Tag Archives: privilege escalation

Privilege escalation via eBPF in Linux 4.9 and beyond

Post Syndicated from jake original https://lwn.net/Articles/742170/rss

Jann Horn has reported eight bugs in the
eBPF verifier, one for the 4.9 kernel and seven introduced in 4.14, to the
oss-security mailing list. Some
of these bugs result in eBPF programs being able to read and write arbitrary
kernel memory, thus can be used for a variety of ill effects, including
privilege escalation. As Ben Hutchings notes,
one mitigation would be to disable unprivileged access to BPF using the
following sysctl:
kernel.unprivileged_bpf_disabled=1. More information can also be found
in this Project
Zero bug entry
. The fixes are not yet in the mainline tree, but are in
the netdev tree. Hutchings goes on to say: “There is a public
exploit that uses several of these bugs to get root privileges. It doesn’t
work as-is on stretch [Debian 9] with the Linux 4.9 kernel, but is easy to adapt. I
recommend applying the above mitigation as soon as possible to all systems
running Linux 4.4 or later.

Winpayloads – Undetectable Windows Payload Generation

Post Syndicated from Darknet original http://feedproxy.google.com/~r/darknethackers/~3/y3Szx2PyNH4/

Winpayloads is a tool to provide undetectable Windows payload generation with some extras running on Python 2.7. It provides persistence, privilege escalation, shellcode invocation and much more. Features UACBypass – PowerShellEmpire PowerUp – PowerShellEmpire Invoke-Shellcode Invoke-Mimikatz Invoke-EventVwrBypass Persistence – Adds payload…

Read the full post at darknet.org.uk

Join Us at the 10th Annual Hadoop Summit / DataWorks Summit, San Jose (Jun 13-15)

Post Syndicated from mikesefanov original https://yahooeng.tumblr.com/post/160966148886

yahoohadoop:

image

We’re excited to co-host the 10th Annual Hadoop Summit, the leading conference for the Apache Hadoop community, taking place on June 13 – 15 at the San Jose Convention Center. In the last few years, the Hadoop Summit has expanded to cover all things data beyond just Apache Hadoop – such as data science, cloud and operations, IoT and applications – and has been aptly renamed the DataWorks Summit. The three-day program is bursting at the seams! Here are just a few of the reasons why you cannot miss this must-attend event:

  • Familiarize yourself with the cutting edge in Apache project developments from the committers
  • Learn from your peers and industry experts about innovative and real-world use cases, development and administration tips and tricks, success stories and best practices to leverage all your data – on-premise and in the cloud – to drive predictive analytics, distributed deep-learning and artificial intelligence initiatives
  • Attend one of our more than 170 technical deep dive breakout sessions from nearly 200 speakers across eight tracks
  • Check out our keynotes, meetups, trainings, technical crash courses, birds-of-a-feather sessions, Women in Big Data and more
  • Attend the community showcase where you can network with sponsors and industry experts, including a host of startups and large companies like Microsoft, IBM, Oracle, HP, Dell EMC and Teradata

Similar to previous years, we look forward to continuing Yahoo’s decade-long tradition of thought leadership at this year’s summit. Join us for an in-depth look at Yahoo’s Hadoop culture and for the latest in technologies such as Apache Tez, HBase, Hive, Data Highway Rainbow, Mail Data Warehouse and Distributed Deep Learning at the breakout sessions below. Or, stop by Yahoo kiosk #700 at the community showcase.

Also, as a co-host of the event, Yahoo is pleased to offer a 20% discount for the summit with the code MSPO20. Register here for Hadoop Summit, San Jose, California!


DAY 1. TUESDAY June 13, 2017


12:20 – 1:00 P.M. TensorFlowOnSpark – Scalable TensorFlow Learning On Spark Clusters

Andy Feng – VP Architecture, Big Data and Machine Learning

Lee Yang – Sr. Principal Engineer

In this talk, we will introduce a new framework, TensorFlowOnSpark, for scalable TensorFlow learning, that was open sourced in Q1 2017. This new framework enables easy experimentation for algorithm designs, and supports scalable training & inferencing on Spark clusters. It supports all TensorFlow functionalities including synchronous & asynchronous learning, model & data parallelism, and TensorBoard. It provides architectural flexibility for data ingestion to TensorFlow and network protocols for server-to-server communication. With a few lines of code changes, an existing TensorFlow algorithm can be transformed into a scalable application.

2:10 – 2:50 P.M. Handling Kernel Upgrades at Scale – The Dirty Cow Story

Samy Gawande – Sr. Operations Engineer

Savitha Ravikrishnan – Site Reliability Engineer

Apache Hadoop at Yahoo is a massive platform with 36 different clusters spread across YARN, Apache HBase, and Apache Storm deployments, totaling 60,000 servers made up of 100s of different hardware configurations accumulated over generations, presenting unique operational challenges and a variety of unforeseen corner cases. In this talk, we will share methods, tips and tricks to deal with large scale kernel upgrade on heterogeneous platforms within tight timeframes with 100% uptime and no service or data loss through the Dirty COW use case (privilege escalation vulnerability found in the Linux Kernel in late 2016).

