NVD Description

Note: Versions mentioned in the description apply only to the upstream cups package and not the cups package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.

Remediation

Upgrade Debian:unstable cups to version 2.2.12-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2019-8675
• https://support.apple.com/en-us/HT210348
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-8675

NVD Description

Note: Versions mentioned in the description apply only to the upstream cups package and not the cups package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.

Remediation

Upgrade Debian:unstable cups to version 2.2.12-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2019-8696
• https://support.apple.com/en-us/HT210348
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-8696

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).

Remediation

Upgrade Debian:unstable expat to version 2.4.3-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2021-45960
• https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
• https://github.com/libexpat/libexpat/issues/531
• https://github.com/libexpat/libexpat/pull/534
• http://www.openwall.com/lists/oss-security/2022/01/17/3
• https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
• https://security.gentoo.org/glsa/202209-24
• https://security.netapp.com/advisory/ntap-20220121-0004/
• https://www.debian.org/security/2022/dsa-5073
• https://www.tenable.com/security/tns-2022-05

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Debian:unstable expat to version 2.4.3-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-22825
• http://www.openwall.com/lists/oss-security/2022/01/17/3
• https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
• https://github.com/libexpat/libexpat/pull/539
• https://security.gentoo.org/glsa/202209-24
• https://www.debian.org/security/2022/dsa-5073
• https://www.tenable.com/security/tns-2022-05

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Debian:unstable expat to version 2.4.3-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-22827
• http://www.openwall.com/lists/oss-security/2022/01/17/3
• https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
• https://github.com/libexpat/libexpat/pull/539
• https://security.gentoo.org/glsa/202209-24
• https://www.debian.org/security/2022/dsa-5073
• https://www.tenable.com/security/tns-2022-05

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Remediation

Upgrade Debian:unstable expat to version 2.4.3-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-22826
• http://www.openwall.com/lists/oss-security/2022/01/17/3
• https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
• https://github.com/libexpat/libexpat/pull/539
• https://security.gentoo.org/glsa/202209-24
• https://www.debian.org/security/2022/dsa-5073
• https://www.tenable.com/security/tns-2022-05

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnupg2 package and not the gnupg2 package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060.

Remediation

Upgrade Debian:unstable gnupg2 to version 2.2.12-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2018-1000858
• https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html
• https://sektioneins.de/en/blog/18-11-23-gnupg-wkd.html
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1000858
• https://usn.ubuntu.com/3853-1/

NVD Description

Note: Versions mentioned in the description apply only to the upstream gzip package and not the gzip package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Remediation

Upgrade Debian:unstable gzip to version 1.12-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-1271
• https://access.redhat.com/security/cve/CVE-2022-1271
• https://bugzilla.redhat.com/show_bug.cgi?id=2073310
• https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
• https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
• https://security.gentoo.org/glsa/202209-01
• https://security.netapp.com/advisory/ntap-20220930-0006/
• https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch
• https://www.openwall.com/lists/oss-security/2022/04/07/8
• https://git.tukaani.org/?p=xz.git%3Ba=commit%3Bh=69d1b3fc29677af8ade8dc15dba83f0589cb63d6

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

PAC parsing in MIT Kerberos 5 (aka krb5) before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution (in KDC, kadmind, or a GSS or Kerberos application server) on 32-bit platforms (which have a resultant heap-based buffer overflow), and cause a denial of service on other platforms. This occurs in krb5_pac_parse in lib/krb5/krb/pac.c. Heimdal before 7.7.1 has "a similar bug."

Remediation

Upgrade Debian:unstable krb5 to version 1.20.1-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-42898
• https://bugzilla.samba.org/show_bug.cgi?id=15203
• https://github.com/heimdal/heimdal/security/advisories/GHSA-64mq-fvfj-5x3c
• https://github.com/krb5/krb5/commit/ea92d2f0fcceb54a70910fa32e9a0d7a5afc3583
• https://security.netapp.com/advisory/ntap-20230216-0008/
• https://security.netapp.com/advisory/ntap-20230223-0001/
• https://web.mit.edu/kerberos/advisories/
• https://web.mit.edu/kerberos/krb5-1.19/
• https://web.mit.edu/kerberos/krb5-1.20/README-1.20.1.txt
• https://www.samba.org/samba/security/CVE-2022-42898.html
• https://security.gentoo.org/glsa/202309-06
• https://security.gentoo.org/glsa/202310-06

NVD Description

Note: Versions mentioned in the description apply only to the upstream nss package and not the nss package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.

Remediation

Upgrade Debian:unstable nss to version 2:3.87.1-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-0767
• https://bugzilla.mozilla.org/show_bug.cgi?id=1804640
• https://www.mozilla.org/security/advisories/mfsa2023-05/
• https://www.mozilla.org/security/advisories/mfsa2023-06/
• https://www.mozilla.org/security/advisories/mfsa2023-07/
• https://alas.aws.amazon.com/AL2/ALAS-2023-1992.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream nss package and not the nss package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Remediation

Upgrade Debian:unstable nss to version 2:3.101-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2024-6609
• https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
• https://www.mozilla.org/security/advisories/mfsa2024-29/
• https://www.mozilla.org/security/advisories/mfsa2024-32/

NVD Description

Note: Versions mentioned in the description apply only to the upstream nss package and not the nss package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

Remediation

Upgrade Debian:unstable nss to version 2:3.47.1-1 or higher.

