[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fb2a4a47 by Moritz Mühlenhoff at 2021-08-12T09:34:03+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -70767,48 +70767,53 @@ CVE-2020-21686 CVE-2020-21685 RESERVED CVE-2020-21684 (A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2 ...) - - fig2dev 1:3.2.8-1 + - fig2dev 1:3.2.8-1 (unimportant) - transfig NOTE: https://sourceforge.net/p/mcj/tickets/75/ NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/ (3.2.8) + NOTE: Crash in CLI tool, no security impact CVE-2020-21683 (A global buffer overflow in the shade_or_tint_name_after_declare_color ...) - - fig2dev 1:3.2.8-1 + - fig2dev 1:3.2.8-1 (unimportant) - transfig NOTE: https://sourceforge.net/p/mcj/tickets/77/ NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/639c36010a120e97a6e82e7cd57cbf9dbf4b64f1/ (3.2.8) - TODO: check + NOTE: Crash in CLI tool, no security impact CVE-2020-21682 (A global buffer overflow in the set_fill component in genge.c of fig2d ...) - - fig2dev 1:3.2.8-1 + - fig2dev 1:3.2.8-1 (unimportant) - transfig NOTE: https://sourceforge.net/p/mcj/tickets/72/ NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/4d4e1fdac467c386cba8706aa0067d5ab8da02d7/ (3.2.8) + NOTE: Crash in CLI tool, no security impact CVE-2020-21681 (A global buffer overflow in the set_color component in genge.c of fig2 ...) - - fig2dev 1:3.2.8-1 + - fig2dev 1:3.2.8-1 (unimportant) - transfig NOTE: https://sourceforge.net/p/mcj/tickets/73/ NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/ (3.2.8) NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/4d4e1fdac467c386cba8706aa0067d5ab8da02d7/ (3.2.8) + NOTE: Crash in CLI tool, no security impact CVE-2020-21680 (A stack-based buffer overflow in the put_arrow() component in genpict2 ...) - - fig2dev 1:3.2.8-1 + - fig2dev 1:3.2.8-1 (unimportant) - transfig NOTE: https://sourceforge.net/p/mcj/tickets/74/ NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/3165d86c31c6323913239fdc6460be6ababd3826/ (3.2.8) NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/100e2789f8106f9cc0f7e4319c4ee7bda076c3ac/ (3.2.8) - TODO: check + NOTE: Crash in CLI tool, no security impact CVE-2020-21679 RESERVED CVE-2020-21678 (A global buffer overflow in the genmp_writefontmacro_latex component i ...) - - fig2dev 1:3.2.8-1 + - fig2dev 1:3.2.8-1 (unimportant) - transfig NOTE: https://sourceforge.net/p/mcj/tickets/71/ NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/ (3.2.8) - TODO: check + NOTE: Crash in CLI tool, no security impact CVE-2020-21677 (A heap-based buffer overflow in the sixel_encoder_output_without_macro ...) - libsixel 1.8.6-1 + [buster] - libsixel (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/123 NOTE: https://github.com/saitoha/libsixel/commit/0b1e0b3f7b44233f84e5c9f512f8c90d6bbbe33d CVE-2020-21676 (A stack-based buffer overflow in the genpstrx_text() component in genp ...) - fig2dev 1:3.2.8-1 + [buster] - fig2dev (Minor issue) - transfig NOTE: https://sourceforge.net/p/mcj/tickets/76/ NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/a89c20206a5db1f463438ba444e35bcb400e/ (3.2.8) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb2a4a474deb719d2997e94436409dacd3c15d85 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb2a4a474deb719d2997e94436409dacd3c15d85 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a9276499 by Moritz Muehlenhoff at 2021-08-03T17:06:32+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -383,7 +383,9 @@ CVE-2021-37747 RESERVED CVE-2021-37746 (textview_uri_security_check in textview.c in Claws Mail before 3.18.0, ...) - claws-mail (bug #991722) + [buster] - claws-mail (Minor issue) - sylpheed (bug #991723) + [buster] - sylpheed (Minor issue) NOTE: https://git.claws-mail.org/?p=claws.git;a=commit;h=ac286a71ed78429e16c612161251b9ea90ccd431 CVE-2021-3672 RESERVED @@ -1098,6 +1100,7 @@ CVE-2021-23183 RESERVED CVE-2021-37601 (muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers t ...) - prosody 0.11.9-2 + [buster] - prosody (Minor issue) NOTE: https://prosody.im/security/advisory_20210722/ CVE-2021-37404 RESERVED @@ -2473,19 +2476,25 @@ CVE-2020-36427 (GNOME gThumb before 3.10.1 allows an application crash via a mal NOTE: Crash in CLI tool, no security impact CVE-2020-36426 (An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_cr ...) - mbedtls 2.16.9-0.1 + [buster] - mbedtls (Minor issue) CVE-2020-36425 (An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly ...) - mbedtls 2.16.9-0.1 + [buster] - mbedtls (Minor issue) NOTE: https://github.com/ARMmbed/mbedtls/issues/3340 NOTE: https://github.com/ARMmbed/mbedtls/pull/3433 CVE-2020-36424 (An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can ...) - mbedtls 2.16.9-0.1 + [buster] - mbedtls (Minor issue) NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-2 CVE-2020-36423 (An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attack ...) - mbedtls 2.16.9-0.1 + [buster] - mbedtls (Minor issue) CVE-2020-36422 (An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel ...) - mbedtls 2.16.9-0.1 + [buster] - mbedtls (Minor issue) CVE-2020-36421 (An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a si ...) - mbedtls 2.16.9-0.1 + [buster] - mbedtls (Minor issue) NOTE: https://github.com/ARMmbed/mbedtls/issues/3394 CVE-2021-36774 RESERVED @@ -2505,6 +2514,7 @@ CVE-2021-36770 CVE-2021-36769 (A reordering issue exists in Telegram before 7.8.1 for Android, Telegr ...) [experimental] - telegram-desktop 2.9.0+ds-1 - telegram-desktop (bug #991493) + [buster] - telegram-desktop (Minor issue) NOTE: https://mtpsym.github.io/ CVE-2021-36768 RESERVED @@ -11608,11 +11618,13 @@ CVE-2021-32793 RESERVED CVE-2021-32792 (mod_auth_openidc is an authentication/authorization module for the Apa ...) - libapache2-mod-auth-openidc 2.4.9-1 (bug #991580) + [buster] - libapache2-mod-auth-openidc (Minor issue) NOTE: https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-458c-7pwg-3j7j NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/00c315cb0c8ab77c67be4a2ac08a71a83ac58751 (v2.4.9) NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/55ea0a085290cd2c8cdfdd960a230cbc38ba8b56 (v2.4.9) CVE-2021-32791 (mod_auth_openidc is an authentication/authorization module for the Apa ...) - libapache2-mod-auth-openidc 2.4.9-1 (bug #991581) + [buster] - libapache2-mod-auth-openidc (Minor issue) NOTE: https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-px3c-6x7j-3r9r NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/375407c16c61a70b56fdbe13b0d2c8f11398e92c (v2.4.9) CVE-2021-32790 (Woocommerce is an open source eCommerce plugin for WordPress. An SQL i ...) @@ -11625,10 +11637,12 @@ CVE-2021-32787 (Sourcegraph is a code search and navigation engine. Sourcegraph TODO: check CVE-2021-32786 (mod_auth_openidc is an authentication/authorization module for the Apa ...) - libapache2-mod-auth-openidc 2.4.9-1 (bug #991582) + [buster] - libapache2-mod-auth-openidc (Minor issue) NOTE: https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-xm4c-5wm5-jqv7 NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/3a115484eb927bc6daa5737dd84f88ff4bbc5544 (v2.4.9) CVE-2021-32785 (mod_auth_openidc is an authentication/authorization module for the Apa ...) - libapache2-mod-auth-openidc 2.4.9-1 (bug #991583) + [buster] - libapache2-mod-auth-openidc (Minor issue) NOTE: https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-55r8-6w97-xxr4 NOTE: https://github.com/zmartzone/mod_auth_open
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 646a50d4 by Moritz Muehlenhoff at 2021-07-30T09:03:28+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1913,6 +1913,7 @@ CVE-2020-36431 (Unicorn Engine 1.0.2 has an out-of-bounds write in helper_wfe_ar NOT-FOR-US: Unicorn Engine CVE-2020-36430 (libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode ...) - libass 1:0.15.0-2 + [buster] - libass (Vulnerable code not present) [stretch] - libass (Vulnerable code not present) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26674 NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libass/OSV-2020-2099.yaml @@ -2106,6 +2107,7 @@ CVE-2021-36746 (Blackboard Learn through 9.1 allows XSS by an authenticated user NOT-FOR-US: Blackboard Learn CVE-2020-36420 (** UNSUPPORTED WHEN ASSIGNED ** Polipo through 1.1.1 allows denial of ...) - polipo + [buster] - polipo (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2020/11/18/1 CVE-2021-36745 RESERVED = data/dsa-needed.txt = @@ -25,12 +25,16 @@ djvulibre -- icu -- +libsndfile (jmm) +-- linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. -- ndpi -- +nodejs (jmm) +-- jetty9 Markus Koschany is prepared updates for review: <4b37da65195e937871b4b9e2b48b8d56d87ca4d5.ca...