5:00 – 5:40 P.M. Data Highway Rainbow –  Petabyte Scale Event Collection, Transport, and Delivery at Yahoo

Nilam Sharma – Sr. Software Engineer

Huibing Yin – Sr. Software Engineer

This talk presents the architecture and features of Data Highway Rainbow, Yahoo’s hosted multi-tenant infrastructure which offers event collection, transport and aggregated delivery as a service. Data Highway supports collection from multiple data centers & aggregated delivery in primary Yahoo data centers which provide a big data computing cluster. From a delivery perspective, Data Highway supports endpoints/sinks such as HDFS, Storm and Kafka; with Storm & Kafka endpoints tailored towards latency sensitive consumers.


DAY 2. WEDNESDAY June 14, 2017


9:05 – 9:15 A.M. Yahoo General Session – Shaping Data Platform for Lasting Value

Sumeet Singh  – Sr. Director, Products

With a long history of open innovation with Hadoop, Yahoo continues to invest in and expand the platform capabilities by pushing the boundaries of what the platform can accomplish for the entire organization. In the last 11 years (yes, it is that old!), the Hadoop platform has shown no signs of giving up or giving in. In this talk, we explore what makes the shared multi-tenant Hadoop platform so special at Yahoo.

12:20 – 1:00 P.M. CaffeOnSpark Update – Recent Enhancements and Use Cases

Mridul Jain – Sr. Principal Engineer

Jun Shi – Principal Engineer

By combining salient features from deep learning framework Caffe and big-data frameworks Apache Spark and Apache Hadoop, CaffeOnSpark enables distributed deep learning on a cluster of GPU and CPU servers. We released CaffeOnSpark as an open source project in early 2016, and shared its architecture design and basic usage at Hadoop Summit 2016. In this talk, we will update audiences about the recent development of CaffeOnSpark. We will highlight new features and capabilities: unified data layer which multi-label datasets, distributed LSTM training, interleave testing with training, monitoring/profiling framework, and docker deployment.

12:20 – 1:00 P.M. Tez Shuffle Handler – Shuffling at Scale with Apache Hadoop

Jon Eagles – Principal Engineer  

Kuhu Shukla – Software Engineer

In this talk we introduce a new Shuffle Handler for Tez, a YARN Auxiliary Service, that addresses the shortcomings and performance bottlenecks of the legacy MapReduce Shuffle Handler, the default shuffle service in Apache Tez. The Apache Tez Shuffle Handler adds composite fetch which has support for multi-partition fetch to mitigate performance slow down and provides deletion APIs to reduce disk usage for long running Tez sessions. As an emerging technology we will outline future roadmap for the Apache Tez Shuffle Handler and provide performance evaluation results from real world jobs at scale.

2:10 – 2:50 P.M. Achieving HBase Multi-Tenancy with RegionServer Groups and Favored Nodes

Thiruvel Thirumoolan – Principal Engineer

Francis Liu – Sr. Principal Engineer

At Yahoo! HBase has been running as a hosted multi-tenant service since 2013. In a single HBase cluster we have around 30 tenants running various types of workloads (ie batch, near real-time, ad-hoc, etc). We will walk through multi-tenancy features explaining our motivation, how they work as well as our experiences running these multi-tenant clusters. These features will be available in Apache HBase 2.0.

2:10 – 2:50 P.M. Data Driving Yahoo Mail Growth and Evolution with a 50 PB Hadoop Warehouse

Nick Huang – Director, Data Engineering, Yahoo Mail  

Saurabh Dixit – Sr. Principal Engineer, Yahoo Mail

Since 2014, the Yahoo Mail Data Engineering team took on the task of revamping the Mail data warehouse and analytics infrastructure in order to drive the continued growth and evolution of Yahoo Mail. Along the way we have built a 50 PB Hadoop warehouse, and surrounding analytics and machine learning programs that have transformed the way data plays in Yahoo Mail. In this session we will share our experience from this 3 year journey, from the system architecture, analytics systems built, to the learnings from development and drive for adoption.

DAY3. THURSDAY June 15, 2017


2:10 – 2:50 P.M. OracleStore – A Highly Performant RawStore Implementation for Hive Metastore

Chris Drome – Sr. Principal Engineer  

Jin Sun – Principal Engineer

Today, Yahoo uses Hive in many different spaces, from ETL pipelines to adhoc user queries. Increasingly, we are investigating the practicality of applying Hive to real-time queries, such as those generated by interactive BI reporting systems. In order for Hive to succeed in this space, it must be performant in all aspects of query execution, from query compilation to job execution. One such component is the interaction with the underlying database at the core of the Metastore. As an alternative to ObjectStore, we created OracleStore as a proof-of-concept. Freed of the restrictions imposed by DataNucleus, we were able to design a more performant database schema that better met our needs. Then, we implemented OracleStore with specific goals built-in from the start, such as ensuring the deduplication of data. In this talk we will discuss the details behind OracleStore and the gains that were realized with this alternative implementation. These include a reduction of 97%+ in the storage footprint of multiple tables, as well as query performance that is 13x faster than ObjectStore with DirectSQL and 46x faster than ObjectStore without DirectSQL.

