The following updates has been released for Debian GNU/Linux:
[DLA 811-1] libplist security update
[DLA 812-1] ikiwiki security update
[DLA 813-1] wordpress security update
[DSA 3777-1] libgd2 security update
[DSA 3778-1] ruby-archive-tar-minitar security update
[DLA 811-1] libplist security update
[DLA 812-1] ikiwiki security update
[DLA 813-1] wordpress security update
[DSA 3777-1] libgd2 security update
[DSA 3778-1] ruby-archive-tar-minitar security update
[DLA 811-1] libplist security update
Package : libplist
Version : 1.8-1+deb7u1
CVE ID : CVE-2017-5209 CVE-2017-5545
Debian Bug : 851196 852385
The following vulnerabilities have been fixed in libplist:
CVE-2017-5209
Out of bounds read when parsing specially crafted Apple plist file
CVE-2017-5545
Heap buffer overflow via crafted Apple plist file
For Debian 7 "Wheezy", these problems have been fixed in version
1.8-1+deb7u1.
We recommend that you upgrade your libplist packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
[DLA 812-1] ikiwiki security update
Package : ikiwiki
Version : 3.20120629.2+deb7u2
CVE ID : CVE-2016-9646 CVE-2016-10026 CVE-2017-0356
Several vulnerabilities have been found in ikiwiki, a wiki compiler:
CVE-2016-9646
Commit metadata forgery
CVE-2016-10026
Authorization bypass when reverting changes
CVE-2017-0356
Authentication bypass via repeated parameters
For Debian 7 "Wheezy", these problems have been fixed in version
3.20120629.2+deb7u2.
We recommend that you upgrade your ikiwiki packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
[DLA 813-1] wordpress security update
Package : wordpress
Version : 3.6.1+dfsg-1~deb7u13
CVE ID : CVE-2017-5488 CVE-2017-5489 CVE-2017-5490
CVE-2017-5491 CVE-2017-5492 CVE-2017-5493
CVE-2017-5610 CVE-2017-5611 CVE-2017-5612
Debian Bug : 851310 852767
Several vulnerabilities were discovered in wordpress, a web blogging
tool. The Common Vulnerabilities and Exposures project identifies the
following issues.
CVE-2017-5488
Multiple cross-site scripting (XSS) vulnerabilities in
wp-admin/update-core.php in WordPress before 4.7.1 allow remote
attackers to inject arbitrary web script or HTML via the name or
version header of a plugin.
CVE-2017-5489
Cross-site request forgery (CSRF) vulnerability in WordPress before
4.7.1 allows remote attackers to hijack the authentication of
unspecified victims via vectors involving a Flash file upload.
CVE-2017-5490
Cross-site scripting (XSS) vulnerability in the theme-name fallback
functionality in wp-includes/class-wp-theme.php in WordPress before
4.7.1 allows remote attackers to inject arbitrary web script or HTML
via a crafted directory name of a theme, related to
wp-admin/includes/class-theme-installer-skin.php.
CVE-2017-5491
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to
bypass intended posting restrictions via a spoofed mail server with the
mail.example.com name.
CVE-2017-5492
Cross-site request forgery (CSRF) vulnerability in the widget-editing
accessibility-mode feature in WordPress before 4.7.1 allows remote
attackers to hijack the authentication of unspecified victims for
requests that perform a widgets-access action, related to
wp-admin/includes/class-wp-screen.php and wp-admin/widgets.php.
CVE-2017-5493
wp-includes/ms-functions.php in the Multisite WordPress API in WordPress
before 4.7.1 does not properly choose random numbers for keys, which
makes it easier for remote attackers to bypass intended access
restrictions via a crafted site signup or user signup.
CVE-2017-5610
wp-admin/includes/class-wp-press-this.php in Press This in WordPress
before 4.7.2 does not properly restrict visibility of a
taxonomy-assignment user interface, which allows remote attackers to
bypass intended access restrictions by reading terms.
CVE-2017-5611
SQL injection vulnerability in wp-includes/class-wp-query.php in
WP_Query in WordPress before 4.7.2 allows remote attackers to execute
arbitrary SQL commands by leveraging the presence of an affected
plugin or theme that mishandles a crafted post type name.
CVE-2017-5612
Cross-site scripting (XSS) vulnerability in
wp-admin/includes/class-wp-posts-list-table.php in the posts list
table in WordPress before 4.7.2 allows remote attackers to inject
arbitrary web script or HTML via a crafted excerpt.
For Debian 7 "Wheezy", these problems have been fixed in version
3.6.1+dfsg-1~deb7u13.
We recommend that you upgrade your wordpress packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
[DSA 3777-1] libgd2 security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3777-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
January 31, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : libgd2
CVE ID : CVE-2016-6906 CVE-2016-6912 CVE-2016-9317 CVE-2016-10166
CVE-2016-10167 CVE-2016-10168
Multiple vulnerabilities have been discovered in libgd2, a library for
programmatic graphics creation and manipulation, which may result in
denial of service or potentially the execution of arbitrary code if a
malformed file is processed.
For the stable distribution (jessie), these problems have been fixed in
version 2.1.0-5+deb8u9.
For the testing distribution (stretch) and the unstable distribution
(sid), these problems have been fixed in version 2.2.4-1.
We recommend that you upgrade your libgd2 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[DSA 3778-1] ruby-archive-tar-minitar security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3778-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
January 31, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : ruby-archive-tar-minitar
CVE ID : CVE-2016-10173
Debian Bug : 853249
Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library
that provides the ability to deal with POSIX tar archive files, is prone
to a directory traversal vulnerability. An attacker can take advantage
of this flaw to overwrite arbitrary files during archive extraction via
a .. (dot dot) in an extracted filename.
For the stable distribution (jessie), this problem has been fixed in
version 0.5.2-2+deb8u1.
We recommend that you upgrade your ruby-archive-tar-minitar packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
