Debian 9858 Published by

The following 5 security updates has been released for Debian GNU/Linux: [SECURITY] [DSA 2648-1] firebird2.5 security update, [SECURITY] [DSA 2647-1] firebird2.1 security update, [SECURITY] [DSA 2650-1] libvirt-bin security update, [SECURITY] [DSA 2649-1] lighttpd security update, and [SECURITY] [DSA 2646-1] typo3-src security update



[SECURITY] [DSA 2648-1] firebird2.5 security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2648-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
March 15, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : firebird2.5
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2012-5529 CVE-2013-2492

A buffer overflow was discovered in the Firebird database server, which
could result in the execution of arbitrary code. In addition, a denial
of service vulnerability was discovered in the TraceManager.

For the stable distribution (squeeze), these problems have been fixed in
version 2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze1.

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your firebird2.5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
[SECURITY] [DSA 2647-1] firebird2.1 security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2647-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
March 15, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : firebird2.1
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-2492
Debian Bug : 702735

A buffer overflow was discovered in the Firebird database server, which
could result in the execution of arbitrary code.

For the stable distribution (squeeze), this problem has been fixed in
version 2.1.3.18185-0.ds1-11+squeeze1.

For the testing distribution (wheezy), firebird2.1 will be removed in
favour of firebird2.5.

For the unstable distribution (sid), firebird2.1 will be removed in
favour of firebird2.5.

We recommend that you upgrade your firebird2.1 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
[SECURITY] [DSA 2650-1] libvirt-bin security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2650-1 security@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
March 15, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : libvirt-bin
Vulnerability : files and device nodes ownership change to kvm group
Problem type : local
Debian-specific: yes
CVE ID : CVE-2013-1766
Debian Bug : 701649

Bastian Blank discovered that libvirtd, a daemon for management of virtual
machines, network and storage, would change ownership of devices files so they
would be owned by user `libvirt-qemu` and group `kvm`, which is a general
purpose group not specific to libvirt, allowing unintended write access to
those devices and files for the kvm group members.

For the stable distribution (squeeze), this problem has been fixed in
version 0.8.3-5+squeeze4.

For the testing distribution (wheezy), this problem has been fixed in
version 0.9.12-11.

For the unstable distribution (sid), this problem has been fixed in
version 0.9.12-11.

We recommend that you upgrade your libvirt-bin packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
[SECURITY] [DSA 2649-1] lighttpd security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2649-1 security@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
March 15, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : lighttpd
Vulnerability : fixed socket name in world-writable directory
Problem type : local
Debian-specific: yes
CVE ID : CVE-2013-1427
Debian Bug :

Stefan Bühler discovered that the Debian specific configuration file for
lighttpd webserver FastCGI PHP support used a fixed socket name in the
world-writable /tmp directory. A symlink attack or a race condition could be
exploited by a malicious user on the same machine to take over the PHP control
socket and for example force the webserver to use a different PHP version.

As the fix is in a configuration file lying in /etc, the update won't be
enforced if the file has been modified by the administrator. In that case, care
should be taken to manually apply the fix.

For the stable distribution (squeeze), this problem has been fixed in
version 1.4.28-2+squeeze1.3.

For the testing distribution (wheezy), this problem has been fixed in
version 1.4.31-4.

For the unstable distribution (sid), this problem has been fixed in
version 1.4.31-4.

We recommend that you upgrade your lighttpd packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
[SECURITY] [DSA 2646-1] typo3-src security update
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2646-1 security@debian.org
http://www.debian.org/security/ Yves-Alexis Perez
March 15, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : typo3-src
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-1842 CVE-2013-1843
Debian Bug : 702574

Typo3, a PHP-based content management system, was found vulnerable to several vulnerabilities.

CVE-2013-1842

Helmut Hummel and Markus Opahle discovered that the Extbase database layer
was not correctly sanitizing user input when using the Query object model.
This can lead to SQL injection by a malicious user inputing crafted
relation values.

CVE-2013-1843

Missing user input validation in the access tracking mechanism could lead
to arbitrary URL redirection.
.
Note: the fix will break already published links. Upstream advisory on
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2013-001/
has more information on how to mitigate that.

For the stable distribution (squeeze), these problems have been fixed in
version 4.3.9+dfsg1-1+squeeze8.

For the testing distribution (wheezy), these problems have been fixed in
version 4.5.19+dfsg1-5.

For the unstable distribution (sid), these problems have been fixed in
version 4.5.19+dfsg1-5.

We recommend that you upgrade your typo3-src packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/