Debian 9843 Published by

The following Debian updates has been released:

[DLA 181-1] xerces-c security update
[DLA 182-1] batik security update
[DLA 183-1] libxfont security update
[DLA 184-1] binutils security update
[DSA 3198-2] php5 regression update
[DSA 3205-1] batik security update
[DSA 3206-1] dulwich security update
[DSA 3207-1] shibboleth-sp2 security update



[DLA 181-1] xerces-c security update

Package : xerces-c
Version : 3.1.1-1+deb6u1
CVE ID : CVE-2015-0252
Debian Bug : 780827

Anton Rager and Jonathan Brossard from the Salesforce.com Product
Security Team and Ben Laurie of Google discovered a denial of service
vulnerability in xerces-c, a validating XML parser library for C++. The
parser mishandles certain kinds of malformed input documents, resulting
in a segmentation fault during a parse operation. An unauthenticated
attacker could use this flaw to cause an application using the
xerces-c library to crash.

[DLA 182-1] batik security update

Package : batik
Version : 1.7-6+deb6u1
CVE ID : CVE-2015-0250
Debian Bug : 780897

Nicolas Gregoire and Kevin Schaller discovered that Batik, a toolkit
for processing SVG images, would load XML external entities by
default. If a user or automated system were tricked into opening a
specially crafted SVG file, an attacker could possibly obtain access
to arbitrary files or cause resource consumption.

[DLA 183-1] libxfont security update

Package : libxfont
Version : 1:1.4.1-5+deb6u1
CVE ID : CVE-2015-1802 CVE-2015-1803 CVE-2015-1804

Ilja van Sprundel, Alan Coopersmith and William Robinet discovered
multiple issues in libxfont's code to process BDF fonts, which might
result in privilege escalation.

[DLA 184-1] binutils security update

Package : binutils
Version : 2.20.1-16+deb6u1
CVE ID : CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502
CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738

Multiple security issues have been found in binutils, a toolbox for
binary file manipulation. These vulnerabilities include multiple memory
safety errors, buffer overflows, use-after-frees and other implementation
errors may lead to the execution of arbitrary code, the bypass of security
restrictions, path traversal attack or denial of service.

[DSA 3198-2] php5 regression update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3198-2 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
March 28, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : php5
Debian Bug : 781125

The previous update for php5, DSA-3198-1, introduced a regression
causing segmentation faults when using SoapClient::__setSoapHeader.
Updated packages are now available to address this regression. For
reference, the original advisory text follows.

Multiple vulnerabilities have been discovered in the PHP language:

CVE-2015-2301

Use-after-free in the phar extension.

CVE-2015-2331

Emmanuel Law discovered an integer overflow in the processing
of ZIP archives, resulting in denial of service or potentially
the execution of arbitrary code.

For the stable distribution (wheezy), this problem has been fixed in
version 5.4.39-0+deb7u2.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[DSA 3205-1] batik security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3205-1 security@debian.org
http://www.debian.org/security/ Sebastien Delafond
March 27, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : batik
CVE ID : CVE-2015-0250
Debian Bug : 780897

Nicolas Gregoire and Kevin Schaller discovered that Batik, a toolkit
for processing SVG images, would load XML external entities by
default. If a user or automated system were tricked into opening a
specially crafted SVG file, an attacker could possibly obtain access
to arbitrary files or cause resource consumption.

For the stable distribution (wheezy), this problem has been fixed in
version 1.7+dfsg-3+deb7u1.

For the upcoming stable distribution (jessie) and unstable
distribution (sid), this problem has been fixed in version 1.7+dfsg-5.

We recommend that you upgrade your batik packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[DSA 3206-1] dulwich security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3206-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
March 28, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : dulwich
CVE ID : CVE-2014-9706 CVE-2015-0838
Debian Bug : 780958 780989

Multiple vulnerabilities have been discovered in Dulwich, a Python
implementation of the file formats and protocols used by the Git version
control system. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2014-9706

It was discovered that Dulwich allows writing to files under .git/
when checking out working trees. This could lead to the execution of
arbitrary code with the privileges of the user running an
application based on Dulwich.

CVE-2015-0838

Ivan Fratric of the Google Security Team has found a buffer
overflow in the C implementation of the apply_delta() function,
used when accessing Git objects in pack files. An attacker could
take advantage of this flaw to cause the execution of arbitrary
code with the privileges of the user running a Git server or client
based on Dulwich.

For the stable distribution (wheezy), these problems have been fixed in
version 0.8.5-2+deb7u2.

For the upcoming stable distribution (jessie), these problems have been
fixed in version 0.9.7-3.

For the unstable distribution (sid), these problems have been fixed in
version 0.10.1-1.

We recommend that you upgrade your dulwich packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[DSA 3207-1] shibboleth-sp2 security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3207-1 security@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
March 28, 2015 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : shibboleth-sp2
CVE ID : CVE-2015-2684

A denial of service vulnerability was found in the Shibboleth (an
federated identity framework) Service Provider. When processing certain
malformed SAML message generated by an authenticated attacker, the
daemon could crash.

For the stable distribution (wheezy), this problem has been fixed in
version 2.4.3+dfsg-5+deb7u1.

For the upcoming stable distribution (jessie), this problem has been
fixed in version 2.5.3+dfsg-2.

For the unstable distribution (sid), this problem has been fixed in
version 2.5.3+dfsg-2.

We recommend that you upgrade your shibboleth-sp2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/