[DSA 2949-1] linux security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2949-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
June 05, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2014-3144 CVE-2014-3145 CVE-2014-3153

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation:

CVE-2014-3144 / CVE-2014-3145

A local user can cause a denial of service (system crash) via
crafted BPF instructions.

CVE-2014-3153

Pinkie Pie discovered an issue in the futex subsystem that allows a
local user to gain ring 0 control via the futex syscall. An
unprivileged user could use this flaw to crash the kernel (resulting
in denial of service) or for privilege escalation.

For the stable distribution (wheezy), these problems have been fixed in
version 3.2.57-3+deb7u2.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

[DSA 2950-1] openssl security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2950-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
June 05, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : openssl
CVE ID : CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470

Multiple vulnerabilities have been discovered in OpenSSL:

CVE-2014-0195

Jueri Aedla discovered that a buffer overflow in processing DTLS
fragments could lead to the execution of arbitrary code or denial
of service.

CVE-2014-0221

Imre Rad discovered the processing of DTLS hello packets is
susceptible to denial of service.

CVE-2014-0224

KIKUCHI Masashi discovered that carefully crafted handshakes can
force the use of weak keys, resulting in potential man-in-the-middle
attacks.

CVE-2014-3470

Felix Groebert and Ivan Fratric discovered that the implementation of
anonymous ECDH ciphersuites is suspectible to denial of service.

Additional information can be found at
http://www.openssl.org/news/secadv_20140605.txt

For the stable distribution (wheezy), these problems have been fixed in
version 1.0.1e-2+deb7u10. All applications linked to openssl need to
be restarted. You can use the tool checkrestart from the package
debian-goodies to detect affected programs or reboot your system. There's
also a forthcoming security update for the Linux kernel later the day
(CVE-2014-3153), so you need to reboot anyway. Perfect timing, isn't it?

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your openssl packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

[DSA 2951-1] mupdf security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2951-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
June 05, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : mupdf
CVE ID : CVE-2014-2013

It was discovered that a buffer overflow in the MuPDF viewer might lead
to the execution of arbitrary code.

For the stable distribution (wheezy), this problem has been fixed in
version 0.9-2+deb7u2.

For the testing distribution (jessie), this problem has been fixed in
version 1.3-2.

For the unstable distribution (sid), this problem has been fixed in
version 1.3-2.

We recommend that you upgrade your mupdf packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

[DSA 2952-1] kfreebsd-9 security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2952-1 security@debian.org
http://www.debian.org/security/ Nico Golde
June 05, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : kfreebsd-9
CVE ID : CVE-2014-1453 CVE-2014-3000 CVE-2014-3880

Several vulnerabilities have been discovered in the FreeBSD kernel that may
lead to a denial of service or possibly disclosure of kernel memory. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2014-1453

A remote, authenticated attacker could cause the NFS server become
deadlocked, resulting in a denial of service.

CVE-2014-3000:

An attacker who can send a series of specifically crafted packets with a
connection could cause a denial of service situation by causing the kernel
to crash.

Additionally, because the undefined on stack memory may be overwritten by
other kernel threads, while difficult, it may be possible for an attacker
to construct a carefully crafted attack to obtain portion of kernel memory
via a connected socket. This may result in the disclosure of sensitive
information such as login credentials, etc. before or even without
crashing the system.

CVE-2014-3880

A local attacker can trigger a kernel crash (triple fault) with potential
data loss, related to the execve/fexecve system calls.
Reported by Ivo De Decker.

For the stable distribution (wheezy), these problems have been fixed in
version 9.0-10+deb70.7.

For the unstable (sid) and testing (jessie) distributions, these problems are fixed
in kfreebsd-10 version 10.0-6.

We recommend that you upgrade your kfreebsd-9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/