Debian 9844 Published by

The following security updates has been released for Debian GNU/Linux:

Debian GNU/Linux 8 LTS:
DLA 1428-1: 389-ds-base security update
DLA-1427-1: znc security update

Debian GNU/Linux 9:
DSA 4246-1: mailman security update



DLA 1428-1: 389-ds-base security update




Package : 389-ds-base
Version : 1.3.3.5-4+deb8u1
CVE ID : CVE-2015-1854 CVE-2017-15134 CVE-2018-1054 CVE-2018-1089
CVE-2018-10850


CVE-2015-1854
A flaw was found while doing authorization of modrdn operations.
An unauthenticated attacker able to issue an ldapmodrdn call to
the directory server could perform unauthorized modifications
of entries in the directory server.

CVE-2017-15134
Improper handling of a search filter in slapi_filter_sprintf()
in slapd/util.c can lead to remote server crash and denial
of service.

CVE-2018-1054
When read access on is enabled, a flaw in
SetUnicodeStringFromUTF_8 function in collate.c, can lead to
out-of-bounds memory operations.
This might result in a server crash, caused by unauthorized
users.

CVE-2018-1089
Any user (anonymous or authenticated) can crash ns-slapd with a
crafted ldapsearch query with very long filter value.

CVE-2018-10850
Due to a race condition the server could crash in turbo mode
(because of high traffic) or when a worker reads several requests
in the read buffer (more_data). Thus an anonymous attacker could
trigger a denial of service.


For Debian 8 "Jessie", these problems have been fixed in version
1.3.3.5-4+deb8u1.

We recommend that you upgrade your 389-ds-base packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



DLA-1427-1: znc security update




Package : znc
Version : 1.4-2+deb8u1
CVE IDs : CVE-2018-14055 CVE-2018-14056
Debian Bugs : #903787 #903788

It was discovered that there were two issues in znc, a modular IRC
bouncer:

* There was insufficient validation of lines coming from the network
allowing a non-admin user to escalate his privilege and inject rogue
values into znc.conf. (CVE-2018-14055)

* A path traversal vulnerability (via "../" being embedded in a web skin
name) to access files outside of the allowed directory.
(CVE-2018-14056)

For Debian 8 "Jessie", these issues have been fixed in znc version
1.4-2+deb8u1.

We recommend that you upgrade your znc packages.




DSA 4246-1: mailman security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4246-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
July 15, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : mailman
CVE ID : CVE-2018-0618

Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc. discovered
that mailman, a web-based mailing list manager, is prone to a cross-site
scripting flaw allowing a malicious listowner to inject scripts into the
listinfo page, due to not validated input in the host_name field.

For the stable distribution (stretch), this problem has been fixed in
version 1:2.1.23-1+deb9u3.

We recommend that you upgrade your mailman packages.

For the detailed security status of mailman please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/mailman

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/