Bug#913482: moreinfo
Can't reproduce. Is this still valid finding with current versions? Any more information available? -- Henri Salo
Bug#965339: Is upstream notified?
On Sun, Nov 15, 2020 at 10:19:08AM +0100, Andreas Ronnquist wrote: > There is talk about a new upstream release, so I am holding packaging a > new git snapshot a while, waiting for upstream. Thank you :)
Bug#965339: Is upstream notified?
What is the upstream issue ID? -- Henri Salo
Bug#889224: report
Reported this separately to upstream https://sourceforge.net/p/jocr/bugs/38/ -- Henri Salo
Bug#917807: addition
Also consider adding following commit when fixing these. https://github.com/cacalabs/libcaca/commit/813baea7a7bc28986e474541dd1080898fac14d7 -- Henri Salo
Bug#881133: poc from reporter
Attaching reproducer file from reporter. 881133-poc Description: Binary data
Bug#881133: status
Has this issue been reported to upstream? -- Henri Salo
Bug#883247: CVE-2017-16933: icinga2: root privilege escalation via prepare-dirs
Package: icinga2 Version: None X-Debbugs-CC: t...@security.debian.org secure-testing-t...@lists.alioth.debian.org Severity: grave Tags: security Hi, the following vulnerability was published for icinga2. CVE-2017-16933: | etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.0 has a chown | call for a filename in a user-writable directory, which allows local | users to gain privileges by leveraging access to the $ICINGA2_USER | account for creation of a link. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: https://security-tracker.debian.org/tracker/CVE-2017-16933 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16933 https://github.com/Icinga/icinga2/issues/5793 Please adjust the affected versions in the BTS as needed. -- Henri Salo signature.asc Description: PGP signature
Bug#881796: CVE-2017-1001001: pluxml: XSS and missing httponly flag
Package: pluxml Version: 5.5-2 Severity: grave Tags: security upstream https://nvd.nist.gov/vuln/detail/CVE-2017-1001001 https://github.com/pluxml/PluXml/issues/253 PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can result in escalation of privileges. Two problems: - Cross-site scripting vulnerability with "writer" role - Missing HttpOnly flag -- Henri Salo signature.asc Description: PGP signature
Bug#881390: CVE-2017-16711: SWFTools: NULL pointer dereference
Package: swftools Version: 0.9.2+git20130725-4.1 Severity: important Tags: security, upstream Upstream bug report: https://github.com/matthiaskramm/swftools/issues/46 CVE description: The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) because of extractDefinitions in lib/readers/swf.c and fill_line_bitmap in lib/devices/render.c, as demonstrated by swfrender. -- Henri Salo signature.asc Description: PGP signature
Bug#879957: wget CVE-2017-13089/CVE-2017-13090
Package: wget Version: 1.19.1-5 Severity: important Tags: security, upstream, fixed-upstream Following vulnerabilities have been fixed in Wget. CVE-2017-13089 http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3f CVE-2017-13090 http://git.savannah.gnu.org/cgit/wget.git/commit/?id=ba6b44f6745b14dce414761a8e4b35d31b176bba -- Henri Salo
Bug#871495: minidjvu multiple vulnerabilities
Package: minidjvu Version: 0.8.svn.2010.05.06+dfsg-5 Severity: important Tags: security, upstream Upstream report: https://sourceforge.net/p/minidjvu/bugs/8/ Original report: http://lists.openwall.net/full-disclosure/2017/08/08/6 If you fix these issues please use the CVEs in the changelog and consider providing the patches to upstream, thanks. -- Henri Salo
Bug#870356: fixed
This is fixed in 1.15 release.
Bug#870356: upstream patch
I attached a patch made by Peter Selinger.
--
Henri Salo
diff -u -Naur potrace-1.14-orig/src/bitmap_io.c potrace-1.14/src/bitmap_io.c
--- potrace-1.14-orig/src/bitmap_io.c 2017-02-19 00:39:08.0 -0400
+++ potrace-1.14/src/bitmap_io.c 2017-08-02 14:59:50.703002306 -0300
@@ -689,11 +689,11 @@
x=0;
y++;
}
- if (y>=bmpinfo.h) {
+ if (x>=bmpinfo.w || y>=bmpinfo.h) {
break;
}
realheight = y+1;
- BM_UPUT(bm, x, y, col[i&1]);
+ BM_PUT(bm, x, y, col[i&1]);
x++;
}
} else if (c == 0) {
@@ -719,7 +719,7 @@
x=0;
y++;
}
- if (y>=bmpinfo.h) {
+ if (x>=bmpinfo.w || y>=bmpinfo.h) {
break;
}
realheight = y+1;
@@ -747,11 +747,11 @@
x=0;
y++;
}
- if (y>=bmpinfo.h) {
+ if (x>=bmpinfo.w || y>=bmpinfo.h) {
break;
}
realheight = y+1;
- BM_UPUT(bm, x, y, COLTABLE(c));
+ BM_PUT(bm, x, y, COLTABLE(c));
x++;
}
} else if (c == 0) {
@@ -775,7 +775,7 @@
x=0;
y++;
}
- if (y>=bmpinfo.h) {
+ if (x>=bmpinfo.w || y>=bmpinfo.h) {
break;
}
realheight = y+1;
diff -u -Naur potrace-1.14-orig/src/decompose.c potrace-1.14/src/decompose.c
--- potrace-1.14-orig/src/decompose.c 2017-02-19 00:39:08.0 -0400
+++ potrace-1.14/src/decompose.c 2017-08-02 14:59:50.703002306 -0300
@@ -199,7 +199,8 @@
cannot have length 0). Sign is required for correct interpretation
of turnpolicies. */
static path_t *findpath(potrace_bitmap_t *bm, int x0, int y0, int sign, int turnpolicy) {
- int x, y, dirx, diry, len, size, area;
+ int x, y, dirx, diry, len, size;
+ unsigned long long int area;
int c, d, tmp;
point_t *pt, *pt1;
path_t *p = NULL;
@@ -276,7 +277,7 @@
p->priv->pt = pt;
p->priv->len = len;
- p->area = area;
+ p->area = area <= 0x7fff ? area : 0x7fff; /* avoid overflow */
p->sign = sign;
return p;
diff -u -Naur potrace-1.14-orig/src/greymap.c potrace-1.14/src/greymap.c
--- potrace-1.14-orig/src/greymap.c 2017-02-19 01:10:51.0 -0400
+++ potrace-1.14/src/greymap.c 2017-08-02 14:59:50.704002324 -0300
@@ -845,11 +845,11 @@
x=0;
y++;
}
- if (y>=bmpinfo.h) {
+ if (x>=bmpinfo.w || y>=bmpinfo.h) {
break;
}
realheight = y+1;
- GM_UPUT(gm, x, y, col[i&1]);
+ GM_PUT(gm, x, y, col[i&1]);
x++;
}
} else if (c == 0) {
@@ -875,7 +875,7 @@
x=0;
y++;
}
- if (y>=bmpinfo.h) {
+ if (x>=bmpinfo.w || y>=bmpinfo.h) {
break;
}
realheight = y+1;
@@ -903,11 +903,11 @@
x=0;
y++;
}
- if (y>=bmpinfo.h) {
+ if (x>=bmpinfo.w || y>=bmpinfo.h) {
break;
}
realheight = y+1;
- GM_UPUT(gm, x, y, COLTABLE(c));
+ GM_PUT(gm, x, y, COLTABLE(c));
x++;
}
} else if (c == 0) {
@@ -931,7 +931,7 @@
x=0;
y++;
}
- if (y>=bmpinfo.h) {
+ if (x>=bmpinfo.w || y>=bmpinfo.h) {
break;
}
realheight = y+1;
diff -u -Naur potrace-1.14-orig/src/greymap.h potrace-1.14/src/greymap.h
--- potrace-1.14-orig/src/greymap.h 2017-02-19 00:39:08.0 -0400
+++ potrace-1.14/src/greymap.h 2017-08-02 14:59:50.704002324 -0300
@@ -41,7 +41,7 @@
#define GM_INC(gm, x, y, b) (gm_safe(gm, x, y) ? GM_UINC(gm, x, y, b) : 0)
#define GM_INV(gm, x, y) (gm_safe(gm, x, y) ? GM_UINV(gm, x, y) : 0)
#define GM_PUT(gm, x, y, b) (gm_safe(gm, x, y) ? GM_UPUT(gm, x, y, b) : 0)
-#define GM_BGET(gm, x, y) GM_UGET(gm, gm_bound(x, gm->w), gm_bound(y, gm->h))
+#define GM_BGET(gm, x, y) ((gm)->w == 0 || (gm)->h == 0 ? 0 : GM_UGET(gm, gm_bound(x, (gm)->w), gm_bound(y, (gm)->h)))
/* modes for cutting off out-of-range values. The following names
refer to winding numbers. I.e., make a pixel black if winding
diff -u -Naur potrace-1.14-orig/src/mkbitmap.c potrace-1.14/src/mkbitmap.c
--- potrace-1.14-orig/src/mkbitmap.c 2017-02-19 00:39:08.0 -0400
+++ potrace-1.14/src/mkbitmap.c 2017-08-02 14:59:50.704002324 -0300
@@ -332,9 +332,9 @@
v += window[k][i] * poly[l][i];
}
if (bilevel) {
- BM_UPUT(bm_out, x*s+l, y*s+k, v < c1);
+ BM_PUT(bm_out, x*s+l, y*s+k, v < c1);
} else {
- GM_UPUT(gm_out, x*s+l, y*s+k, v);
+ GM_PUT(gm_out, x*s+l, y*s+k, v);
}
}
}
signature.asc
Description: PGP signature
Bug#870356: upstream bug report done
Upstream bug report: https://sourceforge.net/p/potrace/bugs/22/ -- Henri Salo
Bug#867718: CVE-2017-11108
On Wed, Jul 26, 2017 at 01:17:47PM +0200, Moritz Muehlenhoff wrote: > That particular CVE ID is no-dsa by itself, but there's been > new issues reported (not yet in the BTS, also not sure whether upstream > has acted on those): > > https://security-tracker.debian.org/tracker/CVE-2017-11541 > https://security-tracker.debian.org/tracker/CVE-2017-11542 > https://security-tracker.debian.org/tracker/CVE-2017-11543 > https://security-tracker.debian.org/tracker/CVE-2017-11544 > https://security-tracker.debian.org/tracker/CVE-2017-11545 This is also in upstream issue tracker: https://github.com/the-tcpdump-group/tcpdump/issues/619 These are only issues when using older versions of libpcap. This has been verified by me and ack'd by the researcher. For example this setup was not affected: tcpdump version 4.10.0-PRE-GIT_2017_07_24 libpcap version 1.8.1 OpenSSL 1.0.1t 3 May 2016 Compiled with AddressSanitizer/GCC. Tcpdump is clearly asking people to test with the latest releases or SCM code so I don't think they will start analyzing these cases any further. I can reproduce these issues in Debian if needed? I'm unable to start making patches or backports though. > Next point updates are quite some time afar, so let's wait a bit until > those new ones have been investigated further. Tcpdump is planning to publish new release soon, which fixes security issues. -- Henri Salo
Bug#809365: update
This has now been fixed in upstream. -- Henri Salo
Bug#855142: security bug closed without fix
Shouldn't this be closed AFTER the fix is available? Especially since this is a security issue. -- Henri Salo
Bug#855001: CVE-2017-5969: libxml2: null pointer dereference when parsing a xml file using recover mode
Package: libxml2 Version: 2.9.4+dfsg1-2.2 Severity: important Tags: security, upstream https://bugzilla.gnome.org/show_bug.cgi?id=778519 http://www.openwall.com/lists/oss-security/2016/11/05/3 -- Henri Salo
Bug#850158: Use of uninitialized memory in unserialize()
