[Secure-testing-commits] r30575 - packages
Author: carnil Date: 2014-12-07 09:37:50 + (Sun, 07 Dec 2014) New Revision: 30575 Added: packages/c-icap.txt Log: Add some basic instructions fo c-icap tests Added: packages/c-icap.txt === --- packages/c-icap.txt (rev 0) +++ packages/c-icap.txt 2014-12-07 09:37:50 UTC (rev 30575) @@ -0,0 +1,37 @@ +Testing +--- +Install package: c-icap libc-icap-mod-clamav clamav + +Add + Include srv_clamav.conf + +to /etc/c-icap/c-icap.conf . + +Basic functionality testing: The package c-icap contains a c-icap-client +command line tool which can be used for the first test: + +icap-client + +c-icap-client -f /bin/ls -s srv_clamav?allow204=onforce=onsizelimit=offmode=simple + +should report No modification needed (Allow 204 response). + +c-icap-client -f eicar.com.txt -s srv_clamav?allow204=onforce=onsizelimit=offmode=simple + +should report that virus is found (Eicar-Test-Signature). + +Test c-icap with squid3: + +squid.conf: + + icap_enable on + icap_preview_size 1024 + icap_send_client_ip on + icap_client_username_header X-Authenticated-User + icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/antivirus_module + icap_service service_resp respmod_precache bypass=0 icap://127.0.0.1:1344/antivirus_module + adaptation_access service_req allow all + adaptation_access service_resp allow all + +Set http(s)_proxy for squid, and check downloading e.g +http://www.eicar.org/download/eicar.com.txt . ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30576 - data/CVE
Author: fgeek-guest Date: 2014-12-07 10:32:07 + (Sun, 07 Dec 2014) New Revision: 30576 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2014-12-07 09:37:50 UTC (rev 30575) +++ data/CVE/list 2014-12-07 10:32:07 UTC (rev 30576) @@ -5567,6 +5567,7 @@ TODO: check CVE-2014-7251 RESERVED + NOT-FOR-US: Yokogawa CVE-2014-7250 RESERVED CVE-2014-7249 @@ -9683,6 +9684,7 @@ NOT-FOR-US: ABB RobotStudio CVE-2014-5429 RESERVED + NOT-FOR-US: Elipse SCADA CVE-2014-5428 RESERVED CVE-2014-5427 @@ -15931,6 +15933,7 @@ NOT-FOR-US: Android service KeyStore CVE-2014-3099 RESERVED + NOT-FOR-US: IBM Systems Director CVE-2014-3098 RESERVED CVE-2014-3097 (Open redirect vulnerability in IBM Tivoli Federated Identity Manager ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30577 - data/CVE
Author: carnil Date: 2014-12-07 14:00:51 + (Sun, 07 Dec 2014) New Revision: 30577 Modified: data/CVE/list Log: Add upstream fix reference Modified: data/CVE/list === --- data/CVE/list 2014-12-07 10:32:07 UTC (rev 30576) +++ data/CVE/list 2014-12-07 14:00:51 UTC (rev 30577) @@ -25331,6 +25331,7 @@ - dcmtk unfixed (unimportant) NOTE: http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html NOTE: Not running with elevated privileges in Debian packaging + NOTE: http://git.dcmtk.org/web?p=dcmtk.git;a=commitdiff;h=beaf5a5c24101daeeafa48c375120b16197c9e95;hp=5349794c4c458c76609b7aeb53d0ca28cf9fe9f0 CVE-2013-6824 (Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 ...) - zabbix 1:2.2.0+dfsg-6 (low) [squeeze] - zabbix no-dsa (Minor issue) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30578 - in data: . DSA
Author: iuculano
Date: 2014-12-07 15:48:24 + (Sun, 07 Dec 2014)
New Revision: 30578
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
getmail4 DSA
Modified: data/DSA/list
===
--- data/DSA/list 2014-12-07 14:00:51 UTC (rev 30577)
+++ data/DSA/list 2014-12-07 15:48:24 UTC (rev 30578)
@@ -1,3 +1,6 @@
+[07 Dec 2014] DSA-3091-1 getmail4 - security update
+ {CVE-2014-7273 CVE-2014-7274 CVE-2014-7275}
