Linux Advisory Watch: August 21st, 2015

Security Report Summary

Security Report Summary

Security Report Summary

Security Report Summary

Security Report Summary

Security Report Summary

Security Report Summary

Security Report Summary

Security Report Summary

* denial of service in glob_()

Update to 10.0.21

Update to 10.0.21

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.

This update fixes CVE-2015-5186. The issue is that ausearch/report did not escape terminal emulator sequences when interpreting untrusted data.

Update to RubyGems 2.2.5.

This update brings fixes for vulnerabilities published with openssh-7.0 and is fixing pam_ssh_agent_auth module to be functional again.

This update fixes CVE-2015-5186. The issue is that ausearch/report did not escape terminal emulator sequences when interpreting untrusted data.

The 4.1.5 update contains a number of important fixes across the tree.

Gabriel Vlasiu reported that xfs_metadump, part of the xfsprogs suite of tools for the XFS filesystem, did not properly obfuscate data. xfs_metadump properly obfuscates active metadata, but the rest of the space within that fs block comes through in the clear. This could lead to exposure of stale disk data via the produced metadump image.The expectation of xfs_metadump is to obfuscate all but the shortest names in the metadata, as noted in the manpage:By default, xfs_metadump obfuscates most file (regular file, directory and symbolic link) names and extended attribute names to allow the dumps to be sent without revealing confidential information. Extended attribute values are zeroed and no data is copied. The only exceptions are file or attribute names that are 4 or less characters in length. Also file names that span extents (this can only occur with the mkfs.xfs(8) options where -n size > -b size) are not obfuscated. Names between 5 and 8 characters in length inclusively are partially obfuscated.While the xfs_metadump tool can be run by unprivileged users, it requires appropriate permissions to access block devices (such as root) where the sensitive data might be dumped. An unprivileged user, without access to the block device, could not use this flaw to obtain sensitive data they would not otherwise have permission to access.

Gabriel Vlasiu reported that xfs_metadump, part of the xfsprogs suite of tools for the XFS filesystem, did not properly obfuscate data. xfs_metadump properly obfuscates active metadata, but the rest of the space within that fs block comes through in the clear. This could lead to exposure of stale disk data via the produced metadump image.The expectation of xfs_metadump is to obfuscate all but the shortest names in the metadata, as noted in the manpage:By default, xfs_metadump obfuscates most file (regular file, directory and symbolic link) names and extended attribute names to allow the dumps to be sent without revealing confidential information. Extended attribute values are zeroed and no data is copied. The only exceptions are file or attribute names that are 4 or less characters in length. Also file names that span extents (this can only occur with the mkfs.xfs(8) options where -n size > -b size) are not obfuscated. Names between 5 and 8 characters in length inclusively are partially obfuscated.While the xfs_metadump tool can be run by unprivileged users, it requires appropriate permissions to access block devices (such as root) where the sensitive data might be dumped. An unprivileged user, without access to the block device, could not use this flaw to obtain sensitive data they would not otherwise have permission to access.

Fix for CVE-2015-3225: Potential Denial of Service Vulnerability in Rack- Related rhbz#CVE-2015-3225New rubygem-rack-1.6.1-1.fc22

The 4.1.5 update contains a number of important fixes across the tree

* update to 2.4.2* fix CVE-2015-3026* use %license on Fedora 22+

Backport upstream fixes: Use-after-free bug in Decoder.cpp

* update to 2.4.2* fix CVE-2015-3026

Update to 2.0.3 release to fix various CVE issues.

updated to 3.3.17

Update flac to fix security issue in xmms-flac plugin (previously an independent subpackage that was out of date).

Security fix for CVE-2015-2774

Security fix for CVE-2015-2774

Update flac to fix security issue in xmms-flac plugin (previously an independent subpackage that was out of date).

security fixes for net/http smuggling

Update to 2.0.3 release to fix various CVE issues.

security fixes for net/http smuggling

New emergency security release

New upstream release, fixing several security issues and providing pam_ssh_agent_auth functionality.

WebKitGTK+ 2.8.5 includes fixes for 3 security issues. Additional fixes:* Fix the window size reported when the web view isn't realized yet. This fixes the layout of some websites when opening new tabs in the browser and anchor links when opened in new tabs too.* Prevent clipboard contents from being lost when web process finishes.* Always allow font matching for strong aliases.* Move GStreamer missing plugins installer to the UI process.* Fix a crash when spell checker returns no guesses.* Fix a crash when SoupSession is destroyed in exit handler.* Fix a crash closing a page when default context menu is open.* Several crashes and rendering issues fixed.* Translation updates: Swedish.

New emergency security release

* Rebased to version 2.3.1* Fix crash in qemu_spice_create_display (bz #1163047)* Fix qemu-img map crash for unaligned image (bz #1229394)* CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536)* CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)* CVE-2015-5158: scsi stack buffer overflow (bz #1246025)* CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)* CVE-2015-5166: BlockBackend object use after free issue (bz #1249758)* CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)* CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)

Update to 2.0.3 release to fix various CVE issues.

For list of changes see: https://www.mozilla.org/en-US/firefox/40.0/releasenotes/

For list of changes see: https://www.mozilla.org/en-US/firefox/40.0/releasenotes/

Security fix for CVE-2013-7440

Security fix for CVE-2013-7440

Update flac to fix security issue in xmms-flac plugin (previously an independent subpackage that was out of date).

* update to 2.4.2* fix CVE-2015-3026* use %license on Fedora 22+

Update to KeePass 2.30. Add workaround for missing dependency on libgdiplus.so with Mono 4.

updated to 3.3.17

This release fixes buffer overflows when compiling certain expressions.

**WordPress 4.2.4 Security and Maintenance Release**WordPress 4.2.4 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset.Our thanks to those who have practiced responsible disclosure of security issues.WordPress 4.2.4 also fixes four bugs. For more information, see: the release notes or consult the list of changes.* the release notes: https://wordpress.org/documentation/wordpress-version/version-4-2-4/* the list of changes: https://core.trac.wordpress.org/log/branches/4.2?rev=33573&stop_rev=33396 **WordPress 4.2.3 Security and Maintenance Release**WordPress 4.2.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was initially reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team, and later reported by Jouko Pynnönen.We also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft. Reported by Netanel Rubin from Check Point Software Technologies.Our thanks to those who have practiced responsible disclosure of security issues.WordPress 4.2.3 also contains fixes for 20 bugs from 4.2. For more information, see:* the release notes: https://wordpress.org/documentation/wordpress-version/version-4-2-3/* the list of changes: https://core.trac.wordpress.org/log/branches/4.2?rev=33382&stop_rev=32430

* Fix unsafe signal handlers to avoid DoS attack [CVE-2015-0847].

* Fix unsafe signal handlers to avoid DoS attack [CVE-2015-0847].

**WordPress 4.2.4 Security and Maintenance Release**WordPress 4.2.4 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset.Our thanks to those who have practiced responsible disclosure of security issues.WordPress 4.2.4 also fixes four bugs. For more information, see: the release notes or consult the list of changes.* the release notes: https://wordpress.org/documentation/wordpress-version/version-4-2-4/* the list of changes: https://core.trac.wordpress.org/log/branches/4.2?rev=33573&stop_rev=33396 **WordPress 4.2.3 Security and Maintenance Release**WordPress 4.2.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was initially reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team, and later reported by Jouko Pynnönen.We also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft. Reported by Netanel Rubin from Check Point Software Technologies.Our thanks to those who have practiced responsible disclosure of security issues.WordPress 4.2.3 also contains fixes for 20 bugs from 4.2. For more information, see:* the release notes: https://wordpress.org/documentation/wordpress-version/version-4-2-3/* the list of changes: https://core.trac.wordpress.org/log/branches/4.2?rev=33382&stop_rev=32430

A bug in the Icecast code handling source client URL authentication causes a Denial of Service condition.

Multiple vulnerabilities have been found in libgadu, the worst of which may result in execution of arbitrary code.

Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code.

Updated mariadb55-mariadb packages that fix several security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security [More...]

Updated rh-mariadb100-mariadb packages that fix several security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security [More...]

Updated kernel packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having Moderate security [More...]

An updated pam package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate [More...]

Updated openstack-glance packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0. Red Hat Product Security has rated this update as having an Important [More...]

Updated net-snmp packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate [More...]

An updated sqlite package that fixes three security issues is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]

An updated sqlite package that fixes one security issue is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]

Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]

Updated rh-mysql56-mysql packages that fix several security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security [More...]

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security [More...]

Updated glibc packages that fix one security issue are now available for Red Hat Linux 5. Red Hat Product Security has rated this update as having Moderate security [More...]

Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security [More...]

Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security [More...]

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]

New mozilla-firefox packages are available for Slackware 14.1 to fix security issues. [More Info...]

USN-2702-1 introduced a regression in Firefox.

Several security issues were fixed in Subversion.

Django could be made to crash if it received specially crafted networktraffic.

USN-2710-1 introduced a regression in OpenSSH.

The system could be made to crash under certain conditions.

The system could be made to crash under certain conditions.

Several security issues were fixed in the kernel.

Several security issues were fixed in the kernel.

The system could be made to crash under certain conditions.

The system could be made to crash under certain conditions.

The system could be made to crash under certain conditions.

Net-SNMP could be made to crash or run programs if it received speciallycrafted network traffic.

The certificate bundled with pollinate has been refreshed.

Several security issues were fixed in OpenSSH.