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745
• https://security-tracker.debian.org/tracker/CVE-2019-11745
• https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf
• https://security.gentoo.org/glsa/202003-02
• https://security.gentoo.org/glsa/202003-10
• https://security.gentoo.org/glsa/202003-37
• https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04
• https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html
• https://www.mozilla.org/security/advisories/mfsa2019-36/
• https://www.mozilla.org/security/advisories/mfsa2019-37/
• https://www.mozilla.org/security/advisories/mfsa2019-38/
• http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html
• http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html
• http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html
• https://access.redhat.com/errata/RHSA-2020:0243
• https://access.redhat.com/errata/RHSA-2020:0466
• https://bugzilla.mozilla.org/show_bug.cgi?id=1586176
• https://usn.ubuntu.com/4335-1/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-11745
• https://usn.ubuntu.com/4241-1/

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Remediation

Upgrade Debian:unstable sqlite3 to version 3.27.2-3 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2019-5827
• https://seclists.org/bugtraq/2019/Aug/19
• https://crbug.com/952406
• https://www.debian.org/security/2019/dsa-4500
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/
• https://security.gentoo.org/glsa/202003-16
• https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html
• https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
• http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html
• https://usn.ubuntu.com/4205-1/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-5827
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/

NVD Description

Note: Versions mentioned in the description apply only to the upstream xz-utils package and not the xz-utils package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.

Remediation

Upgrade Debian:unstable xz-utils to version 5.2.5-2.1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-1271
• https://access.redhat.com/security/cve/CVE-2022-1271
• https://bugzilla.redhat.com/show_bug.cgi?id=2073310
• https://git.tukaani.org/?p=xz.git;a=commit;h=69d1b3fc29677af8ade8dc15dba83f0589cb63d6
• https://lists.gnu.org/r/bug-gzip/2022-04/msg00011.html
• https://security.gentoo.org/glsa/202209-01
• https://security.netapp.com/advisory/ntap-20220930-0006/
• https://tukaani.org/xz/xzgrep-ZDI-CAN-16587.patch
• https://www.openwall.com/lists/oss-security/2022/04/07/8
• https://git.tukaani.org/?p=xz.git%3Ba=commit%3Bh=69d1b3fc29677af8ade8dc15dba83f0589cb63d6

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.

Remediation

Upgrade Debian:unstable perl to version 5.30.3-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2020-10878
• https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
• https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8
• https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c
• https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3
• https://security.netapp.com/advisory/ntap-20200611-0001/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
• https://security.gentoo.org/glsa/202006-03
• https://www.oracle.com/security-alerts/cpuApr2021.html
• https://www.oracle.com/security-alerts/cpujan2021.html
• https://www.oracle.com/security-alerts/cpuoct2020.html
• https://www.oracle.com/security-alerts/cpuoct2021.html
• https://www.oracle.com//security-alerts/cpujul2021.html
• http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-10878
• https://www.oracle.com/security-alerts/cpuapr2022.html
• https://www.oracle.com/security-alerts/cpujan2022.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

Remediation

Upgrade Debian:unstable perl to version 5.30.3-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2020-10543
• https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
• https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed
• https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3
• https://security.netapp.com/advisory/ntap-20200611-0001/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/
• https://security.gentoo.org/glsa/202006-03
• https://www.oracle.com/security-alerts/cpuApr2021.html
• https://www.oracle.com/security-alerts/cpujan2021.html
• https://www.oracle.com/security-alerts/cpuoct2020.html
• https://www.oracle.com/security-alerts/cpuoct2021.html
• https://www.oracle.com//security-alerts/cpujul2021.html
• http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-10543
• https://www.oracle.com/security-alerts/cpuapr2022.html
• https://www.oracle.com/security-alerts/cpujan2022.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IN3TTBO5KSGWE5IRIKDJ5JSQRH7ANNXE/

NVD Description

Note: Versions mentioned in the description apply only to the upstream apt package and not the apt package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.

Remediation

Upgrade Debian:unstable apt to version 1.8.0~alpha3.1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2019-3462
• https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
• https://www.debian.org/security/2019/dsa-4371
• https://lists.debian.org/debian-lts-announce/2019/01/msg00013.html
• https://lists.debian.org/debian-lts-announce/2019/01/msg00014.html
• https://security.netapp.com/advisory/ntap-20190125-0002/
• http://www.securityfocus.com/bid/106690
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-3462
• https://usn.ubuntu.com/3863-1/
• https://usn.ubuntu.com/3863-2/
• https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f%40%3Cdevnull.infra.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

Remediation

Upgrade Debian:unstable expat to version 2.4.8-2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-40674
• https://github.com/libexpat/libexpat/pull/629
• https://github.com/libexpat/libexpat/pull/640
• https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/
• https://security.gentoo.org/glsa/202209-24
• https://security.gentoo.org/glsa/202211-06
• https://security.netapp.com/advisory/ntap-20221028-0008/
• https://www.debian.org/security/2022/dsa-5236
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libjpeg-turbo package and not the libjpeg-turbo package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.

