4 Debian package update(s) for hexagon.federez.net - Monitoring

6 Jan 2016

apticron report [Wed, 06 Jan 2016 09:48:18 +0100]
========================================================================
apticron has detected that some packages need upgrading on:
        hexagon.federez.net
        [ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ]
The following packages are currently pending an upgrade:
        git 1:2.1.4-2.1+deb8u1
        git-man 1:2.1.4-2.1+deb8u1
        linux-image-3.16.0-4-amd64 3.16.7-ckt20-1+deb8u2
        linux-libc-dev 3.16.7-ckt20-1+deb8u2
========================================================================
Package Details:
Lecture des fichiers de modifications (« changelog »)...
--- Modifications pour git (git git-man) ---
git (1:2.1.4-2.1+deb8u1) jessie-security; urgency=high
  * Non-maintainer upload by the Security Team.
  * Fix CVE-2015-7545, arbitrary code execution issues via URLs with:
    - 01-CVE-2015-7545-1.patch: add a protocol-whitelist environment
      variable
    - 02-CVE-2015-7545-2.patch: allow only certain protocols for submodule
      fetches
    - 03-CVE-2015-7545-3.patch: refactor protocol whitelist code
    - 04-CVE-2015-7545-4.patch: limit redirection to protocol-whitelist
    - 05-CVE-2015-7545-5.patch: limit redirection depth
   * Make new tests executable.
 -- Laszlo Boszormenyi (GCS) &lt;gcs(a)debian.org&gt;  Wed, 16 Dec 2015 08:24:37 +0000
--- Modifications pour linux (linux-image-3.16.0-4-amd64 linux-libc-dev) ---
linux (3.16.7-ckt20-1+deb8u2) jessie-security; urgency=medium
  * [xen] Fix race conditions in back-end drivers (CVE-2015-8550, XSA-155)
  * [xen] pciback: Fix state validation in MSI control operations
    (CVE-2015-8551, CVE-2015-8852, XSA-157)
  * pptp: verify sockaddr_len in pptp_bind() and pptp_connect() (CVE-2015-8569)
  * bluetooth: Validate socket address length in sco_sock_bind() (CVE-2015-8575)
  * ptrace: being capable wrt a process requires mapped uids/gids
    (CVE-2015-8709)
  * KEYS: Fix race between read and revoke (CVE-2015-7550)
  * [x86] KVM: Reload pit counters for all channels when restoring state
    (CVE-2015-7513)
  * udp: properly support MSG_PEEK with truncated buffers
    (Closes: #808293, regression in 3.16.7-ckt17)
  * Revert "xhci: don't finish a TD if we get a short transfer event mid TD"
    (Closes: #808602, #808953, regression in 3.16.7-ckt20)
 -- Ben Hutchings &lt;ben(a)decadent.org.uk&gt;  Sat, 02 Jan 2016 03:31:39 +0000
========================================================================
You can perform the upgrade by issuing the command:
        apt-get dist-upgrade
as root on hexagon.federez.net
--
apticron