+ [wheezy] - getmail4 4.46.0-1~deb7u1
[04 Dec 2014] DSA-3090-1 iceweasel - security update
{CVE-2014-1587 CVE-2014-1590 CVE-2014-1592 CVE-2014-1593 CVE-2014-1594}
[wheezy] - iceweasel 31.3.0esr-1~deb7u1
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2014-12-07 14:00:51 UTC (rev 30577)
+++ data/dsa-needed.txt 2014-12-07 15:48:24 UTC (rev 30578)
@@ -20,8 +20,6 @@
--
chromium-browser
--
-getmail4 (iuculano)
---
icedove (jmm)
--
libav
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30579 - data/CVE
Author: fgeek-guest Date: 2014-12-07 16:23:22 + (Sun, 07 Dec 2014) New Revision: 30579 Modified: data/CVE/list Log: CVE-2014-7137/dolibarr fixed Modified: data/CVE/list === --- data/CVE/list 2014-12-07 15:48:24 UTC (rev 30578) +++ data/CVE/list 2014-12-07 16:23:22 UTC (rev 30579) @@ -5909,7 +5909,7 @@ CVE-2014-7138 (Cross-site scripting (XSS) vulnerability in the Google Calendar Events ...) NOT-FOR-US: WordPress plugin Google Calendar Events CVE-2014-7137 (Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before ...) - - dolibarr unfixed (bug #770313) + - dolibarr 3.5.5+dfsg1-1 (bug #770313) CVE-2014-7136 RESERVED CVE-2014-7135 (The Ayuntamiento de Coana (aka com.wInfoCoa) application 0.2 for ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30580 - in data: . DSA
Author: jmm
Date: 2014-12-07 19:01:56 + (Sun, 07 Dec 2014)
New Revision: 30580
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
icedove DSA
Modified: data/DSA/list
===
--- data/DSA/list 2014-12-07 16:23:22 UTC (rev 30579)
+++ data/DSA/list 2014-12-07 19:01:56 UTC (rev 30580)
@@ -1,3 +1,6 @@
+[07 Dec 2014] DSA-3092-1 icedove - security update
+ {CVE-2014-1587 CVE-2014-1590 CVE-2014-1592 CVE-2014-1593 CVE-2014-1594}
+ [wheezy] - icedove 31.3.0-1~deb7u1
[07 Dec 2014] DSA-3091-1 getmail4 - security update
{CVE-2014-7273 CVE-2014-7274 CVE-2014-7275}
[wheezy] - getmail4 4.46.0-1~deb7u1
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2014-12-07 16:23:22 UTC (rev 30579)
+++ data/dsa-needed.txt 2014-12-07 19:01:56 UTC (rev 30580)
@@ -20,8 +20,6 @@
--
chromium-browser
--
-icedove (jmm)
---
libav
--
liblivemedia
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30581 - data/CVE
Author: fgeek-guest Date: 2014-12-07 19:35:14 + (Sun, 07 Dec 2014) New Revision: 30581 Modified: data/CVE/list Log: NFU VMSA-2014-0012 Modified: data/CVE/list === --- data/CVE/list 2014-12-07 19:01:56 UTC (rev 30580) +++ data/CVE/list 2014-12-07 19:35:14 UTC (rev 30581) @@ -3050,6 +3050,7 @@ RESERVED CVE-2014-8371 RESERVED + NOT-FOR-US: VMware vSphere CVE-2014-8370 RESERVED CVE-2014-8369 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux ...) @@ -13780,6 +13781,7 @@ RESERVED CVE-2014-3797 RESERVED + NOT-FOR-US: VMware vSphere CVE-2014-3796 (VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) ...) NOT-FOR-US: VMware NSX and vCNS CVE-2014-3795 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30582 - data/CVE
Author: sectracker
Date: 2014-12-07 21:11:34 + (Sun, 07 Dec 2014)
New Revision: 30582
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2014-12-07 19:35:14 UTC (rev 30581)
+++ data/CVE/list 2014-12-07 21:11:34 UTC (rev 30582)
@@ -5515,10 +5515,13 @@
CVE-2014-7276
RESERVED
CVE-2014-7275 (The POP3-over-SSL implementation in getmail 4.0.0 through
4.44.0 does ...)
+ {DSA-3091-1}
- getmail4 4.46.0-1 (bug #766670)
CVE-2014-7274 (The IMAP-over-SSL implementation in getmail 4.44.0 does not
verify ...)
+ {DSA-3091-1}
- getmail4 4.46.0-1 (bug #766670)
CVE-2014-7273 (The IMAP-over-SSL implementation in getmail 4.0.0 through
4.43.0 does ...)