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: php7.0 Version: 7.0.14-2 Severity: important Tags: security, upstream, fixed-upstream There was found a bug showing that PHP uses uninitialized memory during calls to `unserialize()`. As the following report shows, the payload supplied to `unserialize()` may control this uninitialized memory region and thus may be used to trick PHP into operating on faked objects and calling attacker controlled destructor function pointers. The supplied proof of concept exploit practically demonstrates the issue by executing arbitrary code solely by passing a specially crafted string to `unserialize()`. Even though this particular demo exploit only works locally this flaw is very likely to also allow for remote code execution. Upstream bug report for additional details: https://bugs.php.net/bug.php?id=73832 Fix: https://gist.github.com/anonymous/9fbe5ccbe8e18659bec11ac963fd07a3 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJYbP5hAAoJECet96ROqnV0rmIP/j0HpcNDEpNJTeR+JN75jC90 quuTqH98Neibb3WZEHHHksFVbKohmDm/KVQ1E7AWe6+zZ4FfEoPOsBkhoK2Swfv0 VTB7NVKFhlqmPwnVaB3l/6fc58mtyy6ljPcd/KIr1n3DCRbHgo13QmsgHBFSoqMs WhJ0CB4NR87/qGqmuHabT1wkzwIB90uApbwBlDRpPTA54XWLRPoIZNlb3roh8RGD lVb9Nb5vUZMGbrL376r6PkL+sZ6QcKemrGF3ZZqiirKcCfstYzhuftPgGLIGc0B2 Ud3IcH5wjxd/h4s4DA9SjZwnYbOlt76e3kcZbUZ4rJF1SEUAr0hfjRcbrEEj/0Ni 5B/z5H+miK4xAy+gyYemKELWhyrjSE5n2f5rN0SEJtTiaoF2XESLFP8HsuVzZyox KOte7ekNIX0Ev+UvmEGeXawlqKRR+xuIYfS9obpgtbWYOZa1zdKMJz8VFfSun2MQ 9aK5B6icbeGTjB+ilKINv7UqLXArZw4WokAVBKRFXRpdAOjBBdGp9u0lIp2vNcru hM6wc/lXShs7JlpQ3Rx0OMSv48u94NwwUw+otJcBg7lc5BoGlQSTqIObIUk4uuyY abCYVpGBQN/qzGB/lULpt4ExxHEzDHC3pRimBGM6vGdThXOHKFi4VwlMf39UXaLl rxvwtgdjnNAafVGc/H4g =lHoz -END PGP SIGNATURE-
Bug#844475: CVE-2016-1249: Out-of-bounds read by DBD::mysql
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: libdbd-mysql-perl Version: 4.037-5 Severity: important Tags: security, fixed-upstream, upstream Hi, the following vulnerability was published for libdbd-mysql-perl. CVE-2016-1249: Out-of-bounds read by DBD::mysql If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: http://www.openwall.com/lists/oss-security/2016/11/16/1 https://github.com/perl5-dbi/DBD-mysql/commit/793b72b1a0baa5070adacaac0e12fd995a6fbabe Please adjust the affected versions in the BTS as needed. - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJYK+6MAAoJECet96ROqnV0ArsP/3SLmKhsiPGu1gKBvr44t8Fn 65ZyBPjqqhTnxGUvwFO4Yb6XqXPy8iYdQ0WBknCx9E2B2ydnX/3MliCnNWvKe5rc SXpK549ULqyS31GuYqzubi+h8tNrKwtZuaLSSp1qMIX+u4Q3819DC1tEAadFUe2v jnGssmuJrd5N53xLZKe02d8D2OZuRZBWLqCJ+KjS/gE0RNr5kaMtuHEwgEYvmApA sSFXfJfTlM/GYPYqiFuOjY6BJ3V9N5C7Hp2yEuE0RPN7y3dj0FgiOXgk6zAB3tKV DdKM49G49fM4Kt7FTmNoq5tIR7/m3Jwy50NbNOzwawzFo6M1wosr0jyr4zlGjmMX zpiD5HEUlwDBvSvwjtUm54evOfs6iQqCskqBiOJGVRTL6KlctKYcul0dew3yvQEF EYlWdldipSSzXAfIRZ5887y3HE8uBy+RLy+YCIwiHYEITkGGpBjENOocHjWqermJ sTkJX2RjvgxAWIVsSU4wS4K59XLalzjwIGi+DwjIAk1g0+UTfKOOXnldg4S7N3/j xKLSOubzSFhMQoIf9NY2E1ek5R0WySP37yT2D1J0yuzdiUwlmqPxt0WSnc5i3FXf 9+WU2Jx18++WiqCyjjFbBgj+DO23UPrxNVZ3TrNSNJiD8EkLTVRpiEbQU80qQJmS 9mU9y9I1Dw/y4E4i8AHK =Ki3r -END PGP SIGNATURE-
Bug#836570: CVE-2016-3990: tiff: out-of-bounds write in horizontalDifference8() in tiffcp tool
Package: tiff Version: 4.0.6-2 Severity: important Tags: security, fixed-upstream, upstream Original report: http://www.openwall.com/lists/oss-security/2016/04/12/2 Upstream bug report: http://bugzilla.maptools.org/show_bug.cgi?id=2544 Fixed per: http://bugzilla.maptools.org/show_bug.cgi?id=2544#c4 -- Henri Salo
Bug#836302: vmm: docs refer to gpg short key usage
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: vmm Severity: normal Tags: security Version: 0.6.2-1 Documentation in vmm is using gpg --recv-keys with short key id, which is unsecure: http://sources.debian.net/src/vmm/0.6.2-1/doc/web/source/download.rst/?hl=29#L29 Please use the full fingerprint in the examples, thank you. Could you also notify upstream if they are using the same example or alternatively ask me to do it. Additional details about the issue can be found from here: http://security.stackexchange.com/questions/74009/what-is-an-openpgp-key-id-collision - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJXyB4bAAoJECet96ROqnV0gDQP/3WMawyON4yTFvnQxt3hXU1r CZetUn+ODzFNb2etEt2n/akGswKNTBhnA+tilYb5hpnnAHZPlJSA1v1WdYmREoix hP+rIst8Jcg701iQVnOhL4fBIcu+BMFkURk1TrGZupPZw9qmyXDmH7E8hFxN/JCz sxknIaFUwznDM0IM/1YU7cuCjpWfUXsyYEk+FGuu75D8oFEYjg2MHWB+oLihUYLt c2/MZaiVlGD3gvvyEI+fO/wTofdfi3y9JSFCpGosEOblpFvB7CArFxniAcnH1u3z GYp1kYryrvTzn+OO9O65wKmKzSZrk0SOUOm1yrcWsg0kfQFyKHw0xEogxPve73Iz 6sFZ03SYm3aiOUvX5olJsjwYfW5MnWcqso4xd04+nSz4SWCFegOfCSXuXb72F7gB 87doUnNrWDN+mpQEomDYKDE8/wIQcfN2VtETiDNNNseDgvdCp9sR0ueHE20u9y38 z6zYkgU7RAUYSnAwxCQ6uY0uexuuxmExl+X+QlvMTH4ggCi3ij9pHn5urXcjA6ZS sr/X09IlM/WLALWYiglipniwO04x1b4sqNxhdLOOD61fH6bpzTbj3Aqlop1wyZW/ vQjDMYNu45FOl0Uanw6RXAkfP78PdeOiEEtujgdlOB0rx+GwLyTbxs91hNFW/lyR gge66S3nftSpaLTr7wM8 =ldg8 -END PGP SIGNATURE-
Bug#833485: CVE-2016-6520: imagemagick: buffer overflow
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: imagemagick Version: 8:6.8.9.9-7.2 Severity: important Tags: security, upstream, fixed-upstream A buffer overflow vulnerability has been fixed by following commit: https://github.com/ImageMagick/ImageMagick/commit/76401e172ea3a55182be2b8e2aca4d07270f6da6 Related CVE request: http://www.openwall.com/lists/oss-security/2016/08/02/6 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJXo/eaAAoJECet96ROqnV0u9QQANLAzG9TZtzzJ5PLCtr4ZeGZ 4HgWCG/QyZ050w3ytvmffRprsZIW05WrsAq9bOHqWE5pZEC9jBWNWs4bIlQtnD5n mw7onqbNQLVX/MToBFvCKz9/Ng9YjSvseRG9dAsNgZGSghg/OL6MF53fu14V4lOv J2zMGy7fLsgwSBQKNjpQAqKAfigZq+XSYFQ9UtV+kuiNk7Wjh+vJXn4GO/T1v5EM LhLdoZCb9ebmtvkfqlEFAESbCe1QTGeT09gRjbJ43aynAIz+gvt/mM4JUfiBpiDx ///+P056oOLTAPNmCSMcapdX2A5DedOJDh8e6zrurJmbAEnbvIUGvcPKmdFS34au y9w4RF2NGNFJNf9zJ/vNLbsbjsXQQEE6qZ8bBxdZ9u9lNwbaI6lLtriOOLdlWfX+ a5Swe9Yt+sw0hY9TTmGxpyEfpXnzvggOWOs/4879g/+LjWc5waJlU+sSygi+JYHF srtK3U8gLr9jlG7nGa6zMG7euRmuc+ipoYcyjYEb89TOrBQq4U6MqhCpQutVsDq4 78KY9UEHfF8MSNWiWJUgKcQws2tGKFmJz3WhRqE4D6TXajKD0IfaFQ4oJwuhA9ty G8HuMT38mtIBjpVSv+jYT312XfZ0bWRmzuKWIGiTxl1tygTdV5OgPkkJWL0K+4dA f/jwBBIC7FnUx3vQ20S9 =VOoc -END PGP SIGNATURE-
Bug#832009: pyew: new homepage
Package: pyew Version: 2.0-3 Severity: normal https://lintian.debian.org/maintainer/en...@debian.org.html#pyew Please update homepage from http://code.google.com/p/pyew to https://github.com/joxeankoret/pyew thank you. -- Henri Salo
Bug#730180: SQL injections in TeamPass
Please make sure this is fixed before packaging: http://www.openwall.com/lists/oss-security/2016/07/11/1
Bug#830700: CVE-2016-5314: tiff: PixarLogDecode() heap-based buffer overflow
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: tiff Version: 4.0.6-1 Severity: critical Tags: security, fixed-upstream Hi LibTIFF maintainer(s), Kaixiang Zhang from Qihoo 36 and Mathias Svensson from Google discovered heap-based buffer overflow vulnerability from PixarLogDecode() function in libtiff/tif_pixarlog.c in the TIFF library, which may result in denial of service or the execution of arbitrary code if a malformed TIFF file is processed. Upstream has fixed this vulnerability in following commit (repository is a mirror of upstream CVS repository): https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2 This was reported by several researchers simultaneously. CVE-2016-5314 upstream bug report: http://bugzilla.maptools.org/show_bug.cgi?id=2554 CVE-2016-5316 has been marked as duplicate of upstream bug #2554 as it is fixed by the same commit: http://bugzilla.maptools.org/show_bug.cgi?id=2556 http://www.openwall.com/lists/oss-security/2016/06/30/3 says: """I think this is a duplicate with CVE-2016-5320 and CVE-2016-5314. CVE-2016-5875 (buffer overrun in PixarLogDecode()) is CVE-2016-5314 (PixarLogDecode() out-of-bound writes) which causes CVE-2016-5320 (rgb2ycbcr command execution).""" Reproducers: http://bugzilla.maptools.org/attachment.cgi?id=654 http://bugs.fi/media/afl/libtiff/CVE-2016-5875.tif http://bugzilla.maptools.org/attachment.cgi?id=656 Please double check the situation before making changes to Debian source package. Feel free to contact me or Debian security team in case you have any questions. - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJXgmFSAAoJECet96ROqnV0xIMP/12NuYUO3NSqPkAk3C/35go5 aTItQmBr5DqG0a/wS/R5vR0FwyLbJ8FGh36hjXHCC7VBRiQfj4t1Vq7TAFn0c3jE pTcnxW/hzhPeRIQR7pdQkQMYQe4ODB9irL6m8EqH4uHhhE9mPJ9j6cUKGRhi25fx TO99Mtv8Aqlb9GO1rggaAQUiRN3E4E4xVE0g5Qlw4ad8FeP1IQSPHbYyGG1pUF20 os46/ODxaDqi3QLpla3rRAJVNQoiUhYoUmVfqgN4htaSTn28b/qPdZ+oQV1cpvLo A8g0RThuazgkRO4wGIMVsZVxFJnRPrkVZL2RW5fqF3efw39qHtopOvi5dAScyOgX dIqFlz8Yv9Tx9DQYzfVmp1rEtZL80Xd3D6cAdFbxUwFJq4ZN2sr2RTZXufrhlMm6 +N776cbidBR8j8jPKFZxQpgQWwC+h7SJmsuiZsO8hCkZopE0DJf8O/4j2sPioG6M ajHtlB63ed99eFb3Z+tl37z+6XogT33xslAe/Ux0muWpavoItWA9G5Kx1yBHGBVn 8k9xP889veqJVO2qzWo3r64MvTUltD7x1Y6fzOaPBUWrHU/mG+Epgk1KAEk3aGSt L6zkKhEYq0hLERWqY2hdVYD3HfPb+jaEkEc9eJNK6mQ0yzbQxws/uaXHOvA4ZOAm HcLaKK1BLe+6opMAZWRx =XDbp -END PGP SIGNATURE-
Bug#823329: CVE-2016-4338: zabbix-agent: mysql.size shell command injection
Source: zabbix Version: 1:3.0.2+dfsg-1 Severity: important Tags: security upstream Forwarded: https://support.zabbix.com/browse/ZBX-10741 Hi, the following vulnerability was published for zabbix agent. CVE-2016-4338: mysql.size shell command injection If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: https://support.zabbix.com/browse/ZBX-10741 http://seclists.org/bugtraq/2016/May/11 Please adjust the affected versions in the BTS as needed. -- Henri Salo
Bug#778827: status
No replies from upstream. Can we get this patched in Debian packages? Not sure what is the status of upstream at the moment. -- Henri Salo