Remediation

Upgrade Debian:unstable libjpeg-turbo to version 1:2.0.5-1 or higher.

References

• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-13790
• https://security-tracker.debian.org/tracker/CVE-2020-13790
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/
• https://security.gentoo.org/glsa/202010-03
• https://github.com/libjpeg-turbo/libjpeg-turbo/commit/3de15e0c344d11d4b90f4a47136467053eb2d09a
• https://github.com/libjpeg-turbo/libjpeg-turbo/issues/433
• https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html
• http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00031.html
• http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00062.html
• https://usn.ubuntu.com/4386-1/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P4D6KNUY7YANSPH7SVQ44PJKSABFKAUB/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6563YHSVZK24MPJXGJVK3CQG7JVWZGK/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libzstd package and not the libzstd package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used.

Remediation

Upgrade Debian:unstable libzstd to version 1.3.8+dfsg-2 or higher.

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11922
• https://security-tracker.debian.org/tracker/CVE-2019-11922
• https://www.facebook.com/security/advisories/cve-2019-11922
• https://github.com/facebook/zstd/pull/1404/commits/3e5cdf1b6a85843e991d7d10f6a2567c15580da0
• https://www.oracle.com/security-alerts/cpuoct2020.html
• http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00008.html
• http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00062.html
• http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00078.html
• https://usn.ubuntu.com/4108-1/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-11922

NVD Description

Note: Versions mentioned in the description apply only to the upstream nettle package and not the nettle package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.

Remediation

Upgrade Debian:unstable nettle to version 3.7.2-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2021-20305
• https://www.debian.org/security/2021/dsa-4933
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/
• https://security.gentoo.org/glsa/202105-31
• https://bugzilla.redhat.com/show_bug.cgi?id=1942533
• https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html
• https://security.netapp.com/advisory/ntap-20211022-0002/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MQKWVVMAIDAJ7YAA3VVO32BHLDOH2E63/

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.

Remediation

Upgrade Debian:unstable perl to version 5.38.2-2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-31484
• http://www.openwall.com/lists/oss-security/2023/04/29/1
• http://www.openwall.com/lists/oss-security/2023/05/03/3
• http://www.openwall.com/lists/oss-security/2023/05/03/5
• http://www.openwall.com/lists/oss-security/2023/05/07/2
• https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/
• https://github.com/andk/cpanpm/pull/175
• https://metacpan.org/dist/CPAN/changes
• https://www.openwall.com/lists/oss-security/2023/04/18/14
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BM6UW55CNFUTNGD5ZRKGUKKKFDJGMFHL/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LEGCEOKFJVBJ2QQ6S2H4NAEWTUERC7SB/
• https://security.netapp.com/advisory/ntap-20240621-0007/

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.

Remediation

Upgrade Debian:unstable sqlite3 to version 3.27.2-3 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2019-5018
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5018
• https://security.gentoo.org/glsa/201908-09
• http://packetstormsecurity.com/files/152809/Sqlite3-Window-Function-Remote-Code-Execution.html
• https://security.netapp.com/advisory/ntap-20190521-0001/
• http://www.securityfocus.com/bid/108294
• https://talosintelligence.com/vulnerability_reports/TALOS-2019-0777
• https://usn.ubuntu.com/4205-1/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-5018

NVD Description

Note: Versions mentioned in the description apply only to the upstream avahi package and not the avahi package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product.

Remediation

Upgrade Debian:unstable avahi to version 0.8-4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2021-26720
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982796
• https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1870824
• https://bugzilla.suse.com/show_bug.cgi?id=1180827
• https://metadata.ftp-master.debian.org/changelogs/main/a/avahi/avahi_0.8-4_changelog
• https://packages.debian.org/bullseye/avahi-daemon
• https://packages.debian.org/buster/avahi-daemon
• https://packages.debian.org/sid/avahi-daemon
• https://www.openwall.com/lists/oss-security/2021/02/15/2
• https://lists.debian.org/debian-lts-announce/2022/06/msg00009.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream bash package and not the bash package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.

Remediation

Upgrade Debian:unstable bash to version 5.2-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-3715
• https://bugzilla.redhat.com/show_bug.cgi?id=2126720

NVD Description

Note: Versions mentioned in the description apply only to the upstream cups package and not the cups package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.

Remediation

Upgrade Debian:unstable cups to version 2.3.1-12 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2020-3898
• https://support.apple.com/kb/HT211100
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-3898

NVD Description

Note: Versions mentioned in the description apply only to the upstream dbus package and not the dbus package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors

Remediation

Upgrade Debian:unstable dbus to version 1.12.20-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2020-35512
• https://bugs.gentoo.org/755392
• https://bugzilla.redhat.com/show_bug.cgi?id=1909101
• https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128

NVD Description

Note: Versions mentioned in the description apply only to the upstream e2fsprogs package and not the e2fsprogs package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.