3:00 P.M. – 3:40 P.M. Bullet – A Real Time Data Query Engine

Akshai Sarma – Sr. Software Engineer

Michael Natkovich – Director, Engineering

Bullet is an open sourced, lightweight, pluggable querying system for streaming data without a persistence layer implemented on top of Storm. It allows you to filter, project, and aggregate on data in transit. It includes a UI and WS. Instead of running queries on a finite set of data that arrived and was persisted or running a static query defined at the startup of the stream, our queries can be executed against an arbitrary set of data arriving after the query is submitted. In other words, it is a look-forward system. Bullet is a multi-tenant system that scales independently of the data consumed and the number of simultaneous queries. Bullet is pluggable into any streaming data source. It can be configured to read from systems such as Storm, Kafka, Spark, Flume, etc. Bullet leverages Sketches to perform its aggregate operations such as distinct, count distinct, sum, count, min, max, and average.

3:00 P.M. – 3:40 P.M. Yahoo – Moving Beyond Running 100% of Apache Pig Jobs on Apache Tez

Rohini Palaniswamy – Sr. Principal Engineer

Last year at Yahoo, we spent great effort in scaling, stabilizing and making Pig on Tez production ready and by the end of the year retired running Pig jobs on Mapreduce. This talk will detail the performance and resource utilization improvements Yahoo achieved after migrating all Pig jobs to run on Tez. After successful migration and the improved performance we shifted our focus to addressing some of the bottlenecks we identified and new optimization ideas that we came up with to make it go even faster. We will go over the new features and work done in Tez to make that happen like custom YARN ShuffleHandler, reworking DAG scheduling order, serialization changes, etc. We will also cover exciting new features that were added to Pig for performance such as bloom join and byte code generation.

4:10 P.M. – 4:50 P.M. Leveraging Docker for Hadoop Build Automation and Big Data Stack Provisioning

Evans Ye,  Software Engineer

Apache Bigtop as an open source Hadoop distribution, focuses on developing packaging, testing and deployment solutions that help infrastructure engineers to build up their own customized big data platform as easy as possible. However, packages deployed in production require a solid CI testing framework to ensure its quality. Numbers of Hadoop component must be ensured to work perfectly together as well. In this presentation, we’ll talk about how Bigtop deliver its containerized CI framework which can be directly replicated by Bigtop users. The core revolution here are the newly developed Docker Provisioner that leveraged Docker for Hadoop deployment and Docker Sandbox for developer to quickly start a big data stack. The content of this talk includes the containerized CI framework, technical detail of Docker Provisioner and Docker Sandbox, a hierarchy of docker images we designed, and several components we developed such as Bigtop Toolchain to achieve build automation.

Register here for Hadoop Summit, San Jose, California with a 20% discount code MSPO20

Questions? Feel free to reach out to us at [email protected] Hope to see you there!

WikiLeaks Releases CIA Hacking Tools

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/03/wikileaks_relea.html

WikiLeaks just released a cache of 8,761 classified CIA documents from 2012 to 2016, including details of its offensive Internet operations.

I have not read through any of them yet. If you see something interesting, tell us in the comments.

EDITED TO ADD: There’s a lot in here. Many of the hacking tools are redacted, with the tar files and zip archives replaced with messages like:

::: THIS ARCHIVE FILE IS STILL BEING EXAMINED BY WIKILEAKS. :::

::: IT MAY BE RELEASED IN THE NEAR FUTURE. WHAT FOLLOWS IS :::
::: AN AUTOMATICALLY GENERATED LIST OF ITS CONTENTS: :::

Hopefully we’ll get them eventually. The documents say that the CIA — and other intelligence services — can bypass Signal, WhatsApp and Telegram. It seems to be by hacking the end-user devices and grabbing the traffic before and after encryption, not by breaking the encryption.

New York Times article.

EDITED TO ADD: Some details from The Guardian:

According to the documents:

  • CIA hackers targeted smartphones and computers.
  • The Center for Cyber Intelligence is based at the CIA headquarters in Virginia but it has a second covert base in the US consulate in Frankfurt which covers Europe, the Middle East and Africa.
  • A programme called Weeping Angel describes how to attack a Samsung F8000 TV set so that it appears to be off but can still be used for monitoring.

I just noticed this from the WikiLeaks page:

Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized “zero day” exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.

So it sounds like this cache of documents wasn’t taken from the CIA and given to WikiLeaks for publication, but has been passed around the community for a while — and incidentally some part of the cache was passed to WikiLeaks. So there are more documents out there, and others may release them in unredacted form.

Wired article. Slashdot thread. Two articles from the Washington Post.

EDITED TO ADD: This document talks about Comodo version 5.X and version 6.X. Version 6 was released in Feb 2013. Version 7 was released in Apr 2014. This gives us a time window of that page, and the cache in general. (WikiLeaks says that the documents cover 2013 to 2016.)

If these tools are a few years out of date, it’s similar to the NSA tools released by the “Shadow Brokers.” Most of us thought the Shadow Brokers were the Russians, specifically releasing older NSA tools that had diminished value as secrets. Could this be the Russians as well?

EDITED TO ADD: Nicholas Weaver comments.

EDITED TO ADD (3/8): These documents are interesting:

The CIA’s hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a “fingerprint” that can be used by forensic investigators to attribute multiple different attacks to the same entity.

This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible. As soon one murder in the set is solved then the other murders also find likely attribution.

The CIA’s Remote Devices Branch‘s UMBRAGE group collects and maintains a substantial library of attack techniques ‘stolen’ from malware produced in other states including the Russian Federation.

With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the “fingerprints” of the groups that the attack techniques were stolen from.

UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques.

This is being spun in the press as the CIA is pretending to be Russia. I’m not convinced that the documents support these allegations. Can someone else look at the documents. I don’t like my conclusion that WikiLeaks is using this document dump as a way to push their own bias.

Ancient local privilege escalation vulnerability in the kernel announced

Post Syndicated from jake original https://lwn.net/Articles/715429/rss

Andrey Konovalov has announced the discovery and fix of a local privilege escalation in the Linux kernel. Using the syzkaller fuzzer (which LWN looked at around one year ago), he found a double-free in the Datagram Congestion Control Protocol (DCCP) implementation that goes back to at least September 2006 (2.6.18), but probably all the way back to the introduction of DCCP in October 2005 (2.6.14). “[At] this point we have a use-after-free on some_object. An attacker can
control what object that would be and overwrite it’s content with
arbitrary data by using some of the kernel heap spraying techniques.
If the overwritten object has any triggerable function pointers, an
attacker gets to execute arbitrary code within the kernel.

I’ll publish an exploit in a few days, giving people time to update.”

Monday’s security advisories

Post Syndicated from jake original https://lwn.net/Articles/715034/rss

Debian-LTS has updated gst-plugins-bad0.10 (two vulnerabilities), gst-plugins-base0.10 (two vulnerabilities), gst-plugins-good0.10 (two vulnerabilities), gst-plugins-ugly0.10 (two vulnerabilities),
and wireshark (denial of service).

Fedora has updated bind (F24:
denial of service), python-peewee (F25; F24:
largely unspecified), sshrc (F25:
unspecified), and zoneminder (F25;
F24: information disclosure).

Gentoo has updated glibc (multiple vulnerabilities,
most from 2014 and 2015), mupdf (three
vulnerabilities), and ntfs3g (privilege escalation).

Mageia has updated gnutls (multiple vulnerabilities),
gtk-vnc (two vulnerabilities), iceape (multiple vulnerabilities), jitsi (user spoofing), libarchive (denial of service), libgd (multiple vulnerabilities), lynx (URL spoofing), mariadb (multiple vulnerabilities, almost all unspecified), netpbm (multiple vulnerabilities), openjpeg2 (multiple vulnerabilities), tomcat (information disclosure), and viewvc (cross-site scripting).

openSUSE has updated chromium
(42.2, 42.1: multiple vulnerabilities), firebird
(42.2, 42.1: access restriction bypass), java-1_7_0-openjdk (42.2, 42.1: multiple vulnerabilities), mcabber (42.2: user spoofing), mupdf (42.2, 42.1: multiple vulnerabilities), open-vm-tools (42.1: CVE with no description
from 2015), opus (42.2, 42.1: code
execution), tiff (42.2, 42.1: code
execution), and vim (42.1: code execution).

Red Hat has updated openssl
(RHEL7&6: two vulnerabilities).

Scientific Linux has updated openssl (SL7&6: two vulnerabilities).

SUSE has updated kernel (SLE12: denial of service) and kernel (SLE11:
multiple vulnerabilities, some from 2004, 2012, and 2015).

Ubuntu has updated python-crypto
(16.10, 16.04, 14.04: regression in previous update).

Friday’s security updates

Post Syndicated from jake original https://lwn.net/Articles/713554/rss

Arch Linux has updated qt5-webengine (multiple vulnerabilities) and tcpdump (multiple vulnerabilities).

CentOS has updated thunderbird (C7; C6; C5: multiple vulnerabilities).

Debian-LTS has updated ntfs-3g
(privilege escalation) and svgsalamander
(server-side request forgery).

Fedora has updated openldap (F25:
unintended cipher usage from 2015), and wavpack (F25: multiple vulnerabilities).

