Gentoo 2514 Published by

The following security updates has been released for Gentoo Linux:

GLSA 201801-01 : Binutils: Multiple vulnerabilities
GLSA 201801-02 : OptiPNG: Multiple vulnerabilities
GLSA 201801-03 : Chromium, Google Chrome: Multiple vulnerabilities
GLSA 201801-04 : LibXcursor: User-assisted execution of arbitrary code
GLSA 201801-05 : OpenSSH: Permission issue
GLSA 201801-06 : Back In Time: Command injection
GLSA 201801-07 : GNU Emacs: Command injection
GLSA 201801-08 : MiniUPnPc: Arbitrary code execution
GLSA 201801-09 : WebkitGTK+: Multiple vulnerabilities



GLSA 201801-01 : Binutils: Multiple vulnerabilities



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Binutils: Multiple vulnerabilities
Date: January 07, 2018
Bugs: #624700, #627516, #628538, #629344, #629922, #631324,
#632100, #632132, #632384, #632668, #633988, #635218,
#635692, #635860, #635968
ID: 201801-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in Binutils, the worst of
which may allow remote attackers to cause a Denial of Service
condition.

Background
=========
The GNU Binutils are a collection of tools to create, modify and
analyse binary files. Many of the files use BFD, the Binary File
Descriptor library, to do low-level manipulation.

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-devel/binutils < 2.29.1-r1 >= 2.29.1-r1

Description
==========
Multiple vulnerabilities have been discovered in Binutils. Please
review the referenced CVE identifiers for details.

Impact
=====
A remote attacker, by enticing a user to compile/execute a specially
crafted ELF, tekhex, PE, or binary file, could possibly cause a Denial
of Service condition.

Workaround
=========
There are no known workarounds at this time.

Resolution
=========
All Binutils users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-devel/binutils-2.29.1-r1"

References
=========
[ 1 ] CVE-2017-12456
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12456
[ 2 ] CVE-2017-12799
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12799
[ 3 ] CVE-2017-12967
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12967
[ 4 ] CVE-2017-14128
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14128
[ 5 ] CVE-2017-14129
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14129
[ 6 ] CVE-2017-14130
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14130
[ 7 ] CVE-2017-14333
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14333
[ 8 ] CVE-2017-15023
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15023
[ 9 ] CVE-2017-15938


GLSA 201801-02 : OptiPNG: Multiple vulnerabilities



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: OptiPNG: Multiple vulnerabilities
Date: January 07, 2018
Bugs: #637936, #639690
ID: 201801-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in OptiPNG, the worst of which
may allow execution of arbitrary code.

Background
=========
OptiPNG is a PNG optimizer that re-compresses image files to a smaller
size, without losing any information.

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-gfx/optipng < 0.7.6-r2 >= 0.7.6-r2

Description
==========
Multiple vulnerabilities have been discovered in OptiPNG. Please review
the referenced CVE identifiers for details.

Impact
=====
A remote attacker could entice a user to process a specially crafted
image file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All OptiPNG users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/optipng-0.7.6-r2"

References
=========
[ 1 ] CVE-2017-1000229
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1000229
[ 2 ] CVE-2017-16938
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-16938

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/201801-02

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.


GLSA 201801-03 : Chromium, Google Chrome: Multiple vulnerabilities



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Chromium, Google Chrome: Multiple vulnerabilities
Date: January 07, 2018
Bugs: #640334, #641376
ID: 201801-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in Chromium and Google Chrome,
the worst of which could result in the execution of arbitrary code.

Background
=========
Chromium is an open-source browser project that aims to build a safer,
faster, and more stable way for all users to experience the web.

Google Chrome is one fast, simple, and secure browser for all your
devices

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 63.0.3239.108 >= 63.0.3239.108
2 www-client/google-chrome
< 63.0.3239.108 >= 63.0.3239.108
-------------------------------------------------------------------
2 affected packages

Description
==========
Multiple vulnerabilities have been discovered in Chromium and Google
Chrome. Please review the CVE identifiers referenced below for details.

Impact
=====
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, bypass
content security controls, or conduct URL spoofing.

Workaround
=========
There are no known workarounds at this time.

Resolution
=========
All Chromium users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=www-client/chromium-63.0.3239.108"

All Google Chrome users should upgrade to the latest version:

# emerge --sync
# emerge -a --oneshot -v ">=www-client/google-chrome-63.0.3239.108"

References
=========
[ 1 ] CVE-2017-15407
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15407
[ 2 ] CVE-2017-15408
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15408
[ 3 ] CVE-2017-15409
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15409
[ 4 ] CVE-2017-15410
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15410
[ 5 ] CVE-2017-15411

GLSA 201801-04 : LibXcursor: User-assisted execution of arbitrary code



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: LibXcursor: User-assisted execution of arbitrary code
Date: January 07, 2018
Bugs: #639062
ID: 201801-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
A vulnerability in LibXcursor might allow remote attackers to execute
arbitrary code.

Background
=========
X.Org X11 libXcursor runtime library.

