Bitbucket Server security advisory 2019-09-18
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 This email refers to the advisory found at https://confluence.atlassian.com/x/Czc4Og . CVE ID: * CVE-2019-15000. Product: Bitbucket Server and Bitbucket Data Center. Affected Bitbucket Server and Bitbucket Data Center product versions: version < 5.16.10 6.0.0 <= version < 6.0.10 6.1.0 <= version < 6.1.8 6.2.0 <= version < 6.2.6 6.3.0 <= version < 6.3.5 6.4.0 <= version < 6.4.3 6.5.0 <= version < 6.5.2 Fixed Bitbucket Server and Bitbucket Data Center product versions: * for 5.16.x, Bitbucket Server and Bitbucket Data Center 5.16.10 has been released with a fix for this issue. * for 6.0.x, Bitbucket Server and Bitbucket Data Center 6.0.10 has been released with a fix for this issue. * for 6.1.x, Bitbucket Server and Bitbucket Data Center 6.1.8 has been released with a fix for this issue. * for 6.2.x, Bitbucket Server and Bitbucket Data Center 6.2.6 has been released with a fix for this issue. * for 6.3.x, Bitbucket Server and Bitbucket Data Center 6.3.5 has been released with a fix for this issue. * for 6.4.x, Bitbucket Server and Bitbucket Data Center 6.4.3 has been released with a fix for this issue. * for 6.5.x, Bitbucket Server and Bitbucket Data Center 6.5.2 has been released with a fix for this issue. Summary: This advisory discloses a critical severity security vulnerability. Versions of Bitbucket Server and Bitbucket Data Center before 5.16.10 (the fixed version for 5.16.x), from version 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from version 6.1.0 before 6.1.8 (the fixed version for 6.1.x), from version 6.2.0 before 6.2.6 (the fixed version for 6.2.x), from version 6.3.0 before 6.3.5 (the fixed version for 6.3.x), from version 6.4.0 before 6.4.3 (the fixed version for 6.4.x), and from version 6.5.0 before 6.5.2 (the fixed version for 6.5.x) are affected by this vulnerability. Customers who have upgraded Bitbucket Server and Bitbucket Data Center to version 5.16.10 or 6.0.10 or 6.1.8 or 6.2.6 or 6.3.5 or 6.4.3 or 6.5.2 or 6.6.0 are not affected. Customers who have downloaded and installed Bitbucket Server and Bitbucket Data Center less than 5.16.10 (the fixed version for 5.16.x) or who have downloaded and installed Bitbucket Server and Bitbucket Data Center >= 6.0.0 but less than 6.0.10 (the fixed version for 6.0.x) or who have downloaded and installed Bitbucket Server and Bitbucket Data Center >= 6.1.0 but less than 6.1.8 (the fixed version for 6.1.x) or who have downloaded and installed Bitbucket Server and Bitbucket Data Center >= 6.2.0 but less than 6.2.6 (the fixed version for 6.2.x) or who have downloaded and installed Bitbucket Server and Bitbucket Data Center >= 6.3.0 but less than 6.3.5 (the fixed version for 6.3.x) or who have downloaded and installed Bitbucket Server and Bitbucket Data Center >= 6.4.0 but less than 6.4.3 (the fixed version for 6.4.x) or who have downloaded and installed Bitbucket Server and Bitbucket Data Center >= 6.5.0 but less than 6.5.2 (the fixed version for 6.5.x) please upgrade your Bitbucket Server and Bitbucket Data Center installations immediately to fix this vulnerability. Argument Injection - CVE-2019-15000 Severity: Atlassian rates the severity level of this vulnerability as critical, according to the scale published in our Atlassian severity levels. The scale allows us to rank the severity as critical, high, moderate or low. This is our assessment and you should evaluate its applicability to your own IT environment. Description: