[Secure-testing-commits] r30575 - packages
Author: carnil Date: 2014-12-07 09:37:50 + (Sun, 07 Dec 2014) New Revision: 30575 Added: packages/c-icap.txt Log: Add some basic instructions fo c-icap tests Added: packages/c-icap.txt === --- packages/c-icap.txt (rev 0) +++ packages/c-icap.txt 2014-12-07 09:37:50 UTC (rev 30575) @@ -0,0 +1,37 @@ +Testing +--- +Install package: c-icap libc-icap-mod-clamav clamav + +Add + Include srv_clamav.conf + +to /etc/c-icap/c-icap.conf . + +Basic functionality testing: The package c-icap contains a c-icap-client +command line tool which can be used for the first test: + +icap-client + +c-icap-client -f /bin/ls -s srv_clamav?allow204=onforce=onsizelimit=offmode=simple + +should report No modification needed (Allow 204 response). + +c-icap-client -f eicar.com.txt -s srv_clamav?allow204=onforce=onsizelimit=offmode=simple + +should report that virus is found (Eicar-Test-Signature). + +Test c-icap with squid3: + +squid.conf: + + icap_enable on + icap_preview_size 1024 + icap_send_client_ip on + icap_client_username_header X-Authenticated-User + icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/antivirus_module + icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/antivirus_module + adaptation_access service_req allow all + adaptation_access service_resp allow all + +Set http(s)_proxy for squid, and check downloading e.g +http://www.eicar.org/download/eicar.com.txt . ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30576 - data/CVE
Author: fgeek-guest Date: 2014-12-07 10:32:07 + (Sun, 07 Dec 2014) New Revision: 30576 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2014-12-07 09:37:50 UTC (rev 30575) +++ data/CVE/list 2014-12-07 10:32:07 UTC (rev 30576) @@ -5567,6 +5567,7 @@ TODO: check CVE-2014-7251 RESERVED + NOT-FOR-US: Yokogawa CVE-2014-7250 RESERVED CVE-2014-7249 @@ -9683,6 +9684,7 @@ NOT-FOR-US: ABB RobotStudio CVE-2014-5429 RESERVED + NOT-FOR-US: Elipse SCADA CVE-2014-5428 RESERVED CVE-2014-5427 @@ -15931,6 +15933,7 @@ NOT-FOR-US: Android service KeyStore CVE-2014-3099 RESERVED + NOT-FOR-US: IBM Systems Director CVE-2014-3098 RESERVED CVE-2014-3097 (Open redirect vulnerability in IBM Tivoli Federated Identity Manager ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30577 - data/CVE
Author: carnil Date: 2014-12-07 14:00:51 + (Sun, 07 Dec 2014) New Revision: 30577 Modified: data/CVE/list Log: Add upstream fix reference Modified: data/CVE/list === --- data/CVE/list 2014-12-07 10:32:07 UTC (rev 30576) +++ data/CVE/list 2014-12-07 14:00:51 UTC (rev 30577) @@ -25331,6 +25331,7 @@ - dcmtk unfixed (unimportant) NOTE: http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html NOTE: Not running with elevated privileges in Debian packaging + NOTE: http://git.dcmtk.org/web?p=dcmtk.git;a=commitdiff;h=beaf5a5c24101daeeafa48c375120b16197c9e95;hp=5349794c4c458c76609b7aeb53d0ca28cf9fe9f0 CVE-2013-6824 (Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 ...) - zabbix 1:2.2.0+dfsg-6 (low) [squeeze] - zabbix no-dsa (Minor issue) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30578 - in data: . DSA