Remediation

Upgrade Debian:unstable e2fsprogs to version 1.46.6~rc1-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-1304
• https://access.redhat.com/errata/RHSA-2022:7720
• https://access.redhat.com/errata/RHSA-2022:8361
• https://access.redhat.com/security/cve/CVE-2022-1304
• https://bugzilla.redhat.com/show_bug.cgi?id=2069726

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

Remediation

Upgrade Debian:unstable expat to version 2.4.3-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2021-46143
• https://github.com/libexpat/libexpat/issues/532
• https://github.com/libexpat/libexpat/pull/538
• http://www.openwall.com/lists/oss-security/2022/01/17/3
• https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
• https://security.gentoo.org/glsa/202209-24
• https://security.netapp.com/advisory/ntap-20220121-0006/
• https://www.debian.org/security/2022/dsa-5073
• https://www.tenable.com/security/tns-2022-05

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.

Remediation

Upgrade Debian:unstable glibc to version 2.33-4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2021-3999
• https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e
• https://access.redhat.com/errata/RHSA-2022:0896
• https://access.redhat.com/security/cve/CVE-2021-3999
• https://bugzilla.redhat.com/show_bug.cgi?id=2024637
• https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html
• https://security.netapp.com/advisory/ntap-20221104-0001/
• https://sourceware.org/bugzilla/show_bug.cgi?id=28769
• https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e
• https://www.openwall.com/lists/oss-security/2022/01/24/4

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

Remediation

Upgrade Debian:unstable glibc to version 2.37-12 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-4911
• http://www.openwall.com/lists/oss-security/2023/10/03/2
• http://www.openwall.com/lists/oss-security/2023/10/03/3
• http://www.openwall.com/lists/oss-security/2023/10/05/1
• https://access.redhat.com/errata/RHSA-2023:5453
• https://access.redhat.com/errata/RHSA-2023:5454
• https://access.redhat.com/errata/RHSA-2023:5455
• https://access.redhat.com/security/cve/CVE-2023-4911
• https://bugzilla.redhat.com/show_bug.cgi?id=2238352
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/
• https://security.gentoo.org/glsa/202310-03
• https://www.debian.org/security/2023/dsa-5514
• https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
• https://www.qualys.com/cve-2023-4911/
• http://packetstormsecurity.com/files/174986/glibc-ld.so-Local-Privilege-Escalation.html
• http://packetstormsecurity.com/files/176288/Glibc-Tunables-Privilege-Escalation.html
• http://seclists.org/fulldisclosure/2023/Oct/11
• http://www.openwall.com/lists/oss-security/2023/10/13/11
• http://www.openwall.com/lists/oss-security/2023/10/14/3
• http://www.openwall.com/lists/oss-security/2023/10/14/5
• http://www.openwall.com/lists/oss-security/2023/10/14/6
• https://access.redhat.com/errata/RHSA-2023:5476
• https://access.redhat.com/errata/RHSA-2024:0033
• https://security.netapp.com/advisory/ntap-20231013-0006/
• https://github.com/projectdiscovery/nuclei-templates/blob/master/code/cves/2023/CVE-2023-4911.yaml
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.

Remediation

Upgrade Debian:unstable glibc to version 2.37-15 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-6246
• https://access.redhat.com/security/cve/CVE-2023-6246
• https://bugzilla.redhat.com/show_bug.cgi?id=2249053
• https://www.openwall.com/lists/oss-security/2024/01/30/6
• http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html
• http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
• http://seclists.org/fulldisclosure/2024/Feb/3
• http://seclists.org/fulldisclosure/2024/Feb/5
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/
• https://security.gentoo.org/glsa/202402-01
• https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt
• https://security.netapp.com/advisory/ntap-20240216-0007/
• https://github.com/projectdiscovery/nuclei-templates/blob/master/code/cves/2023/CVE-2023-6246.yaml

NVD Description

Note: Versions mentioned in the description apply only to the upstream libx11 package and not the libx11 package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.

Remediation

Upgrade Debian:unstable libx11 to version 2:1.8.7-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-43787
• https://access.redhat.com/security/cve/CVE-2023-43787
• https://bugzilla.redhat.com/show_bug.cgi?id=2242254
• https://security.netapp.com/advisory/ntap-20231103-0006/
• http://www.openwall.com/lists/oss-security/2024/01/24/9
• https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/
• https://access.redhat.com/errata/RHSA-2024:2145
• https://access.redhat.com/errata/RHSA-2024:2973

NVD Description

Note: Versions mentioned in the description apply only to the upstream libx11 package and not the libx11 package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.

