Miguel Onoro reported that qbittorrent, a bittorrent client with a Qt5 GUI user interface, allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, which could result in remote command execution via a crafted name within an RSS feed if qbittorrent is configured to run an external program on torrent completion.

libplist is a library for reading and writing the Apple binary and XML property lists format. It's part of the libimobiledevice stack, providing access to iDevices (iPod, iPhone, iPad ...).

CVE-2017-5209

The base64decode function in base64.c allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via split encoded Apple Property List data.

CVE-2017-5545

The main function in plistutil.c allows attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read) via Apple Property List data that is too short.

CVE-2017-5834

The parse_dict_node function in bplist.c allows attackers to cause a denial of service (out-of-bounds heap read and crash) via a crafted file.

CVE-2017-5835

libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.

CVE-2017-6435

The parse_string_node function in bplist.c allows local users to cause a denial of service (memory corruption) via a crafted plist file.

CVE-2017-6436

The parse_string_node function in bplist.c allows local users to cause a denial of service (memory allocation error) via a crafted plist file.

CVE-2017-6439

Heap-based buffer overflow in the parse_string_node function in bplist.c allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.

CVE-2017-7982

Integer overflow in the plist_from_bin function in bplist.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted plist file.

For Debian 8 'Jessie', these problems have been fixed in version 1.11-3+deb8u1.

We recommend that you upgrade your libplist packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Russ Allbery discovered a buffer overflow in the PAM module for MIT Kerberos, which could result in denial of service or potentially the execution of arbitrary code.

A vulnerability was discovered in python-bleach, a whitelist-based HTML-sanitizing library. Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to a regular expression denial of service (ReDoS).

For Debian 8 'Jessie', this problem has been fixed in version 1.4-1+deb8u1.

We recommend that you upgrade your python-bleach packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The krb5 PAM module (pam_krb5.so) had a buffer overflow that might have caused remote code execution in situations involving supplemental prompting by a Kerberos library. It might have overflown a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responded to a prompt with an answer of a carefully chosen length. The effect may have ranged from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution.
This code path had not been used for normal authentication, but only when the Kerberos library did supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option.

For Debian 8 'Jessie', this problem has been fixed in version 4.6-3+deb8u1. The fix was prepared by Mike Gabriel.

We recommend that you upgrade your libpam-krb5 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An issue has been found in apng2gif, a tool for converting APNG images to animated GIF format.

One of the function contained an integer overflow resulting in a heap-based buffer over-read.

For Debian 8 'Jessie', this problem has been fixed in version 1.5-3+deb8u1.

We recommend that you upgrade your apng2gif packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several issues have been found in gst-plugins-bad0.10, a package containing GStreamer plugins from the 'bad' set.

All issues are about use-after-free, out of bounds reads or buffer overflow in different modules.

For Debian 8 'Jessie', these problems have been fixed in version 0.10.23-7.4+deb8u3.

We recommend that you upgrade your gst-plugins-bad0.10 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

A minor security issue and a severe packaging bug have been fixed in tinyproxy, a lightweight http proxy daemon.

CVE-2017-11747

main.c in Tinyproxy created a /var/run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might have allowed local users to kill arbitrary processes by leveraging access to this non-root account for tinyproxy.pid modification before a root script executed a 'kill `cat /run/tinyproxy/tinyproxy.pid`' command.

OTHER

Furthermore, a severe flaw had been discovered by Tim Duesterhus in Debian's init script for tinyproxy. With the tiny.conf configuration file having the PidFile option removed, the next run of logrotate (if installed) would have changed the owner of the system's base directory ('/') to tinyproxy:tinyproxy.

For Debian 8 'Jessie', this problem has been fixed in version 1.8.3-3+deb8u1. These fixes were prepared by Mike Gabriel.

We recommend that you upgrade your tinyproxy packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was reported that the BlueZ's HID and HOGP profile implementations don't specifically require bonding between the device and the host.
Malicious devices can take advantage of this flaw to connect to a target host and impersonate an existing HID device without security or to cause an SDP or GATT service discovery to take place which would allow HID reports to be injected to the input subsystem from a non-bonded source.

For the HID profile an new configuration option (ClassicBondedOnly) is introduced to make sure that input connections only come from bonded device connections. The options defaults to 'false' to maximize device compatibility.

A remote code execution vulnerability was discovered in the Form API component of the Horde Application Framework. An authenticated remote attacker could use this flaw to upload arbitrary content to an arbitrary writable location on the server and potentially execute code in the context of the web server user.

