Security

It was discovered that the JSON RPC interface of the server componenent of Snapcast, a multi-room client-server audio player, allowed the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5847-1

Thomas Rinsma discovered two security vulnerabilities in LibreOffice, which could result in information disclosure or overwriting of files when opening malformed documents.

https://security-tracker.debian.org/tracker/DSA-5846-1

Several problems have been addressed in Tomcat 10, a Java based web server, servlet and JSP engine which may lead to a denial-of-service.

CVE-2024-38286

Apache Tomcat, under certain configurations, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process.

CVE-2024-52316

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta Authentication components that behave in this way.

CVE-2024-50379 / CVE-2024-56337

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). Some users may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat.

https://security-tracker.debian.org/tracker/DSA-5845-1

The update for rsync announced in DSA 5843-1 introduced a regression when using the -H option to preserve hard links. Updated packages are now available to correct this issue.

https://security-tracker.debian.org/tracker/DSA-5843-2

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5844-1

Several vulnerabilities were discovered in rsync, a fast, versatile, remote (and local) file-copying tool.

CVE-2024-12084

Simon Scannell, Pedro Gallegos and Jasiel Spelman discovered a heap-based buffer overflow vulnerability due to improper handling of attacker-controlled checksum lengths. A remote attacker can take advantage of this flaw for code execution.

CVE-2024-12085

Simon Scannell, Pedro Gallegos and Jasiel Spelman reported a flaw in the way rsync compares file checksums, allowing a remote attacker to trigger an information leak.

CVE-2024-12086

Simon Scannell, Pedro Gallegos and Jasiel Spelman discovered a flaw which would result in a server leaking contents of an arbitrary file from the client's machine.

CVE-2024-12087

Simon Scannell, Pedro Gallegos and Jasiel Spelman reported a path traversal vulnerability in the rsync daemon affecting the --inc-recursive option, which could allow a server to write files outside of the client's intended destination directory.

CVE-2024-12088

Simon Scannell, Pedro Gallegos and Jasiel Spelman reported that when using the --safe-links option, rsync fails to properly verify if a symbolic link destination contains another symbolic link with it, resulting in path traversal and arbitrary file write outside of the desired directory.

CVE-2024-12747

Aleksei Gorban "loqpa" discovered a race condition when handling symbolic links resulting in an information leak which may enable escalation of privileges.

https://security-tracker.debian.org/tracker/DSA-5843-1

Several vulnerabilities were discovered in OpenAFS, an implementation of the AFS distributed filesystem, which may result in theft of credentials in Unix client PAGs (CVE-2024-10394), fileserver crashes and information leak on StoreACL/FetchACL (CVE-2024-10396) or buffer overflows in XDR responses resulting in denial of service and potentially code execution (CVE-2024-10397).

https://security-tracker.debian.org/tracker/DSA-5842-1

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5841-1

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5840-1

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or privilege escalation.

https://security-tracker.debian.org/tracker/DSA-5839-1