Bug#807801: CVE-2015-8547: quassel: op command denial of service vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: quassel Version: 1:0.12.2-2 Severity: important Tags: security Hi, the following vulnerability was published for Quassel. CVE-2015-8547: remotely triggerable DoS by any client on a Quassel core If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: https://security-tracker.debian.org/tracker/CVE-2015-8547 https://github.com/quassel/quassel/commit/b8edbda019eeb99da8663193e224efc9d1265dc7 Please adjust the affected versions in the BTS as needed. - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIbBAEBAgAGBQJWbSElAAoJECet96ROqnV0Qc8P9RRgUu3nA1U50qDiHkWBQu2d t/AzoalX8bQe+6iNM6hJpwr4+0ipvhIzwVEBdtsImfzMGsEeoIh6xiswNjIovLKS DUxTv2mnMDFbx5HAHXc8wKYsNRwaTeW1/kZHLZRczrydZJlPvW+J3WVh2Iri+Nz3 zZWAfYFViL2vCEcR50xOEoE1vnfhxwRUgOYRLXO4VY59q1Ri9imqp8OZOYW5nN/x EXOYA2ZxIQhOh8/pDHHHxgP84+z3E2fXT5uyRDN1B7SUEF5eU2bnLO07sTgseqgm UyEfNAH1H3WejIjwVMp9svKG8jUNSleO5CLSpFTmJTj6IYNsj664qNz/2qQaCpu1 dIGMW1lmyehHVVkkC7oACgdogakDZS9KHGNYHj3ZBM+6PyU/Hj1e4EE3thJwe5eX YDWsZJe2LXxEYBuHxQnJPKft7aTmo9bQXFMHcEgjgKWquARIPl4CI7B0rPr+j3Nr lrKBYMnyylnCrarFIcmtg+H1kzgI+OsH+8K+g6y7eWamN89taph37w11Hr4EuJib C7LrKAwo4NVrRSXVqP319tPQ3HXmHvf1M4ShcsoE1qBdhT4SQSJ0oj5tYjMmuCIr q9bPhfA7l3AbVkdeZqmTWb0tVnstBKX+wBCDNDtrzGEJtE9LE7GUV6cNFrfP4xfG pFXZvvFLdF4ZiDegYOs= =aVIY -END PGP SIGNATURE-
Bug#807599: CVE-2015-8369: cacti: SQL injection in graph.php
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: cacti Version: 0.8.8f+ds1-2 Severity: important Tags: security The following vulnerability was published for Cacti. CVE identifier CVE-2015-8369 was assigned for this isssue. http://bugs.cacti.net/view.php?id=2646 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJWablpAAoJECet96ROqnV0nDkP/RmJDjtLJideZAd043gH7mou deiq7v9Aqto22JEARrT9ACbmdcEZGzyI3qH8b5b2s8aZ/BcyixKzjb00m/+nlfQv dOGXMtf3Zf6YjiPU03hoHUvPN4RTtPX1ZKxDYo/2C2r0pt6IiRyS2C5Z7TntH/5x VKTUp7aQ4K6mgqhKhNN5IIEG3hEByGoQjcudmscdeGqUeBSYFIsO7Wcu1sfqgi3s C8XwYlpIKEeD5iJlMlU0d0Cpy5JGKuRmosoZhy1MpkKaqMziDMUS/5q0MjYncGUt CS1Jdt7c6MnGmGJU4+r0f9c2ChT0876oPEczKzOV8I/hp1v1YLl1ez/yB8E2yABY W2HOLMB39rguWhy9eFP6xpgyWMrAzJ7FRwBlG9/BUJPPVxkTbKnyIVOnV5K/B/hA W/2QFlTalSyfZdZil4KdIjfpvgZkFn6T40Wa5R9jfP1QYpm+Qp0rffhWsuX5aJ0t bZIdAkd5kFGmErFXrgkeynsPb+CGyxZFaECMM/JC25iq/IU71pN7OzIftWuq4him 92BnwPlc5LdbxoRxB6ACyeu+afbxcd9qs5uUU41cEl8lXoEwUDrvDB+kr31n0ofm DcwXwMHcO9/RNyG4LSwSKxzMOaDttDBXLQfjsvD1hs+6xhPAFAMKl08087jg76Af z113OhX5hN+TSEBKh65S =FoV7 -END PGP SIGNATURE-
Bug#803097: busybox: segmentation fault while unzipping bad archive
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: buzybox Version: 1:1.22.0-15 Severity: normal Tags: security, fixed-upstream Unziping a specially crafted zip file results in a computation of an invalid pointer and a crash reading an invalid address. Mailing list post: http://www.openwall.com/lists/oss-security/2015/10/25/3 Fix: http://git.busybox.net/busybox/commit/?id=1de25a6e87e0e627aa34298105a3d17c60a1f44e - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJWLn2SAAoJECet96ROqnV0Na0QAMltt4Ou89+Y1MygWLoME4or TJTdvBlUmZhkZAKup6ZbnrdRsF/sUZZB62F/2DibIbtL3bEbSypfOHsg6P/+Q/j9 vxxxD/yJ1Ry1/Qqseox1Ye7IuoqIto2Gey88bhZVRjHNPBXY3wBQfBF7IbJIpnZH +Lr5uVb8+4vIXy3iKbxLhXY7/hNj19Lg4n4AqQVq/Lbqz1ZLQUAdsOAulrN1l9bJ lcFvtZ5kxWS8a2du+qIfpy14avdpv+rrD+StWbkzbemri9XZpDyGeeFvhg/BQMz/ n+4P5c8B5GVa7IZRxtVTc8tRV2gv3LvipewXxXdX7xxYfXt4iw8SHtFxvUxAD6JM l8dXuSdWFxVKHkf7T8o7refxTyuZ0mY3fmRmpi1dLJiRRegoCarlSs/1YbgjCdp9 R0Y5aS+QWrVRrIcq9BYnCxDa+lBmuMpb6qNFYCVmXideI6RyR3Q+us/aNn/sOCPQ AoKu2tHstHISigTzIjJMVERHBoJInciF4XnxpKJ6XXXIj/1UGNtlRyIpkfY6G2BP ygiTwrtyKLAy3hXNd2rgoWjBW1MkSpg9izumH3E8Pfah+jLqJD/WuBR56yLFL76X PECdqv/tojzqOTgSCxNsvqlP8h8f8FIxXH87xvKyXfOigPw+tMGTeO3q+uCSPak5 O1B2G9rwbzoiBpO7ungy =PGtQ -END PGP SIGNATURE-
Bug#802702: CVE-2011-5325: busybox: Directory traversal via crafted tar file which contains a symlink pointing outside of the current directory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: busybox Version: 1:1.22.0-15 Severity: important Tags: security, upstream It was discovered that busybox's tar implementation will extract a symlink that points outside of the current working directory and follow that symlink when extracting other files. This allows for a directory traversal attack when extracting untrusted tarballs. This behavior is documented in the source code: http://git.busybox.net/busybox/tree/archival/tar.c#n25 More information: https://bugs.busybox.net/8411 http://openwall.com/lists/oss-security/2015/10/21/4 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJWKSTaAAoJECet96ROqnV0sVgQANaMEz84St56AgwKRyiEh2U1 v8B8yaoIyGJA5H0mAbQV6lfVk48ueh0TFNFx4sanBTuR+tD++ibZSREnyG3xfzSf U0aqqFGzQONAMMVbsIEzrd0hz+rwZKwchZbjMmjsiPLyexVTK+FDddC+5BsZBhEI lcyFJYepiR1xXpI7uk2qv1j2+GRwDW7kDIipGWbyZIzBJMHHrsq/9VARteMb27BP RoXWgr8UcAJ6Gc/wfQQQpLhv4EXZOH0BOL7lF2kLYzu754HiFfwcuU9bULwQ2VPH 8vKxFfiPDmcTO2cDjdzs5ofeRG0PyIURFSBpZ3u1OdanmANp9KM8+Ud5NHWCMtkM JXtlZZ+4uySoJEtS6GlDw9h90bhXn8ufyRf4UNdiJsx4iB7EoX1AZZjdoCTvuurb HpzAUTVFIXv6hi3V/3OY2iyZau51vAe7QsQ7moI0felYZvOWL17efLyySSJUB+lr lXuaAla7fsvO/Y529YqBg+8jx29h4pi0HPCWS+cllf7Avo8fhor9Y0u8Ni4pn4yq ISzrZZTJGwzKC15wkXUkB4DyzU9TxJBcAJ0CQlLKENFpU+yrYJ2rX1FPsdZJ86CL r3eWbKWMQpUrmy6GGVOByROaGoo5/PBzcFq+66xQ1utVtHEp/4dtEau+iqU+BTat 54769j9aMKxKOdqs3hnl =Ft7+ -END PGP SIGNATURE-
Bug#695348: info
This was fixed in 0.7.6-1 already, which was tested. Possibly even earlier. -- Henri Salo
Bug#607497: info
On Wed, Oct 21, 2015 at 01:28:31PM -0400, Sergio Durigan Junior wrote: > I did not say this. Okay. I just wanted to point it out. Not sure that how people work when they start as a new maintainer for package with old bugs like this case. > What makes you think I did not see this? Not all maintainers follow/update security-tracker so I made assumption. > I would appreciate more testing, of course. That is why I decided to > ping this bug instead of closing it. Great. I can help later this week. We can also communicate in IRC if you are in OFTC IRC-network? -- Henri Salo (fgeek)
Bug#607497: info
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > While I agree that the current solution still needs some improvement, I do > believe that, as far as security is concerned, the behavior described in this > report does not exist anymore. Then you can close this bug. > I realize it has been a long time since this bug (and this package) has > received any attention Received attention should not be the indicator of whether bug should be closed or not. I do not know what happened to tags in this bug report, but in Debian security tracker this issue has been marked as fixed in 0.2.7-1.1 version. There is also a note that Midori should not be used if SSL support is important to you. Is this correct information? Please see: https://security-tracker.debian.org/tracker/CVE-2010-3900 I can also do some testing if that is needed. If user should not use Midori when SSL/TLS support is important then it should be clearly pointed out at least in the man page. - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJWJ49lAAoJECet96ROqnV0nWQQAI5Jobp+aeKcm3IWt2j4PFMU 7vuz6saI0vzpFfWFeBPW2oF622wyeUf4uwpiKGEDZzMcSSCSLp3IoGDDv9Qte4WK rcjSVkyCJuxro+4rnFALjaqyC1IsajRsKdpHpQAEZKL2p9LLofReBnl871f0eBIo kCy6dzmG3RhWSafQeL86x1TQ6gZLVcl3eWvNfnEql2rRq2rU85dR/VNaUnISrS9k 6HqLkW90ToTB/+huMp1ftD/SVNaucA0SkObskXskO9xlo8LAL5yJBQ8ZA98veS/p XrOh8D7nLmxvBd79sxj4SaAhKa0+9O5CHZLzUXSTbKSGMzq5VRToXGF5nsDCMSs+ vZ8mfEJ6qsIaiJLpq+B3w2tvbYNg8veZs3VeDBQtALmGVcbwCTko6cdKlgPjxB7O +C3vruCGgPthKWVYPKZ7Z0Ug6Nk93YKU0ZVNtu/vXI0GSmty4Z9r3nxt13r5G/0I YDzzHYUeP4j+EDvobNCFAqjvZLQxh3wmSP8of+98KxDOd8VODA6kfXVMLkP1fXH0 XudRyvIDIjJyXUN1lYQtpuxghBXmVC581IWCwV033ki1ZUHphM+lyK4sWGELGkIy waZ/fV8SWA3MjxaMTWWpUdfnDw8hJL+SvQd56Oa6sBy3kO+3R3XlALRpbfjA+v8Y 7zheUuiltaANV1qvmO38 =IsEI -END PGP SIGNATURE-
Bug#802162: CVE-2015-7696: unzip: Heap buffer overflow when extracting password-protected archive
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: unzip Version: 6.0-18 Severity: normal Tags: security A heap overflow triggered by unzipping a file with password issue has been found from unzip. Proof-of-concept file can be downloaded from: http://seclists.org/oss-sec/2015/q3/att-512/sigxcpu_zip.bin (unzip -p - -P x sigsegv.zip). Announcement: http://www.openwall.com/lists/oss-security/2015/09/07/4 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJWIrSbAAoJECet96ROqnV06ZcQAMOlKFF2J7P5Zo9/Yi41Zbsp beaW07xTB9xZehsuIbadGJBcRKfN5GLyeL+RxsNgh58Hes3ooiyPDXO1nIMoIW7i wblk7oRWKMTn/9tw7jekeZ80XycJ3srXkOzGBoEJKG3Ay1dXD+CHyI1qu9fW/jyD kQMrm8nEhF44uQb5Qw7nA1hRZY9M4Pg8wuo2T6ES8zeKWtTeZhfEckT0O+PHStDk k9AkxAKhe8u+2ZAkIUocmYIECZJ6rUwgW7yAfQar2hzDBM7AyKESITVOTj1hdyux cTfuInTP/2wwJfTLnV3sSeSyeEdSdP8+IHMC8hK2x/yPhFSrlodlKxLWw28qWPcI dcemZrsuUEB93FlVDJHu/4vd26PGT1X3Ep8wvVp6SYwo9915PFUuz3fw66EfzlpX 3+mIZxZn7M7YMJP3su9x9ul3AHhdgr8NoyAWoMknO01dOQgJgNa2WdkUJxDnob/9 hthAZxizMiy+5sY1VaogAxzQpIT2DuQYagmzTuGjuKbwo/X5X4dEWUCyRq1hgqby ALDFFrF5QTb+fUAkO7nqnSXcB/VUbcZesH2YW5MQ/FdbGZub30ip5f5J0b/Qcck9 xtAjGy/WwbcdnIcEZleTXFmUTstw7EkYXagGJdiJ18WgvPNdBE1zxTQSyg6SzxdD y9Gwt/S2ykcNLpmKWBzR =UsPo -END PGP SIGNATURE-
Bug#802160: CVE-2015-7697: unzip: Infinite loop when extracting password-protected archive
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: unzip Version: 6.0-18 Severity: normal Tags: security Infinite loop when extracting password-protected archive issue has been from from unzip. Proof-of-concept file can be downloaded from http://seclists.org/oss-sec/2015/q3/att-512/sigxcpu_zip.bin Announcement: http://www.openwall.com/lists/oss-security/2015/09/07/4 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJWIrI3AAoJECet96ROqnV0zY8P/2VJEDLAnX60/vGlGBDW9o0D PcwNE2DQrbq677AWejDeZJRpZ2xZmdK92YOFnkgNQsFWGDuJN/T8lKLurRb2vuJ0 Iv7KwwJ6tgrNqlKW2YPaZSx0QS765F8G510F/Z3ql/8VYY0Y0dTMdwyWN3HQyWrD e7fVtQxcvXzBhVsIGOfuRLWAUFMOPg8svcZ9sh0aOi2i1q38NA8OAaeousY2nBkI p60yr8QEBYM2XK3kRE9yrgx9APbMobw7hhrkOl5ZwmhWUcicCT5L5i/RH202afbc BYF7Ds8FrOMkTiSxAosk/4nMP0tg0J6IaZ1JfoxP8dQ1LEEwPqhfA+p0efRzu8SI PO+JOZ/m0TKFlTjh7xhUf93G2wRWcGLq9lr1oz8MyKoyf/32XptomoO3l3MblkGo Ly6fkNj/LMTT4G9gSF/uqaihJWFBrSeVIgmwlk7wWmq96PrFd+UFjGAlbgoywj+X KpOli0P4KH/HOAKRLWjbLgm45iyF8tVymuebTtG9ULOj9cJgHWloNoJJCIPU35VZ Y4nWO/Kq37qgv3Ug5YyfaQhBmY52YSFvglTHyE+EBDRZGmrnudJ97h3yR/c79n5K bHdfD7dLscSwI8brLn7HNwXB88MmP+YEeYz7wNcptefdlsbFMLh8d3CwRvKAK7jm TPtOwvJg2KUVd+4bff9h =tqjh -END PGP SIGNATURE-
Bug#801872: dc3dd: buffer overflow
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: dc3dd Version: 7.2.641-3 Severity: normal Tags: security Buffer overflow issue was announced in Bugtraq[1] with proof-of-concept: dc3dd `perl -e 'print "A" x 9'` The tool is not supposed to be executed with this kind of input so this seems to be minor issue. Please correct me if I am wrong. I am submitting this bug so that we can track the issue and make changes if needed. 1: http://seclists.org/bugtraq/2015/Oct/71 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJWH6r3AAoJECet96ROqnV0QcAQAK9EtS7IsUPly2CVVz2SeIo9 o/u88X5FAlwhS8WPe1ByWeIorO0hOzMfIY1kVZRV3bMBW79GLD1CFBZt8+/yn+0T rbVu4sI3hOUnr5hRo+NINO8vUIsYSNoe380qeHvysSRO0NNxC+anOVK585sH3N6z BuKkAuPR7VmBPjuHsTXMdy8meRSQVp45kcfPth7ROklQRLSlLKFk7qKWsVFVLjPS a72u758tD1ZoqtFO2GlkywXWvJlhoBoHwUDyrTJ0wXy05QeYj/RVy18thehqV0lX oUoSjh8fO+1vscaTMYHbKlt/fuB4mXOYuaox4QX03BJQmuEO028j/VYAqe7fvZKe a7XWBK0D1TEZi2vHv9adOZRbVmJAS0oznW3Tjox1Zj42vvesUPXW7yP87BJPX0UV r3HShG+P8iuwMUO+CSFu6Bs/qHsMxRPRicObdII9yRlNEyH+zrl0zwS9vi75FhSR XYru9kB6whRmuEtdQ/zfZpj0kYn6kvzeGZFy0cq7XpHNn93wfNGLE8QENM96Mi4c 8MFos7uu3rQyXfzRd8Ch6jb93m+YflCFhNvKXZI5qsXKwr1kKIWNdoHmU/1nczT0 MdE9nKrHCNDFDZdGwU+KXYzXfBAmsJJt3MuwPsBtD3UkW5ijxNzy9Q3w1HT/tBoB neNrPLKlCJxZenZkrV9I =xQYd -END PGP SIGNATURE-
Bug#797729: information
I'm not sure why you are offensive or why your attitude is like that. Communication is important key to get changes to Debian. I am replying to this bug item so that you receive more information about Debian security related aspects. Please note that if you want some changes to Debian you need to create bug item per issue or work with the team or package maintainer to get patches applied. Offensive bug reports like this one does not probably get you to your goal. Please see for details: - Team website: https://www.debian.org/security/ - Wiki page: https://wiki.debian.org/Teams/Security - Meetings: https://wiki.debian.org/DebianSecurity/Meetings (latest meeting is not yet listed in here, which was held in DebConf) - IRC-channel: irc://irc.debian.org/debian-security - FAQ: https://www.debian.org/security/faq - List of security features: https://wiki.debian.org/Security/Features (not complete) - Embedded code copies: https://wiki.debian.org/EmbeddedCodeCopies Most of the actual security tracking work is done in Debian security-tracker. Please see: https://security-tracker.debian.org/tracker/ http://security-team.debian.org/security_tracker.html http://lists.alioth.debian.org/pipermail/secure-testing-team/ Could you submit a bug to issue tracker about one issue at the time without aggressive tone? -- Henri Salo
Bug#794560: WordPress 4.2.3 and earlier multiple vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: wordpress Version: 4.2.3+dfsg-1 Severity: grave Tags: security, fixed-upstream This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí of the WordPress security team, Netanel Rubin of Check Point, and Ivan Grigorov. It also includes a fix for a potential timing side-channel attack, discovered by Johannes Schmitt of Scrutinizer, and prevents an attacker from locking a post from being edited, discovered by Mohamed A. Baset. For more information please see: https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/ http://openwall.com/lists/oss-security/2015/08/04/5 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJVwLJNAAoJECet96ROqnV08QwQAMJvwXTWaHZssqXCPTo77H1R vXHSu865JrpSjZkBruXA3yJzqefL8u1bCtxAMn1xIMYKCoweHvQyhce1ipBLM5NG CT9XGZUUPrvjAkiwNSkWnwm475ixH8AdsZvUXqQY5Yb2QcA/KBAPjMfu5IS12FTM PN3fg3OKOYgJlaVAzai/He1IMakzPyH9l+7NCa8lr1upJIJ1v5xyMzfTzyZ9hZnW dcpWFcP5/MjvkTGtqyDtc0s/Q5qHJPQEYYGvQTrGo9yo567t6xzjuVSHwWUhnlTT C41RV0VbjpPefhFcuR51wt0mMy77TB+DJh8lMl5XH5zQCE4/YjCPZ356I1EnKJ7g /2Xj0JbovF0b+eK+Xr+7VW8j8npf9gx2QALiQnFXS8EuaE4Aap2xxpDHLlqJiSl2 xK/+u67EnkkO1KRpztMNcSyUxEulQQZnEMD151Sg+8SanbfF5H4cHzea5zf8keTm EtPQ+48loWFe1N1c11xPgKLYU5SqOz5puwKqkzftD4mhnYarUrlulPy+enMVrM0o kMCnIyJWwo90pu3PGs4eT4XLsoxeyZMBJMjo2F6g4+eywl1/Hcw/qKMWi2Cau9IY GYm1KAZXl+X57heGyYj2nmZLidx3D8lX1ypGUtSXkIZ3EU5lZ2ZpGSPxONoYptkg 8HjdESDayI1Z6aHajdj7 =5NXI -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#787762: CVE-2015-3935
CVE-2015-3935 is fixed in Dolibarr 3.7.1 release, which includes f32215a9fc3abfa69c34d4cf65a044b60ff8e93a patch. -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#644019: reglookup: Please package latest upstream (1.0.1)
On Wed, Jun 03, 2015 at 07:54:31AM -0700, Tim wrote: > Yeah, it's sad. I need some one to *help* me package it and take I have this same problem currently. I would be very happy to upload other new versions too in forensics-area and also fix bugs. Mika can probably sponsor our uploads. Not sure if this is up-to-date: https://people.debian.org/~mika/forensics/maintainer.html -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#787589: undbx homepage address
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: undbx Version: 0.20-1 Severity: minor Please update homepage address from <http://code.google.com/p/undbx/> to <https://github.com/ZungBang/undbx> as Google Code is closing down. This GitHub project seems to be the official one as the development codebase has been there for some time already: "UnDBX development source code may be cloned from its public Git repository at" https://code.google.com/p/undbx/issues/detail?id=11 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJVbqpXAAoJECet96ROqnV0tEUP/0SIJ8Dkj250Y0gRG8umIi6a G3K7KNFp+b78SQvY5QKTVtT8vNC3/rQddzSlTvV8BIhNh0mXwmn0reI6eubG+H+A tIdd62ZhATo+zh7h2Cv9S3NG7sgTR+CtrE5LprHHCm7H7hH+di3yMIb5sqO6gVOs SVZEGrQZeiOJBoUsfRjidR35IM0uP9Km3MofbbEWIwIngCQV0TtrEz9/DoMlLrmL YYJHK0kfTis5ndsfh8UZCUyQw9oBZVlyX3fUZ4eTwZ/ZfgnbYYnFM0hSdYlL1LWN XcGTb4kb9PbaDv9rRvlWmTy9crZOg9ZJVTR5VA6gFDE3FJpc2KS16On+o303+qmh RUVdZVAIxFL+M03TB2bZan85fji/w1zw/teIred7PNG57sofj6f16E+Up23HPfnx KuzTsTmAm3ssx5fyXw6F29X3x8Q+ZQKiUOw9/wKua0N/UflihwhdoKH7/qCjtf36 10VmYjy9V0GJkRuAfyHV8V2yo3C1YN5g9eubJOvGJdS+Xgs3sa5BHSLRAd4CLYBr pQdN/iQe8StYBG50SnUoPuBopxkQBtS8X1KHD0HS7tUofa3IgM8Kqiajzonck7vA Vm1gxgyQly43RAQzx0rS4F3DgbSeok/hxUQVANgnLk2+3JWOeCsgxHALtjsBG8++ vGk06TDb8utREWnV5bY5 =EJSN -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#756388: Activity
On Thu, May 14, 2015 at 05:12:14AM +0200, Tristan Seligmann wrote: > Are you still working on packaging this, or should I take over this bug? Please do takeover. I can help to test the package, close bugs and maintain it. -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#571738: ITP: plantuml -- a program to generate UML diagram from a text description
On Tue, May 05, 2015 at 06:24:41PM +0200, Andrew Shadura wrote: > However, as soon as the package passes NEW, feel free to take the > maintenance over from me — or to co-maintain it :) Very nice! I will co-maintain and help with the bugs. Thank you for your work. Please contact me off-bug if you have any questions or requests. I can start my initial tests when the package hits unstable. -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#571738: ITP: plantuml -- a program to generate UML diagram from a text description
On Mon, Apr 27, 2015 at 04:34:38PM +0200, Ricardo Mones wrote: > How is this ITP progressing? Have you found some showstopper for packaging? Haven't progressed at all, but I'll start working on this next week. I have IRL friend who is willing to help me with my ITP cases so I'll think there won't be major problems. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#783099: php5: Fileinfo on specific file causes spurious OOM and/or segfault
I reported this issue to Debian BTS to notify package maintainers and in the long run trying to get security issues fixed. Maintainers are not always following security issues in upstream and so on (not saying this about PHP). I verified that the segfault condition occurred and did not do more detailed analysis of the issue. If there is no security issue in PHP with the poc we can close this bug. -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#783099: php5: Fileinfo on specific file causes spurious OOM and/or segfault
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Source: php5 Version: 5.6.7+dfsg-1 Severity: grave Tags: security, upstream, fixed-upstream Hi, the following vulnerability was published for PHP5, """ When calling finfo::file() or finfo::buffer() with a crafted string, PHP will crash by either segfaulting or trying to allocate an large amount of memory (4GiB). This was found in the wild when a user uploaded a file (running finfo on arbitrary files uploaded by users is one of its main use cases.). I've since anonymised the file, and made it more minimal. At this stage, very small changes to the string make it produce different behaviour - removing the remaining 'a', 's', or 'y' characters, for instance, will allow finfo to process it fine. """ For further information see: https://bugs.php.net/bug.php?id=68819 https://git.php.net/?p=php-src.git;a=commitdiff;h=f938112c495b0d26572435c0be73ac0bfe642ecd - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJVN11hAAoJECet96ROqnV0NFwP/1WyM6/jYhMkuyyjIDuGJLR6 5agci0HcM64R5It7Dvoy7HPtP431Qg5XvtJBn2P5YRq9Kgh1g0T7NeA4jbQIQEQs lj/zO4zfBSnhCvkCbsqhLDYDASx1M2esXgfXy4EDejBPvVMSPtSr3GjVt9Ptufty /GgA3FRf+XDDNNDebGsDVvkKH5pAvK7QN8R8UsmG8uiEYP9+vdlwdAK5pykrWsGa yZEm7x/OXjETTnjIoz+0p89ExFBBuNyryhMQGVfiJxivTMHaHMBuZ/2BlBhIM0S2 VTf42JtlLTmG6NZW71OplY2kN1f+p+ADXy/OUtwbV700tuk58wIwt+r5Ymqa9wmA crO2xyNm2CgA0K6Vew0vEYBWVc7fFQQuGhQX6lKOwng3OXaM3Xo9BzEvrOGVrTgz sw7ilWb4kfUTjtZoAYVOqL0YTafMi3CzjmH3MzeFMyxMRtYlqgc7S+KrqJXWMX2A TlqA2WhAOMIHNG8xxuXdwlzzVRoPakY0Jkgx5XdUlU9QdNmeIljcxdPAIXHAeEAj IPSBQFUjAZABB7GWKgZcyJv6p2Z9nc5GkQ9RYm297QtGbPVYGUfmBZsJOloJfXIF V4dRZWkVoonbaC5WtjaGPyOIHnl35AZ7Hl4MkQ5JMzScbN3u1BooY1+NXNBsHTPL JLN2O58YQiTodP1AZWfx =y0h8 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#762289: switching PTS links to tracker.d.o
