Debian 9844 Published by

The following updates has been released for Debian GNU/Linux:

DLA 1205-1: simplesamlphp security update
DSA 4064-1: chromium-browser security update



DLA 1205-1: simplesamlphp security update

Package : simplesamlphp
Version : 1.9.2-1+deb7u1
CVE ID : CVE-2017-12867 CVE-2017-12868 CVE-2017-12869 CVE-2017-12872
CVE-2017-12873 CVE-2017-12874

The simplesamlphp package in wheezy is vulnerable to multiple attacks
on authentication-related code, leading to unauthorized access and
information disclosure.

CVE-2017-12867

The SimpleSAML_Auth_TimeLimitedToken class allows attackers with
access to a secret token to extend its validity period by manipulating
the prepended time offset.

CVE-2017-12869

The multiauth module allows remote attackers to bypass authentication
context restrictions and use an authentication source defined in
config/authsources.php via vectors related to improper validation of
user input.

CVE-2017-12872 / CVE-2017-12868

The (1) Htpasswd authentication source in the authcrypt module and (2)
SimpleSAML_Session class in SimpleSAMLphp 1.14.11 and earlier allow
remote iattackers to conduct timing side-channel attacks by leveraging
use of the standard comparison operator to compare secret material
against user input.

CVE-2017-12868 was a about an improper fix of CVE-2017-12872 in the
initial patch released by upstream. We have used the correct patch.

CVE-2017-12873

SimpleSAMLphp might allow attackers to obtain sensitive information,
gain unauthorized access, or have unspecified other impacts by
leveraging incorrect persistent NameID generation when an Identity
Provider (IdP) is misconfigured.

CVE-2017-12874

The InfoCard module for SimpleSAMLphp allows attackers to spoof
XML messages by leveraging an incorrect check of return values in
signature validation utilities.


For Debian 7 "Wheezy", these problems have been fixed in version
1.9.2-1+deb7u1.

We recommend that you upgrade your simplesamlphp packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

--
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/



DSA 4064-1: chromium-browser security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4064-1 security@debian.org
https://www.debian.org/security/ Michael Gilbert
December 12, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : chromium-browser
CVE ID : CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410
CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416
CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420
CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426
CVE-2017-15427

Several vulnerabilities have been discovered in the chromium web browser.

CVE-2017-15407

Ned Williamson discovered an out-of-bounds write issue.

CVE-2017-15408

Ke Liu discovered a heap overflow issue in the pdfium library.

CVE-2017-15409

An out-of-bounds write issue was discovered in the skia library.

CVE-2017-15410

Luat Nguyen discovered a use-after-free issue in the pdfium library.

CVE-2017-15411

Luat Nguyen discovered a use-after-free issue in the pdfium library.

CVE-2017-15413

Gaurav Dewan discovered a type confusion issue.

CVE-2017-15415

Viktor Brange discovered an information disclosure issue.

CVE-2017-15416

Ned Williamson discovered an out-of-bounds read issue.

CVE-2017-15417

Max May discovered an information disclosure issue in the skia
library.

CVE-2017-15418

Kushal Arvind Shah discovered an uninitialized value in the skia
library.

CVE-2017-15419

Jun Kokatsu discoved an information disclosure issue.

CVE-2017-15420

WenXu Wu discovered a URL spoofing issue.

CVE-2017-15423

Greg Hudson discovered an issue in the boringssl library.

CVE-2017-15424

Khalil Zhani discovered a URL spoofing issue.

CVE-2017-15425

xisigr discovered a URL spoofing issue.

CVE-2017-15426

WenXu Wu discovered a URL spoofing issue.

CVE-2017-15427

Junaid Farhan discovered an issue with the omnibox.

For the stable distribution (stretch), these problems have been fixed in
version 63.0.3239.84-1~deb9u1.

We recommend that you upgrade your chromium-browser packages.

For the detailed security status of chromium-browser please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium-browser

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/