Mageia has updated openafs
(information leak) and pdns-recursor
(denial of service).

openSUSE has updated java-1_8_0-openjdk (42.2, 42.1: multiple vulnerabilities),
mupdf (42.2; 42.1: three vulnerabilities), phpMyAdmin (42.2, 42.1: multiple vulnerabilities, one from 2015),
and Wireshark (42.2: two denial of service flaws).

Oracle has updated thunderbird (OL7; OL6: multiple vulnerabilities).

Scientific Linux has updated libtiff (SL7&6: multiple vulnerabilities, one from 2015) and thunderbird (multiple vulnerabilities).

Ubuntu has updated kernel (16.10; 14.04;
12.04: multiple vulnerabilities), kernel, linux-raspi2, linux-snapdragon (16.04:
two vulnerabilities), linux-lts-trusty
(12.04: code execution), linux-lts-xenial
(14.04: two vulnerabilities), and tomcat
(14.04, 12.04: regression in previous update).

Thursday’s security advisories

Post Syndicated from jake original https://lwn.net/Articles/713405/rss

Debian has updated ntfs-3g
(privilege escalation).

Debian-LTS has updated openssl
(three vulnerabilities).

Fedora has updated jasper (F25:
code execution), moodle (F24: multiple vulnerabilities), and
percona-xtrabackup (F25; F24: information disclosure).

Mageia has updated libxpm (code
execution), pdns (multiple vulnerabilities), python-pycrypto (denial of service from 2013),
and wireshark (two denial of service flaws).

openSUSE has updated bzrtp (42.2,
42.1: man-in-the-middle vulnerability), firefox (42.2, 42.1: multiple vulnerabilities), nginx (42.2, 42.1; SPH
for SLE12
: denial of service), seamonkey (42.2, 42.1: code execution), and
thunderbird (42.2, 42.1; SPH for SLE12: multiple vulnerabilities).

Red Hat has updated rabbitmq-server (OSP8.0: denial of service
from 2015) and thunderbird (multiple vulnerabilities).

Ubuntu has updated gnutls26,
gnutls28
(multiple vulnerabilities), irssi (multiple vulnerabilities), iucode-tool (16.10, 16.04: code execution), libxpm (code execution), and ntfs-3g (16.10, 16.04: privilege escalation).

Security advisories for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/713266/rss

Arch Linux has updated salt (two vulnerabilities).

CentOS has updated libtiff (C7; C6: multiple vulnerabilities).

Debian has updated libgd2 (multiple vulnerabilities), ruby-archive-tar-minitar (file overwrites), and wordpress (multiple vulnerabilities).

Debian-LTS has updated ikiwiki (three vulnerabilities), libplist (two vulnerabilities), and wordpress (multiple vulnerabilities).

Gentoo has updated pcsc-lite (privilege escalation).

openSUSE has updated openssh
(42.2: multiple vulnerabilities).

Oracle has updated libtiff (OL7; OL6: multiple vulnerabilities).

Red Hat has updated libtiff
(RHEL6,7: multiple vulnerabilities).

SUSE has updated gnutls
(SLE12-SP1,2: multiple vulnerabilities) and java-1_8_0-openjdk (SLE12-SP1,2: multiple vulnerabilities).

Ubuntu has updated openssl (multiple vulnerabilities).

Security advisories for Monday

Post Syndicated from ris original https://lwn.net/Articles/713033/rss

Arch Linux has updated chromium (multiple vulnerabilities), firefox (multiple vulnerabilities), kernel (privilege escalation), lib32-openssl (three vulnerabilities), libimobiledevice (access restriction bypass), linux-lts (privilege escalation), linux-zen (privilege escalation), openssl (three vulnerabilities), and thunderbird (multiple vulnerabilities).

Debian has updated lcms2 (heap memory leak), openssl (three vulnerabilities), and tcpdump (multiple vulnerabilities).

Debian-LTS has updated bind9 (three denial of service flaws), imagemagick (multiple vulnerabilities), libgd2 (three vulnerabilities), tiff3 (invalid tiff files), and zoneminder (information leak, authentication bypass).

Fedora has updated fedmsg (F24:
insufficient signature validation), firefox
(F24: multiple vulnerabilities), flatpak
(F25: sandbox escape), ghostscript (F25; F24:
denial of service), ikiwiki (F25; F24: three vulnerabilities), libXpm (F24: code execution), mapserver (F25; F24: code execution), and pdns (F25; F24: multiple vulnerabilities).

Gentoo has updated a2ps (code
execution from 2014), ark (code execution),
chromium (multiple vulnerabilities), ffmpeg (multiple vulnerabilities), firewalld (authentication bypass), freeimage (two vulnerabilities, one from
2015), libpng (NULL dereference bug), libXpm (code execution), perl (multiple vulnerabilities, two from
2015), and squashfs-tools (two
vulnerabilities from 2015).