@debian.org> -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/646a50d4474de0dd9ae205e37c8ef87ceebc920d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/646a50d4474de0dd9ae205e37c8ef87ceebc920d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 85f26675 by Moritz Muehlenhoff at 2021-07-23T11:57:48+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1332,8 +1332,10 @@ CVE-2021-36775 CVE-2021-3653 RESERVED CVE-2020-36427 (GNOME gThumb before 3.10.1 allows an application crash via a malformed ...) - - gthumb 3:3.11.1-0.1 + - gthumb 3:3.11.1-0.1 (unimportant) NOTE: https://mail.gnome.org/archives/gthumb-list/2020-September/msg1.html + NOTE: https://github.com/GNOME/gthumb/commit/e79b4519cc6e27388ddd3f095e97d1559cb47616 + NOTE: Crash in CLI tool, no security impact CVE-2020-36426 (An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_cr ...) - mbedtls 2.16.9-0.1 CVE-2020-36425 (An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly ...) @@ -6353,6 +6355,7 @@ CVE-2021-34553 (Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a rem CVE-2021-34552 (Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1. ...) {DLA-2716-1} - pillow 8.1.2+dfsg-0.3 (bug #991293) + [buster] - pillow (Minor issue, mitigated by FORTIFY_SOURCE) NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow NOTE: https://github.com/python-pillow/Pillow/pull/5567 NOTE: https://github.com/python-pillow/Pillow/commit/31c473898c29d1b7cb6555ce67d9503a4906b83f (8.3.0) @@ -148216,6 +148219,7 @@ CVE-2019-11099 RESERVED CVE-2019-11098 (Insufficient input validation in MdeModulePkg in EDKII may allow an un ...) - edk2 + [buster] - edk2 (Minor issue) NOTE: https://edk2-docs.gitbook.io/security-advisory/bootguard-toctou-vulnerability NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1614 NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=316 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85f266758683d334c98eec762039363b55d77a68 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85f266758683d334c98eec762039363b55d77a68 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 5dcc0b4c by Moritz Muehlenhoff at 2021-07-15T17:29:03+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -11340,64 +11340,76 @@ CVE-2021-31816 (When configuring Octopus Server if it is configured with an exte NOT-FOR-US: Octopus Server CVE-2019-25042 (** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write via ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/6c3a0b54ed8ace93d5b5ca7b8078dc87e75cd640 + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25041 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure via a ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/2d444a5037acff6024630b88092d9188f2f5d8fe + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25040 (** DISPUTED ** Unbound before 1.9.5 allows an infinite loop via a comp ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/2d444a5037acff6024630b88092d9188f2f5d8fe + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25039 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a si ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/02080f6b180232f43b77f403d0c038e9360a460f + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25038 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in a si ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/02080f6b180232f43b77f403d0c038e9360a460f + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25037 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and de ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/d2eb78e871153f22332d30c6647f3815148f21e5 + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25036 (** DISPUTED ** Unbound before 1.9.5 allows an assertion failure and de ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/f5e06689d193619c57c33270c83f5e40781a261d + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25035 (** DISPUTED ** Unbound before 1.9.5 allows an out-of-bounds write in s ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/fa23ee8f31ba9a018c720ea822faaee639dc7a9c + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25034 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in sldn ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/a3545867fcdec50307c776ce0af28d07046a52dd + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25033 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/226298bbd36f1f0fd9608e98c2ae85988b7bbdb8 + NOTE: Not deemed an exploitable vulnerability by upstream CVE-2019-25032 (** DISPUTED ** Unbound before 1.9.5 allows an integer overflow in the ...) {DLA-2652-1} - - unbound 1.9.6-1 + - unbound 1.9.6-1 (unimportant) [stretch] - unbound (No longer supported, see DSA 4694) NOTE: https://github.com/NLnetLabs/unbound/commit/226298bbd36f1f0fd9608e98c2ae85988b7bbdb8 + NOTE: Not deemed an exploitable vu
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 4b47fd43 by Moritz Muehlenhoff at 2021-07-14T19:23:25+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -745,17 +745,20 @@ CVE-2021-36378 RESERVED CVE-2021-36377 (Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname ...) - fossil 1:2.15.2-1 + [buster] - fossil (Minor issue) NOTE: https://fossil-scm.org/forum/forumpost/8d367e16f53d93c789d70bd3bf2c9587227bbd5c6a7b8e512cccd79007536036 CVE-2021-36376 (dandavison delta before 0.8.3 on Windows resolves an executable's path ...) NOT-FOR-US: dandavison delta CVE-2021-36375 RESERVED CVE-2021-36374 (When reading a specially crafted ZIP archive, or a derived formats, an ...) - - ant + - ant (unimportant) NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/6 + NOTE: Crash in CLI tool, no security impact CVE-2021-36373 (When reading a specially crafted TAR archive an Apache Ant build can b ...) - - ant + - ant (unimportant) NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/5 + NOTE: Crash in CLI tool, no security impact CVE-2021-36372 RESERVED CVE-2021-36371 (Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allo ...) @@ -1367,6 +1370,7 @@ CVE-2021-3632 NOT-FOR-US: Keycloak CVE-2021-36090 (When reading a specially crafted ZIP archive, Compress can be made to ...) - libcommons-compress-java (bug #991041) + [buster] - libcommons-compress-java (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/4 CVE-2020-36416 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...) NOT-FOR-US: CMS Made Simple @@ -2698,12 +2702,15 @@ CVE-2021-35518 RESERVED CVE-2021-35517 (When reading a specially crafted TAR archive, Compress can be made to ...) - libcommons-compress-java (bug #991041) + [buster] - libcommons-compress-java (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/3 CVE-2021-35516 (When reading a specially crafted 7Z archive, Compress can be made to a ...) - libcommons-compress-java (bug #991041) + [buster] - libcommons-compress-java (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/2 CVE-2021-35515 (When reading a specially crafted 7Z archive, the construction of the l ...) - libcommons-compress-java (bug #991041) + [buster] - libcommons-compress-java (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/1 CVE-2021-35514 (Narou (aka Narou.rb) before 3.8.0 allows Ruby Code Injection via the t ...) NOT-FOR-US: Narou @@ -3665,6 +3672,7 @@ CVE-2021-35063 RESERVED [experimental] - suricata 1:6.0.3-1~exp1 - suricata (bug #990835) + [buster] - suricata (Minor issue) NOTE: https://forum.suricata.io/t/suricata-6-0-3-and-5-0-7-released/1489 CVE-2021-35062 RESERVED @@ -6463,8 +6471,11 @@ CVE-2021-33814 CVE-2021-33813 (An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to c ...) {DLA-2696-1} - libjdom2-intellij-java (bug #990673) + [buster] - libjdom2-intellij-java (Minor issue) - libjdom2-java (bug #990671) + [buster] - libjdom2-java (Minor issue) - libjdom1-java (bug #990672) + [buster] - libjdom1-java (Minor issue) NOTE: https://github.com/hunterhacker/jdom/pull/188 NOTE: https://alephsecurity.com/vulns/aleph-2021003 NOTE: Fixed by: https://github.com/hunterhacker/jdom/commit/bd3ab78370098491911d7fe9d7a43b97144a234e @@ -8969,9 +8980,11 @@ CVE-2021-32748 RESERVED CVE-2021-32747 (Icinga Web 2 is an open source monitoring web interface, framework, an ...) - icingaweb2 + [buster] - icingaweb2 (Minor issue) NOTE: https://github.com/Icinga/icingaweb2/security/advisories/GHSA-2xv9-886q-p7xx CVE-2021-32746 (Icinga Web 2 is an open source monitoring web interface, framework and ...) - icingaweb2 + [buster] - icingaweb2 (Minor issue) NOTE: https://github.com/Icinga/icingaweb2/security/advisories/GHSA-cmgc-h4cx-3v43 CVE-2021-32745 RESERVED @@ -15775,6 +15788,7 @@ CVE-2021-30015 (There is a Null Pointer Dereference in function filter_core/filt NOTE: https://github.com/gpac/gpac/issues/1719 CVE-2021-30014 (There is a integer overflow in media_tools/av_parsers.c in the hevc_pa ...) - gpac 1.0.1+dfsg1-4 (bug #987323) + [buster] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788 NOTE: https://github.com/gpac/gpac/issues/1721
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 733f121e by Moritz Muehlenhoff at 2021-07-06T21:15:36+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -3247,6 +3247,7 @@ CVE-2021-34696 CVE-2021-3605 [Heap buffer overflow in the rleUncompress function] RESERVED - openexr + [buster] - openexr (Minor issue) [stretch] - openexr (Minor issue, buffer read overflow, fix along next DLA) NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/1036 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/25259a84827234a283f6f9db72978198c7a3f268 (master) @@ -3254,6 +3255,7 @@ CVE-2021-3605 [Heap buffer overflow in the rleUncompress function] NOTE: not to be confused with CVE-2020-11760 whose fix is similar but applied around 10 lines above, in the other branch of the 'if' CVE-2021-3603 (PHPMailer 6.4.1 and earlier contain a vulnerability that can result in ...) - libphp-phpmailer + [buster] - libphp-phpmailer (Minor issue) [stretch] - libphp-phpmailer (Minor issue, fix along with next DLA) NOTE: https://www.huntr.dev/bounties/1-PHPMailer/PHPMailer/ NOTE: https://github.com/PHPMailer/PHPMailer/commit/45f3c18dc6a2de1cb1bf49b9b249a9ee36a5f7f3 (v6.5.0) @@ -9855,6 +9857,7 @@ CVE-2020-36328 (A flaw was found in libwebp in versions before 1.0.1. A heap-bas NOTE: https://chromium.googlesource.com/webm/libwebp/+/71ed73cf86132394ea25ae9c7ed431e0d71043f5 CVE-2020-36327 (Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes choos ...) - bundler + [buster] - bundler (Minor issue) [stretch] - bundler (Invasive change, hard to backport; chances of regression) - rubygems [bullseye] - rubygems (Minor issue) @@ -9993,6 +9996,7 @@ CVE-2021-3516 (There's a flaw in libxml2's xmllint in versions before 2.9.11. An NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539 CVE-2021-3515 (A shell injection flaw was found in pglogical in versions before 2.3.4 ...) - pglogical 2.3.3-3 (bug #988735) + [buster] - pglogical (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1954112 NOTE: https://github.com/2ndQuadrant/pglogical/commit/95c0e8981485e09efab6821cf55a4e27b086efe5 CVE-2021-3514 (When using a sync_repl client in 389-ds-base, an authenticated attacke ...) @@ -16309,6 +16313,8 @@ CVE-2021-29280 RESERVED CVE-2021-29279 (There is a integer overflow in function filter_core/filter_props.c:gf_ ...) - gpac 1.0.1+dfsg1-4 (bug #987323) + [buster] - gpac (Vulnerable code not present) + [stretch] - gpac (Vulnerable code