Remediation

Upgrade Debian:unstable libx11 to version 2:1.6.12-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2020-14363
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14363
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7AVXCQOSCAPKYYHFIJAZ6E2C7LJBTLXF/
• https://github.com/Ruia-ruia/Exploits/blob/master/DFX11details.txt
• https://github.com/Ruia-ruia/Exploits/blob/master/x11doublefree.sh
• https://lists.x.org/archives/xorg-announce/2020-August/003056.html
• https://usn.ubuntu.com/4487-2/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7AVXCQOSCAPKYYHFIJAZ6E2C7LJBTLXF/

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

Remediation

Upgrade Debian:unstable ncurses to version 6.4-3 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-29491
• http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
• http://www.openwall.com/lists/oss-security/2023/04/19/10
• http://www.openwall.com/lists/oss-security/2023/04/19/11
• https://www.openwall.com/lists/oss-security/2023/04/12/5
• https://www.openwall.com/lists/oss-security/2023/04/13/4
• https://security.netapp.com/advisory/ntap-20230517-0009/
• https://support.apple.com/kb/HT213843
• https://support.apple.com/kb/HT213844
• https://support.apple.com/kb/HT213845
• http://ncurses.scripts.mit.edu/?p=ncurses.git%3Ba=commit%3Bh=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56
• https://lists.debian.org/debian-lts-announce/2023/12/msg00004.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LU4MYMKFEZQ5VSCVLRIZGDQOUW3T44GT/

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

CPAN 2.28 allows Signature Verification Bypass.

Remediation

Upgrade Debian:unstable perl to version 5.36.0-4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2020-16156
• http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
• https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
• https://metacpan.org/pod/distribution/CPAN/scripts/cpan
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.

Remediation

Upgrade Debian:unstable perl to version 5.36.0-10 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-47038
• https://access.redhat.com/security/cve/CVE-2023-47038
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056746
• https://bugzilla.redhat.com/show_bug.cgi?id=2249523
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNEEWAACXQCEEAKSG7XX2D5YDRWLCIZJ/
• https://perldoc.perl.org/perl5382delta#CVE-2023-47038-Write-past-buffer-end-via-illegal-user-defined-Unicode-property
• https://access.redhat.com/errata/RHSA-2024:2228
• https://access.redhat.com/errata/RHSA-2024:3128

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value.

Remediation

Upgrade Debian:unstable perl to version 5.32.1-5 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2021-36770
• https://github.com/dankogai/p5-encode/commit/527e482dc70b035d0df4f8c77a00d81f8d775c74
• https://github.com/Perl/perl5/commit/c1a937fef07c061600a0078f4cb53fe9c2136bb9
• https://metacpan.org/dist/Encode/changes
• https://news.cpanel.com/unscheduled-tsr-10-august-2021/
• https://security.netapp.com/advisory/ntap-20210909-0003/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5NDGQSGMEZ75FJGBKNYC75OTO7TF7XHB/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6KOZYD7BH2DNIAEZ2ZL4PJ4QUVQI6Y33/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NDGQSGMEZ75FJGBKNYC75OTO7TF7XHB/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6KOZYD7BH2DNIAEZ2ZL4PJ4QUVQI6Y33/

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.

Remediation

Upgrade Debian:unstable systemd to version 240-4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2018-16864
• https://www.debian.org/security/2019/dsa-4367
• https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html
• https://security.gentoo.org/glsa/201903-07
• https://www.qualys.com/2019/01/09/system-down/system-down.txt
• https://security.netapp.com/advisory/ntap-20190117-0001/
• https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
• https://access.redhat.com/errata/RHBA-2019:0327
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16864
• https://access.redhat.com/errata/RHSA-2019:0049
• https://access.redhat.com/errata/RHSA-2019:0204
• https://access.redhat.com/errata/RHSA-2019:0271
• https://access.redhat.com/errata/RHSA-2019:0342
• https://access.redhat.com/errata/RHSA-2019:0361
• https://access.redhat.com/errata/RHSA-2019:2402
• http://www.securityfocus.com/bid/106523
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-16864
• https://usn.ubuntu.com/3855-1/
• https://access.redhat.com/security/cve/CVE-2018-16864
• https://bugzilla.redhat.com/show_bug.cgi?id=1653855
• http://www.openwall.com/lists/oss-security/2021/07/20/2

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.

Remediation

Upgrade Debian:unstable systemd to version 240-4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2018-16865
• https://seclists.org/bugtraq/2019/May/25
• https://www.debian.org/security/2019/dsa-4367
• https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html
• https://security.gentoo.org/glsa/201903-07
• http://packetstormsecurity.com/files/152841/System-Down-A-systemd-journald-Exploit.html
• https://www.qualys.com/2019/01/09/system-down/system-down.txt
• https://security.netapp.com/advisory/ntap-20190117-0001/
• https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
• http://www.openwall.com/lists/oss-security/2019/05/10/4
• https://access.redhat.com/errata/RHBA-2019:0327
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16865
• https://access.redhat.com/errata/RHSA-2019:0049
• https://access.redhat.com/errata/RHSA-2019:0204
• https://access.redhat.com/errata/RHSA-2019:0271
• https://access.redhat.com/errata/RHSA-2019:0342
• https://access.redhat.com/errata/RHSA-2019:0361
• https://access.redhat.com/errata/RHSA-2019:2402
• http://seclists.org/fulldisclosure/2019/May/21
• http://www.securityfocus.com/bid/106525
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-16865
• https://usn.ubuntu.com/3855-1/
• https://access.redhat.com/security/cve/CVE-2018-16865
• https://bugzilla.redhat.com/show_bug.cgi?id=1653861
• http://www.openwall.com/lists/oss-security/2021/07/20/2

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.

