Debian Beveiliging

Debian Security Advisories

DSA-4633 curl – security update

22 February 2020, 12:00 am

Multiple vulnerabilities were discovered in cURL, an URL transfer
library.

DSA-4632 ppp – security update

22 February 2020, 12:00 am

Ilja Van Sprundel reported a logic flaw in the Extensible Authentication
Protocol (EAP) packet parser in the Point-to-Point Protocol Daemon
(pppd). An unauthenticated attacker can take advantage of this flaw to
trigger a stack-based buffer overflow, leading to denial of service
(pppd daemon crash).

It was discovered that pysaml2, a Python implementation of SAML to be
used in a WSGI environment, was susceptible to XML signature wrapping
attacks, which could result in a bypass of signature verification.

DSA-4631 pillow – security update

21 February 2020, 12:00 am

Multiple security issues were discovered in Pillow, a Python imaging
library, which could result in denial of service and potentially the
execution of arbitrary code if malformed PCX, FLI, SGI or TIFF images
are processed.

Simon Charette discovered that Django, a high-level Python web
development framework, did not properly handle input in its PostgreSQL
module. A remote attacker could leverage this to perform SQL injection
attacks.

DSA-4628 php7.0 – security update

18 February 2020, 12:00 am

Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in information
disclosure, denial of service or incorrect validation of path names.

DSA-4626 php7.3 – security update

17 February 2020, 12:00 am

Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in information
disclosure, denial of service or incorrect validation of path names.

The following vulnerabilities have been discovered in the webkit2gtk
web engine:

Multiple security issues have been found in Thunderbird, which may lead
to the execution of arbitrary code or denial of service.

DSA-4624 evince – security update

14 February 2020, 12:00 am

Several vulnerabilities were discovered in evince, a simple multi-page
document viewer.

Tom Lane discovered that ALTER … DEPENDS ON EXTENSION sub commands
in the PostgreSQL database did not perform authorisation checks.

Tom Lane discovered that ALTER … DEPENDS ON EXTENSION sub commands
in the PostgreSQL database did not perform authorisation checks.

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code.

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
resulting in denial of service, incorrect implementation of Kerberos
GSSAPI and TGS requests or incorrect TLS handshakes.

An out-of-bounds write vulnerability due to an integer overflow was
reported in libexif, a library to parse EXIF files, which could result
in denial of service, or potentially the execution of arbitrary code if
specially crafted image files are processed.

Guillaume Teissier reported that the XMLRPC client in libxmlrpc3-java,
an XML-RPC implementation in Java, does perform deserialization of the
server-side exception serialized in the faultCause attribute of XMLRPC
error response messages. A malicious XMLRPC server can take advantage of
this flaw to execute arbitrary code with the privileges of an
application using the Apache XMLRPC client library.

Two security issues were found in the Qt library, which could result in
plugins and libraries being loaded from the current working directory,
resulting in potential code execution.

DSA-4616 qemu – security update

2 February 2020, 12:00 am

Two security issues have been found in the SLiRP networking
implementation of QEMU, a fast processor emulator, which could result
in the execution of arbitrary code or denial of service.

A heap-based buffer overflow vulnerability was discovered in the
idn2_to_ascii_4i() function in libidn2, the GNU library for
Internationalized Domain Names (IDNs), which could result in denial of
service, or the execution of arbitrary code when processing a long
domain string.

DSA-4614 sudo – security update

1 February 2020, 12:00 am

Joe Vennix discovered a stack-based buffer overflow vulnerability in
sudo, a program designed to provide limited super user privileges to
specific users, triggerable when configured with the pwfeedback option
enabled. An unprivileged user can take advantage of this flaw to obtain
full root privileges.

Two vulnerabilities were discovered in spamassassin, a Perl-based spam
filter using text analysis. Malicious rule or configuration files,
possibly downloaded from an updates server, could execute arbitrary
commands under multiple scenarios.

It was discovered that the LDAP authentication modules for the Prosody
Jabber/XMPP server incorrectly validated the XMPP address when checking
whether a user has admin access.

The following vulnerabilities have been discovered in the webkit2gtk
web engine:

Qualys discovered that the OpenSMTPD SMTP server performed insufficient
validation of email addresses which could result in the execution of
arbitrary commands as root. In addition this update fixes a denial of
service by triggering an opportunistic TLS downgrade.