Debian 10158 Published by

Debian GNU/Linux has received various security upgrades, including wireshark, expat, debian-security-support, sqlite3, and mariadb-10.1:

Debian GNU/Linux 9 (Stretch) Extended LTS:
ELA-1189-1 mariadb-10.1 security update

Debian GNU/Linux 8 (Jessie), 9 (Stretch), 10 (Buster) Extended LTS:
ELA-1190-1 expat security update

Debian GNU/Linux 9 (Stretch) and 10 (Buster) Extended LTS:
ELA-1188-1 wireshark security update

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1191-1 sqlite3 security update

Debian GNU/Linux 11 (Bullseye) LTS:
[SECURITY] [DLA 3906-1] wireshark security update
[SECURITY] [DLA 3908-1] debian-security-support update
[SECURITY] [DLA 3907-1] sqlite3 security update



[SECURITY] [DLA 3906-1] wireshark security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3906-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
September 30, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : wireshark
Version : 3.4.16-0+deb11u1
CVE ID : CVE-2021-4181 CVE-2021-4182 CVE-2021-4184 CVE-2021-4185
CVE-2021-4186 CVE-2021-4190 CVE-2022-0581 CVE-2022-0582
CVE-2022-0583 CVE-2022-0585 CVE-2022-0586 CVE-2022-3190
CVE-2022-4344 CVE-2022-4345 CVE-2023-0411 CVE-2023-0412
CVE-2023-0413 CVE-2023-0415 CVE-2023-0416 CVE-2023-0417
CVE-2023-0666 CVE-2023-0667 CVE-2023-0668 CVE-2023-1161
CVE-2023-1992 CVE-2023-1993 CVE-2023-1994 CVE-2023-2855
CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2906
CVE-2023-2952 CVE-2023-3648 CVE-2023-3649 CVE-2023-4511
CVE-2023-4512 CVE-2023-4513 CVE-2023-6175 CVE-2024-0208
CVE-2024-0209 CVE-2024-0211 CVE-2024-2955 CVE-2024-4853
CVE-2024-4854 CVE-2024-8250 CVE-2024-8645
Debian Bug : 1033756 1034721 1041101 1059925 1068111 1080298

Multiple vulnerabilities have been fixed in the network traffic analyzer
Wireshark.