For Debian 8 'Jessie', this problem has been fixed in version 2.0.8-2+deb8u2.

We recommend that you upgrade your php-horde-form packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Two security issues have been detected in tika and fixed.

CVE-2020-1950: carefully crafted or corrupt PSD file can cause excessive memory usage in Apache.

CVE-2020-1951: Infinite Loop (DoS) vulnerability in Apache Tika's PSDParser.

For Debian 8 'Jessie', these problems have been fixed in version 1.5-1+deb8u1.

We recommend that you upgrade your tika packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Two security issues have been identified and fixed in php5, a server-side, HTML-embedded scripting language.

CVE-2020-7062 is about a possible NULL pointer derefernce, which would likely lead to a crash, during a failed upload with progress tracking.
CVE-2020-7063 is about wrong file permissions of files added to tar with Phar::buildFromIterator when extracting them again.

For Debian 8 'Jessie', these problems have been fixed in version 5.6.40+dfsg-0+deb8u10.

We recommend that you upgrade your php5 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Andre Bargull discovered an integer overflow in the International Components for Unicode (ICU) library which could result in denial of service and potentially the execution of arbitrary code.

Mickael Karatekin from Sysdream Labs discovered that the Okular document viewer allows code execution via an action link in a PDF document.

For Debian 8 'Jessie', this problem has been fixed in version 4:4.14.2-2+deb8u2.

We recommend that you upgrade your okular packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument function heap buffer 'head' allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow

For Debian 8 'Jessie', this problem has been fixed in version 2.1.5-2+deb8u9.

We recommend that you upgrade your ruby2.1 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several issues have been found in weechat, a fast, light and extensible chat client. All issues are about crafted messages, that could result in a buffer overflow and application crash. This could cause a denial of service or possibly have other impact.

For Debian 8 'Jessie', these problems have been fixed in version 1.0.1-1+deb8u3.

We recommend that you upgrade your weechat packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An issue has been found in e2fsprogs, a package that contains ext2/ext3/ext4 file system utilities. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability.

For Debian 8 'Jessie', this problem has been fixed in version 1.42.12-2+deb8u2.

We recommend that you upgrade your e2fsprogs packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Tomcat8 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the Tomcat instance.

For Debian 8 'Jessie', this problem has been fixed in version 8.0.14-1+deb8u16.

We recommend that you upgrade your tomcat8 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several vulnerabilities have been discovered in the chromium web browser.

  - CVE-2019-20503     Natalie Silvanovich discovered an out-of-bounds read     issue in the usrsctp library.

  - CVE-2020-6422     David Manouchehri discovered a use-after-free issue in     the WebGL implementation.

  - CVE-2020-6424     Sergei Glazunov discovered a use-after-free issue.

  - CVE-2020-6425     Sergei Glazunov discovered a policy enforcement error     related to extensions.

  - CVE-2020-6426     Avihay Cohen discovered an implementation error in the     v8 JavaScript library.

  - CVE-2020-6427     Man Yue Mo discovered a use-after-free issue in the     audio implementation.

  - CVE-2020-6428     Man Yue Mo discovered a use-after-free issue in the     audio implementation.

  - CVE-2020-6429     Man Yue Mo discovered a use-after-free issue in the     audio implementation.

  - CVE-2020-6449     Man Yue Mo discovered a use-after-free issue in the     audio implementation.

A denial of service vulnerability (by triggering high CPU consumption) was found in Tor, a connection-based low-latency anonymous communication system.

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when strip=False and 'math' or 'svg' tags and one or more of the RCDATA tags were whitelisted.

Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code.

The following packages CVE(s) were reported against phpmyadmin.

CVE-2020-10802

In phpMyAdmin 4.x before 4.9.5, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.

CVE-2020-10803

In phpMyAdmin 4.x before 4.9.5, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.

For Debian 8 'Jessie', these problems have been fixed in version 4:4.2.12-2+deb8u9.

We recommend that you upgrade your phpmyadmin packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The following CVE(s) were reported against jackson-databind.

CVE-2020-10672

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).

CVE-2020-10673

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).

For Debian 8 'Jessie', these problems have been fixed in version 2.4.2-2+deb8u13.

We recommend that you upgrade your jackson-databind packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that allows allows an attacker to read arbitrary files via a crafted image because of TranslateTextEx for SVG.

For Debian 8 'Jessie', this problem has been fixed in version 1.3.20-3+deb8u9.

