{"id":21530,"date":"2017-01-20T10:13:46","date_gmt":"2017-01-20T02:13:46","guid":{"rendered":"https:\/\/www.deepin.org\/?p=21530"},"modified":"2017-11-27T11:46:10","modified_gmt":"2017-11-27T03:46:10","slug":"security-updates%ef%bc%88dsa-3717-1-dsa-3718-1-dsa-3719-1-dsa-3723-1-dsa-3725-1-dsa-3727-1-dsa-3731-1-dsa-3733-1-dsa-3735-1-dsa-3736-1-dsa-3738-1-dsa-3741-1-dsa-3742-1","status":"publish","type":"post","link":"https:\/\/www.deepin.org\/zh\/security-updates%ef%bc%88dsa-3717-1-dsa-3718-1-dsa-3719-1-dsa-3723-1-dsa-3725-1-dsa-3727-1-dsa-3731-1-dsa-3733-1-dsa-3735-1-dsa-3736-1-dsa-3738-1-dsa-3741-1-dsa-3742-1\/","title":{"rendered":"\u5b89\u5168\u66f4\u65b0\uff08DSA-3717-1 &DSA-3718-1 &DSA-3719-1 &DSA-3723-1 &DSA-3725-1 &DSA-3727-1 &DSA-3731-1 &DSA-3733-1 &DSA-3735-1 &DSA 3736-1 &DSA 3738-1 &DSA 3741-1 &DSA 3742-1 &DSA 3743-1 &DSA 3745-1 &DSA 3746-1 &DSA 3748-1 &DSA 3749-1 &DSA 3750-1 &DSA 3751-1 &DSA 3752-1 &DSA 3753-1 &DSA 3755-1\uff09"},"content":{"rendered":"\u6b64\u6b21\u5b89\u5168\u6f0f\u6d1e\u66f4\u65b0\u5305\u62ecgst-plugins-bad1.0\u3001drupal7\u3001wireshark\u3001gst-plugins-good1.0\u3001icu\u3001hdf5\u3001chromium-browser\u3001apt\u3001game-music-emu\u3001libupnp\u3001tor\u3001flightgear\u3001python-bottle\u3001squid3\u3001graphicsmagick\u3001libcrypto++\u3001dcmtk\u3001libphp-phpmailer\u3001libgd2\u3001pcsc-lite\u3001libvncserver\u53catomcat8\u66f4\u65b0\u3002<\/p>\n

 <\/p>\n

\u6f0f\u6d1e\u6982\u8ff0<\/h1>\n

DSA-3717-1 gst-plugins-bad1.0, gst-plugins-bad0.10<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5b89\u5168\u6570\u636e\u5e93\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

GStreamer\u63d2\u4ef6\u89e3\u7801VMware\u5c4f\u5e55\u6355\u83b7\u6587\u4ef6\u5141\u8bb8\u6267\u884c\u4efb\u610f\u4ee3\u7801\u7684\u6f0f\u6d1e\u3002<\/p>\n

 <\/p>\n

DSA-3718-1 drupal7<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5173\u4e8e\u6b64\u5b89\u5168\u66f4\u65b0\u516c\u544a\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728Drupal\u5185\u5bb9\u7ba1\u7406\u6846\u67b6\u4e2d\u53d1\u73b0\u591a\u4e2a\u6f0f\u6d1e\u3002\u66f4\u591a\u7684\u8be6\u60c5\uff0c\u8bf7\u53c2\u770b\u4e0a\u6e38\u516c\u544a\uff1ahttps:\/\/www.drupal.org\/SA-CORE-2016-005<\/p>\n

 <\/p>\n

DSA-3719-1 wireshark<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5173\u4e8e\u6b64\u5b89\u5168\u66f4\u65b0\u516c\u544a\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728wireshark\uff08\u7f51\u7edc\u534f\u8bae\u5206\u6790\u5668\uff09\uff0c\u5728DCERPC, AllJoyn, DTN, OpenFlow\u534f\u8bae\u89e3\u6790\u5668\u4e2d\u53d1\u73b0\u591a\u4e2a\u6f0f\u6d1e\uff0c\u8fd9\u4e9b\u6f0f\u6d1e\u53ef\u9020\u6210\u591a\u79cd\u5d29\u6e83\uff0c\u670d\u52a1\u62d2\u7edd\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002<\/p>\n