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 10, 2015 at 05:14:31PM +0100, Holger Levsen wrote: > unless someone objects profoundly I'll switch the links from the security- > tracker to to tracker.debian.org instead of pointing to the old PTS in the > coming days. Am I allowed to approve this change profoundly? - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJU/ybkAAoJECet96ROqnV0HHQP/3IhaFze9gfiK2fTKFlCF6Uu H8S0/kTLTvVUs9TsCbbCrYFIjh1yvwedD10VPts6VSxvTgrUgtcvZoYV7hyA37hS Cb6yP5pawPKymx3QHAOZ/XsH6bkHrhskOHS8HwIp0I4waG/9WrgQb+CRIUuLB5N8 oqOIrLzMTbXwNXvh6ugFTU0/8qgBcgliEfA4uLJnNdKPjoZ/MGwxn4SAsQ3iAIE6 8qUkW0/AuQDtSie8nd7VQQdqwu1c/uhSiSWTnVCXbu6+YjfPnARciIpbB1vOLqza BOgT3EujULeM7MXD9/ulXipzqybZHVbclGoycLTTNH0kIoDMuShF4Ag+nGiRuO2B CZ0RSodiYg6/yKkNiVsUSSHP29+TiM8SIQWXWrovS+1QtuhLe0c17Jp4IJF+LHSq z68ZzrJZD8FYgSJyIR/AMGa8iYAT2rfzM4Tv3EjVdtLDHuOjMBfCANxnH+pxeI+7 ebAswR0LckAkewAWGvTrScYqVNhB6VXUFfn/1tdazRtcov5oTLezSMyQfIjZkiPN nC2ZG7xJew5m/ja+cjPUjbWWGY/pyr+45bPZOk5+/pEsyJbzudkD1sf6EaOzFKyr BaJZVE3M/Sm89dY31L2lJ1jeAbeAZfBnR+c5w7ard7UmHCFPXtMzPpBa+XA/N6Ti rNr1/sxAQmmnAmWzgSur =gvb7 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#780129: mongodb: CVE-2015-1609: BSON Handling Remote Denial of Service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: mongodb Version: 1:2.4.10-4 Severity: important Tags: security, fixed-upstream, upstream Please see for more details: https://jira.mongodb.org/browse/SERVER-17264 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJU/bQzAAoJECet96ROqnV0PuMQAMqLAT2o3dqYqV+WVqsDuQsw oGZpqrqEjMHjZbo0vpd8fXR1YMWrp1YhVs0OsUmPUdsGggCyqNFKTH3zcie1yx5z J8ybBiUU0KuNSeEV5jpVfhXM88Db22GWsx+kvmscYfXN/WcD27MIyfbiDAiG2WWY cqpX3gcPLlis3VLkFDoBbS0mwvYDDldwtos3DLw0c2Ym+Dq4DYqnTLov97l1uqrW qyq06EPXeOcTztw0yM0rnWgP6Fo/S6nAEuSXKjIziT7CAQGHn6ocv17PyzD+6bEx vL9uFfxVyIgbOOIVb3PKkrt+P6bLfH9ttlkVuHcdtL9PFMiBrPT6gfuUBR7hkcd9 hK5EyqD1gjEZ6nVotw9OMnZfFEnlo+PB3d05cCHG2qyIF7bhSKkolKH/dCweHpja 57/xn1I6bYcMRR1mKIQ0DbyvwfXIgop3zMT4TAMqnqXDKLKbjWgtNMPVtsE7TKow L2F4hYoFWhGzOJQcLX/sdqELInt9Go9vNQGtoGDGJ8EzPQdXOM9DsLDTKEIhmW1f BwxuzxvzAI8QiRQsPmPPMBStbTeBnLNKU+5VWCvvg5d1PUmzMev6y1oOjYg7fUNr hx/KhIjLD/lf2vBr/UQ/PvtkFL3Sw7l7jaYxR7ZN4+VsvrYxqL3m6mn/GLxR3Izh 1G+GvTGZNfvN0u3YimrR =uj/l -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#779699: poppler: segmentation fault in XRef::getEntry at XRef.cc:1317
Package: poppler
Version: 0.18.4-6
Severity: important
Tags: security
Following attached sample file crashes poppler library as demonstrated with
pdfinfo utility and also tested with xpdf version 3.03. Sample file is fuzzed
with AFL <http://lcamtuf.coredump.cx/afl/>.
47c3a99686e97e882db1f873a6b70bc12bb58ec9 afl-poppler-sample-001.pdf
Starting program: pdfinfo afl-poppler-sample-001.pdf
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Error: PDF file is damaged - attempting to reconstruct xref table...
Error (892): Dictionary key must be a name object
Error (900): Dictionary key must be a name object
Error (958): Illegal character ')'
Error: Unterminated string
Error: End of file inside array
Error: End of file inside dictionary
Error: PDF file is damaged - attempting to reconstruct xref table...
Error (892): Dictionary key must be a name object
Error (900): Dictionary key must be a name object
Error (958): Illegal character ')'
Error: Unterminated string
Error: End of file inside array
Error: End of file inside dictionary
Program received signal SIGSEGV, Segmentation fault.
0x005fa1f0 in XRef::getEntry (this=this@entry=0xa699d0, i=) at XRef.cc:1317
1317errCode = errDamaged;
(gdb) bt
#0 0x005fa1f0 in XRef::getEntry (this=this@entry=0xa699d0,
i=) at XRef.cc:1317
#1 0x005fccd0 in XRef::fetch (this=0xa699d0, num=1, gen=0,
obj=0x7fffe680, fetchOriginatorNums=0x0) at XRef.cc:982
#2 0x0040b035 in getCatalog (obj=0x7fffe680, this=)
at XRef.h:101
#3 Catalog::Catalog (this=0xa69d30, xrefA=) at Catalog.cc:88
#4 0x0059ec69 in PDFDoc::setup (this=this@entry=0xa69590,
ownerPassword=ownerPassword@entry=0x0, userPassword=userPassword@entry=0x0) at
PDFDoc.cc:260
#5 0x0059f39d in PDFDoc::PDFDoc (this=0xa69590, fileNameA=, ownerPassword=0x0, userPassword=0x0, guiDataA=) at
PDFDoc.cc:154
#6 0x007e99b5 in LocalPDFDocBuilder::buildPDFDoc (this=, uri=..., ownerPassword=0x0, userPassword=0x0, guiDataA=0x0) at
LocalPDFDocBuilder.cc:31
#7 0x00404102 in main (argc=2, argv=0x7fffeaf8) at pdfinfo.cc:172
#8 0x762deead in __libc_start_main (main=,
argc=, ubp_av=, init=,
fini=, rtld_fini=,
stack_end=0x7fffeae8) at libc-start.c:244
#9 0x00405cd5 in _start ()
(gdb) list
1312 }
1313}
1314if (followed) {
1315 error(-1, "Circular XRef");
1316 if (!(ok = constructXRef(NULL))) {
1317errCode = errDamaged;
1318 }
1319 break;
1320}
1321
--
Henri Salo
afl-poppler-sample-001.pdf
Description: Adobe PDF document
signature.asc
Description: Digital signature
Bug#779697: metacam: SIGBUS, Bus error at dataifdentry.cc
Package: metacam
Version: 1.2-6
Severity: important
Tags: security
metacam crashes when using following example input file fuzzed with AFL
<http://lcamtuf.coredump.cx/afl/>.
08cc3e8a67812d32d51c5aff70a10a77e4b73644
/home/fgeek/security/afl-samples/metacam/afl-metacam-sample-003.jpg
Starting program: metacam afl-metacam-sample-003.jpg
File: afl-metacam-sample-003.jpg
WARNING: Unknown field type 58624
WARNING: Unknown field type 0
WARNING: Unknown field type 8241
WARNING: Unknown field type 9361
Standard Fields ---
Program received signal SIGBUS, Bus error.
_DataIFDEntry::getSTRING (this=0x663380) at dataifdentry.cc:121
121 tmpbuf[value_count] = 0;
(gdb) bt
#0 _DataIFDEntry::getSTRING (this=0x663380) at dataifdentry.cc:121
#1 0x00417b68 in getSTRING (this=) at metatiff.h:411
#2 dpyString (ctx=..., name=0x45870c "Model", e=...) at dpyfuncs.cc:46
#3 0x0040ebe3 in displayTags (driver=driver@entry=0x661010,
header=header@entry=0x4581e5 "Standard Fields", tag_map=..., known=, verbose=0) at metacam.cc:86
#4 0x004060bc in processFile (is=..., fname=,
driver=0x661010) at metacam.cc:255
#5 main (argc=, argv=) at metacam.cc:359
#6 0x772d1ead in __libc_start_main (main=,
argc=, ubp_av=, init=,
fini=, rtld_fini=,
stack_end=0x7fffe4a8) at libc-start.c:244
#7 0x0040c271 in _start ()
(gdb) list
116 vector v;
117 if (getRawType() != tASCII) {return v;}
118 char tmpbuf[1024];
119 source.seek(offset);
120 source.getData((unsigned char *)tmpbuf, value_count);
121 tmpbuf[value_count] = 0;
122 v.push_back(string(tmpbuf));
123 return v;
124 }
125
--
Henri Salo
signature.asc
Description: Digital signature
Bug#779696: metacam: segmentation fault at getRATIONAL dpyfuncs.cc:938
Package: metacam Version: 1.2-6 Severity: important Tags: security metacam crashes when using following example input file fuzzed with AFL <http://lcamtuf.coredump.cx/afl/>. 727e57e1d8f6a88bdefee47198ff8ab94fe2e1dc afl-metacam-sample-002.jpg Starting program: metacam afl-metacam-sample-002.jpg File: afl-metacam-sample-002.jpg Standard Fields --- Make: EASTMAN KODAK COMPANY Model: KODAK CX4200 DIGITAL CAMERA Software Version: Ver�on 1.0100 X Resolution: 230 Pixels/Inch Y Resolution: 230 Pixels/Inch Bits Per Sample: (1) YCbCr Positioning: Datum Point WARNING: Unknown field type 65535 WARNING: Unknown field type 65535 WARNING: Unknown field type 37 WARNING: Unknown field type 136 WARNING: Unknown field type 144 WARNING: Unknown field type 12432 WARNING: Unknown field type 5264 WARNING: Unknown field type 10385 WARNING: Unknown field type 145 WARNING: Unknown field type 19602 WARNING: Unknown field type 21650 WARNING: Unknown field type 23698 WARNING: Unknown field type 25746 WARNING: Unknown field type 27794 WARNING: Unknown field type 146 WARNING: Unknown field type 146 WARNING: Unknown field type 29842 WARNING: Unknown field type 25 EXIF Fields --- Exposure Time: 35882743/38096943 Sec. Aperture: f59.3514 Exif Image Width: 1705168 pixels Exif Image Height: 1632 pixels Exposure Mode: Auto Exposure White Balance: Auto White Balance Sensing Method: Single Chip Color Area Sensor ColorSpace: sRGB Program received signal SIGSEGV, Segmentation fault. getRATIONAL (this=) at dpyfuncs.cc:938 938 } (gdb) bt #0 getRATIONAL (this=) at dpyfuncs.cc:938 #1 dpyRationalAsDouble (ctx=..., name=, e=..., units=0x0) at dpyfuncs.cc:346 #2 0x0040ebe3 in displayTags (driver=driver@entry=0x661010, header=header@entry=0x45820d "EXIF Fields", tag_map=..., known=, verbose=0) at metacam.cc:86 #3 0x0040742f in processFile (is=..., fname=, driver=0x661010) at metacam.cc:296 #4 main (argc=, argv=) at metacam.cc:359 #5 0x772d1ead in __libc_start_main (main=, argc=, ubp_av=, init=, fini=, rtld_fini=, stack_end=0x7fffe4b8) at libc-start.c:244 #6 0x0040c271 in _start () (gdb) list 933 17 42 33 43 06 - ?? only on D ?? 934 00 00 00 00 00 02 02 - ?? don't know ?? constant 935 936 */ 937 938 } -- Henri Salo signature.asc Description: Digital signature
Bug#779695: metacam: segmentation fault in tiffRATIONAL::normalize at rationals.cc:40
Package: metacam
Version: 1.2-6
Severity: important
Tags: security
metacam crashes when using following example input file fuzzed with AFL
<http://lcamtuf.coredump.cx/afl/>.