We recommend that you upgrade your graphicsmagick packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was discovered that an integer overflow in the International Components for Unicode (ICU) library could result in denial of service and potentially the execution of arbitrary code.

For Debian 8 'Jessie', this problem has been fixed in version 52.1-8+deb8u8.

We recommend that you upgrade your icu packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code.

For Debian 8 'Jessie', these problems have been fixed in version 1:68.6.0-1~deb8u1.

We recommend that you upgrade your thunderbird packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was discovered that systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (Spectre v2). Multiple fixes were done already in Linux kernel, intel-microcode etc. This fix adds amd-microcode-based IBPB support.

For Debian 8 'Jessie', this problem has been fixed in version 3.20181128.1~deb8u1.

We recommend that you upgrade your amd64-microcode package.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers.
Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks.

For Debian 8 'Jessie', this problem has been fixed in version 2:4.1.8-1+deb8u6.

We recommend that you upgrade your rails packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

tif_getimage.c in LibTIFF, as used in GDAL has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a 'Negative-size-param' condition.

For Debian 8 'Jessie', this problem has been fixed in version 1.10.1+dfsg-8+deb8u2.

We recommend that you upgrade your gdal packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The following vulnerability has been discovered in the webkit2gtk web engine :

  - CVE-2020-10018     Sudhakar Verma, Ashfaq Ansari and Siddhant Badhe     discovered that processing maliciously crafted web     content may lead to arbitrary code execution.

In libvncserver, through libvncclient/cursor.c, there is a possibility of a heap overflow, as reported by Pavel Cheremushkin.

For Debian 8 'Jessie', this problem has been fixed in version 0.9.9+dfsg2-6.1+deb8u7.

We recommend that you upgrade your libvncserver packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

It was discovered that there were was a regression introduced in DLA-2145-1 due to the incorrect application of the upstream patch for CVE-2020-10108 & CVE-2020-10109 regarding a number of HTTP request splitting vulnerabilities in Twisted, an Python event-based framework for building various types of internet applications.

Thanks to Etienne Allovon for the detailed report.

For Debian 8 'Jessie', these issues have been fixed in twisted version 14.0.2-3+deb8u2.

We recommend that you upgrade your twisted packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Two out-of-bounds heap buffer accesses were found in QEMU, a fast processor emulator, which could result in denial of service or abitrary code execution.

For Debian 8 'Jessie', these problems have been fixed in version 1:2.1+dfsg-12+deb8u14.

We recommend that you upgrade your qemu packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Several issue were found in Simple Linux Utility for Resource Management (SLURM), a cluster resource management and job scheduling system.

CVE-2019-6438

SchedMD Slurm mishandles 32-bit systems, causing a heap overflow in xmalloc.

CVE-2019-12838

SchedMD Slurm did not escape strings when importing an archive file into the accounting_storage/mysql backend, resulting in SQL injection.

For Debian 8 'Jessie', these problems have been fixed in version 14.03.9-5+deb8u5.

We recommend that you upgrade your slurm-llnl packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update fixes several vulnerabilities in Graphicsmagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed media files are processed.

It was discovered that there was a buffer overflow vulnerability in slirp, a SLIP/PPP emulator for using a dial up shell account. This was caused by the incorrect usage of return values from snprintf(3).

For Debian 8 'Jessie', this issue has been fixed in slirp version 1:1.0.17-7+deb8u2.

We recommend that you upgrade your slirp packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The following CVEs were reported against yubikey-val.

CVE-2020-10184

The verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, which allows remote attackers to cause a denial of service, aka SQL injection.

CVE-2020-10185

The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP.

For Debian 8 'Jessie', these problems have been fixed in version 2.27-1+deb8u1.

We recommend that you upgrade your yubikey-val packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

Several vulnerabilities have been discovered in the chromium web browser.

  - CVE-2019-19880     Richard Lorenz discovered an issue in the sqlite     library.

  - CVE-2019-19923     Richard Lorenz discovered an out-of-bounds read issue in     the sqlite library.

  - CVE-2019-19925     Richard Lorenz discovered an issue in the sqlite     library.

  - CVE-2019-19926     Richard Lorenz discovered an implementation error in the     sqlite library.

  - CVE-2020-6381     UK's National Cyber Security Centre discovered an     integer overflow issue in the v8 JavaScript library.

  - CVE-2020-6382     Soyeon Park and Wen Xu discovered a type error in the v8     JavaScript library.

  - CVE-2020-6383     Sergei Glazunov discovered a type error in the v8     JavaScript library.