Bitbucket Server and Bitbucket Data Center had an argument injection vulnerability, allowing an attacker to inject additional arguments into Git commands, which could lead to remote code execution. Remote attackers can exploit this argument injection vulnerability if they are able to access a Git repository in Bitbucket Server or Bitbucket Data Center. If public access is enabled for a project or repository, then attackers are able to exploit this issue anonymously. Versions of Bitbucket Server and Bitbucket Data Center before 5.16.10 (the fixed version for 5.16.x), from version 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from version 6.1.0 before 6.1.8 (the fixed version for 6.1.x), from version 6.2.0 before 6.2.6 (the fixed version for 6.2.x), from version 6.3.0 before 6.3.5 (the fixed version for 6.3.x), from version 6.4.0 before 6.4.3 (the fixed version for 6.4.x), and from version 6.5.0 before 6.5.2 (the fixed version for 6.5.x) are affected by this vulnerability. This issue can be tracked at: https://jira.atlassian.com/browse/BSERV-11947 . Fix: To address this issue, we've released the following versions containing a fix: * Bitbucket Server and Bitbucket Data Center version 5.16.10 * Bitbucket Server and Bitbucket Data Center version 6.0.10 * Bitbucket Server and Bitbucket Data Center version 6.1.8 * Bitbucket Server and Bitbucket Data Center version 6.2.6 * Bitbucket Server and Bitbucket Data Center version 6.3.5 * Bitbucket Server and
Jira Security Advisory - 2019-09-18 - CVE-2019-15001
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 This email refers to the advisory found at https://confluence.atlassian.com/x/KkU4Og . CVE ID: * CVE-2019-15001. Product: Jira Server and Data Center. Affected Jira Server and Data Center product versions: 7.0.10 <= version < 7.6.16 7.7.0 <= version < 7.13.8 8.0.0 <= version < 8.1.3 8.2.0 <= version < 8.2.5 8.3.0 <= version < 8.3.4 8.4.0 <= version < 8.4.1 Fixed Jira Server and Data Center product versions: * for 7.6.x, Jira Server and Data Center 7.6.16 has been released with a fix for this issue. * for 7.13.x, Jira Server and Data Center 7.13.8 has been released with a fix for this issue. * for 8.1.x, Jira Server and Data Center 8.1.3 has been released with a fix for this issue. * for 8.2.x, Jira Server and Data Center 8.2.5 has been released with a fix for this issue. * for 8.3.x, Jira Server and Data Center 8.3.4 has been released with a fix for this issue. * for 8.4.x, Jira Server and Data Center 8.4.1 has been released with a fix for this issue. Summary: This advisory discloses a critical severity security vulnerability. Versions of Jira Server and Data Center starting with version 7.0.10 before 7.6.16 (the fixed version for 7.6.x), from version 7.7.0 before 7.13.8 (the fixed version for 7.13.x),from version 8.0.0 before 8.1.3 (the fixed version for 8.1.x), from version 8.2.0 before 8.2.5 (the fixed version for 8.2.x), from version 8.3.0 before 8.3.4 (the fixed version for 8.3.x), from version 8.4.0 before 8.4.1 (the fixed version for 8.4.x) are affected by this vulnerability. Customers who have upgraded Jira Server and Data Center to version 7.6.16 or 7.13.8 or 8.1.3 or 8.2.5 or 8.3.4 or 8.4.1 are not affected. Customers who have downloaded and installed Jira Server and Data Center >= 7.0.10 but less than 7.6.16 (the fixed version for 7.6.x) or who have downloaded and installed Jira Server and Data Center >= 7.7.0 but less than 7.13.8 (the fixed version for 7.13.x) or who have downloaded and installed Jira Server and Data