Debian GNU/Linux 8 (Jessie) Extended LTS:
ELA-1279-1 php5 security update
Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1278-1 php7.0 security update
Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1280-1 amavisd-new security update
Debian GNU/Linux 10 (Bookworm) Extended LTS:
ELA-1277-1 php7.3 security update
Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 4003-1] node-postcss security update
Debian GNU/Linux 12 (Bookworm):
[DSA 5837-1] fastnetmon security update
[DSA 5836-1] xen security update
[SECURITY] [DSA 5837-1] fastnetmon security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5837-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 26, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : fastnetmon
CVE ID : CVE-2024-56072 CVE-2024-56073
Two security issues have been discovered in FastNetMon, a fast DDoS
analyzer: Malformed Netflow/sFlow traffic could result in denial of
service.
For the stable distribution (bookworm), these problems have been fixed in
version 1.2.4-2+deb12u1.
We recommend that you upgrade your fastnetmon packages.
For the detailed security status of fastnetmon please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/fastnetmon
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
[SECURITY] [DSA 5836-1] xen security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5836-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 26, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : xen
CVE ID : CVE-2023-28746 CVE-2023-46841 CVE-2023-46842 CVE-2024-2193
CVE-2024-2201 CVE-2024-31142 CVE-2024-31143 CVE-2024-31145
CVE-2024-31146 CVE-2024-45817 CVE-2024-45818 CVE-2024-45819
Multiple vulnerabilities have been discovered in the Xen hypervisor,
which could result in privilege escalation, denial of service or
information leaks.
For the stable distribution (bookworm), these problems have been fixed in
version 4.17.5+23-ga4e5191dc0-1.
We recommend that you upgrade your xen packages.
For the detailed security status of xen please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xen
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
ELA-1279-1 php5 security update
Package : php5
Version : 5.6.40+dfsg-0+deb8u22 (jessie)
Related CVEs :
CVE-2024-8929
CVE-2024-8932
CVE-2024-11233
CVE-2024-11234
CVE-2024-11236
CVE-2024-8929
Sébastien Rolland discovered a partial content leak of the heap
through heap buffer over-read in mysqlnd.
By connecting to a fake MySQL server or tampering with network
packets and initiating a SQL Query, it is possible to abuse
php_mysqlnd_rset_field_read() when parsing MySQL fields packets in
order to include the rest of the heap content starting from the
address of the cursor of the currently read buffer.
CVE-2024-8932
Yiheng Cao discovered that uncontrolled long string inputs to
ldap_escape() on 32-bit systems can cause an integer overflow,
resulting in an out-of-bounds write.
CVE-2024-11233
A memory-related vulnerability was discovered in the filter handling
system, particularly when processing input with
convert.quoted-printable-decode filters, which could lead to a
segmentation fault.
This vulnerability is triggered through specific sequences of input
data, causing PHP to crash. When exploited, it allows an attacker
to extract a single byte of data from the heap or result in denial
of service.
CVE-2024-11234
Lorenzo Leonardini discovered that Configuring a proxy in a stream
context might allow for CRLF injection in URIs, which could lead to
authorization bypass by Server Side Request Forgery attack (SSRF).
CVE-2024-11236
An integer overflow vulnerability was found in the firebird and
dblib quoters, which can result in out-of-bounds writes.
GHSA-4w77-75f9-2c8w
A heap-use-after-free vulnerability was discovered in the
sapi_read_post_data() function, which could allow an attacker to
exploit memory safety issues during POST request processing.
In addition, this releases fixes a segfault on close() after
free_result() with mysqlnd, which wasn’t assigned an advisory number.
ELA-1278-1 php7.0 security update
Package : php7.0
Version : 7.0.33-0+deb9u20 (stretch)
Related CVEs :
CVE-2024-8929
CVE-2024-8932
CVE-2024-11233
CVE-2024-11234
CVE-2024-11236
CVE-2024-8929
Sébastien Rolland discovered a partial content leak of the heap
through heap buffer over-read in mysqlnd.
By connecting to a fake MySQL server or tampering with network
packets and initiating a SQL Query, it is possible to abuse
php_mysqlnd_rset_field_read() when parsing MySQL fields packets in
order to include the rest of the heap content starting from the
address of the cursor of the currently read buffer.
