Debian 10225 Published by

The following updates has been released for Debian GNU/Linux:

DLA 1159-1: graphicsmagick security update
DSA 4016-1: irssi security update
DSA 4017-1: openssl1.0 security update
DSA 4018-1: openssl security update



DLA 1159-1: graphicsmagick security update




Package : graphicsmagick
Version : 1.3.16-1.1+deb7u13
CVE ID : CVE-2017-16352 CVE-2017-16353

Maor Shwartz, Jeremy Heng and Terry Chia discovered two security
vulnerabilities in Graphicsmagick, a collection of image processing tool
s.

CVE-2017-16352
Graphicsmagick was vulnerable to a heap-based buffer
overflow vulnerability found in the "Display visual image directory"
feature of the DescribeImage() function of the magick/describe.c
file. One possible way to trigger the vulnerability is to run the
identify command on a specially crafted MIFF format file with the
verbose flag.

CVE-2017-16353
Graphicsmagick was vulnerable to a memory information disclosure
vulnerability found in the DescribeImage function of the
magick/describe.c file, because of a heap-based buffer over-read. The
portion of the code containing the vulnerability is responsible for
printing the IPTC Profile information contained in the image. This
vulnerability can be triggered with a specially crafted MIFF file.
There is an out-of-bounds buffer dereference because certain
increments are never checked.

For Debian 7 "Wheezy", these problems have been fixed in version
1.3.16-1.1+deb7u13.

We recommend that you upgrade your graphicsmagick packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


DSA 4016-1: irssi security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4016-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
November 03, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : irssi
CVE ID : CVE-2017-10965 CVE-2017-10966 CVE-2017-15227 CVE-2017-15228
CVE-2017-15721 CVE-2017-15722 CVE-2017-15723
Debian Bug : 867598 879521

Multiple vulnerabilities have been discovered in Irssi, a terminal based
IRC client. The Common Vulnerabilities and Exposures project identifies
the following problems:

CVE-2017-10965

Brian 'geeknik' Carpenter of Geeknik Labs discovered that Irssi does
not properly handle receiving messages with invalid time stamps. A
malicious IRC server can take advantage of this flaw to cause Irssi
to crash, resulting in a denial of service.

CVE-2017-10966

Brian 'geeknik' Carpenter of Geeknik Labs discovered that Irssi is
susceptible to a use-after-free flaw triggered while updating the
internal nick list. A malicious IRC server can take advantage of
this flaw to cause Irssi to crash, resulting in a denial of service.

CVE-2017-15227

Joseph Bisch discovered that while waiting for the channel
synchronisation, Irssi may incorrectly fail to remove destroyed
channels from the query list, resulting in use after free conditions
when updating the state later on. A malicious IRC server can take
advantage of this flaw to cause Irssi to crash, resulting in a
denial of service.

CVE-2017-15228

Hanno Boeck reported that Irssi does not properly handle installing
themes with unterminated colour formatting sequences, leading to a
denial of service if a user is tricked into installing a specially
crafted theme.

CVE-2017-15721

Joseph Bisch discovered that Irssi does not properly handle
incorrectly formatted DCC CTCP messages. A malicious IRC server can
take advantage of this flaw to cause Irssi to crash, resulting in a
denial of service.

CVE-2017-15722

Joseph Bisch discovered that Irssi does not properly verify Safe
channel IDs. A malicious IRC server can take advantage of this flaw
to cause Irssi to crash, resulting in a denial of service.

CVE-2017-15723

Joseph Bisch reported that Irssi does not properly handle overlong
nicks or targets resulting in a NULL pointer dereference when
splitting the message and leading to a denial of service.

For the oldstable distribution (jessie), these problems have been fixed
in version 0.8.17-1+deb8u5.

For the stable distribution (stretch), these problems have been fixed in
version 1.0.2-1+deb9u3. CVE-2017-10965 and CVE-2017-10966 were already
fixed in an earlier point release.

We recommend that you upgrade your irssi packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



DSA 4017-1: openssl1.0 security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4017-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
November 03, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openssl1.0
CVE ID : CVE-2017-3735 CVE-2017-3736

Multiple vulnerabilities have been discovered in OpenSSL, a Secure
Sockets Layer toolkit. The Common Vulnerabilities and Exposures project
identifies the following issues:

CVE-2017-3735

It was discovered that OpenSSL is prone to a one-byte buffer
overread while parsing a malformed IPAddressFamily extension in an
X.509 certificate.

Details can be found in the upstream advisory:
https://www.openssl.org/news/secadv/20170828.txt

CVE-2017-3736

It was discovered that OpenSSL contains a carry propagation bug in
the x86_64 Montgomery squaring procedure.

Details can be found in the upstream advisory:
https://www.openssl.org/news/secadv/20171102.txt

For the stable distribution (stretch), these problems have been fixed in
version 1.0.2l-2+deb9u1.

For the unstable distribution (sid), these problems have been fixed in
version 1.0.2m-1.

We recommend that you upgrade your openssl1.0 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



DSA 4018-1: openssl security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4018-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
November 04, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openssl
CVE ID : CVE-2017-3735 CVE-2017-3736

Multiple vulnerabilities have been discovered in OpenSSL, a Secure
Sockets Layer toolkit. The Common Vulnerabilities and Exposures project
identifies the following issues:

CVE-2017-3735

It was discovered that OpenSSL is prone to a one-byte buffer
overread while parsing a malformed IPAddressFamily extension in an
X.509 certificate.

Details can be found in the upstream advisory:
https://www.openssl.org/news/secadv/20170828.txt

CVE-2017-3736

It was discovered that OpenSSL contains a carry propagation bug in
the x86_64 Montgomery squaring procedure.

Details can be found in the upstream advisory:
https://www.openssl.org/news/secadv/20171102.txt

For the oldstable distribution (jessie), CVE-2017-3735 has been fixed in
version 1.0.1t-1+deb8u7. The oldstable distribution is not affected by
CVE-2017-3736.

For the stable distribution (stretch), these problems have been fixed in
version 1.1.0f-3+deb9u1.

For the unstable distribution (sid), these problems have been fixed in
version 1.1.0g-1.

We recommend that you upgrade your openssl packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/