An integer underflow flaw, leading to a heap-based buffer overflow, was
found in the ksba_oid_to_str() function of libksba, an X.509 and CMS
(PKCS#7) library. By using special crafted S/MIME messages or ECC based
OpenPGP data, it is possible to create a buffer overflow, which could
cause an application using libksba to crash (denial of service), or
potentially, execute arbitrary code.
Category Archives: Debian
Debian Security Advisories
DSA-3077 openjdk-6 – security update
Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, information disclosure or denial of service.
DSA-3076 wireshark – security update
Multiple vulnerabilities were discovered in the dissectors/parsers for
SigComp UDVM, AMQP, NCP and TN5250, which could result in denial of
service.
DSA-3075 drupal7 – security update
Two vulnerabilities were discovered in Drupal, a fully-featured content
management framework. The Common Vulnerabilities and Exposures project
identifies the following issues:
DSA-3074 php5 – security update
Francisco Alonso of Red Hat Product Security found an issue in the file
utility, whose code is embedded in PHP, a general-purpose scripting
language. When checking ELF files, note headers are incorrectly
checked, thus potentially allowing attackers to cause a denial of
service (out-of-bounds read and application crash) by supplying a
specially crafted ELF file.
DSA-3073 libgcrypt11 – security update
Daniel Genkin, Itamar Pipman and Eran Tromer discovered that Elgamal
encryption subkeys in applications using the libgcrypt11 library, for
example GnuPG 2.x, could be leaked via a side-channel attack.
DSA-3071 nss – security update
In nss, a set of libraries designed to support cross-platform
development of security-enabled client and server applications, Tyson
Smith and Jesse Schwartzentruber discovered a use-after-free
vulnerability that allows remote attackers to execute arbitrary code by
triggering the improper removal of an NSSCertificate structure from a
trust domain.
DSA-3072 file – security update
Francisco Alonso of Red Hat Product Security found an issue in the file
utility: when checking ELF files, note headers are incorrectly checked,
thus potentially allowing attackers to cause a denial of service
(out-of-bounds read and application crash) by supplying a specially
crafted ELF file.
[BSA-099] Security update for libreofice
Rene Engelhard uploaded new packages for libreoffice which fixed the following security problems: CVE-2014-3693: Use-After-Free in socket manager of Impress Remote It was discovered that LibreOffice 4.0.0 and later does not manage the port 1599 for the LibreOffice Impress correctly. An external attackers with access to that port could cause the deleted port manager to continue to process attacker supplied data. Note that this update also disables the remote contol per default as it listens on port 1599 "to the world" per default. If you want/need it you need to enable it manally: 1. Open LibreOffice, go to "Tools -> Options..." 2. Select "LibreOffice Impress -> General" 3. Check "Presentation -> Enable remote control" For the wheezy-backports distribution the problems have been fixed in version 1:4.3.3~rc2-1~bpo70+1.
DSA-3068 konversation – security update
It was discovered that Konversation, an IRC client for KDE, could be
crashed when receiving malformed messages using FiSH encryption.