  - CVE-2020-6384     David Manoucheri discovered a use-after-free issue in     WebAudio.

  - CVE-2020-6385     Sergei Glazunov discovered a policy enforcement error.

  - CVE-2020-6386     Zhe Jin discovered a use-after-free issue in speech     processing.

  - CVE-2020-6387     Natalie Silvanovich discovered an out-of-bounds write     error in the WebRTC implementation.

  - CVE-2020-6388     Sergei Glazunov discovered an out-of-bounds read error     in the WebRTC implementation.

  - CVE-2020-6389     Natalie Silvanovich discovered an out-of-bounds write     error in the WebRTC implementation.

  - CVE-2020-6390     Sergei Glazunov discovered an out-of-bounds read error.

  - CVE-2020-6391     Michal Bentkowski discoverd that untrusted input was     insufficiently validated.

  - CVE-2020-6392     The Microsoft Edge Team discovered a policy enforcement     error.

  - CVE-2020-6393     Mark Amery discovered a policy enforcement error.

  - CVE-2020-6394     Phil Freo discovered a policy enforcement error.

  - CVE-2020-6395     Pierre Langlois discovered an out-of-bounds read error     in the v8 JavaScript library.

  - CVE-2020-6396     William Luc Ritchie discovered an error in the skia     library.

  - CVE-2020-6397     Khalil Zhani discovered a user interface error.

  - CVE-2020-6398     pdknsk discovered an uninitialized variable in the     pdfium library.

  - CVE-2020-6399     Luan Herrera discovered a policy enforcement error.

  - CVE-2020-6400     Takashi Yoneuchi discovered an error in Cross-Origin     Resource Sharing.

  - CVE-2020-6401     Tzachy Horesh discovered that user input was     insufficiently validated.

  - CVE-2020-6402     Vladimir Metnew discovered a policy enforcement error.

  - CVE-2020-6403     Khalil Zhani discovered a user interface error.

  - CVE-2020-6404     kanchi discovered an error in Blink/Webkit.

  - CVE-2020-6405     Yongheng Chen and Rui Zhong discovered an out-of-bounds     read issue in the sqlite library.

  - CVE-2020-6406     Sergei Glazunov discovered a use-after-free issue.

  - CVE-2020-6407     Sergei Glazunov discovered an out-of-bounds read error.

  - CVE-2020-6408     Zhong Zhaochen discovered a policy enforcement error in     Cross-Origin Resource Sharing.

  - CVE-2020-6409     Divagar S and Bharathi V discovered an error in the     omnibox implementation.

  - CVE-2020-6410     evil1m0 discovered a policy enforcement error.

  - CVE-2020-6411     Khalil Zhani discovered that user input was     insufficiently validated.

  - CVE-2020-6412     Zihan Zheng discovered that user input was     insufficiently validated.

  - CVE-2020-6413     Michal Bentkowski discovered an error in Blink/Webkit.

  - CVE-2020-6414     Lijo A.T discovered a policy safe browsing policy     enforcement error.

  - CVE-2020-6415     Avihay Cohen discovered an implementation error in the     v8 JavaScript library.

  - CVE-2020-6416     Woojin Oh discovered that untrusted input was     insufficiently validated.

  - CVE-2020-6418     Clement Lecigne discovered a type error in the v8     JavaScript library.

  - CVE-2020-6420     Taras Uzdenov discovered a policy enforcement error.

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

For Debian 8 'Jessie', these problems have been fixed in version 68.6.0esr-1~deb8u1.

We recommend that you upgrade your firefox-esr packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The following CVEs were reported against dojo :

CVE-2020-5258

In affected versions of dojo, the deepCopy method is vulnerable to Prototype Pollution. An attacker could manipulate these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values.

CVE-2020-5259

The Dojox jQuery wrapper jqMix mixin method is vulnerable to Prototype Pollution. An attacker could manipulate these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values.

For Debian 8 'Jessie', these problems have been fixed in version 1.10.2+dfsg-1+deb8u3.

We recommend that you upgrade your dojo packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Similar to CVE-2016-10743 the host access point daemon, hostapd, in EAP mode used a low quality pseudorandom number generator that leads to insufficient entropy. The problem was resolved by using the os_get_random function which provides cryptographically strong pseudo random data.

For Debian 8 'Jessie', this problem has been fixed in version 2.3-1+deb8u10.

We recommend that you upgrade your wpa packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.

For Debian 8 'Jessie', this problem has been fixed in version 4.1.3-4+deb8u2.