Center >= 8.0.0 but less than 8.1.3 (the fixed version for 8.1.x) or who have downloaded and installed Jira Server and Data Center >= 8.2.0 but less than 8.2.5 (the fixed version for 8.2.x) or who have downloaded and installed Jira Server and Data Center >= 8.3.0 but less than 8.3.4 (the fixed version for 8.3.x) or who have downloaded and installed Jira Server and Data Center >= 8.4.0 but less than 8.4.1 (the fixed version for 8.4.x) please upgrade your Jira Server and Data Center installations immediately to fix this vulnerability. Template injection in Template injection in Jira Importers Plugin - CVE-2019-15001 Severity: Atlassian rates the severity level of this vulnerability as critical, according to the scale published in our Atlassian severity levels. The scale allows us to rank the severity as critical, high, moderate or low. This is our assessment and you should evaluate its applicability to your own IT environment. Description: There was a server-side template injection vulnerability in Jira Server and Data Center, in the Jira Importers Plugin (JIM). An attacker with "JIRA Administrators" access can exploit this issue. Successful exploitation of this issue allows an attacker to remotely execute code on systems that run a vulnerable version of Jira Server or Data Center. Versions of Jira Server and Data Center starting with version 7.0.10 before 7.6.16 (the fixed version for 7.6.x), from version 7.7.0 before 7.13.8 (the fixed version for 7.13.x),from version 8.0.0 before 8.1.3 (the fixed version for 8.1.x), from version 8.2.0 before 8.2.5 (the fixed version for 8.2.x), from version 8.3.0 before 8.3.4 (the fixed version for 8.3.x), from version 8.4.0 before 8.4.1 (the fixed version for 8.4.x) are affected by this vulnerability. This issue can be tracked at: https://jira.atlassian.com/browse/JRASERVER-69933 . Fix: To address this issue, we've released the following versions containing a fix: * Jira Server and Data Center version 7.6.16 * Jira Server and Data Center version 7.13.8 * Jira Server and Data Center version 8.1.3 * Jira Server and Data Center version 8.2.5 * Jira Server and Data Center version 8.3.4 * Jira Server and Data Center version 8.4.1 Remediation: Upgrade Jira Server and Data Center to version 8.4.1 or higher. The vulnerabilities and fix versions are described above. If affected, you should upgrade to the latest version immediately. If you are running Jira Server and Data Center 7.6.x and cannot upgrade to 8.4.1, upgrade to version 7.6.16. If you are running Jira Server and Data Center 7.13.x and cannot upgrade to 8.4.1, upgrade to version 7.13.8. If you are running Jira Server and Data Center 8.1.x and cannot upgrade to 8.4.1, upgrade to version 8.1.3. If you are running Jira Server and Data Center 8.2.x and cannot upgrade to 8.4.1, upgrade to version 8.2.5. If you are running Jira Server and Data Center 8.3.x and cannot upgrade to 8.4.1, upgrade to version 8.3.4. For a
[SECURITY] [DSA 4531-1] linux security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4531-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2019https://www.debian.org/security/faq - - Package: linux CVE ID : CVE-2019-14821 CVE-2019-14835 CVE-2019-15117 CVE-2019-15118 CVE-2019-15902 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-14821 Matt Delco reported a race condition in KVM's coalesced MMIO facility, which could lead to out-of-bounds access in the kernel. A local attacker permitted to access /dev/kvm could use this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation. CVE-2019-14835 