{"id":12734,"date":"2016-04-26T17:00:39","date_gmt":"2016-04-26T09:00:39","guid":{"rendered":"https:\/\/www.deepin.org\/?p=9814"},"modified":"2017-08-31T10:41:35","modified_gmt":"2017-08-31T02:41:35","slug":"security-updates%ef%bc%88dsa-3548-1-dsa-3549-1-dsa-3550-1%ef%bc%89","status":"publish","type":"post","link":"https:\/\/www.deepin.org.cn\/en\/security-updates%ef%bc%88dsa-3548-1-dsa-3549-1-dsa-3550-1%ef%bc%89\/","title":{"rendered":"Security Updates\uff08DSA-3548-1 &#038;DSA-3549-1 &#038;DSA-3550-1\uff09"},"content":{"rendered":"The security updates of samba, chromium-browser and openssh.<\/p>\n<p>&nbsp;<\/p>\n<h2>Vulnerability Information<\/h2>\n<p><strong>DSA-3548-1 samba\u2014 Security Update<\/strong><\/p>\n<p>Security database details:<\/p>\n<ul>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2015-5370\">CVE-2015-5370<\/a>: Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to denial of service (crashes and high cpu consumption) and man-in-the-middle attacks.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-2110\">CVE-2016-2110<\/a>: Stefan Metzmacher of SerNet and the Samba Team discovered that the feature negotiation of NTLMSSP does not protect against downgrade attacks.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-2111\">CVE-2016-2111<\/a>: When Samba is configured as domain controller, it allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information. This flaw corresponds to the same vulnerability as CVE-2015-0005 for Windows, discovered by Alberto Solino from Core Security.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-2112\">CVE-2016-2112<\/a>: Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can downgrade LDAP connections to avoid integrity protection.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-2113\">CVE-2016-2113<\/a>: Stefan Metzmacher of SerNet and the Samba Team discovered that man-in-the-middle attacks are possible for client triggered LDAP connections and ncacn_http connections.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-2114\">CVE-2016-2114<\/a>: Stefan Metzmacher of SerNet and the Samba Team discovered that Samba does not enforce required smb signing even if explicitly configured.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-2115\" target=\"_blank\">CVE-2016-2115<\/a>: Stefan Metzmacher of SerNet and the Samba Team discovered that SMB connections for IPC traffic are not integrity-protected.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-2118\" target=\"_blank\">CVE-2016-2118<\/a>: Stefan Metzmacher of SerNet and the Samba Team discovered that a man-in-the-middle attacker can intercept any DCERPC traffic between a client and a server in order to impersonate the client and obtain the same privileges as the authenticated user account.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>DSA-3549-1 chromium-browser\u2014 Security Update<\/strong><\/p>\n<p>Security database details:<\/p>\n<ul>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1651\" target=\"_blank\">CVE-2016-1651<\/a>: An out-of-bounds read issue was discovered in the pdfium library.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1652\" target=\"_blank\">CVE-2016-1652<\/a>: A cross-site scripting issue was discovered in extension bindings.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1653\" target=\"_blank\">CVE-2016-1653<\/a>: Choongwoo Han discovered an out-of-bounds write issue in the v8 javascript library.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1654\" target=\"_blank\">CVE-2016-1654<\/a>: Atte Kettunen discovered an uninitialized memory read condition.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1655\" target=\"_blank\">CVE-2016-1655<\/a>: Rob Wu discovered a use-after-free issue related to extensions.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1657\" target=\"_blank\">CVE-2016-1657<\/a>: Luan Herrera discovered a way to spoof URLs.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1658\" target=\"_blank\">CVE-2016-1658<\/a>: Antonio Sanso discovered an information leak related to extensions.<\/li>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2016-1659\" target=\"_blank\">CVE-2016-1659<\/a>: The chrome development team found and fixed various issues during internal auditing.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>DSA-3550-1 openssh\u2014 Security Update<\/strong><\/p>\n<p>Security database details:<\/p>\n<ul>\n<li><a href=\"https:\/\/security-tracker.debian.org\/tracker\/CVE-2015-8325\" target=\"_blank\">CVE-2015-8325<\/a>: Shayan Sadigh discovered a vulnerability in OpenSSH: If PAM support is enabled and the sshd PAM configuration is configured to read userspecified environment variables and the UseLogin option is enabled, a local user may escalate her privileges to root.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2>Fixing Status<\/h2>\n<p>samba security vulnerabilities have been fixed in version 2:4.3.7+dfsg-1; chromium-browser security vulnerabilities have been fixed in version 50.0.2661.75-1; openssh security vulnerabilities have been fixed in version 1:7.2p2-3.<\/p>\n<p>We recommend that you upgrade the system to obtain the patches to fix the vulnerabilities.","protected":false},"excerpt":{"rendered":"<p>The security updates of samba, chromium-browser and openssh. &nbsp; Vulnerability Information DSA-3548-1 samba\u2014 Security Update Security database details: CVE-2015-5370: Jouni Knuutinen from Synopsys discovered flaws in the Samba DCE-RPC code which can lead to denial of service (crashes and high cpu consumption) and man-in-the-middle attacks. CVE-2016-2110: Stefan Metzmacher of SerNet and the Samba Team discovered that the feature negotiation of NTLMSSP does not protect against downgrade attacks. CVE-2016-2111: When Samba is configured as domain controller, it allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information. This flaw corresponds to the same ...<a href=https:\/\/www.deepin.org.cn\/en\/security-updates%ef%bc%88dsa-3548-1-dsa-3549-1-dsa-3550-1%ef%bc%89\/>Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":12741,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[75],"tags":[],"_links":{"self":[{"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/posts\/12734"}],"collection":[{"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/comments?post=12734"}],"version-history":[{"count":9,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/posts\/12734\/revisions"}],"predecessor-version":[{"id":25288,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/posts\/12734\/revisions\/25288"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/media?parent=12734"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/categories?post=12734"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.deepin.org.cn\/en\/wp-json\/wp\/v2\/tags?post=12734"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}