not present) NOTE: https://github.com/gpac/gpac/commit/da69ad1f970a7e17c865eaec9af98cc84df10d5b NOTE: https://github.com/gpac/gpac/issues/1718 CVE-2021-29278 @@ -18610,6 +18616,7 @@ CVE-2021-28301 RESERVED CVE-2021-28300 (NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrac ...) - gpac 1.0.1+dfsg1-4 (bug #987020) + [buster] - gpac (Minor issue) [stretch] - gpac (Minor issue; can be fixed in next update) NOTE: https://github.com/gpac/gpac/issues/1702 NOTE: https://github.com/gpac/gpac/commit/c4a5109dad73abe25ad12d8d529a728ae98d78ca @@ -20931,8 +20938,9 @@ CVE-2021-27349 (Advanced Order Export before 3.1.8 for WooCommerce allows XSS, a CVE-2021-27348 RESERVED CVE-2021-27347 (Use after free in lzma_decompress_buf function in stream.c in Irzip 0. ...) - - lrzip (bug #990583) + - lrzip (unimportant; bug #990583) NOTE: https://github.com/ckolivas/lrzip/issues/165 + NOTE: Crash in CLI tool, no security impact CVE-2021-27346 RESERVED CVE-2021-27345 (A null pointer dereference was discovered in ucompthread in stream.c i ...) @@ -34891,10 +34899,12 @@ CVE-2020-35983 RESERVED CVE-2020-35982 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an i ...) - gpac 1.0.1+dfsg1-4 (bug #987374) + [buster] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/commit/a4eb327049132359cae54b59faec9e2f14c5a619 NOTE: https://github.com/gpac/gpac/issues/1660 CVE-2020-35981 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an i ...) - gpac 1.0.1+dfsg1-4 (bug #987374) + [buster] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/commit/dae9900580a969481cd72035408091edb11b NOTE: https://github.com/gpac/gpac/issues/1659 CVE-2020-35980 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a us ...) @@ -34905,6 +34915,7 @@ CVE-2020-35980 (An issue was discovered in GPAC version 0.8.0 and
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 324b1102 by Moritz Muehlenhoff at 2021-07-06T12:58:03+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -242,6 +242,7 @@ CVE-2020-36402 (Solidity 0.7.5 has a stack-use-after-return issue in smtutil::CH NOT-FOR-US: Solidity CVE-2020-36401 (mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_f ...) - mruby (bug #990540) + [buster] - mruby (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23801 NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/mruby/OSV-2020-744.yaml NOTE: https://github.com/mruby/mruby/commit/97319697c8f9f6ff27b32589947e1918e3015503 @@ -3312,6 +3313,8 @@ CVE-2021-3598 RESERVED {DLA-2701-1} - openexr (bug #990450) + [bullseye] - openexr (Minor issue) + [buster] - openexr (Minor issue) NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/1033 NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/1037 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/566f5241edd87445373885d5f7a904dc81e866c1 @@ -5973,6 +5976,7 @@ CVE-2021-33516 (An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2. NOTE: https://gitlab.gnome.org/GNOME/gupnp/-/commit/ca6ec9dcb26fd7a2a630eb6a68118659b589afac (master) CVE-2021-33515 (The submission service in Dovecot before 2.3.15 allows STARTTLS comman ...) - dovecot (bug #990566) + [buster] - dovecot (Minor issue, fix along with next update) [stretch] - dovecot (Vulnerable code (smtp_server_command queue) introduced later) NOTE: https://dovecot.org/pipermail/dovecot-news/2021-June/000462.html NOTE: https://www.openwall.com/lists/oss-security/2021/06/28/2 @@ -10747,6 +10751,8 @@ CVE-2021-26945 (An integer overflow leading to a heap-buffer overflow was found CVE-2021-26260 (An integer overflow leading to a heap-buffer overflow was found in the ...) {DLA-2701-1} - openexr + [bullseye] - openexr (Minor issue) + [buster] - openexr (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1947582 NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29423 NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/894 @@ -10754,6 +10760,8 @@ CVE-2021-26260 (An integer overflow leading to a heap-buffer overflow was found CVE-2021-23215 (An integer overflow leading to a heap-buffer overflow was found in the ...) {DLA-2701-1} - openexr + [bullseye] - openexr (Minor issue) + [buster] - openexr (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1947586 NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29653 NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/901 @@ -16803,6 +16811,7 @@ CVE-2021-29064 RESERVED CVE-2021-29063 (A Regular Expression Denial of Service (ReDOS) vulnerability was disco ...) - mpmath (bug #990576) + [buster] - mpmath (Minor issue) [stretch] - mpmath (Minor issue) NOTE: https://github.com/yetingli/PoCs/blob/main/CVE-2021-29063/Mpmath.md NOTE: https://github.com/fredrik-johansson/mpmath/issues/548 @@ -16814,6 +16823,7 @@ CVE-2021-29061 (A Regular Expression Denial of Service (ReDOS) vulnerability was NOT-FOR-US: Vfsjfilechooser2 CVE-2021-29060 (A Regular Expression Denial of Service (ReDOS) vulnerability was disco ...) - node-color-string 1.5.4-2 + [buster] - node-color-string (Minor issue) NOTE: https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md NOTE: https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3 CVE-2021-29059 (A vulnerability was discovered in IS-SVG version 4.3.1 and below where ...) @@ -24001,6 +24011,7 @@ CVE-2021-26118 (While investigating ARTEMIS-2964 it was found that the creation CVE-2021-26117 (The optional ActiveMQ LDAP login module can be configured to use anony ...) {DLA-2583-1} - activemq 5.16.1-1 (bug #982590) + [buster] - activemq (Minor issue) NOTE: https://issues.apache.org/jira/browse/AMQ-8035 NOTE: https://www.openwall.com/lists/oss-security/2021/01/27/6 NOTE: https://gitbox.apache.org/repos/asf?p=activemq.git;h=c9f68f4c64b2687eee283b95538753665d2b229b @@ -48819,6 +48830,7 @@ CVE-2020-28201 RESERVED CVE-2020-28200 (The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource ...) - dovecot (bug #990566) + [buster] - dovecot (Minor issue, fix along with next update) [stretch] - dovecot (Minor issue) NOTE: https://dovecot.org/pipermail/
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 99ed24cb by Moritz Muehlenhoff at 2021-07-06T09:41:28+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -11391,14 +11391,17 @@ CVE-2021-31263 RESERVED CVE-2021-31262 (The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cau ...) - gpac 1.0.1+dfsg1-4 (bug #987280) + [buster] - gpac (Vulnerable code not present) NOTE: https://github.com/gpac/gpac/commit/b2eab95e07cb5819375a50358d4806a8813b6e50 NOTE: https://github.com/gpac/gpac/issues/1738 CVE-2021-31261 (The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to rea ...) - - gpac 1.0.1+dfsg1-4 (bug #987280) + - gpac 1.0.1+dfsg1-4 (unimportant; bug #987280) NOTE: https://github.com/gpac/gpac/commit/cd3738dea038dbd12e603ad48cd7373ae0440f65 NOTE: https://github.com/gpac/gpac/issues/1737 + NOTE: Negligible security impact CVE-2021-31260 (The MergeTrack function in GPAC 1.0.1 allows attackers to cause a deni ...) - gpac 1.0.1+dfsg1-4 (bug #987280) + [buster] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/commit/df8fffd839fe5ae9acd82d26fd48280a397411d9 NOTE: https://github.com/gpac/gpac/issues/1736 CVE-2021-31259 (The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allo ...) @@ -11408,18 +11411,22 @@ CVE-2021-31259 (The gf_isom_cenc_get_default_info_internal function in GPAC 1.0. NOTE: Introduced in https://github.com/gpac/gpac/commit/f966d85ee940b0a19dbbe972bc9ff042a98d7264 (after v1.0.1) CVE-2021-31258 (The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers ...) - gpac 1.0.1+dfsg1-4 (bug #987280) + [buster] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/commit/ebfa346eff05049718f7b80041093b4c5581c24e NOTE: https://github.com/gpac/gpac/issues/1706 CVE-2021-31257 (The HintFile function in GPAC 1.0.1 allows attackers to cause a denial ...) - gpac 1.0.1+dfsg1-4 (bug #987280) + [buster] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/commit/87afe070cd6866df7fe80f11b26ef75161de85e0 NOTE: https://github.com/gpac/gpac/issues/1734 CVE-2021-31256 (Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0. ...) - - gpac 1.0.1+dfsg1-4 (bug #987280) + - gpac 1.0.1+dfsg1-4 (bug #987280; unimportant) NOTE: https://github.com/gpac/gpac/commit/2da2f68bffd51d89b1d272d22aa8cc023c1c066e NOTE: https://github.com/gpac/gpac/issues/1705 + NOTE: Negligible security impact CVE-2021-31255 (Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 ...) - gpac 1.0.1+dfsg1-4 (bug #987280) + [buster] - gpac (Vulnerable code not present) NOTE: https://github.com/gpac/gpac/commit/758135e91e623d7dfe7f6aaad7aeb3f791b7a4e5 NOTE: https://github.com/gpac/gpac/issues/1733 CVE-2021-31254 (Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 ...) @@ -13870,6 +13877,7 @@ CVE-2021-30200 RESERVED CVE-2021-30199 (In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Derefe ...) - gpac 1.0.1+dfsg1-4 (bug #987323) + [buster] - gpac (Vulnerable code not present) NOTE: https://github.com/gpac/gpac/commit/b2db2f99b4c30f96e17b9a14537c776da6cb5dca NOTE: https://github.com/gpac/gpac/issues/1728 CVE-2021-30198 @@ -14393,16 +14401,19 @@ CVE-2021-30023 RESERVED CVE-2021-30022 (There is a integer overflow in media_tools/av_parsers.c in the gf_avc_ ...) - gpac 1.0.1+dfsg1-4 (bug #987323) + [buster] - gpac (Vulnerable code not present) NOTE: https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788 NOTE: https://github.com/gpac/gpac/issues/1720 CVE-2021-30021 RESERVED CVE-2021-30020 (In the function gf_hevc_read_pps_bs_internal function in media_tools/a ...) - gpac 1.0.1+dfsg1-4 (bug #987323) + [buster] - gpac (Vulnerable code not present) NOTE: https://github.com/gpac/gpac/commit/51cdb67ff7c5f1242ac58c5aa603ceaf1793b788 NOTE: https://github.com/gpac/gpac/issues/1722 CVE-2021-30019 (In the adts_dmx_process function in filters/reframe_adts.c in GPAC 1.0 ...) - gpac 1.0.1+dfsg1-4 (bug #987323) + [buster] - gpac (Vulnerable code not present) NOTE: https://github.com/gpac/gpac/commit/22774aa9e62f586319c8f107f5bae950fed900bc NOTE: https://github.com/gpac/gpac/issues/1723 CVE-2021-30018 @@ -14413,6 +14424,7 @@ CVE-2021-30016 RESERVED CVE-2021-30015 (There is a Null Pointer Dereference in function filter_core/filter_pck ...) - gpac 1.0.1+dfsg1-4 (bug #987323) + [buster] - gpac (Vulnerable code not present)