CVE-2021-4181

Sysdig Event dissector crash

CVE-2021-4182

RFC 7468 dissector crash

CVE-2021-4184

BitTorrent DHT dissector infinite loop

CVE-2021-4185

RTMPT dissector infinite loop

CVE-2021-4186

Gryphon dissector crash

CVE-2021-4190

Kafka dissector large loop DoS

CVE-2022-0581

CMS protocol dissector crash

CVE-2022-0582

CSN.1 protocol dissector unaligned access

CVE-2022-0583

PVFS protocol dissector crash

CVE-2022-0585

Large loops in multiple dissectors

CVE-2022-0586

RTMPT protocol dissector infinite loop

CVE-2022-3190

F5 Ethernet Trailer dissector infinite loop

CVE-2022-4344

Kafka protocol dissector memory exhaustion

CVE-2022-4345

Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors

CVE-2023-0411

Excessive loops in the BPv6, NCP and RTPS protocol dissectors

CVE-2023-0412

TIPC dissector crash

CVE-2023-0413

Dissection engine bug DoS

CVE-2023-0415

iSCSI dissector crash

CVE-2023-0416

GNW dissector crash

CVE-2023-0417

NFS dissector memory leak

CVE-2023-0666

RTPS parsing heap overflow

CVE-2023-0667

MSMMS dissector buffer overflow

CVE-2023-0668

IEEE C37.118 Synchrophasor dissector crash

CVE-2023-1161

ISO 15765 dissector crash

CVE-2023-1992

RPCoRDMA dissector crash

CVE-2023-1993

LISP dissector large loop

CVE-2023-1994

GQUIC dissector crash

CVE-2023-2855

Candump log parser crash

CVE-2023-2856

VMS TCPIPtrace file parser crash

CVE-2023-2858

NetScaler file parser crash

CVE-2023-2879

GDSDB dissector infinite loop

CVE-2023-2906

CP2179 dissector crash

CVE-2023-2952

XRA dissector infinite loop

CVE-2023-3648

Kafka dissector crash

CVE-2023-3649

iSCSI dissector crash

CVE-2023-4511

BT SDP dissector infinite loop

CVE-2023-4512

CBOR dissector crash

CVE-2023-4513

BT SDP dissector memory leak

CVE-2023-6175

NetScreen file parser crash

CVE-2024-0208

GVCP dissector crash

CVE-2024-0209

IEEE 1609.2 dissector crash

CVE-2024-0211

DOCSIS dissector crash

CVE-2024-2955

T.38 dissector crash

CVE-2024-4853

Editcap byte chopping crash

CVE-2024-4854

MONGO dissector infinite loop

CVE-2024-8250

NTLMSSP dissector crash

CVE-2024-8645

SPRT dissector crash

For Debian 11 bullseye, these problems have been fixed in version
3.4.16-0+deb11u1.

We recommend that you upgrade your wireshark packages.

For the detailed security status of wireshark please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/wireshark

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



ELA-1188-1 wireshark security update

Package : wireshark
Version : 2.6.20-0+deb10u9~deb9u1 (stretch), 2.6.20-0+deb10u9 (buster)

Related CVEs :
CVE-2023-0667
CVE-2023-3649
CVE-2023-4512
CVE-2024-0211
CVE-2024-2955
CVE-2024-4853
CVE-2024-4854
CVE-2024-8250
CVE-2024-8645

Multiple vulnerabilities have been fixed in the network traffic analyzer Wireshark.

CVE-2023-0667
MSMMS dissector buffer overflow

CVE-2023-3649
iSCSI dissector crash

CVE-2023-4512
CBOR dissector crash

CVE-2024-0211
DOCSIS dissector crash

CVE-2024-2955
T.38 dissector crash

CVE-2024-4853
Editcap byte chopping crash

CVE-2024-4854
MONGO dissector infinite loop

CVE-2024-8250
NTLMSSP dissector crash

CVE-2024-8645
SPRT dissector crash

ELA-1188-1 wireshark security update


ELA-1190-1 expat security update

Package : expat
Version : 2.1.0-6+deb8u12 (jessie), 2.2.0-2+deb9u9 (stretch), 2.2.6-2+deb10u8 (buster)

Related CVEs :
CVE-2024-45490
CVE-2024-45491
CVE-2024-45492

Multiple vulnerabilities were found in expat, an XML parsing C library,
which could lead to Denial of Service, memory corruption or arbitrary
code execution.

CVE-2024-45490: TaiYou discovered that xmlparse.c does not reject a
negative length for XML_ParseBuffer(), which may cause memory
corruption or code execution.

CVE-2024-45491: TaiYou discovered that xmlparse.c has an integer
overflow for nDefaultAtts on 32-bit platforms, which may cause
denial of service or code execution.

CVE-2024-45492: TaiYou discovered that xmlparse.c has an integer
overflow for m_groupSize on 32-bit platforms, which may cause
denial of service or code execution.


ELA-1190-1 expat security update


[SECURITY] [DLA 3908-1] debian-security-support update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3908-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Santiago Ruano Rincón
September 30, 2024 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : debian-security-support
Version : 1:11+2024.09.30
Debian Bug : 1063756

debian-security-support, the Debian security support coverage checker, has been
updated in bullseye-security to mark the end of life of the following packages:

* pdns-recursor: See https://bugs.debian.org/1070176
* slurm-wlm: See https://bugs.debian.org/1071127
* libreswan: See https://bugs.debian.org/1072527
* phppgadmin: See https://bugs.debian.org/1072589
* pytest-salt-factories: See https://bugs.debian.org/1070175
* pytest-testinfra: See https://bugs.debian.org/1070175
* salt: See https://bugs.debian.org/1070175
* gpac: See https://lists.debian.org/debian-lts/2024/08/msg00007.html
* snort: See https://bugs.debian.org/1063756
* iotjs: See https://bugs.debian.org/1078334
* wpewebkit: See https://bugs.debian.org/1035997
* python2.7: See https://lists.debian.org/debian-lts/2024/08/msg00057.html
* cython: See https://lists.debian.org/debian-lts/2024/08/msg00057.html
* jython: See https://lists.debian.org/debian-lts/2024/08/msg00057.html
* pypy: See https://lists.debian.org/debian-lts/2024/08/msg00057.html
* python-stdlib-extensions: See
https://lists.debian.org/debian-lts/2024/08/msg00057.html

For Debian 11 bullseye, this problem has been fixed in version
1:11+2024.09.30.

