DIR cell on a hidden service rendezvous circuit. A remote attacker can take advantage of this flaw to cause a hidden service to crash with an assertion failure (TROVE-2017-005).

 

DSA-3878-1 zziplib —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Agostino Sarubbo discovered multiple vulnerabilities in zziplib, a library to access Zip archives, which could result in denial of service and potentially the execution of arbitrary code if a malformed archive is processed.

 

DSA-3879-1 libosip2 —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Multiple security vulnerabilities have been found in oSIP, a library implementing the Session Initiation Protocol, which might result in denial of service through malformed SIP messages.

 

DSA-3880-1 libgcrypt20 —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

It was discovered that a side channel attack in the EdDSA session key handling in Libgcrypt may result in information disclosure.

 

DSA-3881-1 firefox-esr —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or domain spoofing.

 

DSA-3882-1 request-tracker4 —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Mehrere Angriffsmöglichkeiten wurden in Request Tracker, einem Trouble-Ticket-System. Das Common Vulnerabilities and Exposures (CVE) nennt die folgenden Probleme:

  • CVE-2016-6127: It was discovered that Request Tracker is vulnerable to a cross-site scripting (XSS) attack if an attacker uploads a malicious file with a certain content type. Installations which use the AlwaysDownloadAttachments config setting are unaffected by this flaw. The applied fix addresses all existant and future uploaded attachments.
  • CVE-2017-5361: It was discovered that Request Tracker is vulnerable to timing side-channel attacks for user passwords.
  • CVE-2017-5943: It was discovered that Request Tracker is prone to an information leak of cross-site request forgery (CSRF) verification tokens if a user is tricked into visiting a specially crafted URL by an attacker.
  • CVE-2017-5944: It was discovered that Request Tracker is prone to a remote code execution vulnerability in the dashboard subscription interface. A privileged attacker can take advantage of this flaw through carefully-crafted saved search names to cause unexpected code to be executed. The applied fix addresses all existant and future saved searches.

 

DSA-3884-1 gnutls28 —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Hubert Kario discovered that GnuTLS, a library implementing the TLS and SSL protocols, does not properly decode a status response TLS extension, allowing a remote attacker to cause an application using the GnuTLS library to crash (denial of service).

 

DSA-3885-1 irssi  —Sicherheitsupdates

Auszug der Sicherheitsdatenbank:

Mehrere Angriffsmöglichkeiten wurden in Irssi einem Terminalbasierten IRC Client entdeckt. Das Common Vulnerabilities and Exposures (CVE) nennt die folgenden Probleme:

  • CVE-2017-9468: Joseph Bisch discovered that Irssi does not properly handle DCC messages without source nick/host. A malicious IRC server can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service.
  • CVE-2017-9469: Joseph Bisch discovered that Irssi does not properly handle receiving incorrectly quoted DCC files. A remote attacker can take advantage of this flaw to cause Irssi to crash, resulting in a denial of service.
  • Fehlerbehebungen

vim Sicherheitslücken wurden behoben mit version 2:8.0.0197-2; imagemagick Sicherheitslücken wurden behoben mit version 8:6.9.7.4+dfsg-1; imagemagick Sicherheitslücken wurden behoben mit version 8:6.9.7.4+dfsg-2; icu Sicherheitslücken wurden behoben mit version 57.1-6; firefox-esr Sicherheitslücken wurden behoben mit version 45.9.0esr-1; weechat Sicherheitslücken wurden behoben mit version 1.7-3; ghostscript Sicherheitslücken wurden behoben mit version 9.20~dfsg-3.1; libxstream-java Sicherheitslücken wurden behoben mit version 1.4.9-2; tomcat7 Sicherheitslücken wurden behoben mit version 7.0.72-3; tomcat8 Sicherheitslücken wurden behoben mit version 8.5.11-2; tiff Sicherheitslücken wurden behoben mit version 4.0.7-6; libtirpc Sicherheitslücken wurden behoben mit version 0.2.5-1.2 and version 0.2.3-0.6 of rpcbind; libytnef Sicherheitslücken wurden behoben mit version 1.9.2-1; xen Sicherheitslücken wurden behoben mit version 4.8.1-1+deb9u1; git Sicherheitslücken wurden behoben mit version 1:2.11.0-3; kde4libs Sicherheitslücken wurden behoben mit version 4:4.14.26-2; rtmpdump Sicherheitslücken wurden behoben mit version 2.4+20151223.gitfa8646d.1-1; bitlbee Sicherheitslücken wurden behoben mit version 3.5-1; bind9 Sicherheitslücken wurden behoben mit version 1:9.10.3.dfsg.P4-12.3; jbig2dec Sicherheitslücken wurden behoben mit version 0.13-4.1; deluge Sicherheitslücken wurden behoben mit version 1.3.13+git20161130.48cedf63-3; mysql-connector-java Sicherheitslücken wurden behoben mit version 5.1.42-1; puppet Sicherheitslücken wurden behoben mit version 4.8.2-5; imagemagick Sicherheitslücken wurden behoben mit version 8:6.9.7.4+dfsg-8; fop Sicherheitslücken wurden behoben mit version 1:2.1-6; mosquitto Sicherheitslücken wurden behoben mit version 1.4.10-3; strongswan Sicherheitslücken wurden behoben mit version 5.5.1-4; sudo Sicherheitslücken wurden behoben mit version 1.8.20p1-1; openldap Sicherheitslücken wurden behoben mit version 2.4.44+dfsg-5; tnef Sicherheitslücken wurden behoben mit version 1.4.12-1.2; wordpress Sicherheitslücken wurden behoben mit version 4.7.5+dfsg-1; perl Sicherheitslücken wurden behoben mit version 5.24.1-3; ettercap Sicherheitslücken wurden behoben mit version 1:0.8.2-4; libmwaw Sicherheitslücken wurden behoben mit version 0.3.9-2; otrs2 Sicherheitslücken wurden behoben mit version 5.0.20-1; tor Sicherheitslücken wurden behoben mit version 0.2.9.11-1; zziplib Sicherheitslücken wurden behoben mit version 0.13.62-3.1; libosip2 Sicherheitslücken wurden behoben mit version 4.1.0-2.1; libgcrypt20 Sicherheitslücken wurden behoben mit version 1.7.6-2; firefox-esr Sicherheitslücken wurden behoben mit version 52.2.0esr-1; request-tracker4 Sicherheitslücken wurden behoben mit version 4.4.1-4; gnutls28 Sicherheitslücken wurden behoben mit version 3.5.8-6; irssi Sicherheitslücken wurden behoben mit version 1.0.3-1.

Wir empfehlen Ihnen, das System zu aktualisieren, um die Patches zu erhalten, welche die Schwachstellen beheben.

One Comment

Schreibe einen Kommentar