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 1f0457df by Moritz Muehlenhoff at 2021-07-05T22:34:06+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -10777,6 +10777,7 @@ CVE-2021-3506 (An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/no NOTE: https://lore.kernel.org/lkml/20210322114730.71103-1-yuch...@huawei.com/ CVE-2021-34557 (XScreenSaver 5.45 can be bypassed if the machine has more than ten dis ...) - xscreensaver 5.45+dfsg1-2 (bug #989508) + [buster] - xscreensaver (Minor issue) [stretch] - xscreensaver (Minor issue, fix along with next dla) NOTE: https://www.openwall.com/lists/oss-security/2021/06/05/1 NOTE: https://www.openwall.com/lists/oss-security/2021/06/05/2 @@ -23727,24 +23728,29 @@ CVE-2021-26200 (The user area for Library System 1.0 is vulnerable to SQL inject NOT-FOR-US: Library System CVE-2021-26199 (An issue was discovered in JerryScript 2.4.0. There is a heap-use-afte ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4056 CVE-2021-26198 (An issue was discovered in JerryScript 2.4.0. There is a SEVG in ecma_ ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4402 CVE-2021-26197 (An issue was discovered in JerryScript 2.4.0. There is a SEGV in main_ ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4403 CVE-2021-26196 RESERVED CVE-2021-26195 (An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-o ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4442 CVE-2021-26194 (An issue was discovered in JerryScript 2.4.0. There is a heap-use-afte ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4445 CVE-2021-26193 @@ -60926,18 +60932,28 @@ CVE-2020-23324 RESERVED CVE-2020-23323 (There is a heap-buffer-overflow at re-parser.c in re_parse_char_escape ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/3871 CVE-2020-23322 (There is an Assertion in 'context_p->token.type == LEXER_RIGHT_BRAC ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/3869 CVE-2020-23321 (There is a heap-buffer-overflow at lit-strings.c:431 in lit_read_code_ ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/3870 CVE-2020-23320 (There is an Assertion in 'context_p->next_scanner_info_p->type = ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/3835 CVE-2020-23319 (There is an Assertion in '(flags >> CBC_STACK_ADJUST_SHIFT) > ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/3834 CVE-2020-23318 RESERVED @@ -60949,29 +60965,45 @@ CVE-2020-23315 RESERVED CVE-2020-23314 (There is an Assertion 'block_found' failed at js-parser-statm.c:2003 p ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/3825 CVE-2020-23313 (There is an Assertion 'scope_stack_p > context_p->scope_stack_p' ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/3823 CVE-2020-23312 (There is an Assertion 'context.status_flags & PARSER_SCANNING_SUCC ...) - iotjs (bug #989991) + [bullseye] - iotjs (Minor issue) + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/3824 CVE-2020-23311 (There is an Assertion 'contex
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 05391524 by Moritz Muehlenhoff at 2021-07-05T18:31:54+02:00 buster triage - - - - - 3 changed files: - data/CVE/list - data/DSA/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -157,21 +157,25 @@ CVE-2021-36088 (Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double fre NOT-FOR-US: Fluent Bit CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in e ...) - libsepol (bug #990526) + [buster] - libsepol (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675 NOTE: https://github.com/SELinuxProject/selinux/commit/bad0a746e9f4cf260dedba5828d9645d50176aac NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_clas ...) - libsepol (bug #990526) + [buster] - libsepol (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177 NOTE: https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8 NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...) - libsepol (bug #990526) + [buster] - libsepol (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124 NOTE: https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml CVE-2021-36084 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...) - libsepol (bug #990526) + [buster] - libsepol (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065 NOTE: https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3 NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml @@ -211,6 +215,7 @@ CVE-2020-36404 (Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVecto NOT-FOR-US: keystone engine CVE-2020-36403 (HTSlib 1.10 through 1.10.2 allows out-of-bounds write access in vcf_pa ...) - htslib 1.11-1 + [buster] - htslib (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24097 NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/htslib/OSV-2020-955.yaml NOTE: https://github.com/samtools/htslib/commit/dcd4b7304941a8832fba2d0fc4c1e716e7a4e72c @@ -243,6 +248,7 @@ CVE-2019-25048 (LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read i - libressl (bug #754513) CVE-2018-25018 (UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write durin ...) - unrar-nonfree (bug #990541) + [buster] - unrar-nonfree (Non-free not supported) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845 NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unrar/OSV-2018-204.yaml CVE-2018-25017 (RawSpeed (aka librawspeed) 3.1 has a heap-based buffer overflow in Tab ...) @@ -1413,6 +1419,8 @@ CVE-2021-35526 CVE-2021-3624 [buffer-overflow caused by integer-overflow in foveon_load_camf()] RESERVED - dcraw (bug #984761) + [bullseye] - dcraw (Minor issue) + [buster] - dcraw (Minor issue) CVE-2021-3623 [out-of-bounds access when trying to resume the state of the vTPM] RESERVED - libtpms (bug #990522) @@ -2905,11 +2913,13 @@ CVE-2021-34827 CVE-2021-3608 [pvrdma: uninitialized memory unmap in pvrdma_ring_init()] RESERVED - qemu (bug #990563) + [buster] - qemu (Minor issue) [stretch] - qemu (Vulnerable code introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1973383 CVE-2021-3607 [pvrdma: unchecked malloc size due to integer overflow in init_dev_ring()] RESERVED - qemu (bug #990564) + [buster] - qemu (Minor issue) [stretch] - qemu (Vulnerable code introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1973349 CVE-2021-3606 (OpenVPN before version 2.5.3 on Windows allows local users to load arb ...) @@ -2918,6 +2928,7 @@ CVE-2021-34826 RESERVED CVE-2021-34825 (Quassel through 0.13.1, when --require-ssl is enabled, launches withou ...) - quassel (bug #990567) + [buster] - quassel (Minor issue) NOTE: https://github.com/quassel/quassel/pull/581 NOTE: https://bugs.quassel-irc.org/issues/1728 NOTE: '--require-ssl' flag added in https://github.com/quassel/quassel/pull/43 @@ -4944,6 +4955,7 @@
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e2c8733c by Moritz Muehlenhoff at 2021-07-02T21:01:21+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -112,6 +112,7 @@ CVE-2021-36084 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_ve CVE-2021-36083 (KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overf ...) [experimental] - kimageformats 5.83.0-1 - kimageformats 5.78.0-5 (bug #990527) + [buster] - kimageformats (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33742 NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2021-695.yaml NOTE: https://invent.kde.org/frameworks/kimageformats/commit/297ed9a2fe339bfe36916b9fce628c3242e5be0f @@ -122,6 +123,7 @@ CVE-2021-36082 (ntop nDPI 3.4 has a stack-based buffer overflow in processClient NOTE: https://github.com/ntop/nDPI/commit/1ec621c85b9411cc611652fd57a892cfef478af3 CVE-2021-36081 (Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-after-fr ...) - tesseract (bug #990529) + [buster] - tesseract (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698 NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tesseract-ocr/OSV-2021-211.yaml NOTE: https://github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55 @@ -49914,6 +49916,7 @@ CVE-2020-27782 (A flaw was found in the Undertow AJP connector. Malicious reques NOTE: https://github.com/undertow-io/undertow/commit/fdac349cbcd1da41fe8b9d4e7ebbab6879990c2a (2.2.4.Final) CVE-2020-27781 (User credentials can be manipulated and stolen by Native CephFS consum ...) - ceph 14.2.16-1 (bug #985670) + [buster] - ceph (Minor issue) NOTE: https://bugs.launchpad.net/manila/+bug/1904015 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1900109 NOTE: https://github.com/ceph/ceph/commit/1b8a634fdcd94dfb3ba650793fb1b6d09af65e05 (octopus) @@ -55452,6 +55455,7 @@ CVE-2020-25679 RESERVED CVE-2020-25678 (A flaw was found in ceph in versions prior to 16.y.z where ceph stores ...) - ceph 14.2.18-1 + [buster] - ceph (Minor issue) NOTE: https://tracker.ceph.com/issues/37503 NOTE: https://github.com/ceph/ceph/pull/38614 (v14.2.17) CVE-2020-25677 (A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph ...) @@ -86845,6 +86849,7 @@ CVE-2020-12060 RESERVED CVE-2020-12059 (An issue was discovered in Ceph through 13.2.9. A POST request with an ...) - ceph 14.2.4-1 + [buster] - ceph (Minor issue) [stretch] - ceph (Vulnerable code introduced later) [jessie] - ceph (Vulnerable code introduced later) NOTE: https://tracker.ceph.com/issues/44967 @@ -91777,6 +91782,7 @@ CVE-2020-10754 (It was found that nmcli, a command line interface to NetworkMana NOTE: plugin). CVE-2020-10753 (A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gate ...) - ceph 14.2.15-1 (bug #975300) + [buster] - ceph (Minor issue) [jessie] - ceph (Minor issue) NOTE: https://github.com/ceph/ceph/pull/35773 NOTE: Fix: https://github.com/ceph/ceph/commit/1524d3c0c5cb11775313ea1e2bb36a93257947f2 @@ -115964,6 +115970,7 @@ CVE-2020-1761 (A flaw was found in the OpenShift web console, where the access t CVE-2020-1760 (A flaw was found in the Ceph Object Gateway, where it supports request ...) {DLA-2171-1} - ceph 14.2.9-1 (bug #956142) + [buster] - ceph (Minor issue) NOTE: Introduced with: https://github.com/ceph/ceph-ci/commit/f4a0b2d9260a4523745875e3977a8a1ef9dc5e2e NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/8aa1f77363ec32bdc57744a143035033291ab5e1 NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/18eb4d918b27d362312c29a3bbd57a421897c0a5 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2c8733c0ac638662e2d56f0c43271638191f077 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2c8733c0ac638662e2d56f0c43271638191f077 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 136422a1 by Moritz Muehlenhoff at 2021-06-17T18:52:20+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -549,33 +549,33 @@ CVE-2021-3596 CVE-2021-3595 (An invalid pointer initialization issue was found in the SLiRP network ...) - libslirp (bug #989996) - qemu 1:4.1-2 + [buster] - qemu (Minor issue) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17 (v4.6.0) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/3f17948137155f025f7809fdc38576d5d2451c3d (v4.6.0) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/990163cf3ac86b7875559f49602c4d76f46f6f30 (v4.6.0) NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. - TODO: check completeness CVE-2021-3594 (An invalid pointer initialization issue was found in the SLiRP network ...) - libslirp (bug #989995) - qemu 1:4.1-2 + [buster] - qemu (Minor issue) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17 (v4.6.0) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/74572be49247c8c5feae7c6e0b50c4f569ca9824 (v4.6.0) NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. - TODO: check completeness CVE-2021-3593 (An invalid pointer initialization issue was found in the SLiRP network ...) - libslirp (bug #989994) - qemu 1:4.1-2 + [buster] - qemu (Minor issue) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17 (v4.6.0) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/de71c15de66ba9350bf62c45b05f8fbff166517b (v4.6.0) NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. - TODO: check completeness CVE-2021-3592 (An invalid pointer initialization issue was found in the SLiRP network ...) - libslirp (bug #989993) - qemu 1:4.1-2 + [buster] - qemu (Minor issue) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/93e645e72a056ec0b2c16e0299fc5c6b94e4ca17 (v4.6.0) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/f13cad45b25d92760bb0ad67bec0300a4d7d5275 (v4.6.0) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/2eca0838eee1da96204545e22cdaed860d9d7c6c (v4.6.0) NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. - TODO: check completeness CVE-2021-34558 RESERVED CVE-2021-34556 @@ -8420,6 +8420,7 @@ CVE-2021-31216 CVE-2021-31215 (SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11. ...) - slurm-wlm 20.11.7-1 (bug #988439) - slurm-llnl + [buster] - slurm-llnl (Minor issue) [stretch] - slurm-llnl (env is already SPANKed) NOTE: https://github.com/SchedMD/slurm/commit/a9e9e2fedbd200ca545ab67dd753bd52c919f236 (2.11.7) CVE-2021-3499 (A vulnerability was found in OVN Kubernetes in versions up to and incl ...) @@ -12276,6 +12277,7 @@ CVE-2021-29626 (In FreeBSD 13.0-STABLE before n245117, 12.2-STABLE before r36955 - kfreebsd-10 (unimportant) CVE-2021-29625 (Adminer is open-source database management software. A cross-site scri ...) - adminer 4.7.9-2 (bug #96) + [buster] - adminer (Minor issue) [stretch] - adminer (Minor issue) NOTE: https://github.com/vrana/adminer/security/advisories/GHSA-2v82-5746-vwqc NOTE: https://github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7 @@ -29734,6 +29736,8 @@ CVE-2021-3 CVE-2021-2 (Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allow ...) [experimental] - wireshark 3.4.6-1~exp1 - wireshark + [bullseye] - wireshark (Minor issue, can be fixed along in future update) + [buster] - wireshark (Minor issue, can be fixed along in future update) [stretch] - wireshark (Minor issue) NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/3130 NOTE: https://www.wireshark.org/security/wnpa-sec-2021-05.html = data/dsa-needed.txt = @@ -39,3 +39,5 @@ runc -- salt -- +tor +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/136422a15519a509102a0da38653aab80e6ecdbe -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/136422a15519a509102a0da38653aab80e6ecdbe You're receiving this email because of your account on salsa.debian.org. __
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 5c141398 by Moritz Muehlenhoff at 2021-06-17T15:14:13+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -989,6 +989,7 @@ CVE-2021-34364 (The Refined GitHub browser extension before 21.6.8 might allow X NOT-FOR-US: Refined GitHub browser extension CVE-2021-34363 (The thefuck (aka The Fuck) package before 3.31 for Python allows Path ...) - thefuck + [buster] - thefuck (Minor issue) [stretch] - thefuck (Minor issue) NOTE: https://github.com/nvbn/thefuck/commit/e343c577cd7da4d304b837d4a07ab4df1e023092 (3.31) NOTE: https://github.com/nvbn/thefuck/pull/1206 @@ -1990,6 +1991,7 @@ CVE-2021-33897 RESERVED CVE-2021-33896 (Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (o ...) - dino-im 0.2.0-3 + [buster] - dino-im (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/06/07/2 NOTE: https://github.com/dino/dino/commit/0c8d25b7a3e7a10a506f1e19b868fe9b0c761495 (master) NOTE: https://github.com/dino/dino/commit/1eaad1ccfbd00c6e76650535496531c172453994 (v0.2.1) @@ -2145,6 +2147,7 @@ CVE-2021-33830 RESERVED CVE-2021-33829 (A cross-site scripting (XSS) vulnerability in the HTML Data Processor ...) - ckeditor 4.16.0+dfsg-2 + [buster] - ckeditor (Minor issue) [stretch] - ckeditor (Fix along next DLA) NOTE: https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser NOTE: https://github.com/ckeditor/ckeditor4/commit/3e426ce34f7fc7bf784624358831ef9e189bb6ed @@ -15615,6 +15618,7 @@ CVE-2021-28214 RESERVED CVE-2021-28213 (Example EDK2 encrypted private key in the IpSecDxe.efi present potenti ...) - edk2 + [buster] - edk2 (Minor issue) NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1866 CVE-2021-28212 RESERVED @@ -20591,20 +20595,25 @@ CVE-2021-26200 (The user area for Library System 1.0 is vulnerable to SQL inject NOT-FOR-US: Library System CVE-2021-26199 (An issue was discovered in JerryScript 2.4.0. There is a heap-use-afte ...) - iotjs + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4056 CVE-2021-26198 (An issue was discovered in JerryScript 2.4.0. There is a SEVG in ecma_ ...) - iotjs + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4402 CVE-2021-26197 (An issue was discovered in JerryScript 2.4.0. There is a SEGV in main_ ...) - iotjs + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4403 CVE-2021-26196 RESERVED CVE-2021-26195 (An issue was discovered in JerryScript 2.4.0. There is a heap-buffer-o ...) - iotjs + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4442 CVE-2021-26194 (An issue was discovered in JerryScript 2.4.0. There is a heap-use-afte ...) - iotjs + [buster] - iotjs (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/4445 CVE-2021-26193 RESERVED @@ -32114,6 +32123,7 @@ CVE-2021-21440 RESERVED CVE-2021-21439 (DoS attack can be performed when an email contains specially designed ...) - otrs2 + [buster] - otrs2 (Non-free not supported) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-09/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye NOTE: src:otrs2 is the znuny fork) = data/dsa-needed.txt = @@ -21,6 +21,8 @@ chromium -- djvulibre -- +intel-microcode +-- linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c1413980da11beaf9744d60073edd7c41868f05 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c1413980da11beaf9744d60073edd7c41868f05 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 3794c8fa by Moritz Muehlenhoff at 2021-06-10T20:07:34+02:00 buster triage NFUs - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -30174,16 +30174,22 @@ CVE-2021-21667 RESERVED CVE-2021-21666 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2021-21665 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2021-21664 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2021-21663 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2021-21662 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2021-21661 RESERVED + NOT-FOR-US: Jenkins plugin CVE-2021-21660 (Jenkins Markdown Formatter Plugin 0.1.0 and earlier does not sanitize ...) NOT-FOR-US: Jenkins plugin CVE-2021-21659 (Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML ...) @@ -31953,6 +31959,7 @@ CVE-2021-21419 (Eventlet is a concurrent networking library for Python. A websoc NOTE: Fixed by: https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07 NOTE: Issue present as well in versions before introduction of per-message-defalte extension NOTE: or compression extension support. + NOTE: Patch for 0.20 by SuSE: https://bugzilla.suse.com/attachment.cgi?id=849402&action=diff CVE-2021-21418 (ps_emailsubscription is a newsletter subscription module for the Prest ...) NOT-FOR-US: PrestaShop CVE-2021-21417 (fluidsynth is a software synthesizer based on the SoundFont 2 specific ...) = data/dsa-needed.txt = @@ -33,5 +33,9 @@ jetty9 -- python-pysaml2 (jmm) -- +runc +-- salt -- +xen (jmm) +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3794c8fab976c4e35aef5d23af8cd740af0b91fc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3794c8fab976c4e35aef5d23af8cd740af0b91fc You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 818c4fa1 by Moritz Muehlenhoff at 2021-06-04T11:02:32+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -271,6 +271,7 @@ CVE-2021-3568 CVE-2021-3567 RESERVED - caribou 0.4.21-7.1 (bug #980061) + [buster] - caribou (Security impact only with cinnamon-screensaver >= 4.2) [stretch] - caribou (Security impact only with cinnamon-screensaver >= 4.2) NOTE: https://bugs.launchpad.net/ubuntu/+source/caribou/+bug/1912060 NOTE: https://gitlab.gnome.org/GNOME/caribou/-/merge_requests/3 @@ -4621,6 +4622,7 @@ CVE-2021-31856 (A SQL Injection vulnerability in the REST API in Layer5 Meshery