We recommend that you upgrade your debian-security-support packages.

For the detailed security status of debian-security-support please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/debian-security-support

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 3907-1] sqlite3 security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3907-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
September 30, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : sqlite3
Version : 3.34.1-3+deb11u1
CVE ID : CVE-2021-36690 CVE-2023-7104

Two vulnerabilities have been fixed in the SQLite database.

CVE-2021-36690

Expert extension segfault

CVE-2023-7104

Session extension buffer overread

For Debian 11 bullseye, these problems have been fixed in version
3.34.1-3+deb11u1.

We recommend that you upgrade your sqlite3 packages.

For the detailed security status of sqlite3 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/sqlite3

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



ELA-1191-1 sqlite3 security update

Package : sqlite3
Version : 3.27.2-3+deb10u3 (buster)

Related CVEs :
CVE-2019-19244
CVE-2021-36690
CVE-2023-7104

Multiple vulnerabilities have been fixed in the SQLite database.

CVE-2019-19244
Mishandling of sub-select that uses both DISTINCT and window functions, and also has certain ORDER BY usage

CVE-2021-36690
Expert extension segfault

CVE-2023-7104
Session extension buffer overread

ELA-1191-1 sqlite3 security update


ELA-1189-1 mariadb-10.1 security update

Package : mariadb-10.1
Version : 10.1.48-0+deb9u4 (stretch)

Related CVEs :
CVE-2021-46659
CVE-2022-21427
CVE-2022-24048
CVE-2022-24050
CVE-2022-24051
CVE-2022-24052
CVE-2022-27380
CVE-2022-27383
CVE-2022-27384
CVE-2022-27387
CVE-2022-27448
CVE-2022-31622
CVE-2022-32083

Several vulnerabilities have been fixed in MariaDB, a popular database server.

CVE-2022-21427
An easily exploitable vulnerability allowed high
privileged attacker with network access via multiple protocols
to compromise MariaDB Server. Successful attacks of this vulnerability
can result in unauthorized ability to cause a hang
or frequently repeatable crash (complete DOS). Certain UTF8 combining
marks cause MariaDB to crash when doing Full-Text searches.

CVE-2022-24048, CVE-2022-24051, CVE-2022-24052
MariaDB CONNECT Storage Engine Stack-based Buffer
Overflow Privilege Escalation Vulnerability. This vulnerability allows
local attackers to escalate privileges on affected installations
of MariaDB. Authentication is required to exploit this vulnerability.
The specific flaw exists within the processing of SQL queries.
The issue results from the lack of proper validation of the length
of user-supplied data prior to copying it to a fixed-length stack-based
buffer. An attacker can leverage this vulnerability to escalate
privileges and execute arbitrary code in the context of the
service account. Concerned Storage Engines are JSON, XML and MYSQL.

CVE-2022-24050
MariaDB CONNECT Storage Engine use-after-free
privilege escalation vulnerability. This vulnerability allows local
attackers to escalate privileges on affected installations of MariaDB.
Authentication is required to exploit this vulnerability.
The specific flaw exists within the processing of SQL queries.
The issue results from the lack of validating the existence of an object
prior to performing operations on the object.
An attacker can leverage this vulnerability to escalate privileges and
execute arbitrary code in the context of the service account.

CVE-2022-27380
An issue in the component my_decimal::operator=
of MariaDB Server was discovered that makes it possible for attackers to cause
a Denial of Service (DoS) via specially crafted SQL statements.

CVE-2022-27383
An use-after-free was found in the component
my_strcasecmp_8bit, which may be exploited via specially crafted
SQL statements.

CVE-2022-27384, CVE-2022-32083
An issue in the component
Item_subselect::init_expr_cache_tracker allows attackers to cause
a Denial of Service (DoS) via specially crafted SQL statements.

CVE-2022-27387
A global buffer overflow in the component
decimal_bin_size was found, which is exploited via specially
crafted SQL statements.

CVE-2022-27448
An issue was found in multi-update and implicit
grouping handling, which is exploited via specially
crafted SQL statements. An attacker can leverage
this vulnerability to cause a Denial of Service (DoS)

CVE-2022-31622
Incorrect handling of errors while executing the
method create_worker_threads could lead to a Denial of Service (DoS).

ELA-1189-1 mariadb-10.1 security update