Peter Pi of Tencent Blade Team discovered a missing bounds check in vhost_net, the network back-end driver for KVM hosts, leading to a buffer overflow when the host begins live migration of a VM. An attacker in control of a VM could use this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation on the host. CVE-2019-15117 Hui Peng and Mathias Payer reported a missing bounds check in the usb-audio driver's descriptor parsing code, leading to a buffer over-read. An attacker able to add USB devices could possibly use this to cause a denial of service (crash). CVE-2019-15118 Hui Peng and Mathias Payer reported unbounded recursion in the usb-audio driver's descriptor parsing code, leading to a stack overflow. An attacker able to add USB devices could use this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation. On the amd64 architecture, and on the arm64 architecture in buster, this is mitigated by a guard page on the kernel stack, so that it is only possible to cause a crash. CVE-2019-15902 Brad Spengler reported that a backporting error reintroduced a spectre-v1 vulnerability in the ptrace subsystem in the ptrace_get_debugreg() function. For the oldstable distribution (stretch), these problems have been fixed in version 4.9.189-3+deb9u1. For the stable distribution (buster), these problems have been fixed in version 4.19.67-2+deb10u1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl2K5xlfFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Sj8xAAnBGWzlmy5RyQe8VCE3kkMpwmH/00I5IFpjTbAVvyHzKVYl96YbY1YuAP ID++cBxBElWCQriwCESc5Um/BGpOMmTa3VlkXIVy6uHgwt1Hn+ZW/syFaGt0/brW eKIecVQLyZaV7OOx4Q+J9H5WN1FNKoV3BCsfUFlRqNCUtYQ46X7pN+gyytW4KbZo AEbPkEdUhv2Z6ndq8Z/OJ5cyYms+OonEt08e2qcN0Ig+qRY9l3fgSn/X3tKQiuJj jGKPkd0VYrFzfDKekcboIBZyegahReRe4k+V8I+o/acuQJGR1cV/qCGxboFFI2+s WeSUhaVixP+7HLXyRljFBdvXlAnx/IajEPG+RAVt6zZs1yK+8bVIhai5TarcwbF3 DWQZvpAeLaKgIN4x7s7xDHNJzO9Ea9fhXm/9T1AoaO3wdN2zjOYHLG3YO4TF0PpF rYY9t17uNdAuCxPeQWCciDOiNQVbEmr3+al/78m2VZcBYEI2s1E9fgQJV21rRlv+ fEavwX9OJg6GKcW9v6cyegyf4gfTvjyzIP/rcmn55hiQ9vjVNykkoNUES5Do6sTb /pSSRuUpJtEE+6LnnqbdD0E6l8SC6zgA/+Pu/7BrACxlk9bhYFmVaAwbPPEuRgrz 3d87MB8FEHu4RDGSgomb849wuAXnEVDwM034VtURUSEAXVFQ0dY= =Wqdv -END PGP SIGNATURE-
[SECURITY] [DSA 4532-1] spip security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4532-1 secur...@debian.org https://www.debian.org/security/ Sebastien Delafond September 25, 2019https://www.debian.org/security/faq - - Package: spip CVE ID : CVE-2019-16391 CVE-2019-16392 CVE-2019-16393 CVE-2019-16394 It was discovered that SPIP, a website engine for publishing, would allow unauthenticated users to modify published content and write to the database, perform cross-site request forgeries, and enumerate registered users. For the oldstable distribution (stretch), these problems have been fixed in version 3.1.4-4~deb9u3. For the stable distribution (buster), these problems have been fixed in version 3.2.4-1+deb10u1. We recommend that you upgrade your spip packages. For the detailed security status of spip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/spip Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAl2LCqsACgkQEL6Jg/PV nWTUKQf8DMA9C964jmPsK9Jb/5LusPWG/K5x0qu45xG8SqU/yY79h2plqupZ55Ug 3wO6DxJp9V+aKTU4h2kc99DjPfYgpYE9ccLeqCTp7uI7oAndaGQvaOCo6oHo+jVu q25b9vgNHsQ4g/F0YkHAexgEe1+5vHwJBr99Xfq7i5PQkOP47Y4vlw0UaK2cA59w C/KJ2ej0Smw0Km/PjNftmW8G5pVJhNu7bkIxN0Gvo9XHUnwrGt6mmMuaV45bxB9e JnW6p6jTJEaqzEOsXTRlvOfhwL7q0UatDdP8Y4nQ9EaQZENix8tlw8c09GDZcWxA RiJ3/J+vhqJrCPWo3SEg3Ekirp7HBg== =IpUM -END PGP SIGNATURE-