Security fixes from 2017-01-27 02:09 UTC
13 views
Skip to first unread message
Graham Christensen
Jan 26, 2017, 9:10:45 PM1/26/17
to nix-securi...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The following issues have been resolved in NixOS in release-16.09 and
unstable. They remain potentially vulnerable on older major
releases.
These patches will be released to the unstable and
release-16.09 channels when Hydra finishes building the "tested" job
for each channel:
- https://hydra.nixos.org/job/nixos/release-16.09/tested
- https://hydra.nixos.org/job/nixos/trunk-combined/tested
Please consider helping with the next security roundup by commenting on
https://github.com/NixOS/nixpkgs/issues/22128.
The following changes were applied to release-16.09:
19d9fe2 qemu: 2.7 -> 2.8, drop 2.7
> CVE-2016-9923: Quick Emulator (Qemu) built with the 'chardev' backend
> support is vulnerable to a use after free issue. It could occur while
> hotplug and unplugging the device in the guest. A guest user/process
> could use this flaw to crash a Qemu process on the host resulting in
> DoS.
f97d456 kernel: 4.4.44 -> 4.4.45
> All kernel patches are considered security-sensitive.
c90544f asterisk: 13.6.0 -> 13.13.1
> From the Red Hat bugzilla:
>
> It was reported that setting the sip.conf timert1 value to a value
> higher than 1245 can cause an integer overflow and result in large
> retransmit timeout times. These large timeout values hold system file
> descriptors hostage and can cause the system to run out of file
> descriptors.
>
> More:
> - https://lwn.net/Vulnerabilities/676089/
> - https://github.com/NixOS/nixpkgs/issues/18856
> - https://github.com/NixOS/nixpkgs/pull/22142
======================================================================
The following changes were applied to unstable:
f46c5b2 qemu: 2.7 -> 2.8, drop 2.7
> CVE-2016-9923: Quick Emulator (Qemu) built with the 'chardev' backend
> support is vulnerable to a use after free issue. It could occur while
> hotplug and unplugging the device in the guest. A guest user/process
> could use this flaw to crash a Qemu process on the host resulting in
> DoS.
4345dfb kernel: 4.4.44 -> 4.4.45
> All kernel patches are considered security-sensitive.
Thank you very much,
Graham Christensen
NixOS Security Team
https://github.com/nixos/security
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJYiqwVAAoJEAYSHTZv6UNcpu0QALDRMe6u8Vnu5B/RUkeyyKcK
1Ly/XXYWXow7PyDvIsQN7A8R9bLLu1uNHKwX2Xdm3yrhlRchPM6YRipDRFs3nJ2f
fpUXwXnkFzsrwuZqzg7WwjSPCJMT7lvQz/h2x6xWygoCpEDEXattAvOd3btJqrUP
OosxD2UVLcQGOupNv7Jrwj73NILM+PWoOdCAuaf7kRz895I1zuJzAN5GVGU7disG
xRwFQhjLTVcmFeADo1yk4kAO2HRqJRL9cGNsmSXeAYpBgt+u9p5tIZy6AUnSkWwi
r5vn2DODOdP9xYjT6TJCZv0jMMF4k4QXWzAQViZSXjICemgOV3xoQO0Fnbzqmbue
PjNvXNZOizcmtED+g7sxHNqVl+gYpwDeAC39RCpVWiaDuFaePfhUTjfNvR4AF4Au
2zexE+Wi0OSnSmEaqJLSJK5MK5+ld+T7gPrkMSlJa7ikXwfNZu45YWTQN8133sN6
Bhv1Mrtodw+OnmEr0Fv/UwUtcIivlX78QLEisAhpPL58v6zIso2tk9SvbkjllAHw
XdP8K3ZkhUWvtYlffkUh173vmUq8Os9E8RK8MfkSxfn3yrKJBqBXyOkK4VcarP+U
Dsb/R+aJoQJ2il1TmdWCRfMRY0M2mA3XeDzSuRXNI3r/BvpXRnQ4tyKljq9AQsED
knVQ0XjdgFaZztN+5nnr
=PkBR
-----END PGP SIGNATURE-----
Hash: SHA256
The following issues have been resolved in NixOS in release-16.09 and
unstable. They remain potentially vulnerable on older major
releases.