Remediation

Upgrade Debian:unstable systemd to version 247.1-2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-26604
• https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-2-insecure-functionality/
• https://github.com/systemd/systemd/blob/main/NEWS#L4335-L4340
• https://lists.debian.org/debian-lts-announce/2023/03/msg00032.html
• https://medium.com/@zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7
• https://security.netapp.com/advisory/ntap-20230505-0009/
• http://packetstormsecurity.com/files/174130/systemd-246-Local-Root-Privilege-Escalation.html
• https://medium.com/%40zenmoviefornotification/saidov-maxim-cve-2023-26604-c1232a526ba7
• https://www.exploit-db.com/exploits/51674

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.

Remediation

Upgrade Debian:unstable systemd to version 239-12 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2018-15686
• https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html
• https://www.exploit-db.com/exploits/45714/
• https://security.gentoo.org/glsa/201810-10
• https://github.com/systemd/systemd/pull/10519
• https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
• https://www.oracle.com//security-alerts/cpujul2021.html
• https://access.redhat.com/errata/RHSA-2019:3222
• https://access.redhat.com/errata/RHSA-2020:0593
• https://access.redhat.com/errata/RHSA-2019:2091
• http://www.securityfocus.com/bid/105747
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-15686
• https://usn.ubuntu.com/3816-1/
• https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.

Remediation

Upgrade Debian:unstable systemd to version 242-4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2019-3843
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/
• https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
• https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
• https://security.netapp.com/advisory/ntap-20190619-0002/
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843
• http://www.securityfocus.com/bid/108116
• https://usn.ubuntu.com/4269-1/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-3843
• https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
• https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.

Remediation

Upgrade Debian:unstable systemd to version 242-4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2019-3844
• https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
• https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
• https://security.netapp.com/advisory/ntap-20190619-0002/
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844
• http://www.securityfocus.com/bid/108096
• https://usn.ubuntu.com/4269-1/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-3844
• https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
• https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.

Remediation

Upgrade Debian:unstable systemd to version 244.2-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2020-1712
• https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54
• https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb
• https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d
• https://github.com/systemd/systemd/commit/ea0d0ede03c6f18dbc5036c5e9cccf97e415ccc2
• https://www.openwall.com/lists/oss-security/2020/02/05/1
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1712
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2020-1712
• https://lists.debian.org/debian-lts-announce/2022/06/msg00025.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream unzip package and not the unzip package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.

Remediation

Upgrade Debian:unstable unzip to version 6.0-22 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2018-1000035
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035
• https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html
• https://security.gentoo.org/glsa/202003-58
• https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-1000035

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution.

In a TLS client, this can be triggered by connecting to a malicious server.

In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.

Note: Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible.

Remediation

Upgrade Debian:unstable openssl to version 3.0.7-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-3602
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fe3b639dc19b325846f4f6801f2f4604f56e3de3
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
• http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
• http://www.openwall.com/lists/oss-security/2022/11/01/15
• http://www.openwall.com/lists/oss-security/2022/11/01/16
• http://www.openwall.com/lists/oss-security/2022/11/01/17
• http://www.openwall.com/lists/oss-security/2022/11/01/18
• http://www.openwall.com/lists/oss-security/2022/11/01/19
• http://www.openwall.com/lists/oss-security/2022/11/01/20
• http://www.openwall.com/lists/oss-security/2022/11/01/21
• http://www.openwall.com/lists/oss-security/2022/11/01/24
• http://www.openwall.com/lists/oss-security/2022/11/02/1
• http://www.openwall.com/lists/oss-security/2022/11/02/10
• http://www.openwall.com/lists/oss-security/2022/11/02/11
• http://www.openwall.com/lists/oss-security/2022/11/02/12
• http://www.openwall.com/lists/oss-security/2022/11/02/13
• http://www.openwall.com/lists/oss-security/2022/11/02/14
• http://www.openwall.com/lists/oss-security/2022/11/02/15
• http://www.openwall.com/lists/oss-security/2022/11/02/2
• http://www.openwall.com/lists/oss-security/2022/11/02/3
• http://www.openwall.com/lists/oss-security/2022/11/02/5
• http://www.openwall.com/lists/oss-security/2022/11/02/6
• http://www.openwall.com/lists/oss-security/2022/11/02/7
• http://www.openwall.com/lists/oss-security/2022/11/02/9
• http://www.openwall.com/lists/oss-security/2022/11/03/1
• http://www.openwall.com/lists/oss-security/2022/11/03/10
• http://www.openwall.com/lists/oss-security/2022/11/03/11
• http://www.openwall.com/lists/oss-security/2022/11/03/2
• http://www.openwall.com/lists/oss-security/2022/11/03/3
• http://www.openwall.com/lists/oss-security/2022/11/03/5
• http://www.openwall.com/lists/oss-security/2022/11/03/6
• http://www.openwall.com/lists/oss-security/2022/11/03/7
• http://www.openwall.com/lists/oss-security/2022/11/03/9
• https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
• https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
• https://security.gentoo.org/glsa/202211-01
• https://security.netapp.com/advisory/ntap-20221102-0001/
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a
• https://www.kb.cert.org/vuls/id/794340
• https://www.openssl.org/news/secadv/20221101.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

Remediation

Upgrade Debian:unstable expat to version 2.4.3-3 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-23990
• https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
• https://github.com/libexpat/libexpat/pull/551
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
• https://security.gentoo.org/glsa/202209-24
• https://www.debian.org/security/2022/dsa-5073
• https://www.oracle.com/security-alerts/cpuapr2022.html
• https://www.tenable.com/security/tns-2022-05
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.

Remediation

Upgrade Debian:unstable expat to version 2.4.5-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-25314
• http://www.openwall.com/lists/oss-security/2022/02/19/1
• https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
• https://github.com/libexpat/libexpat/pull/560
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
• https://security.gentoo.org/glsa/202209-24
• https://security.netapp.com/advisory/ntap-20220303-0008/
• https://www.debian.org/security/2022/dsa-5085
• https://www.oracle.com/security-alerts/cpuapr2022.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

Remediation

Upgrade Debian:unstable expat to version 2.2.7-2 or higher.

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
• https://security-tracker.debian.org/tracker/CVE-2019-15903
• https://seclists.org/bugtraq/2019/Dec/17
• https://seclists.org/bugtraq/2019/Dec/21
• https://seclists.org/bugtraq/2019/Dec/23
• https://seclists.org/bugtraq/2019/Nov/1
• https://seclists.org/bugtraq/2019/Nov/24
• https://seclists.org/bugtraq/2019/Oct/29
• https://seclists.org/bugtraq/2019/Sep/37
• https://seclists.org/bugtraq/2019/Sep/30
• https://security.netapp.com/advisory/ntap-20190926-0004/
• https://support.apple.com/kb/HT210785
• https://support.apple.com/kb/HT210788
• https://support.apple.com/kb/HT210789
• https://support.apple.com/kb/HT210790
• https://support.apple.com/kb/HT210793
• https://support.apple.com/kb/HT210794
• https://support.apple.com/kb/HT210795
• https://www.tenable.com/security/tns-2021-11
• https://www.debian.org/security/2019/dsa-4530
• https://www.debian.org/security/2019/dsa-4549
• https://www.debian.org/security/2019/dsa-4571
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
• http://seclists.org/fulldisclosure/2019/Dec/23
• http://seclists.org/fulldisclosure/2019/Dec/26
• http://seclists.org/fulldisclosure/2019/Dec/27
• http://seclists.org/fulldisclosure/2019/Dec/30
• https://security.gentoo.org/glsa/201911-08
• https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
• https://github.com/libexpat/libexpat/issues/317
• https://github.com/libexpat/libexpat/issues/342
• https://github.com/libexpat/libexpat/pull/318
• http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
• http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
• http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
• https://www.oracle.com/security-alerts/cpuoct2020.html
• https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
• https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
• https://www.oracle.com/security-alerts/cpuapr2020.html
• https://access.redhat.com/errata/RHSA-2019:3210
• https://access.redhat.com/errata/RHSA-2019:3237
• https://access.redhat.com/errata/RHSA-2019:3756
• http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
• http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
• http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
• http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
• http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
• https://usn.ubuntu.com/4165-1/
• https://usn.ubuntu.com/4202-1/
• https://usn.ubuntu.com/4335-1/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-15903
• https://usn.ubuntu.com/4132-1/
• https://usn.ubuntu.com/4132-2/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.

Remediation

Upgrade Debian:unstable expat to version 2.6.0-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-52425
• https://github.com/libexpat/libexpat/pull/789
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/
• https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html
• http://www.openwall.com/lists/oss-security/2024/03/20/5
• https://security.netapp.com/advisory/ntap-20240614-0003/

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

Remediation

Upgrade Debian:unstable expat to version 2.5.0-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-43680
• https://github.com/libexpat/libexpat/issues/649
• https://github.com/libexpat/libexpat/pull/616
• https://github.com/libexpat/libexpat/pull/650
• https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/
• https://security.gentoo.org/glsa/202210-38
• https://security.netapp.com/advisory/ntap-20221118-0007/
• https://www.debian.org/security/2022/dsa-5266
• http://www.openwall.com/lists/oss-security/2023/12/28/5
• http://www.openwall.com/lists/oss-security/2024/01/03/5
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

Remediation

Upgrade Debian:unstable expat to version 2.2.6-2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2018-20843
• https://seclists.org/bugtraq/2019/Jun/39
• https://support.f5.com/csp/article/K51011533
• https://www.tenable.com/security/tns-2021-11
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
• https://www.debian.org/security/2019/dsa-4472
• https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/
• https://security.gentoo.org/glsa/201911-08
• https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
• https://github.com/libexpat/libexpat/issues/186
• https://github.com/libexpat/libexpat/pull/262
• https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
• https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes
• https://www.oracle.com/security-alerts/cpuApr2021.html
• https://www.oracle.com/security-alerts/cpuoct2020.html
• https://www.oracle.com/security-alerts/cpuoct2021.html
• https://www.oracle.com/security-alerts/cpuapr2020.html
• https://security.netapp.com/advisory/ntap-20190703-0001/
• http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20843
• https://usn.ubuntu.com/4040-1/
• https://usn.ubuntu.com/4040-2/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/

NVD Description

Note: Versions mentioned in the description apply only to the upstream freetype package and not the freetype package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.

Remediation

Upgrade Debian:unstable freetype to version 2.11.1+dfsg-2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-27405
• http://freetype.com
• https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/
• https://security.gentoo.org/glsa/202402-06

NVD Description

Note: Versions mentioned in the description apply only to the upstream freetype package and not the freetype package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.

Remediation

Upgrade Debian:unstable freetype to version 2.11.1+dfsg-2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-27406
• http://freetype.com
• https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/
• https://security.gentoo.org/glsa/202402-06

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.

Remediation

Upgrade Debian:unstable glibc to version 2.28-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2009-5155
• https://support.f5.com/csp/article/K64119434
• https://support.f5.com/csp/article/K64119434?utm_source=f5support&utm_medium=RSS
• http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272
• https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793
• https://debbugs.gnu.org/cgi/bugreport.cgi?bug=32806
• https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34238
• https://sourceware.org/bugzilla/show_bug.cgi?id=11053
• https://sourceware.org/bugzilla/show_bug.cgi?id=18986
• https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eb04c21373e2a2885f3d52ff192b0499afe3c672
• https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
• https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
• https://security.netapp.com/advisory/ntap-20190315-0002/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2009-5155
• https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
• https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
• https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=eb04c21373e2a2885f3d52ff192b0499afe3c672
• https://support.f5.com/csp/article/K64119434?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.

Remediation

Upgrade Debian:unstable glibc to version 2.28-1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2018-19591
• https://sourceware.org/bugzilla/show_bug.cgi?id=23927
• https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=d527c860f5a3f0ed687bd03f0cb464612dc23408
• https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=NEWS;hb=HEAD
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/
• https://security.gentoo.org/glsa/201908-06
• https://security.gentoo.org/glsa/201903-09
• https://security.netapp.com/advisory/ntap-20190321-0003/
• http://www.securityfocus.com/bid/106037
• http://www.securitytracker.com/id/1042174
• https://usn.ubuntu.com/4416-1/
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-19591
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BO7WHN52GFMC5F2I2232GFIPSSXWFV7G/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52KE4YR3GNMHQUOS3DKAGZD5TQ5D5UH/
• https://sourceware.org/git/?p=glibc.git%3Ba=blob_plain%3Bf=NEWS%3Bhb=HEAD
• https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=d527c860f5a3f0ed687bd03f0cb464612dc23408

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.

Remediation

Upgrade Debian:unstable glibc to version 2.37-11 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-5156
• https://access.redhat.com/security/cve/CVE-2023-5156
• https://bugzilla.redhat.com/show_bug.cgi?id=2240541
• https://sourceware.org/bugzilla/show_bug.cgi?id=30884
• https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ec6b95c3303c700eb89eebeda2d7264cc184a796
• http://www.openwall.com/lists/oss-security/2023/10/03/4
• http://www.openwall.com/lists/oss-security/2023/10/03/5
• http://www.openwall.com/lists/oss-security/2023/10/03/6
• http://www.openwall.com/lists/oss-security/2023/10/03/8
• https://security.gentoo.org/glsa/202402-01

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.

Remediation

Upgrade Debian:unstable glibc to version 2.33-4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2021-3998
• https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=84d2d0fe20bdf94feed82b21b4d7d136db471f03
• https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ee8d5e33adb284601c00c94687bc907e10aec9bb
• https://access.redhat.com/security/cve/CVE-2021-3998
• https://bugzilla.redhat.com/show_bug.cgi?id=2024633
• https://security.netapp.com/advisory/ntap-20221020-0003/
• https://sourceware.org/bugzilla/show_bug.cgi?id=28770
• https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=84d2d0fe20bdf94feed82b21b4d7d136db471f03
• https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Bh=ee8d5e33adb284601c00c94687bc907e10aec9bb
• https://www.openwall.com/lists/oss-security/2022/01/24/4

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.

Remediation

Upgrade Debian:unstable glibc to version 2.37-15 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-6779
• http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
• http://seclists.org/fulldisclosure/2024/Feb/3
• https://access.redhat.com/security/cve/CVE-2023-6779
• https://bugzilla.redhat.com/show_bug.cgi?id=2254395
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2FIH77VHY3KCRROCXOT6L27WMZXSJ2G/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWQ6BZJ6CV5UAW4VZSKJ6TO4KIW2KWAQ/
• https://security.gentoo.org/glsa/202402-01
• https://www.openwall.com/lists/oss-security/2024/01/30/6
• https://security.netapp.com/advisory/ntap-20240223-0006/
• https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt