Debian 10225 Published by

The following updates has been released for Debian 7 LTS:

[DLA 925-1] kedpm security update
[DLA 926-1] batik security update
[DLA 927-1] fop security update
[DLA 928-1] libsndfile security update
[DLA 929-1] libpodofo security update



[DLA 925-1] kedpm security update

Package : kedpm
Version : 0.5.0-4+deb7u1
CVE ID : CVE-2017-8296
Debian Bug : 860817

An information disclosure vulnerability was found in kedpm, a password
manager compatible with the figaro password manager file format. The
history file can reveal the master password if it is provided on the
commandline. The name of entries created or read in the password
manager are also exposed in the history file.

For Debian 7 "Wheezy", the master password disclosure issue has been
fixed in version 0.5.0-4+deb7u1. The entries issues has not been fixed
as it requires a rearchitecture of the software.

We recommend that you upgrade your kedpm packages. Note that kedpm has
been removed from the upcoming Debian release ("stretch") and you
should migrate to another password manager as kedpm was abandoned.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


[DLA 926-1] batik security update

Package : batik
Version : 1.7+dfsg-3+deb7u2
CVE ID : CVE-2017-5662
Debian Bug : 860566

In Apache Batik before 1.9, files lying on the filesystem of the server
which uses batik can be revealed to arbitrary users who send maliciously
formed SVG files. The file types that can be shown depend on the user
context in which the exploitable application is running. If the user is
root a full compromise of the server - including confidential or
sensitive files - would be possible. XXE can also be used to attack the
availability of the server via denial of service as the references
within a xml document can trivially trigger an amplification attack.

For Debian 7 "Wheezy", these problems have been fixed in version
1.7+dfsg-3+deb7u2.

We recommend that you upgrade your batik packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


[DLA 927-1] fop security update

Package : fop
Version : 1:1.0.dfsg2-6+deb7u1
CVE ID : CVE-2017-5661
Debian Bug : 860567

In Apache FOP before 2.2, files lying on the filesystem of the server
which uses FOP can be revealed to arbitrary users who send maliciously
formed SVG files. The file types that can be shown depend on the user
context in which the exploitable application is running. If the user is
root a full compromise of the server - including confidential or
sensitive files - would be possible. XXE can also be used to attack the
availability of the server via denial of service as the references
within a xml document can trivially trigger an amplification attack.

For Debian 7 "Wheezy", these problems have been fixed in version
1:1.0.dfsg2-6+deb7u1.

We recommend that you upgrade your fop packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


[DLA 928-1] libsndfile security update

Package : libsndfile
Version : 1.0.25-9.1+deb7u1
CVE ID : CVE-2015-7805 CVE-2017-7585 CVE-2017-7586 CVE-2017-7741
CVE-2017-7742
Debian Bug : 860255

Multiple vulnerabilities were found in libsndfile, a popular library
for reading/writing audio files.

CVE-2017-7585

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()"
function (flac.c) can be exploited to cause a stack-based buffer
overflow via a specially crafted FLAC file.

CVE-2017-7586

In libsndfile before 1.0.28, an error in the "header_read()"
function (common.c) when handling ID3 tags can be exploited to
cause a stack-based buffer overflow via a specially crafted FLAC
file.

CVE-2017-7741

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()"
function (flac.c) can be exploited to cause a segmentation
violation (with write memory access) via a specially crafted FLAC
file during a resample attempt, a similar issue to CVE-2017-7585.

CVE-2017-7742

In libsndfile before 1.0.28, an error in the "flac_buffer_copy()"
function (flac.c) can be exploited to cause a segmentation
violation (with read memory access) via a specially crafted FLAC
file during a resample attempt, a similar issue to
CVE-2017-7585.

CVE-2014-9496

The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows
attackers to have unspecified impact via vectors related to a (1)
map offset or (2) rsrc marker, which triggers an out-of-bounds
read.

CVE-2014-9756

The psf_fwrite function in file_io.c in libsndfile allows
attackers to cause a denial of service (divide-by-zero error and
application crash) via unspecified vectors related to the
headindex variable.

CVE-2015-7805

Heap-based buffer overflow in libsndfile 1.0.25 allows remote
attackers to have unspecified impact via the headindex value in
the header in an AIFF file.

For Debian 7 "Wheezy", these problems have been fixed in version
1.0.25-9.1+deb7u1.

We recommend that you upgrade your libsndfile packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[DLA 929-1] libpodofo security update

Package : libpodofo
Version : 0.9.0-1.1+deb7u1
CVE ID : CVE-2015-8981 CVE-2017-5852 CVE-2017-5853
CVE-2017-5854 CVE-2017-5886 CVE-2017-6844
CVE-2017-7379
Debian Bug : 854599 854600 854601 854602 854604 859331

Several heap-based buffer overflows, integer overflows and NULL pointer
dereferences have been discovered in libpodofo, a library for
manipulating PDF files, that allow remote attackers to cause a denial
of service (application crash) or other unspecified impact via a
crafted PDF document.

For Debian 7 "Wheezy", these problems have been fixed in version
0.9.0-1.1+deb7u1.

We recommend that you upgrade your libpodofo packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS