Debian 9858 Published by

The following updates has been released for Debian:

[DLA 371-1] foomatic-filters security update
[DSA 3425-1] tryton-server security update
[DSA 3426-1] linux security update



[DLA 371-1] foomatic-filters security update

Package : foomatic-filters
Version : 4.0.5-6+squeeze2+deb6u12
CVE ID : CVE-2015-8560
Debian Bug : 807993

Adam Chester discovered that there was an injection vulnerability in
foomatic-filters which is used by printer spoolers to convert
incoming PostScript data into the printer's native format. This
could lead to the execution of arbitrary commands.

The patch applied in DLA 365-1 prevented usage of (unescaped) backticks
and this update complements the previous update by doing the same for
semi-colons.

For Debian 6 Squeeze, this issue has been fixed in foomatic-filters
version 4.0.5-6+squeeze2+deb6u12.

(Thanks to Yann Soubeyrand who prepared the updated Debian package)

[DSA 3425-1] tryton-server security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3425-1 security@debian.org
https://www.debian.org/security/ Luciano Bello
December 17, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : tryton-server
CVE ID : CVE-2015-0861

Cédric Krier discovered a vulnerability in the server-side of Tryton, an
application framework written in Python. An aunthenticated malicious
user can write arbitrary values in record fields due missed checks of
access permissions when multiple records are written.

The oldstable distribution (wheezy) is not affected.

For the stable distribution (jessie), this problem has been fixed in
version 3.4.0-3+deb8u1.

For the unstable distribution (sid), this problem has been fixed in
version 3.8.1-1.

We recommend that you upgrade your tryton-server packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[DSA 3426-1] linux security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3426-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
December 17, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2013-7446 CVE-2015-7799 CVE-2015-7833 CVE-2015-8104
CVE-2015-8374 CVE-2015-8543

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service, information leak
or data loss.

CVE-2013-7446

Dmitry Vyukov discovered that a particular sequence of valid
operations on local (AF_UNIX) sockets can result in a
use-after-free. This may be used to cause a denial of service
(crash) or possibly for privilege escalation.

CVE-2015-7799

It was discovered that a user granted access to /dev/ppp can cause a
denial of service (crash) by passing invalid parameters to the
PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.

CVE-2015-7833

Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a
flaw in the processing of certain USB device descriptors in the
usbvision driver. An attacker with physical access to the system can
use this flaw to crash the system. This was partly fixed by the
changes listed in DSA 3396-1.

CVE-2015-8104

Jan Beulich reported a guest to host denial-of-service flaw
affecting the KVM hypervisor running on AMD processors. A malicious
guest can trigger an infinite stream of "debug" (#DB) exceptions
causing the processor microcode to enter an infinite loop where the
core never receives another interrupt. This leads to a panic of the
host kernel.

CVE-2015-8374

It was discovered that Btrfs did not correctly implement truncation
of compressed inline extents. This could lead to an information
leak, if a file is truncated and later made readable by other users.
Additionally, it could cause data loss. This has been fixed for the
stable distribution (jessie) only.

CVE-2015-8543

It was discovered that a local user permitted to create raw sockets
could cause a denial-of-service by specifying an invalid protocol
number for the socket. The attacker must have the CAP_NET_RAW
capability in their user namespace. This has been fixed for the
stable distribution (jessie) only.

For the oldstable distribution (wheezy), these problems have been fixed
in version 3.2.73-2+deb7u1. In addition, this update contains several
changes originally targeted for the upcoming Wheezy point release.

For the stable distribution (jessie), these problems have been fixed in
version 3.16.7-ckt20-1+deb8u1. In addition, this update contains several
changes originally targeted for the upcoming Jessie point release.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/