5d4c287cf40b73d2a5aac8b4a7367564ce823937 afl-metacam-sample-001.jpg
Starting program: metacam afl-metacam-sample-001.jpg
File: afl-metacam-sample-001.jpg
WARNING: Unknown field type 0
WARNING: Unknown field type 0
Standard Fields ---
Program received signal SIGSEGV, Segmentation fault.
tiffRATIONAL::normalize (this=0x0) at rationals.cc:40
40 if ((num == 0) || (den == 0)) return *this;
(gdb) bt
#0 tiffRATIONAL::normalize (this=0x0) at rationals.cc:40
#1 0x00421bf7 in dpyResolution (ctx=..., name=0x4584f7 "X Resolution",
e=...) at dpyfuncs.cc:194
#2 0x0040ebe3 in displayTags (driver=driver@entry=0x661010,
header=header@entry=0x4581e5 "Standard Fields", tag_map=..., known=,
verbose=0) at metacam.cc:86
#3 0x004060bc in processFile (is=..., fname=,
driver=0x661010) at metacam.cc:255
#4 main (argc=, argv=) at metacam.cc:359
#5 0x772d1ead in __libc_start_main (main=,
argc=, ubp_av=, init=,
fini=, rtld_fini=, stack_end=0x7fffe4e8)
at libc-start.c:244
#6 0x0040c271 in _start ()
(gdb) list
35
36
37 tiffRATIONAL
38 tiffRATIONAL::normalize() const
39 {
40 if ((num == 0) || (den == 0)) return *this;
41 unsigned long d = Euclid(num, den);
42 return tiffRATIONAL(num/d, den/d);
43 }
44
--
Henri Salo
signature.asc
Description: Digital signature
Bug#779527: sample file
File attached. -- Henri Salo
Bug#779527: exifprobe: denial of service
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: exifprobe Version: 2.0.1-3 Severity: important Tags: security Following attached sample file hangs exifprobe and uses all CPU from one core. Sample file is fuzzed with american fuzzy lop <http://lcamtuf.coredump.cx/afl/>. ff d8 ff e0 00 10 4a 46 49 46 4a 46 49 46 00 01 |..JFIFJFIF..| 0010 00 01 00 00 ff ec 00 43 |...C| 0018 Starting program: exifprobe-2.0.1/exifprobe -c sample2.jpg File Name = sample2.jpg File Type = JPEG File Size = 24 @0=0 : @0x002=2 : 0xffe0 length 16, - (not dumped: use -A) @0x013=19 : @0x014=20 : 0xffec length 67, FAILED to read character at offset 24 (EOF) - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJU84XpAAoJECet96ROqnV0MLsP/i08u5Ht82ElZlg9n0TdF23x 1G9Muhz93Pa78dxvE9FVh7mjFr9Qsp3WwXlEAXrK8uM+aVECZYDHe5RXDn5nGcGp h2Z1bLXOZATJ7bPbJJ6WFCvKuh6NgAx/+E/sSY3CGe3yJl6CsBsV8a/DlqCuEUen UibQuML64Yz0W6Q0AHnWmopsuqNZ49Sml6CBjSDPLqYeNQIVFCqwlucn3h8ENuox L7ZdXh0xhaYqcKzaj550IbgbqBg1SiNbJqeEN0/HeHLPwA4Fk/U0zHSjPTvcrjLG nTpLa+e9WBDw9BJOlFQj4U4/mz26HDc2iTaJ/sNmwDQZ5hJsvtjxADI6Jdp+LWc0 Ti9P/4gKrKuA2DEYfTGzL7lX8YQQ6HiVP3zWnJB64isGCP5dgcl5jL27QhmUyaeF jtuP/ND+X0kBHjpkcv/hJArfk2+XfQKe8lcIGeJRX3DhwMD1oc5lq5g+2RoJHvZa aJGxeZGWc6d3ObkpPbHqUX5NxqqsSVttMjETMfcBLAe7xq2n1PhyZZH1vU2aqdiQ K89aW+HdKhJvvmixZ6DQzID9I9JdGn0/OWtKkBHQoazgGjOv0BgccDGX/fRYa9y0 4iHl0WLGeDk1B8dW2CzD13sqDAym/cDAyDUthLt5LpNOtrL3Cv/ykjyjC2b5UInS klUsjJiVX6eqtMnindFu =fiJn -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#779525: exifprobe: double free or corruption
ff7802165 in *__GI_raise (sig=) at
../nptl/sysdeps/unix/sysv/linux/raise.c:64
pid =
selftid =
#1 0x778053e0 in *__GI_abort () at abort.c:92
act = {__sigaction_handler = {sa_handler = 0x7fffdf18, sa_sigaction
= 0x7fffdf18}, sa_mask = {__val = {140737488346880, 140737488350391, 44,
140737346920731, 3, 140737488346890, 6, 140737346920735, 2, 140737488346878, 2,
140737346911721, 1, 140737346920731, 3, 140737488346884}}, sa_flags = 12,
sa_restorer = 0x7791e11f}
sigs = {__val = {32, 0 }}
#2 0x7783c39b in __libc_message (do_abort=,
fmt=) at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
ap = {{gp_offset = 40, fp_offset = 48, overflow_arg_area =
0x7fffe880, reg_save_area = 0x7fffe790}}
ap_copy = {{gp_offset = 16, fp_offset = 48, overflow_arg_area =
0x7fffe880, reg_save_area = 0x7fffe790}}
fd = 8
on_2 =
list =
nlist = 0
cp =
written = false
#3 0x77845be6 in malloc_printerr (action=3, str=0x77920270 "double
free or corruption (!prev)", ptr=) at malloc.c:6312
buf = "007593a0"
cp = 0x77915e40 "0123456789abcdefghijklmnopqrstuvwxyz"
#4 0x7784a98c in *__GI___libc_free (mem=) at
malloc.c:3738
ar_ptr = 0x77b56e40
p = 0x6
#5 0x0043affb in destroy_summary (summary_entry=0x7593a0) at
process.c:1704
prev_entry = 0x759250
#6 0x00401e54 in main (argc=, argv=0x7fffea70) at
main.c:322
file = 0x7fffece7 "sample.jpg"
name =
inptr = 0x759010
status = 8
max_offset =
ifd_offset =
dumplength =
header =
summary_entry = 0x759250
filesize = 24
chpr =
#7 0x777eeead in __libc_start_main (main=,
argc=, ubp_av=, init=,
fini=, rtld_fini=, stack_end=0x7fffea48) at
libc-start.c:244
result =
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, -3639622040855898393,
4207200, 140737488349776, 0, 0, 3639622040104343271, 3639640723441719015},
mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x53dc90, 0x7fffea58}, data
= {prev = 0x0, cleanup = 0x0, canceltype = 5495952}}}
not_first_call =
#8 0x00403289 in _start ()
No symbol table info available.
--
Henri Salo
Bug#778829: dmg2img: denial of service issue
AA ID 0 Name run. ..type ..reserved ..sectorStart. ..sectorCount. ..compOffset.. ..compLength.. 0x 0x0140 0x02C0 0x 0x0040 0x0005C300 0x07FF 0x0001 0xFFC0 0x 0x0040 0x 0x 0x4141 0x0002 0x41414141 0x41414141 0x0041414141414141 0x0041424141414141 0x414141464141 0x4141414141414148 0x0003 0x2F2F2F2F 0x2F384141 0x0041414141414141 0x0041414141454141 0x4141414141414141 0x4141414141414141 0x0004 0x41414141 0x41414141 0x0041414141413D00 0x0041414141414541 0x414141410A090909 0x0941414141414141 0x0005 0x41414141 0x41414141 0x0041414141414141 0x004141413D0A0909 0x0909 0x1119 0x0006 0x 0x 0x 0x 0x0040 0x0005C300 zero 0x0007 0x07FF 0xFFC0 0x 0x0040 0x 0x 0x0008 0x4141 0x41414141 0x0041414141414141 0x0041414141414241 0x4141414141414146 0x414141414141 0x0009 0x41414148 0x2F2F2F2F 0x0038414141414141 0x0041414141414141 0x4145414141414141 0x4141414141414141 0x000A 0x41414141 0x41414141 0x0041414141414141 0x00413D0041414141 0x4141454141414141 0x0A09090909414141 0x000B 0x41414141 0x41414141 0x0041414141414141 0x0041414141414141 0x3D0A09090909 0x 0x000C 0x1119 0x 0x 0x 0x0040 0x0005C300 0x000D 0x 0x07FF 0x007FFFC0 0x0040 0x 0x zero 0x000E 0x 0x4141 0x0041414141414141 0x0041414141414141 0x4141424141414141 0x414141464141 zero -- Henri Salo denial-of-service.dmg Description: application/apple-diskimage
Bug#778827: dmg2img: convert_char8 out of bounds, segmentation fault at dmg2img.h:87
thread stack size used in this run was 8388608. ==22115== ==22115== HEAP SUMMARY: ==22115== in use at exit: 3,161,849 bytes in 12 blocks ==22115== total heap usage: 15 allocs, 3 frees, 3,169,644 bytes allocated ==22115== ==22115== LEAK SUMMARY: ==22115==definitely lost: 511 bytes in 2 blocks ==22115==indirectly lost: 0 bytes in 0 blocks ==22115== possibly lost: 0 bytes in 0 blocks ==22115==still reachable: 3,161,338 bytes in 10 blocks ==22115== suppressed: 0 bytes in 0 blocks ==22115== Rerun with --leak-check=full to see details of leaked memory ==22115== ==22115== For counts of detected and suppressed errors, rerun with: -v ==22115== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4) Segmentation fault """ -- Henri Salo sample03.dmg Description: application/apple-diskimage Signature: 0x6B6F6C79 (koly) Version:0x0004 HeaderSize: 0x0200 Flags: 0x0001 RunningDataForkOffset: 0x DataForkOffset: 0x DataForkLength: 0x469C RsrcForkOffset: 0x RsrcForkLength: 0x SegmentNumber: 0x SegmentCount: 0x SegmentID: 0x DataForkChecksumType: 0x DataForkChecksum: 0x XMLOffset: 0x469C XMLLength: 0x1E3C MasterChecksumType: 0x0002 CRC-32 MasterChecksum: 0xEA52F304 ImageVariant: 0x0001 SectorCount:0x4BD1 http://www.apple.com/DTDs/PropertyList-1.0.dtd";> resource-fork blkx Attributes 0x0050 CFName Protective Master Boot Record (MBR : 0) Data bWlzaAEB AAgI AAIgsOF5gwAA AAACgAAABQsB FwwAH/8AAAEA AAA= ID -1 Name Protective Master Boot Record (MBR : 0) Attributes 0x0050 CFName GPT Header (Primary GPT Header : 1) Data I bWlzaAEAAQAB AAgIAQAA AAIgMIi6gwAA AAACgAAABQcB FsAATP8AAAEA AAA= ID 0 Name GPT Header (Primary GPT Header : 1) Attributes 0x0050 CFName GPT Partition Data (Primary GPT Table : 2) Data bWlzaAEAAgAg AAgIAgAA AAIgQqxw8AAA AAACgAAABQAAAE8AA
Bug#778819: dmg2img: ADC decompress segmentation fault at adc.c:66
le: 1,136 bytes in 2 blocks ==30730== suppressed: 0 bytes in 0 blocks ==30730== Rerun with --leak-check=full to see details of leaked memory ==30730== ==30730== For counts of detected and suppressed errors, rerun with: -v ==30730== Use --track-origins=yes to see where uninitialised values come from ==30730== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4) """ -- Henri Salo sample02.dmg Description: application/apple-diskimage Signature: 0x6B6F6C79 (koly) Version:0x0004 HeaderSize: 0x0200 Flags: 0x0001 RunningDataForkOffset: 0x DataForkOffset: 0x DataForkLength: 0x469C RsrcForkOffset: 0x RsrcForkLength: 0x SegmentNumber: 0x SegmentCount: 0x SegmentID: 0x DataForkChecksumType: 0x DataForkChecksum: 0x XMLOffset: 0x469C XMLLength: 0x1E3C MasterChecksumType: 0x0002 CRC-32 MasterChecksum: 0xEA52F304 ImageVariant: 0x0001 SectorCount:0x4BD1 http://www.apple.com/DTDs/PropertyList-1.0.dtd";> resource-fork blkx Attributes 0x0050 CFName Protective Master Boot Record (MBR : 0) Data bWlzaAEB AAgI AAIgsOF5gwAA AAACgAAABAsB FwwAH/8AAAEA AAA= ID -1 Name Protective Master Boot Record (MBR : 0) Attributes 0x0050 CFName GPT Header (Primary GPT Header : 1) Data bWlzaAEAAQAB AAgIAQAA AAIgMIi6gwAA AAACgAAABQcB FsAATP8AAAEA AAA= ID 0 Name GPT Header (Primary GPT Header : 1) Attributes 0x0050 CFName GPT Partition Data (Primary GPT Table : 2) Data bWlzaAEAAgAg AAgIAgAA AAIgQqxw8AAA AAACgAAABQAAAE8g sf8AACAA AAA= ID 1 Name GPT Partition Data
Bug#778814: dmg2img: invalid read, segmentation fault at dmg2img.c:390
Package: dmg2img
Version: 1.6.5-1
Severity: important
Tags: security
Following attached sample file crashes dmg2img. Sample file is fuzzed with
american fuzzy lop <http://lcamtuf.coredump.cx/afl/>. Feel free to contact me in
case you need more information. I was unable to find upstream bug tracker for
this software.
c2ad4e5aa15856d3dfb1527b6a5a3fd07958830c sample01.dmg
gdb:
"""
dmg2img v1.6.5 (c) vu1tur (t...@vu1tur.eu.org)
sample01.dmg --> sample01.img
decompressing:
opening partition 0 ...