CVE-2024-8932
Yiheng Cao discovered that uncontrolled long string inputs to
ldap_escape() on 32-bit systems can cause an integer overflow,
resulting in an out-of-bounds write.
CVE-2024-11233
A memory-related vulnerability was discovered in the filter handling
system, particularly when processing input with
convert.quoted-printable-decode filters, which could lead to a
segmentation fault.
This vulnerability is triggered through specific sequences of input
data, causing PHP to crash. When exploited, it allows an attacker
to extract a single byte of data from the heap or result in denial
of service.
CVE-2024-11234
Lorenzo Leonardini discovered that Configuring a proxy in a stream
context might allow for CRLF injection in URIs, which could lead to
authorization bypass by Server Side Request Forgery attack (SSRF).
CVE-2024-11236
An integer overflow vulnerability was found in the firebird and
dblib quoters, which can result in out-of-bounds writes.
GHSA-4w77-75f9-2c8w
A heap-use-after-free vulnerability was discovered in the
sapi_read_post_data() function, which could allow an attacker to
exploit memory safety issues during POST request processing.
ELA-1277-1 php7.3 security update
Package : php7.3
Version : 7.3.31-1~deb10u9 (buster)
Related CVEs :
CVE-2024-8929
CVE-2024-8932
CVE-2024-11233
CVE-2024-11234
CVE-2024-11236
CVE-2024-8929
Sébastien Rolland discovered a partial content leak of the heap
through heap buffer over-read in mysqlnd.
By connecting to a fake MySQL server or tampering with network
packets and initiating a SQL Query, it is possible to abuse
php_mysqlnd_rset_field_read() when parsing MySQL fields packets in
order to include the rest of the heap content starting from the
address of the cursor of the currently read buffer.
CVE-2024-8932
Yiheng Cao discovered that uncontrolled long string inputs to
ldap_escape() on 32-bit systems can cause an integer overflow,
resulting in an out-of-bounds write.
CVE-2024-11233
A memory-related vulnerability was discovered in the filter handling
system, particularly when processing input with
convert.quoted-printable-decode filters, which could lead to a
segmentation fault.
This vulnerability is triggered through specific sequences of input
data, causing PHP to crash. When exploited, it allows an attacker
to extract a single byte of data from the heap or result in denial
of service.
CVE-2024-11234
Lorenzo Leonardini discovered that Configuring a proxy in a stream
context might allow for CRLF injection in URIs, which could lead to
authorization bypass by Server Side Request Forgery attack (SSRF).
CVE-2024-11236
An integer overflow vulnerability was found in the firebird and
dblib quoters, which can result in out-of-bounds writes.
GHSA-4w77-75f9-2c8w
A heap-use-after-free vulnerability was discovered in the
sapi_read_post_data() function, which could allow an attacker to
exploit memory safety issues during POST request processing.
[SECURITY] [DLA 4003-1] node-postcss security update
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4003-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Bastien Roucariès
December 26, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : node-postcss
Version : 8.2.1+~cs5.3.23-8+deb11u1
CVE ID : CVE-2021-23566 CVE-2023-44270 CVE-2024-55565
Debian Bug : 1053282
Multiple vulnerabilities were fixed in node-postcss a
tool for transforming styles with JS plugins.
CVE-2021-23566
nanoid package is vulnerable to Information Exposure via the
valueOf() function which allows to reproduce the last id generated.
CVE-2023-44270
The vulnerability affects linters using PostCSS to parse external
untrusted CSS. An attacker can prepare CSS in such a way that it will
contains parts parsed by PostCSS as a CSS comment. After processing
by PostCSS, it will be included in the PostCSS output in CSS nodes
(rules, properties) despite being included in a comment.
CVE-2024-55565
nanoid package mishandles non-integer values of size parameter.
For Debian 11 bullseye, these problems have been fixed in version
8.2.1+~cs5.3.23-8+deb11u1.
We recommend that you upgrade your node-postcss packages.
For the detailed security status of node-postcss please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/node-postcss
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
ELA-1280-1 amavisd-new security update
Package : amavisd-new
Version : 1:2.10.1-4+deb9u1 (stretch), 1:2.11.0-6.1+deb10u1 (buster)
Related CVEs :
CVE-2024-28054
Amavis has an interpretation conflict when there are ambiguous
boundary delimiters in a MIME email message. An attacker can send
crafted emails that avoid checks for banned files or malware.
