en

Sono state rilasciate le patch di sicurezza per spip, tomcat8, jython, flatpak, apache2 e expat.javascript:;

Informazioni sulle vulnerabilità

DSA-3890-1 spip — Security Updates

Security database details:

Emeric Boit of ANSSI reported that SPIP, a website engine for publishing, insufficiently sanitises the value from the X-Forwarded-Host HTTP header field. An unauthenticated attacker can take advantage of this flaw to cause remote code execution.

 

DSA-3891-1 tomcat8 — Security Updates

Security database details:

Aniket Nandkishor Kulkarni discovered that in tomcat8, a servlet and JSP engine, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacement or removal of the custom error page.

 

DSA-3893-1 jython — Security Updates

Security database details:

Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer.

 

DSA-3895-1 flatpak — Security Updates

Security database details:

It was discovered that Flatpak, an application deployment framework for desktop apps insufficiently restricted file permissinons in third-party repositories, which could result in privilege escalation.

 

DSA-3896-1 apache2 — Security Updates

Security database details:

Several vulnerabilities have been found in the Apache HTTPD server.

  • CVE-2017-3167: Emmanuel Dreyfus reported that the use of ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
  • CVE-2017-3169: Vasileios Panopoulos of AdNovum Informatik AG discovered that mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port leading to a denial of service.
  • CVE-2017-7659: Robert Swiecki reported that a specially crafted HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process.
  • CVE-2017-7668: Javier Jimenez reported that the HTTP strict parsing contains a flaw leading to a buffer overread in ap_find_token(). A remote attacker can take advantage of this flaw by carefully crafting a sequence of request headers to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
  • CVE-2017-7679; ChenQin and Hanno Boeck reported that mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

 

DSA-3898-1 expat — Security Updates

Security database details:

Multiple vulnerabilities have been discovered in Expat, an XML parsing C library. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2016-9063: Gustavo Grieco discovered an integer overflow flaw during parsing of XML. An attacker can take advantage of this flaw to cause a denial of service against an application using the Expat library.
  • CVE-2017-9233: Rhodri James discovered an infinite loop vulnerability within the entityValueInitProcessor() function while parsing malformed XML in an external entity. An attacker can take advantage of this flaw to cause a denial of service against an application using the Expat library.

Stato della risoluzione

Le vulnerabilità relative a Spip sono state risolte nella versione 3.1.4-3;

Le vulnerabilità relative a Tomcat8 sono state risolte nella versione 8.5.14-2;

Le vulnerabilità relative a Jython sono state risolte nella versione 2.5.3-17;

Le vulnerabilità relative a Flatpak sono state risolte nella versione 0.8.7-1;

Le vulnerabilità relative a Apache2 sono state risolte nella versione 2.4.24-4;

Le vulnerabilità relative a Expat sono state risolte nella versione 2.2.1-1;

Si raccomanda l'aggiornamento del Sistema per installare le fix alle vulnerabilità indicate.

Lascia un commento