-
-
Save grahamc/94b193465c1805b02f7222385afcd7cc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From: Graham Christensen <graham@grahamc.com> | |
To: nix-security-announce@googlegroups.com | |
Subject: Security fixes from 2016-12-23 00:33 UTC | |
--text follows this line-- | |
<#secure method=pgpmime mode=sign> | |
The following issues have been resolved in NixOS in release-16.09 and | |
unstable. They remain potentially vulnerable on older major | |
releases. | |
These patches will be released to the unstable and | |
release-16.09 channels when Hydra finishes building the "tested" job | |
for each channel: | |
- https://hydra.nixos.org/job/nixos/release-16.09/tested | |
- https://hydra.nixos.org/job/nixos/trunk-combined/tested | |
Please consider helping with the next security roundup by commenting on | |
LATEST_ROUNDUP_URL. | |
The following changes were applied to release-16.09: | |
af9b4c6 libtorrentRasterbar_1_0: 1.0.9 -> 1.0.10 | |
> Fixes potential crash on invalid input to the http parser | |
> and a division-by-zero bug in the super seeding logic. | |
831571c keepass: 2.33 -> 2.34 | |
> Recommended update from upstream. Release notes: | |
> http://keepass.info/news/n160611_2.34.html | |
d3e9fc6 linux:3.12.68 -> 3.12.69 | |
> All kernel patches are considered security-sensitive. | |
6cef2f2 linux:3.18.44 -> 3.18.45 | |
> All kernel patches are considered security-sensitive. | |
bd9eba2 zlib: patch for CVE-2016-9840, CVE-2016-9841, CVE-9842, CV.. | |
> CVE-2016-9840 | |
> CVE-2016-9841 | |
> CVE-2016-9842 | |
> CVE-2016-9843 | |
4e6223c pythonPackages.bottle: 0.12.9 -> 0.12.11 for CVE-2016-9964 | |
> CVE-2016-9964 | |
b5de7ef xen: patch for many XSAs | |
> XSA-190 | |
> XSA-191 | |
> XSA-192 | |
> XSA-193 | |
> XSA-195 | |
> XSA-196 | |
> XSA-198 | |
> XSA-200 | |
> XSA_202 | |
> XSA-204 | |
d3934be openjpeg2: patch for CVE-2016-9580, and CVE-2016-9581 | |
> CVE-2016-9580 | |
> CVE-2016-9581 | |
142b303 libupnp: 1.6.20 -> 1.6.21 for CVE-2016-8863 | |
> CVE-2016-8863 | |
490a23e nagios: 4.2.3 -> 4.2.4 for CVE-2016-9566 | |
> CVE-2016-9566 | |
6c97c1c tomcatUnstable: 9.0.0.M13 -> 9.0.0.M15 for CVE-2016-9774, .. | |
> CVE-2016-9774 | |
> CVE-2016-9775 | |
2ab18b7 tomcat85: 8.5.8 -> 8.5.9 for CVE-2016-9774, CVE-2016-9775 | |
> CVE-2016-9774 | |
> CVE-2016-9775 | |
78b5267 game-music-emu: 0.6.0 -> 0.6.1 for multiple CVEs | |
> CVE-2016-9957 | |
> CVE-2016-9958 | |
> CVE-2016-9959 | |
> CVE-2016-9960 | |
> CVE-2016-9961 | |
b2e80a5 samba4: 4.3.11 -> 4.3.13 | |
> CVE-2016-2123 | |
> CVE-2016-2125 | |
> CVE-2016-2126 | |
eaf6fc8 tor: 0.2.8.10 -> 0.2.8.12 | |
> CVE-2016-1254 | |
b5edcfc squid: 3.5.19 -> 3.5.23 | |
> CVE-2016-10002 | |
> CVE-2016-10003 | |
====================================================================== | |
The following changes were applied to unstable: | |
3ffb5ba linux:3.18.44 -> 3.18.45 | |
> All kernel patches are considered security-sensitive. | |
53e2152 linux:3.12.68 -> 3.12.69 | |
> All kernel patches are considered security-sensitive. | |
ecc7b33 pythonPackages.bottle: 0.12.9 -> 0.12.11 for CVE-2016-9964 | |
> CVE-2016-9964 | |
4e6c7fa xen: patch for many XSAs | |
> XSA-190 | |
> XSA-191 | |
> XSA-192 | |
> XSA-193 | |
> XSA-195 | |
> XSA-196 | |
> XSA-198 | |
> XSA-200 | |
> XSA_202 | |
> XSA-204 | |
c7a2073 openjpeg2: patch for CVE-2016-9580, and CVE-2016-9581 | |
> CVE-2016-9580 | |
> CVE-2016-9581 | |
0d3f0f0 libupnp: 1.6.20 -> 1.6.21 for CVE-2016-8863 | |
> CVE-2016-8863 | |
2f17c36 nagios: 4.2.3 -> 4.2.4 for CVE-2016-9566 | |
> CVE-2016-9566 | |
72faac9 tomcatUnstable: 9.0.0.M13 -> 9.0.0.M15 for CVE-2016-9774, .. | |
> CVE-2016-9774 | |
> CVE-2016-9775 | |
a528c04 tomcat85: 8.5.8 -> 8.5.9 for CVE-2016-9774, CVE-2016-9775 | |
> CVE-2016-9774 | |
> CVE-2016-9775 | |
2c24ce5 game-music-emu: 0.6.0 -> 0.6.1 for multiple CVEs | |
> CVE-2016-9957 | |
> CVE-2016-9958 | |
> CVE-2016-9959 | |
> CVE-2016-9960 | |
> CVE-2016-9961 | |
3e92b56 tor: 0.2.8.10 -> 0.2.8.12 | |
> CVE-2016-1254 | |
4b67968 squid: 3.5.19 -> 3.5.23 | |
> CVE-2016-10002 | |
> CVE-2016-10003 | |
Thank you very much, | |
Graham Christensen | |
NixOS Security Team | |
https://github.com/nixos/security |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment