Updated kernel packages fixes security and other bugs

This kernel update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driverCONFIGDRMVIRTIOGPU support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate. A...

Updated postgresql9.4 packages fix security vulnerabilities

Robert Haas discovered that some selectivity estimators did not validate user privileges which could result in information disclosure CVE-2017-7484. Daniel Gustafsson discovered that the PGREQUIRESSL environment variable did no longer enforce a TLS connection CVE-2017-7485. Andrew Wheelwright...

Updated graphicsmagick packages fix security vulnerabilities

New stable upstream release including security fixes for CVE-2016-7800, CVE-2016-7996, CVE-2016-7997, CVE-2016-8682, CVE-2016-8683, CVE-2016-8684, CVE-2016-9830, CVE-2017-6335, CVE-2017-8350, CVE-2017-10794, CVE-2017-10799, CVE-2017-10800, CVE-2017-11403 and possibly several other security issues...

Updated java-1.8.0-openjdk packages fix security vulnerabilities

It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application CVE-2017-10102. Multiple flaws were discovere...

Updated nginx packages fix security vulnerability

A security issue was identified in nginx range filter. A specially crafted request might result in an integer overflow and incorrect processing of ranges, potentially resulting in sensitive information leak CVE-2017-7529...

Updated freeradius packages fix security vulnerabilities

Fuzz testing of freeradius found multiple vulnerabilites that resulted in either the potential for remote code execution or a possible denial of service except for CVE-2017-10988 which was later determined to not actually result in any vulnerability...

Updated gdk-pixbuf2.0 packages fix security vulnerability

The gdk-pixbuf2.0 package has been updated to version 2.36.7, which fixes integer overflows in the ico, bmp, and tiff decoder, as well as fixing other bugs...

Updated webkit2 packages fix security vulnerability

The webkit2 package has been updated to version 2.16.6, fixing several security issues and other bugs...

Updated libraw packages fix security vulnerabilities

A memory corruption in parsetiffifd function CVE-2017-6886. A memory corruption via e.g. a specially crafted KDC file parsetiffifd CVE-2017-6887. An integer overflow error within the "foveonloadcamf" function CVE-2017-6889. A boundary error within the "foveonloadcamf" function CVE-2017-6890...

Updated openvpn packages fix security vulnerabilities

It was possible to trigger an assertion by sending a malformed IPv6 packet. That issue could have been abused to remotely shutdown an openvpn server or client, if IPv6 and --mssfix were enabled and if the IPv6 networks used inside the VPN were known CVE-2017-7508. Some parts of the...

Updated valgrind packages fix security vulnerabilities

It was discovered that Valgrind incorectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could possibly execute arbitrary code CVE-2016-2226. It was discovered that Valgrind incorrectly handled parsing...

Updated libmtp and libgphoto packages fix security vulnerabilities

An integer overflow vulnerability in the ptpunpackEOSCustomFuncEx function of the ptp-pack.c file of libmtp and libgphoto allows attackers to cause a denial of service out-of-bounds memory access or maybe remote code execution by inserting a mobile device into a personal computer through a USB...

Updated wireshark packages fix security vulnerabilities

The wireshark package has been updated to version 2.2.8, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...

Updated cinnamon-settings-daemon packages fix security vulnerability

It was found that csd-datetime-setting SetDate DBUS function does not check the polkit authorization for the caller, Unlike SetTime...

Updated wireshark packages fix security vulnerabilities

The wireshark package has been updated to version 2.0.14, which fixes several security issues where a malformed packet trace could cause it to crash or go into an infinite loop, and fixes several other bugs as well. See the release notes for details...

Updated libquicktime packages fix security vulnerabilities

A DoS in quicktimereadmoov function in moov.c via acrafted mp4 file was fixed CVE-2017-9122. An invalid memory read in lqtframeduration via a crafted mp4 file was fixed CVE-2017-9123. A NULL pointer dereference in quicktimematch32 via a crafted mp4 file was fixed CVE-2017-9124. A DoS in...

Updated gsoap packages fix security vulnerability

A potential vulnerability to a large and specific XML message over 2GB in size greater than 2147483711 bytes to trigger the software bug. A buffer overflow can cause an open unsecured server to crash or malfunction after 2GB is received CVE-2017-9765...

Updated graphite2 packages fix security vulnerabilities

An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution CVE-2017-5436. Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if...

Updated irssi packages fix security vulnerabilities

A malicious server could cause irssi to crash by providing an invalid timestamp CVE-2017-10965. Undefined behavior may be triggered when irssi updates the internal nick list CVE-2017-10966...

Updated c-ares packages fix security vulnerability

The c-ares function aresparsenaptrreply, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way CVE-2017-1000381...

Updated expat packages fix security vulnerabilities

Gustavo Grieco discovered an integer overflow flaw during parsing of XML. An attacker can take advantage of this flaw to cause a denial of service against an application using the Expat library CVE-2016-9063. Rhodri James discovered an infinite loop vulnerability within the entityValueInitProcess...

Updated libgcrypt packages fix security vulnerability

Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that Libgcrypt was susceptible to an attack via side channels. A local attacker could use this attack to recover RSA private keys...

Updated gnutls packages fix security vulnerabilities

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdkpktread function in opencdk/read-packet.c. This issue which is a subset of the vendor's GNUTLS-SA-2017-3 report is fixed in 3.5.10. CVE-2017-7869 GnuTLS version 3.5.1...

Updated sane packages fix security vulnerability

saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory CVE-2017-6318...

Updated libtiff packages fix security vulnerabilities

Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service or the execution of arbitrary code CVE-2017-9936, CVE-2017-10688...

Updated tnef packages fix security vulnerability

It was discovered that tnef did not correctly validate its input. An attacker could exploit this by tricking a user into opening a malicious attachment, which would result in a denial-of-service by application crash CVE-2017-8911...

Updated flash-player-plugin packages fix security vulnerability

Adobe Flash Player 26.0.0.137 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves security bypass and memory corruption vulnerabilities that could lead to information...

Updated apache-mod_fcgid packages fix security vulnerability

A remote attacker could have set the HTTPPROXY environment variable of CGI scripts CVE-2016-1000104...

Updated nodejs packages fix security vulnerability

Node.js has a defect that may make HTTP response splitting possible under certain circumstances. If user-input is passed to the reason argument to writeHead on an HTTP response, a new-line character may be used to inject additional responses CVE-2016-5325. The tls.checkServerIdentity function in...

Updated sudo packages fix security vulnerability

A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. CVE-2017-1000367...

Updated jbig2dec packages fix security vulnerability

Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file usually embedded in a PDF document is opened CVE-2016-9601. Artifex jbig2dec has a heap-based buffer over-read leading to...

Updated cairo packages fix security vulnerability

It was discovered that there was a possible DoS attack in Cairo. An SVG could generate invalid pointers from a cairoimagesurface in writepng CVE-2016-9082...

Updated libffi packages fix security vulnerability

libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, such as t...

Updated ffcall,clisp packages fix security vulnerability

In libffcall before version 1.13, linking with the libffcall libraries could cause the stack to become executable. This is now fixed. clisp is rebuilt to pick the fixed libffcall static library...

Updated libtiff packages fix security vulnerability

Heap-based buffer overflow in the readContigStripsIntoBuffer function in tifunix.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image. CVE-2016-10092 Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a...

Updated bitlbee packages fix security vulnerability

It was discovered that bitlbee contained issues that allowed a remote attacker to cause a denial of service via application crash, or potentially execute arbitrary commands CVE-2016-10188, CVE-2016-10189...

Updated drupal packages fix security vulnerability

Greg Knaddison, Mori Sugimoto and iancawthorne discovered that files uploaded by anonymous users into a private file system can be accessed by other anonymous users leading to an access bypass vulnerability CVE-2017-6922...

Updated rxvt-unicode packages fix security vulnerability

The rxvt-unicode package has been patched to harden it against potential integer overflow issues when printing escape sequences...

Updated tomcat packages fix security vulnerability

Aniket Nandkishor Kulkarni discovered that in tomcat7, static error pages used the original request's HTTP method to serve content, instead of systematically using the GET method. This could under certain conditions result in undesirable results, including the replacement or removal of the custom...

Updated libmwaw packages fix security vulnerability

It was discovered that a buffer overflow in libmwaw might result in the execution of arbitrary code if a malformed document is opened CVE-2017-9433...

Updated golang packages fix security vulnerability

A carry propagation issue was found in the P-256 implementation for x86-64 in golang CVE-2017-8932...

Updated libsndfile packages fix security vulnerability

In libsndfile, an error in the "aiffreadchanmap" function aiff.c can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file CVE-2017-6892...

Updated libetpan packages fix security vulnerability

It was discovered that libetpan, a C language mail access and handling library that is used in a number of MUAs, contained a NULL dereference vulnerability in the MIME handling code CVE-2017-8825...

Updated weechat packages fix security vulnerability

It was discovered that weechat is prone to a buffer overflow vulnerability in the IRC plugin, allowing a remote attacker to cause a denial-of-service by sending a specially crafted filename via DCC CVE-2017-8073...

Updated yodl packages fix security vulnerability

Invalid memory read in queuepush could lead to Denial of service CVE-2016-10375...

Updated docker packages fix security vulnerability

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

Updated kernel-tmb packages fixes critical security vulnerabilities

This kernel-tmb update is based on upstream 4.4.74 and fixes at least the following security issues: The ipxitfioctl function in net/ipx/afipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have...

Updated rpcbind/libtirpc packages fix security vulnerability

It was discovered that rpcbind and libtirpc contain a vulnerability that allows an attacker to allocate any amount of bytes up to 4 gigabytes per attack on a remote rpcbind host, and the memory is never freed unless the process crashes or the administrator halts or restarts the rpcbind service...

Updated glibc packages fixes critical security vulnerabilities

The sunrpc implementation in glibc is vulnerable to a flaw that can cause it to be triggered to allocate additional memory until it causes a crash, similar to CVE-2017-8779 CVE-2017-8804. A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or...

Updated irssi packages fix security vulnerabilities

It was discovered that Irssi incorrectly handled certain DCC messages. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service CVE-2017-9468. Joseph Bisch discovered that Irssi incorrectly handled receiving incorrectly quoted DCC files. A remote...