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 x11-libs/libXcursor < 1.1.15 >= 1.1.15

Description
==========
It was discovered that libXcursor is prone to several heap overflows
when parsing malicious files.

Impact
=====
A remote attacker, by enticing a user to process a specially crafted
cursor file, could possibly execute arbitrary code with the privileges
of the process or cause a Denial of Service condition.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All LibXcursor users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXcursor-1.1.15"

References
=========
[ 1 ] CVE-2017-16612
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-16612

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/201801-04

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

GLSA 201801-05 : OpenSSH: Permission issue



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: OpenSSH: Permission issue
Date: January 07, 2018
Bugs: #633428
ID: 201801-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
A flaw has been discovered in OpenSSH which could allow a remote
attacker to create zero-length files.

Background
=========
OpenSSH is a complete SSH protocol implementation that includes SFTP
client and server support.

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/openssh < 7.5_p1-r3 >= 7.5_p1-r3

Description
==========
The process_open function in sftp-server.c in OpenSSH did not properly
prevent write operations in readonly mode.

Impact
=====
A remote attacker could cause the creation of zero-length files.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All OpenSSH users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openssh-7.5_p1-r3"

References
=========
[ 1 ] CVE-2017-15906
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15906

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/201801-05

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

GLSA 201801-06 : Back In Time: Command injection



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Back In Time: Command injection
Date: January 07, 2018
Bugs: #636974
ID: 201801-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
A command injection vulnerability in 'Back in Time' may allow for the
execution of arbitrary shell commands.

Background
=========
A simple backup tool for Linux, inspired by "flyback project".

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-backup/backintime < 1.1.24 >= 1.1.24

Description
==========
'Back in Time' did improper escaping/quoting of file paths used as
arguments to the 'notify-send' command leading to some parts of file
paths being executed as shell commands within an os.system call.

Impact
=====
A context-dependent attacker could execute arbitrary shell commands via
a specially crafted file.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All 'Back In Time' users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-backup/backintime-1.1.24"

References
=========
[ 1 ] CVE-2017-16667
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-16667

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/201801-06

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.


GLSA 201801-07 : GNU Emacs: Command injection



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: GNU Emacs: Command injection
Date: January 07, 2018
Bugs: #630680
ID: 201801-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
A vulnerability has been found in Emacs which may allow for arbitrary
command execution.

Background
=========
GNU Emacs is a highly extensible and customizable text editor.

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-editors/emacs < 23.4-r16:23 >= 23.4-r16:23
< 24.5-r4:24 >= 24.5-r4:24
< 25.2-r1:25 >= 25.2-r1:25

Description
==========
A command injection flaw within the Emacs "enriched mode" handling has
been discovered.

Impact
=====
A remote attacker, by enticing a user to open a specially crafted file,
could execute arbitrary commands with the privileges of process.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All GNU Emacs 23.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/emacs-23.4-r16"

All GNU Emacs 24.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/emacs-24.5-r4"

All GNU Emacs 25.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/emacs-,25.2-r1"

References
=========
[ 1 ] CVE-2017-14482
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14482

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/201801-07

GLSA 201801-08 : MiniUPnPc: Arbitrary code execution



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: MiniUPnPc: Arbitrary code execution
Date: January 07, 2018
Bugs: #562684
ID: 201801-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
A vulnerability in MiniUPnPc might allow remote attackers to execute
arbitrary code.

Background
=========
The client library, enabling applications to access the services
provided by an UPnP "Internet Gateway Device" present on the network.

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/miniupnpc < 2.0.20170509 >= 2.0.20170509

Description
==========
An exploitable buffer overflow vulnerability exists in the XML parser
functionality of the MiniUPnP library.

Impact
=====
A remote attacker, by enticing a user to connect to a malicious server,
could cause the execution of arbitrary code with the privileges of the
user running a MiniUPnPc linked application.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All MiniUPnPc users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=net-libs/miniupnpc-2.0.20170509"

References
=========
[ 1 ] CVE-2015-6031
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-6031

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/201801-08

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

GLSA 201801-09 : WebkitGTK+: Multiple vulnerabilities




- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201801-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: January 07, 2018
Bugs: #641752
ID: 201801-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which may lead to arbitrary code execution.

Background
=========
WebKitGTK+ is a full-featured port of the WebKit rendering engine.

Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.18.4:4 >= 2.18.4:4

Description
==========
Multiple vulnerabilities have been discovered in WebkitGTK+. Please
review the referenced CVE Identifiers for details.

Impact
=====
An attacker, by enticing a user to visit maliciously crafted web
content, may be able to execute arbitrary code or cause memory
corruption.

Workaround
=========
There are no known workarounds at this time.

Resolution
=========
All WebkitGTK+ users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.18.4:4"

References
=========
[ 1 ] CVE-2017-13856
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13856
[ 2 ] CVE-2017-13866
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13866
[ 3 ] CVE-2017-13870
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13870
[ 4 ] CVE-2017-7156
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7156
[ 5 ] CVE-2017-7157
https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7157

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

https://security.gentoo.org/glsa/201801-09