+ {DSA-3091-1}
- getmail4 4.44.0-1 (bug #766670)
CVE-2014-7272 [multiple vulnerabilities in sddm]
RESERVED
@@ -20093,21 +20096,21 @@
- icedove not-affected (Specific to MacOS X)
CVE-2014-1594
RESERVED
- {DSA-3090-1}
+ {DSA-3092-1 DSA-3090-1}
- iceweasel 31.3.0esr-1
- icedove 31.3.0-1
[squeeze] - iceweasel end-of-life
[squeeze] - icedove end-of-life
CVE-2014-1593
RESERVED
- {DSA-3090-1}
+ {DSA-3092-1 DSA-3090-1}
- iceweasel 31.3.0esr-1
- icedove 31.3.0-1
[squeeze] - iceweasel end-of-life
[squeeze] - icedove end-of-life
CVE-2014-1592
RESERVED
- {DSA-3090-1}
+ {DSA-3092-1 DSA-3090-1}
- iceweasel 31.3.0esr-1
- icedove 31.3.0-1
[squeeze] - iceweasel end-of-life
@@ -20118,7 +20121,7 @@
- icedove not-affected (Only affects Firefox 33)
CVE-2014-1590
RESERVED
- {DSA-3090-1}
+ {DSA-3092-1 DSA-3090-1}
- iceweasel 31.3.0esr-1
- icedove 31.3.0-1
[squeeze] - iceweasel end-of-life
@@ -20133,7 +20136,7 @@
- icedove not-affected (Only affects Firefox 33)
CVE-2014-1587
RESERVED
- {DSA-3090-1}
+ {DSA-3092-1 DSA-3090-1}
- iceweasel 31.3.0esr-1
- icedove 31.3.0-1
[squeeze] - iceweasel end-of-life
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30583 - data/CVE
Author: mgilbert Date: 2014-12-07 22:56:37 + (Sun, 07 Dec 2014) New Revision: 30583 Modified: data/CVE/list Log: offset2lib issue Modified: data/CVE/list === --- data/CVE/list 2014-12-07 21:11:34 UTC (rev 30582) +++ data/CVE/list 2014-12-07 22:56:37 UTC (rev 30583) @@ -1,3 +1,5 @@ +CVE-2014- [offset2lib linux aslr bypass] + - linux unfixed (low; bug #772508) CVE-2014-9298 RESERVED CVE-2014-9297 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30584 - data/CVE
Author: carnil Date: 2014-12-08 06:12:41 + (Mon, 08 Dec 2014) New Revision: 30584 Modified: data/CVE/list Log: Add also src:linux-2.6 source package name Modified: data/CVE/list === --- data/CVE/list 2014-12-07 22:56:37 UTC (rev 30583) +++ data/CVE/list 2014-12-08 06:12:41 UTC (rev 30584) @@ -1,5 +1,6 @@ CVE-2014- [offset2lib linux aslr bypass] - linux unfixed (low; bug #772508) + - linux-2.6 removed CVE-2014-9298 RESERVED CVE-2014-9297 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r30585 - org
Author: thijs Date: 2014-12-08 07:06:12 + (Mon, 08 Dec 2014) New Revision: 30585 Modified: org/security-frontdesk.2014.txt org/security-frontdesk.2015.txt Log: switch with jmm, take week 1 aswell Modified: org/security-frontdesk.2014.txt === --- org/security-frontdesk.2014.txt 2014-12-08 06:12:41 UTC (rev 30584) +++ org/security-frontdesk.2014.txt 2014-12-08 07:06:12 UTC (rev 30585) @@ -46,7 +46,7 @@ Week 46: 17-11 to 23-11:jmm Week 47: 24-11 to 30-11:iuculano Week 48: 01-12 to 07-12:luciano -Week 49: 08-12 to 14-12:thijs +Week 49: 08-12 to 14-12:jmm Week 50: 15-12 to 21-12:mgilbert Week 51: 22-12 to 28-12:nion Week 52: 29-12 to 04-01:carnil Modified: org/security-frontdesk.2015.txt === --- org/security-frontdesk.2015.txt 2014-12-08 06:12:41 UTC (rev 30584) +++ org/security-frontdesk.2015.txt 2014-12-08 07:06:12 UTC (rev 30585) @@ -1,7 +1,7 @@ -Week 01: 05-01 to 11-01: +Week 01: 05-01 to 11-01:thijs Week 02: 12-01 to 18-01:geissert Week 03: 19-01 to 25-01:corsac -Week 04: 26-01 to 01-02:jmm +Week 04: 26-01 to 01-02:thijs Week 05: 02-02 to 08-02: Week 06: 09-02 to 15-02: Week 07: 16-02 to 22-02: ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