Mageia has updated 389-ds-base
(denial of service), libvncserver (two
vulnerabilities), mbedtls (two
vulnerabilities), nvidia-current,
ldetect-lst
(three vulnerabilities), opus (code execution), pcsc-lite (privilege escalation), python-bottle (CRLF attacks), and shadow-utils (two vulnerabilities).

openSUSE has updated gstreamer-0_10-plugins-base (42.1: code
execution), gstreamer-plugins-base (42.2:
code execution), and rabbitmq-server (42.2:
authentication bypass).

SUSE has updated gnutls
(SLE11-SP4: multiple vulnerabilities).

Ubuntu has updated firefox (multiple vulnerabilities) and thunderbird (multiple vulnerabilities).

Security advisories for Wednesday

Post Syndicated from ris original http://lwn.net/Articles/712490/rss

Debian-LTS has updated mysql-5.5
(multiple mostly unspecified vulnerabilities).

Fedora has updated audacious
(F25: multiple vulnerabilities), audacious-plugins (F25; F24:
multiple vulnerabilities), boomaga (F24:
wrong permissions), fedmsg (F25:
insufficient signature validation), groovy
(F24: code execution), pdns-recursor (F25; F24:
multiple vulnerabilities), w3m (F24:
unspecified), and xemacs-packages-extra
(F25: unspecified).

Gentoo has updated graphite2
(multiple vulnerabilities), oracle-jre-bin
(multiple vulnerabilities), and xorg-server
(three vulnerabilities, one from 2013).

Oracle has updated mysql (OL6:
two vulnerabilities), squid (OL7:
information leak), and squid34 (OL6:
information leak).

Red Hat has updated firefox
(RHEL5,6,7: multiple vulnerabilities).

Scientific Linux has updated firefox (SL5,6,7: multiple vulnerabilities).

SUSE has updated systemd
(SLE12-SP2: privilege escalation).

Ubuntu has updated icoutils
(12.04: multiple vulnerabilities).

Security advisories for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/712490/rss

Debian-LTS has updated mysql-5.5
(multiple mostly unspecified vulnerabilities).

Fedora has updated audacious
(F25: multiple vulnerabilities), audacious-plugins (F25; F24:
multiple vulnerabilities), boomaga (F24:
wrong permissions), fedmsg (F25:
insufficient signature validation), groovy
(F24: code execution), pdns-recursor (F25; F24:
multiple vulnerabilities), w3m (F24:
unspecified), and xemacs-packages-extra
(F25: unspecified).

Gentoo has updated graphite2
(multiple vulnerabilities), oracle-jre-bin
(multiple vulnerabilities), and xorg-server
(three vulnerabilities, one from 2013).

Oracle has updated mysql (OL6:
two vulnerabilities), squid (OL7:
information leak), and squid34 (OL6:
information leak).

Red Hat has updated firefox
(RHEL5,6,7: multiple vulnerabilities).

Scientific Linux has updated firefox (SL5,6,7: multiple vulnerabilities).

SUSE has updated systemd
(SLE12-SP2: privilege escalation).

Ubuntu has updated icoutils
(12.04: multiple vulnerabilities).

Security updates for Tuesday

Post Syndicated from ris original http://lwn.net/Articles/712357/rss

Debian-LTS has updated hesiod (two vulnerabilities) and tiff (multiple vulnerabilities).

Fedora has updated gd (F25; F24: two denial of service flaws) and kernel (F25; F24: privilege escalation).

Gentoo has updated adodb (two
vulnerabilities), firejail (three
vulnerabilities), icu (three
vulnerabilities), libraw (two
vulnerabilities from 2015), libwebp
(integer overflows), and t1lib (multiple
vulnerabilities from 2011).

openSUSE has updated python3-sleekxmpp (42.2: two vulnerabilities)
and virtualbox (42.2: multiple unspecified vulnerabilities).

Red Hat has updated mysql (RHEL6:
three vulnerabilities), squid (RHEL7:
information leak), and squid34 (RHEL6:
information leak).

Scientific Linux has updated java-1.8.0-openjdk (SL6,7: multiple
vulnerabilities), mysql (SL6: three
vulnerabilities), squid (SL7: information
leak), and squid34 (SL6: information leak).

Slackware has updated firefox
(multiple vulnerabilities).

Ubuntu has updated pcsc-lite (privilege escalation) and tomcat6, tomcat7, tomcat8 (multiple vulnerabilities).

Security updates for Tuesday

Post Syndicated from ris original https://lwn.net/Articles/712357/rss

Debian-LTS has updated hesiod (two vulnerabilities) and tiff (multiple vulnerabilities).

Fedora has updated gd (F25; F24: two denial of service flaws) and kernel (F25; F24: privilege escalation).

Gentoo has updated adodb (two
vulnerabilities), firejail (three
vulnerabilities), icu (three
vulnerabilities), libraw (two
vulnerabilities from 2015), libwebp
(integer overflows), and t1lib (multiple
vulnerabilities from 2011).

openSUSE has updated python3-sleekxmpp (42.2: two vulnerabilities)
and virtualbox (42.2: multiple unspecified vulnerabilities).