These patches will be released to the unstable and
release-16.09 channels when Hydra finishes building the "tested" job
for each channel:
- https://hydra.nixos.org/job/nixos/release-16.09/tested
- https://hydra.nixos.org/job/nixos/trunk-combined/tested
Please consider helping with the next security roundup by commenting on
https://github.com/NixOS/nixpkgs/issues/22128.
The following changes were applied to release-16.09:
19d9fe2 qemu: 2.7 -> 2.8, drop 2.7
> CVE-2016-9923: Quick Emulator (Qemu) built with the 'chardev' backend
> support is vulnerable to a use after free issue. It could occur while
> hotplug and unplugging the device in the guest. A guest user/process
> could use this flaw to crash a Qemu process on the host resulting in
> DoS.
f97d456 kernel: 4.4.44 -> 4.4.45
> All kernel patches are considered security-sensitive.
c90544f asterisk: 13.6.0 -> 13.13.1
> From the Red Hat bugzilla:
>
> It was reported that setting the sip.conf timert1 value to a value
> higher than 1245 can cause an integer overflow and result in large
> retransmit timeout times. These large timeout values hold system file
> descriptors hostage and can cause the system to run out of file
> descriptors.
>
> More:
> - https://lwn.net/Vulnerabilities/676089/
> - https://github.com/NixOS/nixpkgs/issues/18856
> - https://github.com/NixOS/nixpkgs/pull/22142
======================================================================
The following changes were applied to unstable:
f46c5b2 qemu: 2.7 -> 2.8, drop 2.7
> CVE-2016-9923: Quick Emulator (Qemu) built with the 'chardev' backend
> support is vulnerable to a use after free issue. It could occur while
> hotplug and unplugging the device in the guest. A guest user/process
> could use this flaw to crash a Qemu process on the host resulting in
> DoS.
4345dfb kernel: 4.4.44 -> 4.4.45
> All kernel patches are considered security-sensitive.
Thank you very much,
Graham Christensen
NixOS Security Team
https://github.com/nixos/security
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJYiqwVAAoJEAYSHTZv6UNcpu0QALDRMe6u8Vnu5B/RUkeyyKcK
1Ly/XXYWXow7PyDvIsQN7A8R9bLLu1uNHKwX2Xdm3yrhlRchPM6YRipDRFs3nJ2f
fpUXwXnkFzsrwuZqzg7WwjSPCJMT7lvQz/h2x6xWygoCpEDEXattAvOd3btJqrUP
OosxD2UVLcQGOupNv7Jrwj73NILM+PWoOdCAuaf7kRz895I1zuJzAN5GVGU7disG
xRwFQhjLTVcmFeADo1yk4kAO2HRqJRL9cGNsmSXeAYpBgt+u9p5tIZy6AUnSkWwi
r5vn2DODOdP9xYjT6TJCZv0jMMF4k4QXWzAQViZSXjICemgOV3xoQO0Fnbzqmbue
PjNvXNZOizcmtED+g7sxHNqVl+gYpwDeAC39RCpVWiaDuFaePfhUTjfNvR4AF4Au
2zexE+Wi0OSnSmEaqJLSJK5MK5+ld+T7gPrkMSlJa7ikXwfNZu45YWTQN8133sN6
Bhv1Mrtodw+OnmEr0Fv/UwUtcIivlX78QLEisAhpPL58v6zIso2tk9SvbkjllAHw
XdP8K3ZkhUWvtYlffkUh173vmUq8Os9E8RK8MfkSxfn3yrKJBqBXyOkK4VcarP+U
Dsb/R+aJoQJ2il1TmdWCRfMRY0M2mA3XeDzSuRXNI3r/BvpXRnQ4tyKljq9AQsED
knVQ0XjdgFaZztN+5nnr
=PkBR
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages