Vulnerability : isehlt : 2017

2017 m. gruodžio 15 d., penktadienis

[SECURITY] [DSA 4045-1] vlc security update

Debian Security Advisory DSA-4045-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 21, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : vlc
CVE ID : CVE-2017-9300 CVE-2017-10699

Several vulnerabilities have been found in VLC, the VideoLAN project's
media player. Processing malformed media files could lead to denial of
service and potentially the execution of arbitrary code.

For the oldstable distribution (jessie), these problems have been fixed
in version 2.2.7-1~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 2.2.7-1~deb9u1.

We recommend that you upgrade your vlc packages.

For the detailed security status of vlc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vlc

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Secunia Research: Oracle Outside In Denial of Service Vulnerability

Secunia Research 2017/10/21

Oracle Outside In Denial of Service Vulnerability

======================================================================
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Description of Vulnerability.........................................3
Solution.............................................................4
Time Table...........................................................5
Credits..............................................................6
References...........................................................7
About Flexera .......................................................8
Verification.........................................................9

======================================================================
1) Affected Software

* Oracle Outside In version 8.5.3.0.

======================================================================
2) Severity

Rating: Moderately critical
Impact: Denial of Service
Where: From remote

======================================================================
3) Description of Vulnerabilitiy

Secunia Research has discovered a vulnerability in Oracle Outside In,
which can be exploited by malicious people to cause a DoS
(Denial of Service).

The vulnerability is caused due to an error within the vstif6.dll,
which can be exploited to cause an out-of-bounds write memory access.

The vulnerability is confirmed in version 8.5.3.

======================================================================
4) Solution

Apply update.
https://support.oracle.com/rs?type=doc&id=2296870.1

======================================================================
5) Time Table

2017/03/14 - Vendor notified about vulnerability.
2017/03/17 - Vendor supplied bug ticket ID.
2017/05/10 - Vendor asks for extention of publishing deadline.
2017/05/11 - Replied to vendor with new publishing timeline.
2017/05/15 - Vendor supplies information of fix in main codeline.
2017/10/17 - Release of vendor patch.
2017/10/18 - Release of Secunia Advisory SA76869.
2017/11/21 - Public disclosure of Secunia Research Advisory.

======================================================================
6) Credits

Behzad Najjarpour Jabbari, Secunia Research at Flexera

======================================================================
7) References

The Common Vulnerabilities and Exposures (CVE) project has assigned
the CVE-2017-10051 identifier for the vulnerability.

======================================================================
8) About Flexera

Flexera helps application producers and enterprises increase
application usage and the value they derive from their software.

http://www.flexerasoftware.com/enterprise/company/about/

Flexera delivers market-leading Software Vulnerability Management
solutions enabling enterprises to proactively identify and
remediate software vulnerabilities, effectively reducing the risk of
costly security breaches.

http://www.flexerasoftware.com/enterprise/products/

Flexera supports and contributes to the community in several
ways. We have always believed that reliable vulnerability
intelligence and tools to aid identifying and fixing vulnerabilities
should be freely available for consumers to ensure that users,
who care about their online privacy and security, can stay secure.
Only a few vendors address vulnerabilities in a proper way and help
users get updated and stay secure. End-users (whether private
individuals or businesses) are otherwise left largely alone, and
that is why back in 2002, Secunia Research started investigating,
coordinating disclosure and verifying software vulnerabilities.
In 2016, Secunia Research became a part of Flexera and today
our in-house software vulnerability research remains the core of
the Software Vulnerability Management products at Flexera.

https://secuniaresearch.flexerasoftware.com/community/research/

The public Secunia Advisory database contains information for
researchers, security enthusiasts, and consumers to lookup individual
products and vulnerabilities and assess, whether they need to take
any actions to secure their systems or whether a given vulnerability
has already been discovered

https://secuniaresearch.flexerasoftware.com/community/advisories/

======================================================================
9) Verification

Please verify this advisory by visiting the website:
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-18/

======================================================================

[SECURITY] [DSA 4046-1] libspring-ldap-java security update

Debian Security Advisory DSA-4046-1 security@debian.org
https://www.debian.org/security/ Sebastien Delafond
November 22, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : libspring-ldap-java
CVE ID : CVE-2017-8028

Tobias Schneider discovered that libspring-ldap-java, a Java library
for Spring-based applications using the Lightweight Directory Access
Protocol, would under some circumstances allow authentication with a
correct username but an arbitrary password.

For the oldstable distribution (jessie), this problem has been fixed
in version 1.3.1.RELEASE-5+deb8u1.

We recommend that you upgrade your libspring-ldap-java packages.