Red Hat has updated mysql (RHEL6:
three vulnerabilities), squid (RHEL7:
information leak), and squid34 (RHEL6:
information leak).

Scientific Linux has updated java-1.8.0-openjdk (SL6,7: multiple
vulnerabilities), mysql (SL6: three
vulnerabilities), squid (SL7: information
leak), and squid34 (SL6: information leak).

Slackware has updated firefox
(multiple vulnerabilities).

Ubuntu has updated pcsc-lite (privilege escalation) and tomcat6, tomcat7, tomcat8 (multiple vulnerabilities).

Security advisories for Monday

Post Syndicated from ris original http://lwn.net/Articles/712296/rss

CentOS has updated java-1.8.0-openjdk (C7; C6: multiple vulnerabilities).

Debian has updated libphp-swiftmailer (code execution), mariadb-10.0 (multiple mostly unspecified vulnerabilities), and openjpeg2 (multiple vulnerabilities).

Debian-LTS has updated groovy (code execution) and opus (code execution).

Fedora has updated docker-latest
(F24: privilege escalation), ed (F25:
denial of service), groovy (F25: code
execution), libnl3 (F25; F24: privilege escalation), opus (F25; F24: code
execution), qemu (F25: multiple
vulnerabilities), squid (F25: two
vulnerabilities), and webkitgtk4 (F25; F24:
multiple vulnerabilities).

Gentoo has updated DBD-mysql
(multiple vulnerabilities), dcraw (denial
of service from 2015), DirectFB (two
vulnerabilities from 2014), libupnp (two
vulnerabilities), lua (code execution from
2014), ppp (denial of service from 2015),
qemu (multiple vulnerabilities), quagga (two vulnerabilities), and zlib (multiple vulnerabilities).

Mageia has updated libpng, libpng12 (NULL dereference bug).

openSUSE has updated perl-DBD-mysql (42.2, 42.1: three vulnerabilities) and xtrabackup (42.2; 42.1: information disclosure).

Oracle has updated java-1.8.0-openjdk (OL7; OL6: multiple vulnerabilities).

SUSE has updated gstreamer-0_10-plugins-good (SLE12-SP1; SLE11-SP4: multiple vulnerabilities).

Security updates for Thursday

Post Syndicated from jake original http://lwn.net/Articles/712056/rss

CentOS has updated kernel (C7:
three vulnerabilities).

Debian has updated mapserver
(code execution).

Debian-LTS has updated libav (multiple vulnerabilities)
and mapserver (code execution).

Fedora has updated ark (F25: code
execution), chicken (F25; F24: two vulnerabilities), and runc (F25: privilege escalation).

openSUSE has updated libgit2 (42.1; SPH for
SLE12
: two vulnerabilities), openjpeg2
(42.1: multiple vulnerabilities), and v8 (42.2: code execution).

Red Hat has updated java-1.6.0-sun (multiple vulnerabilities), java-1.7.0-oracle (multiple vulnerabilities), and java-1.8.0-oracle (RHEL7&6: multiple vulnerabilities).

Slackware has updated mariadb
(multiple unspecified vulnerabilities).

Ubuntu has updated mysql-5.5,
mysql-5.7
(multiple unspecified vulnerabilities).

Wednesday’s security updates

Post Syndicated from ris original http://lwn.net/Articles/711944/rss

Arch Linux has updated webkit2gtk (multiple vulnerabilities).

CentOS has updated qemu-kvm (C7: denial of service).

Debian-LTS has updated icoutils (multiple vulnerabilities).

Fedora has updated icoutils (F25; F24:
three vulnerabilities), mingw-libgsf (F25:
denial of service), and php-PHPMailer (F24:
three vulnerabilities).

openSUSE has updated bind (42.2, 42.1; 13.2: three denial of service flaws), libgit2 (13.2: two vulnerabilities), openjpeg2 (13.2: multiple vulnerabilities), pdns (42.2, 42.1, 13.2: multiple
vulnerabilities), qemu (42.2: multiple
vulnerabilities), and squid (42.2: three
vulnerabilities, one from 2014).

Oracle has updated kernel (OL7:
three vulnerabilities) and qemu-kvm (OL7: denial of service).

Red Hat has updated docker
(RHEL7: privilege escalation), docker-latest (RHEL7: privilege escalation),
kernel (RHEL7: three vulnerabilities),
kernel-rt (RHEL7; RHEMRG2.5: three vulnerabilities), qemu-kvm (RHEL7: denial of service), and runc (RHEL7: privilege escalation).

Scientific Linux has updated kernel (SL7: three vulnerabilities) and qemu-kvm (SL7: denial of service).

SUSE has updated kernel
(SLE12-SP2: multiple vulnerabilities).

Ubuntu has updated nvidia-graphics-drivers-304 and nvidia-graphics-drivers-340 (denial of service).