Author: iuculano Date: 2014-12-07 15:48:24 + (Sun, 07 Dec 2014) New Revision: 30578 Modified: data/DSA/list data/dsa-needed.txt Log: getmail4 DSA Modified: data/DSA/list === --- data/DSA/list 2014-12-07 14:00:51 UTC (rev 30577) +++ data/DSA/list 2014-12-07 15:48:24 UTC (rev 30578) @@ -1,3 +1,6 @@ +[07 Dec 2014] DSA-3091-1 getmail4 - security update + {CVE-2014-7273 CVE-2014-7274 CVE-2014-7275} + [wheezy] - getmail4 4.46.0-1~deb7u1 [04 Dec 2014] DSA-3090-1 iceweasel - security update {CVE-2014-1587 CVE-2014-1590 CVE-2014-1592 CVE-2014-1593 CVE-2014-1594} [wheezy] - iceweasel 31.3.0esr-1~deb7u1 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2014-12-07 14:00:51 UTC (rev 30577) +++ data/dsa-needed.txt 2014-12-07 15:48:24 UTC (rev 30578) @@ -20,8 +20,6 @@ -- chromium-browser -- -getmail4 (iuculano) --- icedove (jmm) -- libav ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30579 - data/CVE
Author: fgeek-guest Date: 2014-12-07 16:23:22 + (Sun, 07 Dec 2014) New Revision: 30579 Modified: data/CVE/list Log: CVE-2014-7137/dolibarr fixed Modified: data/CVE/list === --- data/CVE/list 2014-12-07 15:48:24 UTC (rev 30578) +++ data/CVE/list 2014-12-07 16:23:22 UTC (rev 30579) @@ -5909,7 +5909,7 @@ CVE-2014-7138 (Cross-site scripting (XSS) vulnerability in the Google Calendar Events ...) NOT-FOR-US: WordPress plugin Google Calendar Events CVE-2014-7137 (Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before ...) - - dolibarr unfixed (bug #770313) + - dolibarr 3.5.5+dfsg1-1 (bug #770313) CVE-2014-7136 RESERVED CVE-2014-7135 (The Ayuntamiento de Coana (aka com.wInfoCoa) application 0.2 for ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30580 - in data: . DSA
Author: jmm Date: 2014-12-07 19:01:56 + (Sun, 07 Dec 2014) New Revision: 30580 Modified: data/DSA/list data/dsa-needed.txt Log: icedove DSA Modified: data/DSA/list === --- data/DSA/list 2014-12-07 16:23:22 UTC (rev 30579) +++ data/DSA/list 2014-12-07 19:01:56 UTC (rev 30580) @@ -1,3 +1,6 @@ +[07 Dec 2014] DSA-3092-1 icedove - security update + {CVE-2014-1587 CVE-2014-1590 CVE-2014-1592 CVE-2014-1593 CVE-2014-1594} + [wheezy] - icedove 31.3.0-1~deb7u1 [07 Dec 2014] DSA-3091-1 getmail4 - security update {CVE-2014-7273 CVE-2014-7274 CVE-2014-7275} [wheezy] - getmail4 4.46.0-1~deb7u1 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2014-12-07 16:23:22 UTC (rev 30579) +++ data/dsa-needed.txt 2014-12-07 19:01:56 UTC (rev 30580) @@ -20,8 +20,6 @@ -- chromium-browser -- -icedove (jmm) --- libav -- liblivemedia ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30581 - data/CVE
Author: fgeek-guest Date: 2014-12-07 19:35:14 + (Sun, 07 Dec 2014) New Revision: 30581 Modified: data/CVE/list Log: NFU VMSA-2014-0012 Modified: data/CVE/list === --- data/CVE/list 2014-12-07 19:01:56 UTC (rev 30580) +++ data/CVE/list 2014-12-07 19:35:14 UTC (rev 30581) @@ -3050,6 +3050,7 @@ RESERVED CVE-2014-8371 RESERVED + NOT-FOR-US: VMware vSphere CVE-2014-8370 RESERVED CVE-2014-8369 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux ...) @@ -13780,6 +13781,7 @@ RESERVED CVE-2014-3797 RESERVED + NOT-FOR-US: VMware vSphere CVE-2014-3796 (VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) ...) NOT-FOR-US: VMware NSX and vCNS CVE-2014-3795 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30582 - data/CVE
Author: sectracker Date: 2014-12-07 21:11:34 + (Sun, 07 Dec 2014) New Revision: 30582 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2014-12-07 19:35:14 UTC (rev 30581) +++ data/CVE/list 2014-12-07 21:11:34 UTC (rev 30582) @@ -5515,10 +5515,13 @@ CVE-2014-7276 RESERVED CVE-2014-7275 (The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does ...) + {DSA-3091-1} - getmail4 4.46.0-1 (bug #766670) CVE-2014-7274 (The IMAP-over-SSL implementation in getmail 4.44.0 does not verify ...) + {DSA-3091-1} - getmail4 4.46.0-1 (bug #766670) CVE-2014-7273 (The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does ...) + {DSA-3091-1} - getmail4 4.44.0-1 (bug #766670) CVE-2014-7272 [multiple vulnerabilities in sddm] RESERVED @@ -20093,21 +20096,21 @@ - icedove not-affected (Specific to MacOS X) CVE-2014-1594 RESERVED - {DSA-3090-1} + {DSA-3092-1 DSA-3090-1} - iceweasel 31.3.0esr-1 - icedove 31.3.0-1 [squeeze] - iceweasel end-of-life [squeeze] - icedove end-of-life CVE-2014-1593 RESERVED - {DSA-3090-1} + {DSA-3092-1 DSA-3090-1} - iceweasel 31.3.0esr-1 - icedove 31.3.0-1 [squeeze] - iceweasel end-of-life [squeeze] - icedove end-of-life CVE-2014-1592 RESERVED - {DSA-3090-1} + {DSA-3092-1 DSA-3090-1} - iceweasel 31.3.0esr-1 - icedove 31.3.0-1 [squeeze] - iceweasel end-of-life @@ -20118,7 +20121,7 @@ - icedove not-affected (Only affects Firefox 33) CVE-2014-1590 RESERVED - {DSA-3090-1} + {DSA-3092-1 DSA-3090-1} - iceweasel 31.3.0esr-1 - icedove 31.3.0-1 [squeeze] - iceweasel end-of-life @@ -20133,7 +20136,7 @@ - icedove not-affected (Only affects Firefox 33) CVE-2014-1587 RESERVED - {DSA-3090-1} + {DSA-3092-1 DSA-3090-1} - iceweasel 31.3.0esr-1 - icedove 31.3.0-1 [squeeze] - iceweasel end-of-life ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30583 - data/CVE
Author: mgilbert Date: 2014-12-07 22:56:37 + (Sun, 07 Dec 2014) New Revision: 30583 Modified: data/CVE/list Log: offset2lib issue Modified: data/CVE/list === --- data/CVE/list 2014-12-07 21:11:34 UTC (rev 30582) +++ data/CVE/list 2014-12-07 22:56:37 UTC (rev 30583) @@ -1,3 +1,5 @@ +CVE-2014- [offset2lib linux aslr bypass] + - linux unfixed (low; bug #772508) CVE-2014-9298 RESERVED CVE-2014-9297 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30584 - data/CVE
Author: carnil Date: 2014-12-08 06:12:41 + (Mon, 08 Dec 2014) New Revision: 30584 Modified: data/CVE/list Log: Add also src:linux-2.6 source package name Modified: data/CVE/list === --- data/CVE/list 2014-12-07 22:56:37 UTC (rev 30583) +++ data/CVE/list 2014-12-08 06:12:41 UTC (rev 30584) @@ -1,5 +1,6 @@ CVE-2014- [offset2lib linux aslr bypass] - linux unfixed (low; bug #772508) + - linux-2.6 removed CVE-2014-9298 RESERVED CVE-2014-9297 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30585 - org
Author: thijs Date: 2014-12-08 07:06:12 + (Mon, 08 Dec 2014) New Revision: 30585 Modified: org/security-frontdesk.2014.txt org/security-frontdesk.2015.txt Log: switch with jmm, take week 1 aswell Modified: org/security-frontdesk.2014.txt === --- org/security-frontdesk.2014.txt 2014-12-08 06:12:41 UTC (rev 30584) +++ org/security-frontdesk.2014.txt 2014-12-08 07:06:12 UTC (rev 30585) @@ -46,7 +46,7 @@ Week 46: 17-11 to 23-11:jmm Week 47: 24-11 to 30-11:iuculano Week 48: 01-12 to 07-12:luciano -Week 49: 08-12 to 14-12:thijs +Week 49: 08-12 to 14-12:jmm Week 50: 15-12 to 21-12:mgilbert Week 51: 22-12 to 28-12:nion Week 52: 29-12 to 04-01:carnil Modified: org/security-frontdesk.2015.txt === --- org/security-frontdesk.2015.txt 2014-12-08 06:12:41 UTC (rev 30584) +++ org/security-frontdesk.2015.txt 2014-12-08 07:06:12 UTC (rev 30585) @@ -1,7 +1,7 @@ -Week 01: 05-01 to 11-01: +Week 01: 05-01 to 11-01:thijs Week 02: 12-01 to 18-01:geissert Week 03: 19-01 to 25-01:corsac -Week 04: 26-01 to 01-02:jmm +Week 04: 26-01 to 01-02:thijs Week 05: 02-02 to 08-02: Week 06: 09-02 to 15-02: Week 07: 16-02 to 22-02: ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits