Monitoring Mai 2015

monitoring@federez.net

9 participants
56 discussions

1 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Thu, 21 May 2015 18:44:13 +0200] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: libmodule-signature-perl 0.73-1+deb8u2 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour libmodule-signature-perl --- libmodule-signature-perl (0.73-1+deb8u2) jessie-security; urgency=high * Team upload. * Add 0001-make-skip-work-again.patch patch. Restore --skip functionality for cpansign. (Closes: #785701) -- Salvatore Bonaccorso <carnil(a)debian.org> Wed, 20 May 2015 20:36:38 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 11 mois

*** SECURITY information for baldrick.crans.org ***

par toadjaune＠baldrick.crans.org

baldrick.crans.org : May 18 02:06:27 : toadjaune : user NOT in sudoers ; TTY=pts/0 ; PWD=/home/toadjaune ; USER=root ; COMMAND=/bin/bash

9 années, 11 mois

1 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Sat, 16 May 2015 18:44:12 +0200] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: libmodule-signature-perl 0.73-1+deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour libmodule-signature-perl --- libmodule-signature-perl (0.73-1+deb8u1) jessie-security; urgency=high * Team upload. * Add CVE-2015-3406_CVE-2015-3407_CVE-2015-3408.patch patch. CVE-2015-3406: Module::Signature parses the unsigned portion of the SIGNATURE file as the signed portion due to incorrect handling of PGP signature boundaries. CVE-2015-3407: Module::Signature incorrectly handles files that are not listed in the SIGNATURE file. This includes some files in the t/ directory that would execute when tests are run. CVE-2015-3408: Module::Signature uses two argument open() calls to read the files when generating checksums from the signed manifest, allowing to embed arbitrary shell commands into the SIGNATURE file that would execute during the signature verification process. (Closes: #783451) * Add CVE-2015-3409.patch patch. CVE-2015-3409: Module::Signature incorrectly handles module loading allowing to load modules from relative paths in @INC. A remote attacker providing a malicious module could use this issue to execute arbitrary code during signature verification. (Closes: #783451) * Add Fix-signature-tests.patch patch. Fix signature tests by defaulting to verify(skip=>1) when $ENV{TEST_SIGNATURE} is true. -- Salvatore Bonaccorso <carnil(a)debian.org> Thu, 14 May 2015 12:58:30 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 11 mois

*** SECURITY information for baldrick.crans.org ***

par chirac＠baldrick.crans.org

baldrick.crans.org : May 13 23:38:17 : chirac : 2 incorrect password attempts ; TTY=pts/0 ; PWD=/home/chirac ; USER=root ; COMMAND=/bin/su

9 années, 11 mois

2 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Tue, 12 May 2015 18:44:06 +0200] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: mercurial 3.1.2-2+deb8u1 mercurial-common 3.1.2-2+deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour mercurial (mercurial mercurial-common) --- mercurial (3.1.2-2+deb8u1) jessie-security; urgency=high * Fix "CVE-2014-9462" by adding patch from_upstream__sshpeer_more_thorough_shell_quoting.patch (Closes: #783237) -- Javi Merino <vicho(a)debian.org> Fri, 01 May 2015 19:14:56 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 11 mois

1 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Mon, 11 May 2015 18:44:06 +0200] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: libtasn1-6 4.2-3+deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour libtasn1-6 --- libtasn1-6 (4.2-3+deb8u1) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * Add 20_CVE-2015-3622.diff patch. CVE-2015-3622: heap overflow flaw in _asn1_extract_der_octet(). Prevent past of boundary access in octet string decoding. -- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 09 May 2015 20:09:24 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 11 mois

1 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Thu, 07 May 2015 18:44:06 +0200] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: libsqlite3-0 3.8.7.1-1+deb8u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour sqlite3 (libsqlite3-0) --- sqlite3 (3.8.7.1-1+deb8u1) jessie-security; urgency=high * Fix CVE-2015-3414 , use of uninitialized memory when parsing collation sequences. * Fix CVE-2015-3415 , properly implement comparison operators in sqlite3VdbeExec() . * Fix CVE-2015-3416 , properly handle precision and width values during floating-point conversions in sqlite3VXPrintf() . -- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Sat, 02 May 2015 07:59:48 +0000 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 11 mois

5 Debian package update(s) for hexagon.federez.net

par root＠hexagon.federez.net

apticron report [Wed, 06 May 2015 10:48:15 +0200] ======================================================================== apticron has detected that some packages need upgrading on: hexagon.federez.net [ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ] The following packages are currently pending an upgrade: clamav 0.98.7+dfsg-0+deb7u1 clamav-base 0.98.7+dfsg-0+deb7u1 clamav-daemon 0.98.7+dfsg-0+deb7u1 clamav-freshclam 0.98.7+dfsg-0+deb7u1 libclamav6 0.98.7+dfsg-0+deb7u1 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour clamav (clamav clamav-base clamav-daemon clamav-freshclam libclamav6) --- clamav (0.98.7+dfsg-0+deb7u1) oldstable; urgency=high [ Andreas Cadhalpun ] * Fix variable name mismatch in clamav-milter.postinst in order to make preseeding work correctly. (Closes: #778445) * Drop 'XS-Testsuite: autopkgtest' from debian/control. Debhelper automatically adds the Testsuite field. This fixes the lintian warning xs-testsuite-header-in-debian-control. * Fix cleanup on purge in clamav-base.postrm. [ Sebastian Andrzej Siewior ] * Replace ” with " in debian/common_functions (Closes: #781088) * Import new upstream: - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format. - Fix infinite loop condition on crafted y0da cryptor file. Identified and patch suggested by Sebastian Andrzej Siewior. CVE-2015-2221. - Fix crash on crafted petite packed file. Reported and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2222. - Fix false negatives on files within iso9660 containers. This issue was reported by Minzhuan Gong. - Fix a couple crashes on crafted upack packed file. Identified and patches supplied by Sebastian Andrzej Siewior. - Fix a crash during algorithmic detection on crafted PE file. Identified and patch supplied by Sebastian Andrzej Siewior. - Fix an infinite loop condition on a crafted "xz" archive file. This was reported by Dimitri Kirchner and Goulven Guiheux. CVE-2015-2668. - Fix compilation error after ./configure --disable-pthreads. Reported and fix suggested by John E. Krokes. - Apply upstream patch for possible heap overflow in Henry Spencer's regex library. CVE-2015-2305 (Closes: #778406). - Fix crash in upx decoder with crafted file. Discovered and patch supplied by Sebastian Andrzej Siewior. CVE-2015-2170. - Fix segfault scanning certain HTML files. Reported with sample by Kai Risku. - Improve detections within xar/pkg files. * update GPG key used to verify releases to get uscan/get_orig.sh working again. * update symbol version for cl_retflevel due to CL_FLEVEL change. -- Sebastian Andrzej Siewior <sebastian(a)breakpoint.cc> Sat, 02 May 2015 22:35:37 +0200 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on hexagon.federez.net -- apticron

9 années, 11 mois

*** SECURITY information for baldrick.crans.org ***

par aptdater＠baldrick.crans.org

baldrick.crans.org : May 6 00:28:00 : aptdater : 1 incorrect password attempt ; TTY=pts/2 ; PWD=/var/lib/aptdater ; USER=root ; COMMAND=/usr/bin/apt-get dist-upgrade --assume-yes

9 années, 11 mois

*** SECURITY information for baldrick.crans.org ***

par aptdater＠baldrick.crans.org

baldrick.crans.org : May 6 00:22:54 : aptdater : 1 incorrect password attempt ; TTY=pts/2 ; PWD=/var/lib/aptdater ; USER=root ; COMMAND=/usr/bin/apt-get dist-upgrade --assume-yes

9 années, 11 mois

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

Monitoring Mai 2015