We recommend that you upgrade your sleuthkit packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Kobus van Schoor discovered that network-manager-ssh, a plugin to provide VPN integration for SSH in NetworkManager, is prone to a privilege escalation vulnerability. A local user with privileges to modify a connection can take advantage of this flaw to execute arbitrary commands as root.

This update drops support to pass extra SSH options to the ssh invocation.

It was discovered that there was an out-of-bounds buffer read vulnerability in libvpx, a library implementing the VP8 & VP9 video codecs.

For Debian 8 'Jessie', this issue has been fixed in libvpx version 1.3.0-3+deb8u3.

We recommend that you upgrade your libvpx packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Description not provided by Debian for this vulnerability.
For further details on the vulnerability, contact Debian.

The following CVEs were reported for jackson-databind source package.

CVE-2020-9546

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).

CVE-2020-9547

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).

CVE-2020-9548

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).

For Debian 8 'Jessie', these problems have been fixed in version 2.4.2-2+deb8u12.

We recommend that you upgrade your jackson-databind packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Severity
135191	Debian DSA-4650-1 : qbittorrent - security update	High
135190	Debian DLA-2168-1 : libplist security update	Medium
135103	Debian DSA-4648-1 : libpam-krb5 - security update	High
135102	Debian DLA-2167-1 : python-bleach security update	High
135101	Debian DLA-2166-1 : libpam-krb5 security update	High
135100	Debian DLA-2165-1 : apng2gif security update	Medium
135099	Debian DLA-2164-1 : gst-plugins-bad0.10 security update	Medium
135098	Debian DLA-2163-1 : tinyproxy security update	Low
134984	Debian DSA-4647-1 : bluez - security update	Medium
134983	Debian DLA-2162-1 : php-horde-form security update	Medium
134982	Debian DLA-2161-1 : tika security update	Medium
134955	Debian DLA-2160-1 : php5 security update	Medium
134917	Debian DSA-4646-1 : icu - security update	Medium
134916	Debian DLA-2159-1 : okular security update	Medium
134915	Debian DLA-2158-1 : ruby2.1 security update	High
134881	Debian DLA-2157-1 : weechat security update	High
134880	Debian DLA-2156-1 : e2fsprogs security update	Medium
134879	Debian DLA-2155-1 : tomcat8 security update	Medium
134839	Debian DSA-4645-1 : chromium - security update	High
134774	Debian DSA-4644-1 : tor - security update	Medium
134773	Debian DSA-4643-1 : python-bleach - security update	Medium
134772	Debian DSA-4642-1 : thunderbird - security update	High
134771	Debian DLA-2154-1 : phpmyadmin security update	Medium
134770	Debian DLA-2153-1 : jackson-databind security update	Medium
134769	Debian DLA-2152-1 : graphicsmagick security update	Medium
134768	Debian DLA-2151-1 : icu security update	Medium
134767	Debian DLA-2150-1 : thunderbird security update	High
134766	Debian DLA-2148-1 : amd64-microcode security update (Spectre)	Medium
134716	Debian DLA-2149-1 : rails security update	Low
134683	Debian DLA-2147-1 : gdal security update	Medium
134634	Debian DSA-4641-1 : webkit2gtk - security update	Medium
134633	Debian DLA-2146-1 : libvncserver security update	High
134632	Debian DLA-2145-2 : twisted security update	High
134631	Debian DLA-2144-1 : qemu security update	Critical
134630	Debian DLA-2143-1 : slurm-llnl security update	High
134577	Debian DSA-4640-1 : graphicsmagick - security update	High
134576	Debian DLA-2142-1 : slirp security update	Critical
134454	Debian DLA-2141-1 : yubikey-val security update	Medium
134434	Debian DSA-4639-1 : firefox-esr - security update	High
134433	Debian DSA-4638-1 : chromium - security update	High
134432	Debian DLA-2140-1 : firefox-esr security update	High
134431	Debian DLA-2139-1 : dojo security update	Medium
134430	Debian DLA-2138-1 : wpa security update	Medium
134429	Debian DLA-2137-1 : sleuthkit security update	High
134353	Debian DSA-4637-1 : network-manager-ssh - security update	High
134352	Debian DLA-2136-1 : libvpx security update	High
134332	Debian DSA-4342-1 : chromium-browser - security update	Medium
134331	Debian DSA-3156-1 : liblivemedia - security update	High
134330	Debian DSA-3043-1 : tryton-server - security update	High
134245	Debian DLA-2135-1 : jackson-databind security update	Medium

Debian Local Security Checks Family for Nessus