NOT-FOR-US: Layer Meshery CVE-2021-31855 (KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages ...) - kf5-messagelib (bug #989438) + [buster] - kf5-messagelib (Minor issue) - kdepim4 NOTE: https://kde.org/info/security/advisory-20210429-1.txt NOTE: https://commits.kde.org/messagelib/3b5b171e91ce78b966c98b1292a1bcbc8d984799 @@ -13655,6 +13657,7 @@ CVE-2021-3426 (There's a flaw in Python 3's pydoc. A local or adjacent attacker - python3.5 - python2.7 (Vulnerable code not present) - pypy3 7.3.3+dfsg-4 + [buster] - pypy3 (Minor issue) NOTE: https://bugs.python.org/issue42988 NOTE: https://github.com/python/cpython/commit/9b999479c0022edfc9835a8a1f06e046f3881048 NOTE: https://python-security.readthedocs.io/vuln/pydoc-getfile.html View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/818c4fa17fb16d9c842feff5df532830602a8df8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/818c4fa17fb16d9c842feff5df532830602a8df8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a2c6486b by Moritz Muehlenhoff at 2021-06-03T17:35:40+02:00 buster triage - - - - - 1 changed file: - data/dsa-needed.txt Changes: = data/dsa-needed.txt = @@ -18,6 +18,8 @@ chromium -- djvulibre -- +libwebp (jmm) +-- linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. @@ -28,5 +30,9 @@ jetty9 -- python-pysaml2 (jmm) -- +rails +-- salt -- +thunderbird (jmm) +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2c6486bd4d404e5cd0e352bc46c0380dfe18c4d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2c6486bd4d404e5cd0e352bc46c0380dfe18c4d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 5a10a508 by Moritz Muehlenhoff at 2021-05-25T19:55:35+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -2035,6 +2035,7 @@ CVE-2021-32612 RESERVED CVE-2021-32611 (A NULL pointer dereference vulnerability exists in eXcall_api.c in Ant ...) - libexosip2 + [buster] - libexosip2 (Minor issue) NOTE: http://git.savannah.nongnu.org/cgit/exosip.git/commit/?id=f2ed389fe84613512cc560127883e51e6cf8c054 CVE-2021-32610 RESERVED @@ -2326,6 +2327,7 @@ CVE-2021-32480 RESERVED CVE-2021-32563 (An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17 ...) - thunar 4.16.8-1 (bug #988394) + [buster] - thunar (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/05/09/2 NOTE: Fixed by: https://gitlab.xfce.org/xfce/thunar/-/commit/9165a61f95e43cc0b5abf9b98eee2818a0191e0b NOTE: Regression fix: https://gitlab.xfce.org/xfce/thunar/-/commit/3b54d9d7dbd7fd16235e2141c43a7f18718f5664 @@ -2367,6 +2369,7 @@ CVE-2021-32490 CVE-2021-3541 RESERVED - libxml2 2.9.10+dfsg-6.7 (bug #988603) + [buster] - libxml2 (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950515 NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/228 (currently private) @@ -3458,6 +3461,7 @@ CVE-2021-3532 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1956464 CVE-2021-3531 (A flaw was found in the Red Hat Ceph Storage RGW in versions before 14 ...) - ceph (bug #988890) + [buster] - ceph (Minor issue) [stretch] - ceph (Vulnerable code introduced later) NOTE: https://www.openwall.com/lists/oss-security/2021/05/14/5 NOTE: Nautilus: https://github.com/ceph/ceph/commit/f44a8ae8aa27ecef69528db9aec220f12492810e @@ -3668,6 +3672,7 @@ CVE-2021-3525 RESERVED CVE-2021-3524 (A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gate ...) - ceph (bug #99) + [buster] - ceph (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1951674 NOTE: Fixed by: https://github.com/ceph/ceph/commit/763aebb94678018f89427137ffbc0c5205b1edc1 CVE-2021-3523 @@ -4111,6 +4116,7 @@ CVE-2021-31801 RESERVED CVE-2021-31800 (Multiple path traversal vulnerabilities exist in smbserver.py in Impac ...) - impacket 0.9.22-2 (bug #988141) + [buster] - impacket (Minor issue) NOTE: https://github.com/SecureAuthCorp/impacket/commit/49c643bf66620646884ed141c94e5fdd85bcdd2f CVE-2021-31799 RESERVED @@ -32382,6 +32388,7 @@ CVE-2021-20289 (A flaw was found in RESTEasy in all versions of RESTEasy up to 4 NOT-FOR-US: Keycloak CVE-2021-20288 (An authentication flaw was found in ceph in versions before 14.2.20. W ...) - ceph 14.2.20-1 (bug #986974) + [buster] - ceph (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/04/14/2 NOTE: https://github.com/ceph/ceph/commit/059eabcc0ada81078a898cdc25cf72bf3d506ad0 NOTE: https://github.com/ceph/ceph/commit/05b3b6a305ddbb56cc53bbeadf5866db4d785f49 @@ -48984,6 +48991,7 @@ CVE-2020-25724 RESERVED - resteasy - resteasy3.0 + [buster] - resteasy3.0 (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1899354 (lacks details ATM) CVE-2020-25723 (A reachable assertion issue was found in the USB EHCI emulation code o ...) {DLA-2469-1} = data/dsa-needed.txt = @@ -14,17 +14,23 @@ If needed, specify the release by adding a slash after the name of the source pa -- condor -- +djvulibre +-- linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. -- ndpi -- +nginx +-- jetty9 -- python-pysaml2 (jmm) -- salt -- +squid +-- webkit2gtk -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a10a508f1ce0cb2651f242fe75ed261ca6f08f9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a10a508f1ce0cb2651f242fe75ed261ca6f08f9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 20150aa9 by Moritz Muehlenhoff at 2021-04-29T20:58:04+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -3875,6 +3875,7 @@ CVE-2021-30152 (An issue was discovered in MediaWiki before 1.31.13 and 1.32.x t NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2021-April/094418.html CVE-2021-30151 (Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue n ...) - ruby-sidekiq (bug #987354) + [buster] - ruby-sidekiq (Minor issue) [stretch] - ruby-sidekiq (Minor issue) NOTE: https://github.com/mperham/sidekiq/issues/4852 NOTE: https://github.com/mperham/sidekiq/commit/64f70339d1dcf50a55c00d36bfdb61d97ec63ed8 @@ -22241,6 +22242,7 @@ CVE-2021-22208 RESERVED CVE-2021-22207 (Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to ...) - wireshark + [buster] - wireshark (Minor issue, can be fixed along in future update) NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17331 NOTE: https://www.wireshark.org/security/wnpa-sec-2021-04.html CVE-2021-22206 @@ -28214,6 +28216,7 @@ CVE-2021-20255 (A stack overflow via an infinite recursion vulnerability was fou CVE-2021-20254 [Negative idmap cache entries can cause incorrect group entries in the Samba file server process token] RESERVED - samba + [buster] - samba (Minor issue) NOTE: https://www.samba.org/samba/security/CVE-2021-20254.html NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14571 NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=75ad84167f5d2379557ec078d17c9a1c244402fc (master) @@ -75319,6 +75322,7 @@ CVE-2020-12273 (In TestLink 1.9.20, a crafted login.php viewer parameter exposes NOT-FOR-US: TestLink CVE-2020-12272 (OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentic ...) - opendmarc (bug #977767) + [buster] - opendmarc (Minor issue) NOTE: https://sourceforge.net/p/opendmarc/tickets/237/ NOTE: https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf CVE-2020-12271 (A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 bef ...) @@ -165738,6 +165742,7 @@ CVE-2019-0222 (In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT fra - activemq 5.15.9-1 (bug #925964; unimportant) [jessie] - activemq (MQTT support not enabled) - mqtt-client 1.16-1 + [buster] - mqtt-client (Minor issue) NOTE: http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt NOTE: activemq disabled MQTT transport in 5.6.0+dfsg-1 (d/patches/exclude_mqtt.diff) NOTE: but enabled activemq-mqtt in 5.13.2+dfsg-2 using the external mqtt-client. = data/dsa-needed.txt = @@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it. If needed, specify the release by adding a slash after the name of the source package. +-- +bind9 -- chromium -- @@ -31,6 +33,8 @@ jetty9 -- python-pysaml2 (jmm) -- +ruby-rack-cors +-- salt -- webkit2gtk View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20150aa975529f242089acc1dfba998506eb59b9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20150aa975529f242089acc1dfba998506eb59b9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 1eca9933 by Moritz Muehlenhoff at 2021-04-27T22:48:07+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -96,6 +96,7 @@ CVE-2021-31805 RESERVED CVE-2020-36325 (An issue was discovered in Jansson through 2.13.1. Due to a parsing er ...) - jansson + [buster] - jansson (Minor issue) NOTE: https://github.com/akheron/jansson/issues/548 CVE-2021-31826 (Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL pointe ...) {DSA-4905-1} @@ -104,9 +105,10 @@ CVE-2021-31826 (Shibboleth Service Provider 3.x before 3.2.2 is prone to a NULL NOTE: https://issues.shibboleth.net/jira/browse/SSPCPP-927 NOTE: https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=5a47c3b9378f4c49392dd4d15189b70956f9f2ec CVE-2021-31804 (LeoCAD before 21.03 sometimes allows a use-after-free during the openi ...) - - leocad + - leocad (unimportant) NOTE: https://github.com/leozide/leocad/issues/645 NOTE: https://github.com/leozide/leocad/commit/233affe3fcdc851fa82cb058871bddd0046e1c87 + NOTE: Crash in CLI tool, no security impact CVE-2021-31803 (cPanel before 94.0.3 allows self-XSS via EasyApache 4 Save Profile (SE ...) NOT-FOR-US: cPanel CVE-2021-31802 (NETGEAR R7000 1.0.11.116 devices have a heap-based Buffer Overflow tha ...) @@ -5252,6 +5254,7 @@ CVE-2021-29474 (HedgeDoc (formerly known as CodiMD) is an open-source collaborat NOT-FOR-US: HedgeDoc CVE-2021-29473 (Exiv2 is a C++ library and a command-line utility to read, write, dele ...) - exiv2 + [buster] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-7569-phvm-vwc2 NOTE: https://github.com/github/advisory-review/pull/1587 CVE-2021-29472 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1eca993365285fdcd7e1456e0fc366f9ca429711 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1eca993365285fdcd7e1456e0fc366f9ca429711 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6d9049f4 by Moritz Muehlenhoff at 2021-04-23T21:55:55+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -20025,6 +20025,7 @@ CVE-2021-22882 (UniFi Protect before v1.17.1 allows an attacker to use spoofed c NOT-FOR-US: UniFi Protect CVE-2021-22881 (The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3 ...) - rails 2:6.0.3.5+dfsg-1 + [buster] - rails (Vulnerable code not present) [stretch] - rails (host_authorization.rb added later) NOTE: https://discuss.rubyonrails.org/t/cve-2021-22881-possible-open-redirect-in-host-authorization-middleware/77130 NOTE: https://hackerone.com/reports/1047447 @@ -20032,6 +20033,7 @@ CVE-2021-22881 (The Host Authorization middleware in Action Pack before 6.1.2.1, NOTE: https://github.com/rails/rails/commit/e33092740b3cc05f5abee197a5982eac31947e92 (v6.0.3.5) CVE-2021-22880 (The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4 ...) - rails 2:6.0.3.5+dfsg-1 + [buster] - rails (Minor issue) [stretch] - rails (Vulnerable asterisk in regex added later) NOTE: https://discuss.rubyonrails.org/t/cve-2021-22880-possible-dos-vulnerability-in-active-record-postgresql-adapter/77129 NOTE: https://hackerone.com/reports/1023899 @@ -44043,6 +44045,7 @@ CVE-2020-25665 (The PALM image coder at coders/palm.c makes an improper call to NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/ca80e93cc887fb8971ceba2eead2c74e2b927df4 CVE-2020-25664 (In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper ca ...) - imagemagick 8:6.9.11.24+dfsg-1 + [buster] - imagemagick (Minor issue) [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1716 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/1f450bb5ba53d275de6d1cd086c98a0b549ad393 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d9049f44cbc0802a73c44ad706645e266c1cb5e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d9049f44cbc0802a73c44ad706645e266c1cb5e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 38a9e4b4 by Moritz Muehlenhoff at 2021-04-23T19:22:26+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -41,6 +41,7 @@ CVE-2021-31598 RESERVED CVE-2021-31597 (The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL c ...) - node-xmlhttprequest-ssl + [buster] - node-xmlhttprequest-ssl (Minor issue, should possibly be removed from stable as well) NOTE: https://github.com/mjwwit/node-XMLHttpRequest/commit/bf53329b61ca6afc5d28f6b8d2dc2e3ca740a9b2 NOTE: https://people.kingsds.network/wesgarland/xmlhttprequest-ssl-vuln.txt CVE-2021-31596 @@ -180,6 +181,7 @@ CVE-2021-23215 CVE-2021-23169 [Heap-buffer-overflow in Imf_2_5::copyIntoFrameBuffer] RESERVED - openexr + [buster] - openexr (Vulnerable code not present) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28051 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/ae6d203892cc9311917a7f4f05354ef792b3e58e CVE-2020-36324 (Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflect ...) @@ -3247,6 +3249,7 @@ CVE-2021-30147 (DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such a NOT-FOR-US: DMA Softlab Radius Manager CVE-2021-30146 (Seafile 7.0.5 (2019) allows Persistent XSS via the "share of library f ...) - seafile-client (bug #987282) + [buster] - seafile-client (Minor issue) NOTE: https://github.com/Security-AVS/CVE-2021-30146 CVE-2021-30145 RESERVED @@ -4854,10 +4857,12 @@ CVE-2021-29430 (Sydent is a reference Matrix identity server. Sydent does not li NOT-FOR-US: Matrix Sydent CVE-2021-29429 (In Gradle before version 7.0, files created with open permissions in t ...) - gradle (bug #987284) + [buster] - gradle (Minor issue) [stretch] - gradle (Minor issue) NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-fp8h-qmr5-j4c8 CVE-2021-29428 (In Gradle before version 7.0, on Unix-like systems, the system tempora ...) - gradle (bug #987284) + [buster] - gradle (Minor issue) [stretch] - gradle (Minor issue; sticky bit on /tmp is set by default) NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-89qm-pxvm-p336 CVE-2021-29427 (In Gradle from version 5.1 and before version 7.0 there is a vulnerabi ...) @@ -8462,8 +8467,8 @@ CVE-2021-27906 (A carefully crafted PDF file can trigger an OutOfMemory-Exceptio NOTE: https://issues.apache.org/jira/browse/PDFBOX-5112 CVE-2021-27905 (The ReplicationHandler (normally registered at "/replication" under a ...) - lucene-solr + [buster] - lucene-solr (Minor issue) NOTE: https://lists.apache.org/thread.html/r0ddc3a82bd7523b1453cb7a5e09eb5559517145425074a42eb326b10%40%3Cannounce.apache.org%3E - TODO: check details CVE-2021-27904 (An issue was discovered in app/Model/SharingGroupServer.php in MISP 2. ...) NOT-FOR-US: MISP CVE-2021-27903 @@ -27743,6 +27748,7 @@ CVE-2021-20209 NOTE: https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=c62254a686dcd40e3b6e5753d0c7c0308209a7b6 (3.0.29) CVE-2021-20208 (A flaw was found in cifs-utils in versions before 6.13. A user when mo ...) - cifs-utils (bug #987308) + [buster] - cifs-utils (Minor issue) NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14651 NOTE: https://lists.samba.org/archive/samba-technical/2021-April/136467.html NOTE: https://git.samba.org/cifs-utils.git/?p=cifs-utils.git;a=commit;h=e461afd8cfa6d0781ae0c5c10e89b6ef1ca6da32 @@ -31097,6 +31103,7 @@ CVE-2020-29600 (In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an ab CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the - ...) {DLA-2523-1} - imagemagick 8:6.9.11.57+dfsg-1 (bug #977205) + [buster] - imagemagick (Minor issue, 200-disable-ghostscript-formats.patch addresses this) NOTE: https://github.com/ImageMagick/ImageMagick/discussions/2851 NOTE: https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a9e63436aa04c805fe3f9e2ed242dfa4621df823 @@ -35041,6 +35048,7 @@ CVE-2020-28502 (This affects the package xmlhttprequest before 1.7.0; all versio - node-xmlhttprequest 1.8.0-1 [stretch] - node-xmlhttprequest (Nodejs in stretch not covered by security support) - node-xmlhttprequest-ssl + [buster] - node-xmlhttprequest-ssl (Minor issue, should possibly be removed from stable as well) [stretch] - node-xmlhttprequest-ssl (Nodejs in stretch not covered by securit
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d4722c65 by Moritz Muehlenhoff at 2021-04-21T19:16:11+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -7500,7 +7500,7 @@ CVE-2021-28158 CVE-2021-28157 (An SQL Injection issue in Devolutions Server before 2021.1 and Devolut ...) NOT-FOR-US: Devolutions Server CVE-2021-28156 (HashiCorp Consul Enterprise version 1.8.0 up to 1.9.4 audit log can be ...) - - consul + - consul (Only affects Enterprise version) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950492 NOTE: https://github.com/hashicorp/consul/pull/10030 CVE-2021-28155 @@ -10002,6 +10002,7 @@ CVE-2021-27105 CVE-2021-3407 (A flaw was found in mupdf 1.18.0. Double free of object during lineari ...) {DLA-2589-1} - mupdf 1.17.0+ds1-1.3 (bug #983684) + [buster] - mupdf (Minor issue) NOTE: http://git.ghostscript.com/?p=mupdf.git;h=cee7cefc610d42fd383b3c80c12cbc675443176a NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=703366 (not public yet) CVE-2021-3406 (A flaw was found in keylime 5.8.1 and older. The issue in the Keylime ...) @@ -17032,6 +17033,7 @@ CVE-2021-24116 RESERVED CVE-2021-24115 (In Botan before 2.17.3, constant-time computations are not used for ce ...) - botan 2.17.3+dfsg-1 + [buster] - botan (Minor issue) - botan1.10 [stretch] - botan1.10 (Vulnerable code not present) NOTE: https://github.com/randombit/botan/pull/2549 @@ -24357,6 +24359,7 @@ CVE-2021-21367 (Switchboard Bluetooth Plug for elementary OS from version 2.3.0 NOT-FOR-US: Switchboard Bluetooth Plug for elementary OS CVE-2021-21366 (xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) ...) - node-xmldom 0.5.0-1 + [buster] - node-xmldom (Minor issue) NOTE: https://github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv NOTE: https://github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135 CVE-2021-21365 @@ -34891,6 +34894,7 @@ CVE-2020-28497 RESERVED CVE-2020-28496 (This affects the package three before 0.125.0. This can happen when ha ...) - three.js + [buster] - three.js (Minor issue) [stretch] - three.js (can be fixed along in next DLA) NOTE: https://github.com/mrdoob/three.js/pull/21143/commits/4a582355216b620176a291ff319d740e619d583e NOTE: https://github.com/mrdoob/three.js/issues/21132 @@ -43295,6 +43299,7 @@ CVE-2020-25865 RESERVED CVE-2020-25864 (HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value ( ...) - consul + [buster] - consul (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950275 NOTE: https://github.com/hashicorp/consul/pull/10023 CVE-2020-25863 (In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the ...) @@ -43698,6 +43703,7 @@ CVE-2020-25711 (A flaw was found in infinispan 10 REST API, where authorization CVE-2020-25708 (A divide by zero issue was found to occur in libvncserver-0.9.12. A ma ...) {DLA-2451-1} - libvncserver 0.9.13+dfsg-1 + [buster] - libvncserver (Minor issue) NOTE: https://github.com/LibVNC/libvncserver/issues/409 NOTE: https://github.com/LibVNC/libvncserver/commit/673c07a75ed844d74676f3ccdcfdc706a7052dba CVE-2020-25707 @@ -43972,18 +43978,21 @@ CVE-2020-25654 (An ACL bypass flaw was found in pacemaker. An attacker having a CVE-2020-25653 (A race condition vulnerability was found in the way the spice-vdagentd ...) {DLA-2524-1} - spice-vdagent 0.20.0-2 (bug #973769) + [buster] - spice-vdagent (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/1 NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/51c415df82a52e9ec033225783c77df95f387891 NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/5c50131797e985d0a5654c1fd7000ae945ed29a7 CVE-2020-25652 (A flaw was found in the spice-vdagentd daemon, where it did not proper ...) {DLA-2524-1} - spice-vdagent 0.20.0-2 (bug #973769) + [buster] - spice-vdagent (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/1 NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/91caa9223857708475d29df1768208fed1675340 NOTE: https://gitlab.freedesktop.org/spice/linux/vd_agent/-/commit/812ca777469a377c84b9861d7d326bfc72563304 CVE-2020-25651 (A flaw was found in the SPICE file transfer protocol. File data from t ...) {DLA-2524-1} - spice-vdagent 0.20.0-2 (bug #973769) + [buster] - spice-vdagent (Minor issue) NOTE: https://www.openwall.com/lists/oss-
