Debian 8.3 Released
Debian 8.3 was released this morning as the third stable update to Jessie.
Debian 8.3 contains various stable package updates including fixes to Apache, a new upstream release of the fglrx-driver, glibc fixes, updated Intel microcode files, a new HyperZ daemons package in linux-tools, new upstream releases of the NVIDIA proprietary drivers, a new version of PHP5, and many other package updates with fixes.
For more details about the package updates found in Debian 8.3, see the announcement posted today to Debian.org.
The Debian announcement was the first time I heard of the Catalyst/fglrx driver's CVE-2015-7724 from last year. It was a bug in Catalyst 15.7, fixed in Catalyst 15.9, but hadn't seen it mentioned due to AMD's woefully incomplete change-logs on their Linux driver releases. This fglrx bug allows privileged escalation via symlink attacks on POSIX shared memory with insecure file permissions in fglrx-driver.
Debian 8.3 contains various stable package updates including fixes to Apache, a new upstream release of the fglrx-driver, glibc fixes, updated Intel microcode files, a new HyperZ daemons package in linux-tools, new upstream releases of the NVIDIA proprietary drivers, a new version of PHP5, and many other package updates with fixes.
For more details about the package updates found in Debian 8.3, see the announcement posted today to Debian.org.
The Debian announcement was the first time I heard of the Catalyst/fglrx driver's CVE-2015-7724 from last year. It was a bug in Catalyst 15.7, fixed in Catalyst 15.9, but hadn't seen it mentioned due to AMD's woefully incomplete change-logs on their Linux driver releases. This fglrx bug allows privileged escalation via symlink attacks on POSIX shared memory with insecure file permissions in fglrx-driver.
7 Comments