Debian Stretch Openstack images changelog 9.1.5-20170910 Updates in 2 source package(s), 10 binary package(s): Source bind9, binaries: libdns-export162:amd64 libisc-export160:amd64 libdns-export162:arm64 libisc-export160:arm64 bind9 (1:9.10.3.dfsg.P4-12.3+deb9u3) stretch; urgency=medium [ Bernhard Schmidt ] * Import upcoming DNSSEC KSK-2017 from 9.10.5 [ Ondřej Surý ] * Non-maintainer upload. Source file, binaries: file:amd64 libmagic-mgc:amd64 libmagic1:amd64 file:arm64 libmagic-mgc:arm64 libmagic1:arm64 file (1:5.30-1+deb9u1) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2017-1000249: stack based buffer overflow via specially crafted .notes section in an ELF binary -- Steve McIntyre <93sam@debian.org> Sun, 10 Sep 2017 23:31:48 +0100 9.1.4-20170830 Updates in 1 source package(s), 2 binary package(s): Source libgcrypt20, binaries: libgcrypt20:amd64 libgcrypt20:arm64 libgcrypt20 (1.7.6-2+deb9u2) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * ecc: Add input validation for X25519 [CVE-2017-0379] Mitigate a local side-channel attack on Curve25519 dubbed "May the Fourth be With You". (Closes: #873383) -- Steve McIntyre <93sam@debian.org> Wed, 30 Aug 2017 22:37:52 +0100 9.1.3-20170825 Updates in 1 source package(s), 2 binary package(s): Source libxml2, binaries: libxml2:amd64 libxml2:arm64 libxml2 (2.9.4+dfsg1-2.2+deb9u1) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * Increase buffer space for port in HTTP redirect support (CVE-2017-7376) Incorrect limit was used for port values. (Closes: #870865) * Prevent unwanted external entity reference (CVE-2017-7375) Missing validation for external entities in xmlParsePEReference. (Closes: #870867) * Fix handling of parameter-entity references (CVE-2017-9049, CVE-2017-9050) - Heap-based buffer over-read in function xmlDictComputeFastKey (CVE-2017-9049). - Heap-based buffer over-read in function xmlDictAddString (CVE-2017-9050). (Closes: #863019, #863018) * Fix buffer size checks in xmlSnprintfElementContent (CVE-2017-9047, CVE-2017-9048) - Buffer overflow in function xmlSnprintfElementContent (CVE-2017-9047). - Stack-based buffer overflow in function xmlSnprintfElementContent (CVE-2017-9048). (Closes: #863022, #863021) * Fix type confusion in xmlValidateOneNamespace (CVE-2017-0663) Heap buffer overflow in xmlAddID. (Closes: #870870) -- Steve McIntyre <93sam@debian.org> Fri, 25 Aug 2017 18:22:11 +0100 9.1.2-20170822 Updates in 2 source package(s), 4 binary package(s): Source linux, binaries: linux-image-4.9.0-3-amd64:amd64 linux-image-4.9.0-3-arm64:arm64 linux (4.9.30-2+deb9u3) stretch-security; urgency=high * [x86] drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() (CVE-2017-7346) * rxrpc: Fix several cases where a padded len isn't checked in ticket decode (CVE-2017-7482) * brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (CVE-2017-7541) * ipv6: avoid overflow of offset in ip6_find_1stfragopt (CVE-2017-7542) * [x86] drm/vmwgfx: Make sure backup_handle is always valid (CVE-2017-9605) * drm/virtio: don't leak bo on drm_gem_object_init failure (CVE-2017-10810) * xen-blkback: don't leak stack data via response ring (CVE-2017-10911) * mqueue: fix a use-after-free in sys_mq_notify() (CVE-2017-11176) * fs/exec.c: account for argv/envp pointers (CVE-2017-1000365) * dentry name snapshots (CVE-2017-7533) Source qemu, binaries: qemu-utils:amd64 qemu-utils:arm64 qemu (1:2.8+dfsg-6+deb9u2) stretch-security; urgency=high * actually apply the nbd server patches, not only include in debian/patches/ Really closes: #865755, CVE-2017-9524 * slirp-check-len-against-dhcp-options-array-end-CVE-2017-11434.patch Closes: #869171, CVE-2017-11434 * exec-use-qemu_ram_ptr_length-to-access-guest-ram-CVE-2017-11334.patch Closes: #869173, CVE-2017-11334 * usb-redir-fix-stack-overflow-in-usbredir_log_data-CVE-2017-10806.patch Closes: #867751, CVE-2017-10806 * add reference to #869706 to xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch * disable xhci recursive calls fix for now, as it causes instant crash (xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch) Reopens: #864219, CVE-2017-9375 Closes: #869945 qemu (1:2.8+dfsg-6+deb9u1) stretch-security; urgency=high * net-e1000e-fix-an-infinite-loop-issue-CVE-2017-9310.patch Closes: #863840, CVE-2017-9310 * usb-ohci-fix-error-return-code-in-servicing-iso-td-CVE-2017-9330.patch Closes: #863943, CVE-2017-9330 * ide-ahci-call-cleanup-function-in-ahci-unit-CVE-2017-9373.patch Closes: #864216, CVE-2017-9373 * xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch Closes: #864219, CVE-2017-9375 * usb-ehci-fix-memory-leak-in-ehci-CVE-2017-9374.patch Closes: #864568, CVE-2017-9374 * nbd-ignore-SIGPIPE-CVE-2017-10664.patch Closes: #866674, CVE-2017-10664 * nbd-fully-initialize-client-in-case-of-failed-negotiation-CVE-2017-9524.patch nbd-fix-regression-on-resiliency-to-port-scan-CVE-2017-9524.patch Closes: #865755, CVE-2017-9524 * xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch Closes: CVE-2017-10911 -- Steve McIntyre <93sam@debian.org> Wed, 23 Aug 2017 02:07:42 +0100 9.1.1-20170725 Updates in 2 source package(s), 6 binary package(s): Source qemu, binaries: qemu-utils:amd64 qemu-utils:arm64 qemu (1:2.8+dfsg-6+deb9u1) stretch-security; urgency=high * net-e1000e-fix-an-infinite-loop-issue-CVE-2017-9310.patch Closes: #863840, CVE-2017-9310 * usb-ohci-fix-error-return-code-in-servicing-iso-td-CVE-2017-9330.patch Closes: #863943, CVE-2017-9330 * ide-ahci-call-cleanup-function-in-ahci-unit-CVE-2017-9373.patch Closes: #864216, CVE-2017-9373 * xhci-guard-xhci_kick_epctx-against-recursive-calls-CVE-2017-9375.patch Closes: #864219, CVE-2017-9375 * usb-ehci-fix-memory-leak-in-ehci-CVE-2017-9374.patch Closes: #864568, CVE-2017-9374 * nbd-ignore-SIGPIPE-CVE-2017-10664.patch Closes: #866674, CVE-2017-10664 * nbd-fully-initialize-client-in-case-of-failed-negotiation-CVE-2017-9524.patch nbd-fix-regression-on-resiliency-to-port-scan-CVE-2017-9524.patch Closes: #865755, CVE-2017-9524 * xen-disk-don-t-leak-stack-data-via-response-ring-CVE-2017-10911.patch Closes: CVE-2017-10911 Source bind9, binaries: libdns-export162:amd64 libisc-export160:amd64 libdns-export162:arm64 libisc-export160:arm64 bind9 (1:9.10.3.dfsg.P4-12.3+deb9u2) stretch-security; urgency=high * Non-maintainer upload by the Security Team. * debian/patches: - CVE-2017-3142_regression added, fix a regression introduced in with the correction for CVE-2017-3142. -- Steve McIntyre <93sam@debian.org> Tue, 25 Jul 2017 23:08:27 +0100 9.1.0-20170722 First build for 9.1.0 release -- Steve McIntyre <93sam@debian.org> Sun, 23 Jul 2017 00:33:34 +0100