Debian 9844 Published by

The following updates has been released for Debian 7 LTS:

[DLA 667-1] libxv security update
[DLA 668-1] libass security update
[DLA 669-1] dwarfutils security update
[DLA 670-1] linux security update
[DLA 671-1] libxvmc security update



[DLA 667-1] libxv security update

Package : libxv
Version : 2:1.0.7-1+deb7u2
CVE ID : CVE-2016-5407
Debian Bug : 840438


Tobias Stoeckmann from the OpenBSD project has discovered a number of
issues in the way various X client libraries handle the responses they
receive from servers. Insufficient validation of data from the X
server can cause out of boundary memory and memory corruption in the
libxv library.

For Debian 7 "Wheezy", these problems have been fixed in version
2:1.0.7-1+deb7u2.

We recommend that you upgrade your libxv packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[DLA 668-1] libass security update

Package : libass
Version : 0.10.0-3+deb7u1
CVE ID : CVE-2016-7969 CVE-2016-7972


Several vulnerabilities were discovered in libass, a library for
manipulating the SubStation Alpha (SSA) subtitle file format. The Common
Vulnerabilities and Exposures project identifies the following issues.

CVE-2016-7969
Mode 0/3 line wrapping equalization in specific cases which could
result in illegal reads while laying out and shaping text.

CVE-2016-7972
Memory reallocation issue in the shaper which lead to undefined
behavior

For Debian 7 "Wheezy", these problems have been fixed in version
0.10.0-3+deb7u1.

We recommend that you upgrade your libass packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[DLA 669-1] dwarfutils security update

Package : dwarfutils
Version : 20120410-2+deb7u2
CVE ID : CVE-2015-8538 CVE-2015-8750 CVE-2016-2050 CVE-2016-2091
CVE-2016-5034 CVE-2016-5036 CVE-2016-5038 CVE-2016-5039 CVE-2016-5042

Several vulnerabilities were discovered in dwarfutils, a tool and
library for reading/consuming and writing/producing DWARF debugging
information. The Common Vulnerabilities and Exposures project
identifies the following issues:

CVE-2015-8538

A specially crafted ELF file can cause a segmentation fault.

CVE-2015-8750

A specially crafted ELF file can cause a NULL pointer
dereference.

CVE-2016-2050

Out-of-bounds write

CVE-2016-2091

Out-of-bounds read

CVE-2016-5034

Out-of-bounds write

CVE-2016-5036

Out-of-bounds read

CVE-2016-5038

Out-of-bounds read

CVE-2016-5039

Out-of-bounds read

CVE-2016-5042

A specially crafted DWARF section can cause an infinite loop,
reading from increasing memory addresses until the application
crashes.

For Debian 7 "Wheezy", these problems have been fixed in version
20120410-2+deb7u2.

We recommend that you upgrade your dwarfutils packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[DLA 670-1] linux security update

Package : linux
Version : 3.2.82-1
CVE ID : CVE-2015-8956 CVE-2016-5195 CVE-2016-7042 CVE-2016-7425

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2015-8956

It was discovered that missing input sanitising in RFCOMM Bluetooth
socket handling may result in denial of service or information leak.

CVE-2016-5195

It was discovered that a race condition in the memory management
code can be used for local privilege escalation. This does not
affect kernels built with PREEMPT_RT enabled.

CVE-2016-7042

Ondrej Kozina discovered that incorrect buffer allocation in the
proc_keys_show() function may result in local denial of service.

CVE-2016-7425

Marco Grassi discovered a buffer overflow in the arcmsr SCSI driver
which may result in local denial of service, or potentially,
arbitrary code execution.

For Debian 7 "Wheezy", these problems have been fixed in version
3.2.82-1. This version also includes bug fixes from upstream version
3.2.82 and updates the PREEMPT_RT featureset to version 3.2.82-rt119.

For Debian 8 "Jessie", these problems have been fixed in version
3.16.36-1+deb8u2.

We recommend that you upgrade your linux packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[DLA 671-1] libxvmc security update

Package : libxvmc
Version : 2:1.0.7-1+deb7u3
CVE ID : CVE-2016-7953


CVE-2016-7953
If an empty string is received from an x-server, do not underrun
the buffer by accessing "rep.nameLen - 1" unconditionally, which
could end up being -1.


For Debian 7 "Wheezy", these problems have been fixed in version
2:1.0.7-1+deb7u3.

We recommend that you upgrade your libxvmc packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS