Debian 10260 Published by

The following updates are available for Debian GNU/Linux:

[DSA 5605-1] thunderbird security update
[DLA 3719-1] phpseclib security update
[DLA 3718-1] php-phpseclib security update
[DSA 5607-1] chromium security update
[DLA 3717-1] zabbix security update
[DSA 5606-1] firefox-esr security update
ELA-1032-1 asterisk security update



[DSA 5605-1] thunderbird security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5605-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 24, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : thunderbird
CVE ID : CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747
CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753
CVE-2024-0755

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

For the oldstable distribution (bullseye), these problems have been fixed
in version 1:115.7.0-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 1:115.7.0-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[DLA 3719-1] phpseclib security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3719-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Guilhem Moulin
January 25, 2024 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : phpseclib
Version : 1.0.19-3~deb10u2
CVE ID : CVE-2023-48795

It was discovered that phpseclib, a PHP library for arbitrary-precision
integer arithmetic, was vulnerable to the so-called Terrapin Attack.

The SSH transport protocol with certain OpenSSH extensions, allows
remote attackers to bypass integrity checks such that some packets are
omitted (from the extension negotiation message), and a client and
server may consequently end up with a connection for which some security
features have been downgraded or disabled, aka a Terrapin attack. This
occurs because the SSH Binary Packet Protocol (BPP), implemented by
these extensions, mishandles the handshake phase and mishandles use of
sequence numbers. For example, there is an effective attack against
SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC).

For Debian 10 buster, this problem has been fixed in version
1.0.19-3~deb10u2.

We recommend that you upgrade your phpseclib packages.

For the detailed security status of phpseclib please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/phpseclib

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[DLA 3718-1] php-phpseclib security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3718-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Guilhem Moulin
January 25, 2024 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : php-phpseclib
Version : 2.0.30-2~deb10u2
CVE ID : CVE-2023-48795

It was discovered that php-phpseclib, a PHP library for
arbitrary-precision integer arithmetic, was vulnerable to the so-called
Terrapin Attack.

The SSH transport protocol with certain OpenSSH extensions, allows
remote attackers to bypass integrity checks such that some packets are
omitted (from the extension negotiation message), and a client and
server may consequently end up with a connection for which some security
features have been downgraded or disabled, aka a Terrapin attack. This
occurs because the SSH Binary Packet Protocol (BPP), implemented by
these extensions, mishandles the handshake phase and mishandles use of
sequence numbers. For example, there is an effective attack against
SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC).

For Debian 10 buster, this problem has been fixed in version
2.0.30-2~deb10u2.

We recommend that you upgrade your php-phpseclib packages.

For the detailed security status of php-phpseclib please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php-phpseclib

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[DSA 5607-1] chromium security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5607-1 security@debian.org
https://www.debian.org/security/ Andres Salomon
January 24, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium
CVE ID : CVE-2024-0804 CVE-2024-0805 CVE-2024-0806 CVE-2024-0807
CVE-2024-0808 CVE-2024-0809 CVE-2024-0810 CVE-2024-0811
CVE-2024-0812 CVE-2024-0813 CVE-2024-0814

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

For the stable distribution (bookworm), these problems have been fixed in
version 121.0.6167.85-1~deb12u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


[DLA 3717-1] zabbix security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3717-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Tobias Frost
January 24, 2024 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : zabbix
Version : 1:4.0.4+dfsg-1+deb10u4
CVE ID : CVE-2023-32721 CVE-2023-32723 CVE-2023-32726
Debian Bug : 1053877

Several security vulnerabilities have been discovered in zabbix, a
network monitoring solution, potentially allowing an attacker to perform
a stored XSS, Server-Side Request Forgery (SSRF), exposure of sensitive
information, a system crash, or arbitrary code execution.

CVE-2023-32721

A stored XSS has been found in the Zabbix web application in the
Maps element if a URL field is set with spaces before URL.

CVE-2023-32723

Inefficient user permission check, as request to LDAP is sent before
user permissions are checked.

CVE-2023-32726

Possible buffer overread from reading DNS responses.

For Debian 10 buster, these problems have been fixed in version
1:4.0.4+dfsg-1+deb10u4.

We recommend that you upgrade your zabbix packages.

For the detailed security status of zabbix please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/zabbix

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[DSA 5606-1] firefox-esr security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5606-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 24, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747
CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753
CVE-2024-0755

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, phishing, clickjacking, privilege escalation, HSTS bypass or
bypass of content security policies.

For the oldstable distribution (bullseye), these problems have been fixed
in version 115.7.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 115.7.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/


ELA-1032-1 asterisk security update

Package : asterisk
Version : 1:13.14.1~dfsg-2+deb9u9 (stretch)

Related CVEs :
CVE-2023-37457
CVE-2023-49294

Two security vulnerabilities were discovered in Asterisk, a private branch
exchange.
CVE-2023-37457
The 'update' functionality of the PJSIP_HEADER dialplan function can exceed
the available buffer space for storing the new value of a header. By doing
so this can overwrite memory or cause a crash. This is not externally
exploitable, unless dialplan is explicitly written to update a header based
on data from an outside source. If the 'update' functionality is not used
the vulnerability does not occur.

CVE-2023-49294
It is possible to read any arbitrary file even when the `live_dangerously`
option is not enabled.

ELA-1032-1 asterisk security update