Monday’s security updates

Post Syndicated from ris original http://lwn.net/Articles/711773/rss

Arch Linux has updated libgit2 (multiple vulnerabilities), nginx (privilege escalation), nginx-mainline (privilege escalation), and wordpress (multiple vulnerabilities).

Debian has updated icoutils
(three vulnerabilities), pdns (multiple
vulnerabilities), pdns-recursor (denial of
service), python-bottle (regression in
previous update), and tiff (multiple vulnerabilities).

Debian-LTS has updated botan1.10
(integer overflow), gcc-mozilla (update to
GCC 4.8), icedove (multiple
vulnerabilities), libx11 (denial of
service), otrs2 (code execution), python-bottle (regression in previous update),
wireless-regdb (radio regulations updates), and xen (two vulnerabilities).

Fedora has updated bind (F25:
three denial of service flaws), bind99
(F25: three denial of service flaws), ca-certificates (F25; F24:
certificate update), docker-latest (F25:
privilege escalation), gnutls (F24:
multiple vulnerabilities), libgit2 (F25: multiple vulnerabilities), and onionshare (F25; F24: file injection).

Gentoo has updated apache
(multiple vulnerabilities, one from 2014).

Mageia has updated golang (denial of service) and irssi (multiple vulnerabilities).

Red Hat has updated bind (RHEL7; RHEL5,6: denial of service) and bind97 (RHEL5: denial of service).

Scientific Linux has updated java-1.6.0-openjdk (SL5,6,7: multiple vulnerabilities).

SUSE has updated qemu (SLE12-SP2:
multiple vulnerabilities).

Security advisories for Friday

Post Syndicated from jake original http://lwn.net/Articles/711577/rss

Arch Linux has updated ark (code
execution), bind (multiple vulnerabilities), docker (privilege escalation), flashplugin (multiple vulnerabilities), irssi (multiple vulnerabilities), lib32-flashplugin (multiple vulnerabilities), and libvncserver (two vulnerabilities).

CentOS has updated java-1.6.0-openjdk (C7; C6; C5: multiple vulnerabilities) and kernel (three vulnerabilities).

Debian has updated rabbitmq-server (authentication bypass).

Debian-LTS has updated asterisk
(two vulnerabilities, one from 2014).

Fedora has updated docker (F25:
privilege escalation), libgit2 (F24: multiple vulnerabilities),
and pcsc-lite (F24: privilege escalation).

Gentoo has updated postgresql
(multiple vulnerabilities, two from 2015), runc (privilege escalation), and seamonkey (multiple vulnerabilities).

Mageia has updated flash-player-plugin (multiple vulnerabilities), php-ZendFramework2 (parameter injection), unzip (two vulnerabilities, one from 2014),
and webmin (largely unspecified).

Oracle has updated java-1.6.0-openjdk (OL7; OL6; OL5: multiple vulnerabilities) kernel 2.6.39 (OL6; OL5:multiple vulnerabilities), kernel
3.8.13
(OL7; OL6: multiple vulnerabilities), and kernel 4.1.12 (OL7; OL6: multiple vulnerabilities).

Red Hat has updated java-1.6.0-openjdk (multiple vulnerabilities).

Scientific Linux has updated kernel (SL6: three vulnerabilities).

Security updates for Wednesday

Post Syndicated from ris original http://lwn.net/Articles/711316/rss

Debian has updated icedove (multiple vulnerabilities).

Debian-LTS has updated tomcat7 (information disclosure).

Gentoo has updated bind (denial
of service), botan (two vulnerabilities),
c-ares (code execution), dbus (denial of service), expat (multiple vulnerabilities, one from
2012), flex (code execution), nginx (privilege escalation), ntfs3g (privilege escalation from 2015), p7zip (two code execution flaws), pgbouncer (two vulnerabilities), phpBB (two vulnerabilities), phpmyadmin (multiple vulnerabilities), vim (code execution), and vzctl (insecure ploop-based containers from 2015).

openSUSE has updated jasper
(42.2, 42.1: multiple vulnerabilities).

Oracle has updated kernel (OL6: three vulnerabilities).

Red Hat has updated flash-plugin
(RHEL6: multiple vulnerabilities), kernel
(RHEL6.7: code execution), and kernel
(RHEL6: three vulnerabilities).

SUSE has updated freeradius-server (SLE12-SP1,2: insufficient
certificate verification) and LibVNCServer
(SLE11-SP4: two vulnerabilities).

Ubuntu has updated kernel (16.10; 16.04;
14.04; 12.04: multiple vulnerabilities), linux-lts-trusty (12.04: multiple
vulnerabilities), linux-lts-xenial (14.04:
three vulnerabilities), linux-raspi2 (16.10; 16.04:
two vulnerabilities), linux-snapdragon
(16.04: two vulnerabilities), linux-ti-omap4 (12.04: two vulnerabilities),
and webkit2gtk (16.04: multiple vulnerabilities).