Program received signal SIGSEGV, Segmentation fault.
main (argc=, argv=) at dmg2img.c:390
390 block_type = convert_char4((unsigned char
*)parts[i].Data + offset);
(gdb) bt full
#0 main (argc=, argv=) at dmg2img.c:390
bi =
i =
err =
partnum = 1
tmp = 0x77ed8010 ""
otmp = 0x77529010 ""
dtmp = 0x77428010 ""
input_file =
output_file = 0x610010 "sample01.img"
plist = 0x6104b0 "\nhttp://www.apple.com/DTDs/PropertyList-1.0.dtd\";>\n\n\n\tresource-fork\n\tblkx\n\t\t\n\t\t\t\n\t\t\t\tAttributes\n\t\t\t\t0x0050\n\t\t\t\tCFName\n\t\t\t\tProtective
Master Boot Record (MBR : 0)\n\t\t\t\tData\n\t\t\t\t
parts = 0x613970
data_begin =
data_end =
partname_begin =
partname_end =
mish_begin =
partname = '\000'
data_size =
out_offs =
out_size =
in_offs = 0
in_size =
in_offs_add = 0
add_offs = 0
to_read =
to_write =
chunk =
reserved = ""
sztype = '\000'
block_type =
szSignature = "koly"
rSignature =
__PRETTY_FUNCTION__ = "main"
#1 0x77648ead in __libc_start_main (main=,
argc=, ubp_av=, init=,
fini=, rtld_fini=,
stack_end=0x7fffe5a8) at libc-start.c:244
result =
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {0, 5332225185369646181,
4226116, 140737488348592, 0, 0, -5332225186142264219, -5332208876894198683},
mask_was_saved = 0}}, priv = {
pad = {0x0, 0x0, 0x40e7c0, 0x7fffe5b8}, data = {prev = 0x0,
cleanup = 0x0, canceltype = 4253632}}}
not_first_call =
#2 0x00407c6d in _start ()
No symbol table info available.
"""
Valgrind:
"""
==18211== Memcheck, a memory error detector
==18211== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==18211== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==18211== Command: dmg2img sample01.dmg
==18211==
dmg2img v1.6.5 (c) vu1tur (t...@vu1tur.eu.org)
sample01.dmg --> sample01.img
decompressing:
opening partition 0 ...==18211== Invalid read of size 1
==18211==at 0x4046ED: main (dmg2img.h:81)
==18211== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==18211==
==18211==
==18211== Process terminating with default action of signal 11 (SIGSEGV)
==18211== Access not within mapped region at address 0x0
==18211==at 0x4046ED: main (dmg2img.h:81)
==18211== If you believe this happened as a result of a stack
==18211== overflow in your program's main thread (unlikely but
==18211== possible), you can try to increase the size of the
==18211== main thread stack using the --main-stacksize= flag.
==18211== The main thread stack size used in this run was 8388608.
==18211==
==18211== HEAP SUMMARY:
==18211== in use at exit: 3,160,989 bytes in 10 blocks
==18211== total heap usage: 10 allocs, 0 frees, 3,160,989 bytes allocated
==18211==
==18211== LEAK SUMMARY:
==18211==definitely lost: 431 bytes in 1 blocks
==18211==indirectly lost: 0 bytes in 0 blocks
==18211== possibly lost: 0 bytes in 0 blocks
==18211==still reachable: 3,160,558 bytes in 9 blocks
==18211== suppressed: 0 bytes in 0 blocks
==18211== Rerun with --leak-check=full to see details of leaked memory
==18211==
==18211== For counts of detected and suppressed errors, rerun with: -v
==18211== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 4 from 4)
Segmentation fault
"""
--
Henri Salo
sample01.dmg
Description: application/apple-diskimage
Signature: 0x6B6F6C79 (koly)
Version:0x0004
HeaderSize: 0x0200
Flags: 0x0001
RunningDataForkOffset: 0x
DataForkOffset: 0x
DataForkLength: 0x469C
RsrcForkOffset: 0x
RsrcForkLength: 0x
SegmentNumber: 0x
SegmentCount: 0x
SegmentID: 0x
DataForkChecksumType: 0x
DataForkChecksum: 0x
XMLOffset: 0x469C
XMLL
Bug#778529: lame: fill_buffer_resample segmentation fault
On Wed, Feb 18, 2015 at 12:11:35PM +0100, Fabian Greffrath wrote: > Phew, got it. Thank you for your comprehensive analysis. I have verified that the patch fixes this issue. Should I report this to upstream bug tracker or does package maintainer handle that? Bug tracker in sourceforge.net does not seem to be very active. -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#776700: roundcube: Cross-site scripting vulnerability fixed in 1.0.5
Package: roundcube Version: 0.9.5+dfsg1-4.1 Severity: important Tags: security, fixed-upstream, upstream Cross-site scripting vulnerability has been fixed in Roundcube 1.0.5 version. Please update Debian packages, thanks. http://roundcube.net/news/2015/01/24/security-update-1.0.5/ http://trac.roundcube.net/wiki/Changelog#RELEASE1.0.5 http://trac.roundcube.net/ticket/1490227 CVE request: http://www.openwall.com/lists/oss-security/2015/01/31/3 If you need any help with this case feel free to contact me. -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#776699: phpbb3: CSRF and CSS injection
Package: phpbb3 Version: 3.0.12-3 Severity: important Tags: security, fixed-upstream, upstream CVE request: http://www.openwall.com/lists/oss-security/2015/01/31/2 https://wiki.phpbb.com/Release_Highlights/3.0.13 https://tracker.phpbb.com/browse/PHPBB3-13531 https://github.com/phpbb/phpbb/pull/3316 "CSS Injection via Relative Path Overwrite. Thanks to James Kettle for bringing this to our attention" https://tracker.phpbb.com/browse/PHPBB3-13526 https://github.com/phpbb/phpbb/pull/3311 "The ucp_pm_options form key is now properly validated. Thanks to FBNeal and lampsys who reported this independently." -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#504804: info
This was closed because of https://bugs.debian.org/504804#13 """ It is about the inconsistence between --file= and --file THE EQUAL "=" sign. """ This is a different bug than "=~" case. -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#776234: socat: DoS with fork
Package: socat Version: 1.7.2.4-1 Severity: important Tags: security, fixed-upstream, upstream Please see for details: http://www.openwall.com/lists/oss-security/2015/01/24/6 """ Socats signal handler implementations are not asnyc-signal-safe. When a signal is triggered while the process is within a non async-signal-safe function the signal handler will call a non sync-signal-safe function too. POSIX specifies the behaviour in this situation as undefined. Dependend on involved functions, libraries, and operating system, the process can continue, freeze, or crash. Mostly this issue occurs when socat is in listening mode with fork option and a couple of child processes terminate at the same time. """ -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#776039: grep: CVE-2015-1345: heap buffer overrun
Package: grep Version: 2.20-4 Severity: important Tags: security, upstream, fixed-upstream Bug report: http://bugs.gnu.org/19563 Upstream fix: http://git.sv.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2 -- Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#775359: qpid-cpp: CVE-2015-0203: can be crashed by authenticated user
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: qpid-cpp Version: 0.16-9 Severity: important Tags: security, upstream, fixed-upstream Please see for details: http://mail-archives.us.apache.org/mod_mbox/www-announce/201501.mbox/%3c54b4f4ac.8030...@apache.org%3E - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlS2pYoACgkQXf6hBi6kbk+Q5QCfbWLlDnM7Ivzn6ckQapY4rMTg IhcAniOf+LeTJCSaZtOmtxUH6XKrjfGq =mqWv -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#772473: CVE
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE requested http://www.openwall.com/lists/oss-security/2015/01/03/17 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlSpCtYACgkQXf6hBi6kbk+PYACgiWtl5na2ZN0KOi0Zu9LPFhB8 Za8AmwS2rNce+xYRP/UDyWxDfMe0it+d =+RxR -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#773471: CVE
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE request: http://www.openwall.com/lists/oss-security/2014/12/29/8 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlSiwZMACgkQXf6hBi6kbk+1EQCgrd15SCaYvASOX541J6iOVSry JpQAoIXWw74HhZ6HWUiabOSo3+7GgYKe =/Jii -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#773472: CVE
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE request: http://www.openwall.com/lists/oss-security/2014/12/29/8 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlSiwaMACgkQXf6hBi6kbk+NNwCg2O6I+jT/yfTjzt3jyVGZkDzY NNsAoKxK4bdiFpkBMzv8Rp8rN/vt2NmE =CANk -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#774162: libsndfile: two buffer read overflows
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: libsndfile Version: 1.0.25-9 Severity: important Tags: security, fixed-upstream Fixed in https://github.com/erikd/libsndfile/commit/dbe14f00030af5d3577f4cabbf9861db59e9c378 CVE request http://www.openwall.com/lists/oss-security/2014/12/25/2 - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlShnu0ACgkQXf6hBi6kbk8s6gCgs0UgWb7O8Aulun7iTA6bsLgk UG4An045K2kMdC1xCo7cEGiHcblnTDYE =W4We -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#774154: php5: double free in Zend/zend_ts_hash.c
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: php5 Version: 5.6.4+dfsg-1 Severity: important Tags: security, fixed-upstream Please see https://bugs.php.net/bug.php?id=68676 for details. - -- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlShggUACgkQXf6hBi6kbk8jNwCfYNiExslA1E8u/+Pxg5458e3C LIYAoI9ddbXHoOlhsI+513W2q87ZIgFK =Gc9L -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#771958: CVE request
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE request http://www.openwall.com/lists/oss-security/2014/12/03/10 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlR/hg4ACgkQXf6hBi6kbk99mQCdE4qUEU/biQ0RgS0ppGAKwava kQEAmgK7paGY35s3MknRzvbxUnBRYMtO =o0gi -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#770918: patches
Attached patches from upstream, which apply to 1.2.1-6. DSA should be created.