 <\/p>\n

DSA-3723-1 gst-plugins-good1.0<\/a>\u00a0\u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5173\u4e8e\u6b64\u5b89\u5168\u66f4\u65b0\u516c\u544a\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728\u89e3\u7801FLIC\u683c\u5f0f\u7684\u6587\u4ef6\u65f6\u4f7f\u7528GStreamer 1.0 plugin\u4f1a\u9020\u6210\u5141\u8bb8\u6267\u884c\u4efb\u610f\u4ee3\u7801\u7684\u6f0f\u6d1e\u3002\u66f4\u591a\u7684\u8be6\u60c5\u53ef\u67e5\u770b\u76f8\u5173\u516c\u544a\uff1a<\/p>\n

https:\/\/scarybeastsecurity.blogspot.de\/2016\/11\/0day-exploit-advancing-exploitation.html<\/a><\/p>\n

 <\/p>\n

DSA-3725-1 icu<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5173\u4e8e\u6b64\u5b89\u5168\u66f4\u65b0\u516c\u544a\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728ICU\uff08\u56fd\u9645Unicode\u5e93\uff09\u4e2d\u53d1\u73b0\u591a\u4e2a\u6f0f\u6d1e\uff1a<\/p>\n

CVE-2014-9911\uff1a\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u80fd\u591f\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u5236\u4f5c\u7684\u6587\u672c\u9020\u6210\u670d\u52a1\u62d2\u7edd\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff1b<\/p>\n

CVE-2015-2632\uff1a\u4e00\u4e2a\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u5982\u679c\u653b\u51fb\u8005\u901a\u8fc7\u63a7\u5236\u8f93\u5165\u6587\u4ef6\u53ef\u80fd\u9020\u6210\u670d\u52a1\u62d2\u7edd\u6216\u5e94\u7528\u5185\u5b58\u7684\u90e8\u5206\u4fe1\u606f\u7684\u6cc4\u6f0f \uff1b<\/p>\n

CVE-2015-4844\uff1a\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u653b\u51fb\u8005\u4f7f\u7528\u5b57\u4f53\u6587\u4ef6\u7684\u63a7\u5236\u53bb\u9020\u6210\u670d\u52a1\u62d2\u7edd\uff0c\u6216\u53ef\u80fd\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff1b<\/p>\n

CVE-2016-6293\uff1a\u4e00\u4e2a\u7f13\u51b2\u533a\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u653b\u51fb\u8005\u9020\u6210\u670d\u52a1\u62d2\u7edd\u6216\u6cc4\u6f0f\u5e94\u7528\u5185\u5b58\u4e2d\u7684\u4fe1\u606f\uff1b<\/p>\n

CVE-2016-7415\uff1a\u4e00\u4e2a\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\u53ef\u80fd\u5141\u8bb8\u653b\u51fb\u8005\u63a7\u5236\u5b57\u7b26\u4e32\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff0c\u53ef\u80fd\u4e5f\u5b58\u5728\u6267\u884c\u4efb\u610f\u4ee3\u7801\u7684\u5a01\u80c1\u3002<\/p>\n

 <\/p>\n

DSA-3727-1 hdf5<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5173\u4e8e\u6b64\u5b89\u5168\u66f4\u65b0\u516c\u544a\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728hdf5\uff08\u5b58\u50a8\u79d1\u5b66\u6570\u636e\u7684\u6587\u4ef6\u683c\u5f0f\u5e93\uff09\u4e2d\u53d1\u73b0\u591a\u4e2a\u6f0f\u6d1e\uff0c\u8fd9\u4e9b\u6f0f\u6d1e\u53ef\u80fd\u5bfc\u81f4\u5728\u5904\u7406\u4e0d\u53d7\u4fe1\u4efb\u7684\u6570\u636e\u65f6\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002<\/p>\n

 <\/p>\n

DSA-3731-1 chromium-browser<\/a> \u2014 \u5b89\u5168\u66f4\u65b0<\/strong><\/p>\n

\u5173\u4e8e\u6b64\u5b89\u5168\u66f4\u65b0\u516c\u544a\u8be6\u7ec6\u4fe1\u606f\uff1a<\/p>\n

\u5728chromium\u6d4f\u89c8\u5668\u4e2d\u53d1\u73b0\u591a\u4e2a\u6f0f\u6d1e\uff1a<\/p>\n