Debian Beveiliging

Debian Security Advisories

DSA-4798 spip – security update

25 November 2020, 12:00 am

It was discovered that SPIP, a website engine for publishing, did not
correctly validate its input. This would allow authenticated users to
execute arbitrary code.

The following vulnerabilities have been discovered in the webkit2gtk
web engine:

DSA-4794 mupdf – security update

21 November 2020, 12:00 am

A heap-based buffer overflow flaw was discovered in MuPDF, a lightweight
PDF viewer, which may result in denial of service or the execution of
arbitrary code if malformed documents are opened.

DSA-4795 krb5 – security update

21 November 2020, 12:00 am

Demi Obeneour discovered that unbounded recursion in the ASN1 parser
of libkrb5 could result in denial of service.

Multiple security issues have been found in Thunderbird, which may lead
to the execution of arbitrary code or denial of service.

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, information disclosure, phishing, cross-site scripting or a DNS
rebinding attack.

DSA-4792 openldap – security update

17 November 2020, 12:00 am

Two vulnerabilities in the certificate list syntax verification and
in the handling of CSN normalization were discovered in OpenLDAP, a
free implementation of the Lightweight Directory Access Protocol.
An unauthenticated remote attacker can take advantage of these
flaws to cause a denial of service (slapd daemon crash) via
specially crafted packets.

Ken Gaillot discovered a vulnerability in the Pacemaker cluster
resource manager: If ACLs were configured for users in the haclient
group, the ACL restrictions could be bypassed via unrestricted IPC
communication, resulting in cluster-wide arbitrary code execution with
root privileges.

A use-after-free was found in Thunderbird, which could potentially result
in the execution of arbitrary code.

It was discovered that codemirror, a browser-based text editor
implemented in JavaScript, was vulnerable to regular expression
denial-of-service.

A use-after-free was found in the Mozilla Firefox web browser, which
could potentially result in the execution of arbitrary code.

DSA-4787 moin – security update

9 November 2020, 12:00 am

Two vulnerabilities were discovered in moin, a Python clone of WikiWiki.

It was discovered that a boundary check in libexif, a library to parse
EXIF files, could be optimised away by the compiler, resulting in
a potential buffer overflow.

It was discovered that raptor2, an RDF parser library, is prone to
heap-based buffer overflow flaws, which could result in denial of
service, or potentially the execution of arbitrary code, if a specially
crafted file is processed.

Several vulnerabilities were discovered in WordPress, a web blogging
tool. They allowed remote attackers to run insecure deserialization,
embed spam, perform various Cross-Site Scripting (XSS) or Cross-Site
Request Forgery (CSRF) attacks, escalate privileges, run arbitrary
code, and delete arbitrary files.

DSA-4783 sddm – security update

5 November 2020, 12:00 am

Fabian Vogt discovered a flaw in sddm, a modern display manager for X11.
A local attacker can take advantage of a race condition when creating
the Xauthority file to escalate privileges.

A vulnerability in the handling of normalization with modrdn was
discovered in OpenLDAP, a free implementation of the Lightweight
Directory Access Protocol. An unauthenticated remote attacker can use
this flaw to cause a denial of service (slapd daemon crash) via a
specially crafted packet.

Vaisha Bernard discovered that Blueman, a graphical bluetooth manager
performed insufficient validation on a D-Bus interface, which could
result in denial of service or privilege escalation.