---
Henri Salo
--- src/libFLAC/stream_decoder.c.orig 2014-11-25 13:41:50.280032892 +0200
+++ src/libFLAC/stream_decoder.c 2014-11-25 13:48:39.697566936 +0200
@@ -94,7 +94,7 @@
*
***/
-static FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' };
+static const FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' };
/***
*
@@ -1386,6 +1386,10 @@
id = 0;
continue;
}
+
+ if(id >= 3)
+ return false;
+
if(x == ID3V2_TAG_[id]) {
id++;
i = 0;
--- src/libFLAC/stream_decoder.c.orig 2014-11-25 13:41:50.280032892 +0200
+++ src/libFLAC/stream_decoder.c 2014-11-25 13:46:21.862277460 +0200
@@ -2726,7 +2726,8 @@
if(decoder->private_->frame.header.blocksize < predictor_order) {
send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
- return true;
+ /* We have received a potentially malicious bt stream. All we can do is error out to avoid a heap overflow. */
+ return false;
}
}
else {
signature.asc
Description: Digital signature
Bug#732300: info
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 With up-to-date jessie I can reproduce this issue with following commands. I think input device is correct, but not sure. If I run "cat /dev/input/eventX" I can see data in the terminal when I type something, but it is not the text I was writing. 1) logkeys --export-keymap=keymap.txt logkeys --start --keymap=keymap --output=output.txt echo abcdefghijklmnopqrstuvwxyz logkeys --kill 2) logkeys --start --output=output.txt echo abcdefghijklmnopqrstuvwxyz logkeys --kill - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlRd5fMACgkQXf6hBi6kbk+MKwCfSu0W+ftSvAjlRpUaJSLqPs1/ MHAAn3Mrq0vxgtzLzg+5LekpeZ3egG38 =+Ba4 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#630633: Debian pitivi 630633
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Is this still an issue in some version? - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlRaDCMACgkQXf6hBi6kbk9N7ACgm+RBk9LXabLNQifB0V6oD6ll DKMAn3PUpMvN5ah5qlx6F+fWJluoXlQs =CxYc -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#732300: update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I can reproduce this issue without --keymap in the example. logkeys --start --output=output.txt typesomething logkeys --kill File output.txt contains gibberish. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlRZ8gsACgkQXf6hBi6kbk/l5ACggtihlzHFdts58WsuxMu2c9Rh i8MAoLJMHl0D5lBu5gh624g7zCVel6hD =mS2W -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766981: 766981
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ok. Nice and thanks! - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlROOtkACgkQXf6hBi6kbk+dTwCfSMi51fRJ8AVXXL3tXG3OYKG+ FZgAmwQQna4Jd4nbP9HnjqFHQVQF7CE/ =bBRW -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766981: CVE-2014-4877: wget: FTP symlink arbitrary filesystem access
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: wget Version: 1.15-1 Severity: important Tags: fixed-upstream, security, upstream http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 """ Wget was susceptible to a symlink attack which could create arbitrary files, directories or symbolic links and set their permissions when retrieving a directory recursively through FTP. This commit changes the default settings in Wget such that Wget no longer creates local symbolic links, but rather traverses them and retrieves the pointed-to file in such a retrieval. The old behaviour can be attained by passing the --retr-symlinks=no option to the Wget invokation command. """ - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlROLg0ACgkQXf6hBi6kbk//KgCfY1kB9+jp++XGb1GMlekuBirP IbEAoMBHvnAupKh7npnyUcyxyzk9R6R6 =uiOZ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#766962: CVE-2014-8483: quassel: out-of-bounds read issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: quassel Version: 0.10.0-2 Severity: important Tags: security, fixed-upstream https://github.com/quassel/quassel/commit/8b5ecd226f9208af3074b33d3b7cf5e14f55b138 http://bugs.quassel-irc.org/issues/1314 """ Check for invalid input in encrypted buffers The ECB Blowfish decryption function assumed that encrypted input would always come in blocks of 12 characters, as specified. However, buggy clients or annoying people may not adhere to that assumption, causing the core to crash while trying to process the invalid base64 input. With this commit we make sure that we're not overstepping the bounds of the input string while decoding it; instead we bail out early and display the original input. Fixes #1314. Thanks to Tucos for finding that one! """ - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlROCigACgkQXf6hBi6kbk9F7wCgiMXj+fPrji5W3ABkpGicRfhV ioIAn3hTgwWppPDKcDBngyjSrUrU1FmO =K8h6 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#764758: Question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Where did you get this "This request is also seconded by upstream" information? Web site http://codezen.org/canto-ng/ does not say anything about it being abandoned status. New section in that page contains new posts. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQ5aLYACgkQXf6hBi6kbk9PNgCdGa2p3fHaUAhUFUJUzjnOfiDQ NccAoK4EB8MLOWzzIda7xgn1os7kG25j =ERx8 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#763958: CVE-2014-6439: elasticsearch: default configuration for CORS allows an attacker to craft links
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: elasticsearch Version: 1.0.3+dfsg-3 Severity: important Tags: security, fixed-upstream http://www.elasticsearch.org/community/security/ http://seclists.org/bugtraq/2014/Oct/18 Summary: Elasticsearch versions 1.3.x and prior have a default configuration for CORS that allows an attacker to craft links that could cause a user’s browser to send requests to Elasticsearch instances on their local network. These requests could cause data loss or compromise. Remediation: Users should either set “http.cors.enabled” to false, or set “http.cors.allow-origin” to the value of the server that should be allowed access, such as localhost or a server hosting Kibana. Disabling CORS entirely with the former setting is more secure, but may not be suitable for all use cases. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQvuZ8ACgkQXf6hBi6kbk/0yACdGl3VoguQ/1/MmTuZX+dwTuG7 49MAoIqSq7gA7GcYb4JHc3rF1HkocB8r =rdFL -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#763848: CVE-2014-7185: python2.7: integer overflow in 'buffer' type allows reading memory
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: python2.7 Version: 2.7.8-9 Severity: important Tags: security, fixed-upstream Hi, Please fix following vulnerability in sid and add CVE to ChangeLog. Bug report: http://bugs.python.org/issue21831 Upstream fix http://hg.python.org/cpython/rev/8d963c7db507 I'm happy to help in case you have any questions. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQuP5UACgkQXf6hBi6kbk95XQCglVqoArm+HD4kEHPCLMd8KaQU IvMAn3Wn5Gr+zwz5n7M1lWd0X4qp5URb =K3OU -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#763759: [Secure-testing-team] Bug#763759: bash: please drop debian-specific privmode disablement patch
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, Oct 02, 2014 at 10:09:53AM -0300, Henrique de Moraes Holschuh wrote: > Package: bash > Version: 4.2+dfsg-0.1+deb7u3 > Severity: grave > Tags: security > Justification: user security hole There is this issue already open http://bugs.debian.org/720545 Can you verify that this new issue in BTS is duplicate? If it is I'd prefer that you comment there and we close this (not merge, so that discussion is easier to read/follow). Thank you for your work regarding Debian security. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQtUScACgkQXf6hBi6kbk+NwgCgyuLY822x4wvcxRZVRshzd7CW Ul8AoLeoLJ67qszU6BrVxLDstzbV3w8Q =TfQ7 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#687484: Status of CVE-2012-4414: SQL injection
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is current status of CVE-2012-4414? Information about the issue in http://www.openwall.com/lists/oss-security/2012/09/11/4 Marked as grave and security without any comments from maintainers. Plans to patch this issue? If not could you please give reasoning, thank you. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQqS24ACgkQXf6hBi6kbk/cCQCdGwbC8Tk1kzx1Mjg5OHDAp7wI KcwAn0NnXCiW/G9CuOQGMRk2xUODZAtm =zrVO -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#762828: CVE-2014-6603: suricata: Out-of-bounds access in SSH parser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: suricata Version: 2.0.3-1 Severity: important Tags: security, fixed-upstream Hi, It was found out that the application parser for SSH integrated in Suricata contains a flaw that might lead to an out-of-bounds access. For this reason a Denial of Service towards the Suricata monitoring software might be possible using crafted packets on the monitoring interface. More information: http://seclists.org/fulldisclosure/2014/Sep/79 http://suricata-ids.org/2014/09/23/suricata-2-0-4-available/ Feel free to contact me in case you need any help regarding this issue. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQkJMMACgkQXf6hBi6kbk+bIQCgom59SVZDOvoc9gcNCJJCMgV+ noYAnizbzeHzLPFWkGt8QGm/XiMYwZ3/ =1ooE -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#762754: mediawiki: Enhance CSS filtering in SVG files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: mediawiki Version: 1:1.19.18+dfsg-0.1 Severity: normal Tags: security, fixed-upstream Hi, Following security issue was fixed in upstream: https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html * (bug 69008) SECURITY: Enhance CSS filtering in SVG files. Filter
Bug#762532: CVE-2014-3640: qemu: slirp: NULL pointer deref in sosendto()
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Sep 23, 2014 at 08:26:03PM +0400, Michael Tokarev wrote: > Yes, that's a security fix indeed, but it is, again, of a rather low > impact. At max it will lead to qemu process crashing (so a DoS), but > the thing is that slirp (aka user-mode networking) in qemu should never > be used for anything serious because it is very slow and has many > limitations, it is a poor-man bandaind to get networking running > quick without setting up tap devices and bridges... Ok. I did not know this. I'm creating issues in Debian BTS for security vulnerabilities so that maintainers know about them. These are also added to Debian security-tracker. In some packages maintainer is watching upstream advisories closely, but this is not always the case. > I'll fix this for the next upload anyway. Thank you. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQippsACgkQXf6hBi6kbk/FIgCg0GtsawLjtuulS+umwUWTBsds EEYAoIBjeSqjv9SCezL4u0vXDGTEry6c =KPem -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#762532: CVE-2014-3640: qemu: slirp: NULL pointer deref in sosendto()
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: qemu Version: 2.1+dfsg-4 Severity: important Tags: security, fixed-upstream Hi, When guest sends udp packet with source port and source addr 0, uninitialized socket is picked up when looking for matching and already created udp sockets, and later passed to sosendto() where NULL pointer dereference is hit during so->slirp->vnetwork_mask.s_addr access. Fix this by checking that the socket is not just a socket stub. Please see this discussion for more information: http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg03543.html - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQhGTkACgkQXf6hBi6kbk/46gCfbwwiaD3Zdfbo5z57NihRYfvJ J34An0KG/kIRMQlB9CYUgcwM9net67oc =7klY -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#762393: New upstream version is available: 0.1.8
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: httpry Version: 0.1.7-3 Severity: wishlist Hi, Please upload new version of this software to unstable. I can do some testing for it. http://githubredir.debian.net/github/jbittel/httpry/httpry-0.1.8.tar.gz * added support for 802.1Q VLAN tagged packets * added PATCH HTTP method to default method list * changed packet parsing to continue without a full header present * added PPP link type support * added custom ethernet header offset option (-S) * changed read timeout to be non-zero - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQfLNwACgkQXf6hBi6kbk+uvACfZG3nEbX6WFy5Eyp5eOsbcpWe DG0AoLFJPHQEEYN7GApxmdVt8kbyWjwh =0svB -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#494549: status
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Sep 19, 2014 at 09:06:56PM +0200, Philipp Huebner wrote: > I can hardly remember writing this RFP 6 years ago, and the project > doesn't look very active. I'd be happy to simply close this RFP. Ok. Please do. Nobody else hasn't spoken and I think this software is not widely used. If someone else says they need it I can help packaging (after testing). - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQciSEACgkQXf6hBi6kbk9qcwCgnjm3b1LJZx2LJqfDbw4F7Hg5 wscAoLd3nFg2E5F+OGBUnaFBrMI2lTBE =lppo -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#479553: status
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 URL does not work anymore. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcdv8ACgkQXf6hBi6kbk8SJACfYI/d1S8OG2HYrc3rIFogmGvi VxoAn2Qiudv2iy+ftV8OuIZldIy2KrwA =yPST -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#510202: status?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Are you currently using pqstego? This looks like an interesting software, but I failed to build this in my current working environment. Making all in src make[1]: Entering directory `/home/fgeek/temp/3/pqstego-0.0.1/src' gcc -DPACKAGE_NAME=\"pqstego\" -DPACKAGE_TARNAME=\"pqstego\" - - - - -DPACKAGE_VERSION=\"0.0.1\" -DPACKAGE_STRING=\"pqstego\ 0.0.1\" - - - - -DPACKAGE_BUGREPORT=\"ck...@madkooky.de\" -DPACKAGE=\"pqstego\" - - - - -DVERSION=\"0.0.1\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 - - - - -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 - - - - -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_JPEGLIB_H=1 - - - - -DHAVE_STDLIB_H=1 -DHAVE_MALLOC=1 -DHAVE_STRTOL=1 -I. -I../include -g -O2 -MT pqstego.o -MD -MP -MF .deps/pqstego.Tpo -c -o pqstego.o pqstego.c In file included from pqstego.c:29:0: ../include/pqstego.h:28:24: fatal error: pqstego/pq.h: No such file or directory compilation terminated. make[1]: *** [pqstego.o] Error 1 make[1]: Leaving directory `/home/fgeek/temp/3/pqstego-0.0.1/src' make: *** [all-recursive] Error 1 I might be interested to maintain this in the future. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcdhYACgkQXf6hBi6kbk8mIQCfUkKZaJdDFZb8Ac/qj5ukuhp9 xaAAnAjNPUdkkPQ0eQzYWyOV016Did9p =HJvp -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#510207: status?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Are you currently using pqstego? This looks like an interesting software, but I failed to build this in my current working environment. Making all in src make[1]: Entering directory `/home/fgeek/temp/3/pqstego-0.0.1/src' gcc -DPACKAGE_NAME=\"pqstego\" -DPACKAGE_TARNAME=\"pqstego\" - - - -DPACKAGE_VERSION=\"0.0.1\" -DPACKAGE_STRING=\"pqstego\ 0.0.1\" - - - -DPACKAGE_BUGREPORT=\"ck...@madkooky.de\" -DPACKAGE=\"pqstego\" - - - -DVERSION=\"0.0.1\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 - - - -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 - - - -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_JPEGLIB_H=1 - - - -DHAVE_STDLIB_H=1 -DHAVE_MALLOC=1 -DHAVE_STRTOL=1 -I. -I../include-g -O2 -MT pqstego.o -MD -MP -MF .deps/pqstego.Tpo -c -o pqstego.o pqstego.c In file included from pqstego.c:29:0: ../include/pqstego.h:28:24: fatal error: pqstego/pq.h: No such file or directory compilation terminated. make[1]: *** [pqstego.o] Error 1 make[1]: Leaving directory `/home/fgeek/temp/3/pqstego-0.0.1/src' make: *** [all-recursive] Error 1 I might be interested to maintain this in the future. - - - --- Henri Salo - - -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcdJAACgkQXf6hBi6kbk9zlgCfUB/FZtKMpnfOuX3kj5tWnnD4 ssAAoK9JlCN+KmXmxLob01kNhk4W7Mge =prQ9 - - -END PGP SIGNATURE- - -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcdJgACgkQXf6hBi6kbk/TFwCfcIeySRgPsWP8wqdm2ybPWNq2 OUUAoL0XB/8m+RoyZOjHSH2RFfitvrhA =0hyK - -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcdKEACgkQXf6hBi6kbk8KFQCeLB6s88Xkuw4lPqAyhiw/jZuy /2cAn3pqlNJ8HKymxSCPITsKp9hjyk2X =0mlK -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#494549: status
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, It seems that site http://www.autoscan-network.com/ is down. Any other sources? Sounds like an interesting software. I would be happy to test this and after that possibly help with maintaining it if it is good enough. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcbAEACgkQXf6hBi6kbk8JwQCgzkEFy9wFwYLh9AKmpoVawATy VfgAn1cVQNiniwSGwkDo4VWqAc6hzJ3m =d6+6 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#492967: status update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, At least pygccxml is now in Debian[1]. Is this software still wanted to Debian? https://packages.debian.org/wheezy/python-pygccxml - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcbLcACgkQXf6hBi6kbk/d9gCfTIXhJVCe8nDNQJmkvJHgoSly EEwAn1HwZL5zpgxLNasfRrTYT4+DTlfG =WcIC -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#495933: question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, This software sounds useful. Does it differ somehow from fdupes package? I do not know what is Debian policy on this, but I do not think we should package this if it does not offer something that fdupes can't do already. Of course there might also be other reasons to get this into Debian. https://packages.debian.org/wheezy/fdupes Your comments are welcome. - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcaTkACgkQXf6hBi6kbk+e5QCeMSutiUKDwK/Xhtg3np5ZeKBp BhsAnAu0SseiT/MzhXyyUhH/c9jZcTPj =d88o -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#762203: CVE-2014-3633: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Package: libvirt Version: 1.2.7-11 Severity: important Tags: fixed-upstream, security Please fix following vulnerability in libvirt, thank you. CVE-2014-3633: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index When you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b Introduced in: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=eca96694a7f992be633d48d5ca03cedc9bbc3c9a (v0.9.8) RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3633 - --- Henri Salo -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlQcOvYACgkQXf6hBi6kbk8AGwCgqs/OmHigrdQtI4GGTvjipEl7 vBoAmgPDROCumWtRTk/IqfICpHbhgSsQ =7IAE -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