For the detailed security status of libspring-ldap-java please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libspring-ldap-java

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

APPLE-SA-2017-12-13-5 Safari 11.0.2

APPLE-SA-2017-12-13-5 Safari 11.0.2

Safari 11.0.2 addresses the following:

WebKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.2
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7156: an anonymous researcher
CVE-2017-7157: an anonymous researcher
CVE-2017-13856: Jeonghoon Shin
CVE-2017-13870: an anonymous researcher
CVE-2017-13866: an anonymous researcher

Installation note:

Safari 11.0.2 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

APPLE-SA-2017-12-13-7 Additional information for APPLE-SA-2017-12-6-4 tvOS 11.2

APPLE-SA-2017-12-13-7 Additional information for
APPLE-SA-2017-12-6-4 tvOS 11.2

tvOS 11.2 addresses the following:

IOSurface
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13861: Ian Beer of Google Project Zero

Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-13862: Apple
CVE-2017-13876: Ian Beer of Google Project Zero
CVE-2017-13867: Ian Beer of Google Project Zero

Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2017-13833: Brandon Azad

Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to read restricted memory
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2017-13855: Jann Horn of Google Project Zero

Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-13865: Ian Beer of Google Project Zero
CVE-2017-13868: Brandon Azad
CVE-2017-13869: Jann Horn of Google Project Zero

WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-7156: an anonymous researcher
CVE-2017-7157: an anonymous researcher
CVE-2017-13856: Jeonghoon Shin
CVE-2017-13870: an anonymous researcher
CVE-2017-13866: an anonymous researcher
Entry added December 13, 2017

Wi-Fi
Available for: Apple TV (4th generation)
Released for Apple TV 4K in tvOS 11.1.
Impact: An attacker in Wi-Fi range may force nonce reuse in WPA
multicast/GTK clients (Key Reinstallation Attacks - KRACK)
Description: A logic issue existed in the handling of state
transitions. This was addressed with improved state management.
CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU
Leuven

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."

To check the current version of software, select
"Settings -> General -> About."

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

APPLE-SA-2017-12-13-2 tvOS 11.2.1

APPLE-SA-2017-12-13-2 tvOS 11.2.1

tvOS 11.2.1 is now available and addresses the following:

HomeKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A remote attacker may be able to unexpectedly alter
application state
Description: A message handling issue was addressed with improved
input validation.
CVE-2017-13903: Tian Zhang

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."

To check the current version of software, select
"Settings -> General -> About."

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

APPLE-SA-2017-12-13-1 iOS 11.2.1

APPLE-SA-2017-12-13-1 iOS 11.2.1

iOS 11.2.1 is now available and addresses the following:

HomeKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to unexpectedly alter
application state
Description: A message handling issue was addressed with improved
input validation.
CVE-2017-13903: Tian Zhang

Installation note:

This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/

iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "11.2.1".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

Edward Snowden free speech at JBFone - Data Security & Privacy

Title: Edward Snowden free speech at JBFone - Data Security & Privacy

Article:
https://www.vulnerability-db.com/?q=articles%2F2017%2F11%2F23%2Fedward-snowden-free-speech-jbfone-data-security-privacy

Video: https://www.youtube.com/watch?v=JF45xq0W15c

Press:
https://www.heise.de/newsticker/meldung/Snowden-warnt-vor-Big-Data-Biometrie-und-dem-iPhone-X-3899649.html

[SECURITY] [DSA 4064-1] chromium-browser security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4064-1 security@debian.org
https://www.debian.org/security/ Michael Gilbert
December 12, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium-browser
CVE ID : CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410
CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416
CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420
CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426
CVE-2017-15427

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2017-15407

Ned Williamson discovered an out-of-bounds write issue.

CVE-2017-15408

Ke Liu discovered a heap overflow issue in the pdfium library.

CVE-2017-15409

An out-of-bounds write issue was discovered in the skia library.

CVE-2017-15410

Luat Nguyen discovered a use-after-free issue in the pdfium library.

CVE-2017-15411

Luat Nguyen discovered a use-after-free issue in the pdfium library.

CVE-2017-15413

Gaurav Dewan discovered a type confusion issue.

CVE-2017-15415

Viktor Brange discovered an information disclosure issue.

CVE-2017-15416

Ned Williamson discovered an out-of-bounds read issue.

CVE-2017-15417

Max May discovered an information disclosure issue in the skia
library.

CVE-2017-15418

Kushal Arvind Shah discovered an uninitialized value in the skia
library.

CVE-2017-15419

Jun Kokatsu discoved an information disclosure issue.

CVE-2017-15420

WenXu Wu discovered a URL spoofing issue.

CVE-2017-15423

Greg Hudson discovered an issue in the boringssl library.

CVE-2017-15424

Khalil Zhani discovered a URL spoofing issue.

CVE-2017-15425

xisigr discovered a URL spoofing issue.

CVE-2017-15426

WenXu Wu discovered a URL spoofing issue.

CVE-2017-15427

Junaid Farhan discovered an issue with the omnibox.

For the stable distribution (stretch), these problems have been fixed in
version 63.0.3239.84-1~deb9u1.

We recommend that you upgrade your chromium-browser packages.

For the detailed security status of chromium-browser please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium-browser

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Vulnerability : isehlt