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 033361dd by Moritz Muehlenhoff at 2021-04-15T19:37:46+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1424,9 +1424,10 @@ CVE-2021-3497 [gstreamer-plugins-good: Use-after-free in matroska demuxing] NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/9181191511f9c0be6a89c98b311f49d66bd46dc3?merge_request_iid=903 CVE-2021-3496 [heap-based buffer overflow in Get16u() in exif.c] RESERVED - - jhead (bug #986923) + - jhead (bug #986923; unimportant) NOTE: https://github.com/Matthias-Wandel/jhead/issues/33 NOTE: Fixed by: https://github.com/Matthias-Wandel/jhead/commit/ca2973f4ce79279c15a09cf400648a757c1721b0 + NOTE: Crash in CLI tool, no security impact CVE-2021-30641 RESERVED CVE-2021-30640 @@ -2450,6 +2451,7 @@ CVE-2021-30179 RESERVED CVE-2020-36314 (fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used b ...) - file-roller 3.38.1-1 + [buster] - file-roller (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/file-roller/-/commit/e970f4966bf388f6e7c277357c8b186c645683ae NOTE: https://gitlab.gnome.org/GNOME/file-roller/-/issues/108 CVE-2021-3484 @@ -5198,6 +5200,7 @@ CVE-2021-28965 RESERVED - ruby2.7 (bug #986807) - ruby2.5 + [buster] - ruby2.5 (Minor issue, can be fixed along with next update) - ruby2.3 - ruby-rexml (bug #986806) NOTE: https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/ @@ -6423,6 +6426,7 @@ CVE-2021-28422 RESERVED CVE-2021-28421 (FluidSynth 2.1.7 contains a use after free vulnerability in sfloader/f ...) - fluidsynth + [buster] - fluidsynth (Minor issue) NOTE: https://github.com/FluidSynth/fluidsynth/issues/808 NOTE: https://github.com/FluidSynth/fluidsynth/pull/810 CVE-2021-28420 (A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote at ...) @@ -7161,6 +7165,7 @@ CVE-2021-28109 (TranzWare (POI) FIMI before 4.2.20.4.2 allows login_tw.php refle CVE-2021-28374 (The Debian courier-authlib package before 0.71.1-2 for Courier Authent ...) {DLA-2625-1} - courier-authlib 0.71.1-2 (bug #984810) + [buster] - courier-authlib (Minor issue) NOTE: Re-introduction of #378571 while migrating from debian/permissions to NOTE: debian/courier-authdaemon.tmpfiles in 0.66.4-2. CVE-2021-3426 [Running `pydoc -p` allows other local users to extract arbitrary files. The `/getfile?key=path` URL allows to read arbitrary file on the filesystem.] @@ -18309,6 +18314,7 @@ CVE-2021-23338 (This affects all versions of package qlib. The workflow function NOT-FOR-US: qlib CVE-2021-23337 (Lodash versions prior to 4.17.21 are vulnerable to Command Injection v ...) - node-lodash 4.17.21+dfsg+~cs8.31.173-1 (bug #985086) + [buster] - node-lodash (Minor issue) [stretch] - node-lodash (Nodejs in stretch not covered by security support) NOTE: https://snyk.io/vuln/SNYK-JS-LODASH-1040724 CVE-2021-23336 (The package python/cpython from 0 and before 3.6.13, from 3.7.0 and be ...) @@ -26416,8 +26422,8 @@ CVE-2021-20312 [Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c] NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e53e24b078f7fa586f9cc910491b8910f5bdad2e CVE-2021-20311 [Division by zero in sRGBTransformImage() in MagickCore/colorspace.c] RESERVED + - imagemagick (Specific to IM7) NOTE: https://github.com/ImageMagick/ImageMagick/commit/70aa86f5d5d8aa605a918ed51f7574f433a18482 - TODO: Check whether specific to IM7 CVE-2021-20310 [Division by zero in ConvertXYZToJzazbz() of MagickCore/colorspace.c] RESERVED NOTE: https://github.com/ImageMagick/ImageMagick/issues/3295 @@ -34191,6 +34197,7 @@ CVE-2020-28501 (This affects the package es6-crawler-detect before 3.1.3. No lim NOT-FOR-US: Node es6-crawler-detect CVE-2020-28500 (Lodash versions prior to 4.17.21 are vulnerable to Regular Expression ...) - node-lodash 4.17.21+dfsg+~cs8.31.173-1 (bug #985086) + [buster] - node-lodash (Minor issue) [stretch] - node-lodash (Nodejs in stretch not covered by security support) NOTE: https://snyk.io/vuln/SNYK-JS-LODASH-1018905 CVE-2020-28499 (All versions of package merge are vulnerable to Prototype Pollution vi ...) @@ -40287,6 +40294,7 @@ CVE-2020-26893 (An issue was discovered in ClamXAV 3 before 3.1.1. A malicious a NOT-FOR-US: ClamXAV CVE-2020-26892 (The JWT library in NATS nats-server before 2.1.9 has Incorrect Access ...) - golang-github-nats-io-jwt + [buster]
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 1e7d59e0 by Moritz Muehlenhoff at 2021-04-14T12:43:31+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9131,6 +9131,7 @@ CVE-2021-3406 (A flaw was found in keylime 5.8.1 and older. The issue in the Key NOTE: https://github.com/keylime/keylime/security/advisories/GHSA-78f8-6c68-375m CVE-2021-3405 (A flaw was found in libebml before 1.4.2. A heap overflow bug exists i ...) - libebml 1.4.2-1 (bug #982597) + [buster] - libebml (Minor issue) NOTE: https://github.com/Matroska-Org/libebml/issues/74 CVE-2021-27104 (Accellion FTA 9_12_370 and earlier is affected by OS command execution ...) NOT-FOR-US: Accellion FTA @@ -21275,6 +21276,7 @@ CVE-2021-21784 (An out-of-bounds write vulnerability exists in the JPG format SO NOT-FOR-US: Accusoft ImageGear CVE-2021-21783 (A code execution vulnerability exists in the WS-Addressing plugin func ...) - gsoap + [buster] - gsoap (Minor issue) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1245 CVE-2021-21782 (An out-of-bounds write vulnerability exists in the SGI format buffer s ...) NOT-FOR-US: ImageGear @@ -26641,6 +26643,7 @@ CVE-2021-20177 CVE-2021-20176 (A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 ...) {DLA-2602-1} - imagemagick 8:6.9.11.57+dfsg-1 + [buster] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/3077 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/fbd9a963db1ae5551c45dc8af57db0abd7695774 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/90255f0834eead08d59f46b0bda7b1580451cc0f @@ -42656,6 +42659,7 @@ CVE-2020-25677 (A flaw was found in Ceph-ansible v4.0.41 where it creates an /et CVE-2020-25676 (In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), Inte ...) {DLA-2602-1} - imagemagick 8:6.9.11.24+dfsg-1 + [buster] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1732 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/406da3af9e09649cda152663c179902edf5ab3ac NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/94aeb3c40d25aee1051ba8eb3a31601558ef2506 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e7d59e042ddc9db471474566f497e7db2febc01 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e7d59e042ddc9db471474566f497e7db2febc01 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2bef5add by Moritz Muehlenhoff at 2021-04-13T12:54:56+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -289,10 +289,12 @@ CVE-2021-30500 CVE-2021-30499 RESERVED - libcaca + [buster] - libcaca (Minor issue) NOTE: https://github.com/cacalabs/libcaca/issues/54 CVE-2021-30498 RESERVED - libcaca + [buster] - libcaca (Minor issue) NOTE: https://github.com/cacalabs/libcaca/issues/53 CVE-2021-30497 RESERVED @@ -15291,14 +15293,17 @@ CVE-2021-23994 CVE-2021-23993 RESERVED - thunderbird + [buster] - thunderbird (Minor issue, wait until 78.10 update) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-13/#CVE-2021-23993 CVE-2021-23992 RESERVED - thunderbird + [buster] - thunderbird (Minor issue, wait until 78.10 update) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-13/#CVE-2021-23992 CVE-2021-23991 RESERVED - thunderbird + [buster] - thunderbird (Minor issue, wait until 78.10 update) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-13/#CVE-2021-23991 CVE-2021-23990 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2bef5add0979e39ba04786929c448f81b9f62c4a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2bef5add0979e39ba04786929c448f81b9f62c4a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 60b72eb0 by Moritz Muehlenhoff at 2021-04-12T17:52:31+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -85,18 +85,22 @@ CVE-2021-30473 CVE-2021-30472 RESERVED - libpodofo (bug #986794) + [buster] - libpodofo (Minor issue) NOTE: https://sourceforge.net/p/podofo/tickets/132/ CVE-2021-30471 RESERVED - libpodofo (bug #986793) + [buster] - libpodofo (Minor issue) NOTE: https://sourceforge.net/p/podofo/tickets/131/ CVE-2021-30470 RESERVED - libpodofo (bug #986792) + [buster] - libpodofo (Minor issue) NOTE: https://sourceforge.net/p/podofo/tickets/130/ CVE-2021-30469 RESERVED - libpodofo (bug #986791) + [buster] - libpodofo (Minor issue) NOTE: https://sourceforge.net/p/podofo/tickets/129/ CVE-2021-30468 RESERVED @@ -120,6 +124,8 @@ CVE-2021-30459 RESERVED CVE-2021-30458 (An issue was discovered in Wikimedia Parsoid before 0.11.1 and 0.12.x ...) - mediawiki 1:1.35.2-1 + [buster] - mediawiki (Only applies to 1.35 and later) + [stretch] - mediawiki (Only applies to 1.35 and later) NOTE: https://phabricator.wikimedia.org/T279451 CVE-2021-30457 (An issue was discovered in the id-map crate through 2021-02-26 for Rus ...) NOT-FOR-US: Rust crate id-map @@ -675,6 +681,7 @@ CVE-2021-30185 (CERN Indico before 2.3.4 can use an attacker-supplied Host heade NOT-FOR-US: CERN Indico CVE-2021-30184 (GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted ...) - gnuchess (bug #986801) + [buster] - gnuchess (Minor issue) NOTE: https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg0.html NOTE: https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg1.html CVE-2021-30183 @@ -766,6 +773,7 @@ CVE-2020-36310 (An issue was discovered in the Linux kernel before 5.8. arch/x86 NOTE: https://git.kernel.org/linus/e72436bc3a5206f95bb384e741154166ddb3202e CVE-2020-36309 (ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty ...) - nginx (bug #986787) + [buster] - nginx (Minor issue) NOTE: https://github.com/openresty/lua-nginx-module/pull/1654 CVE-2020-36308 (Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discov ...) - redmine 4.0.7-1 @@ -21786,6 +21794,7 @@ CVE-2020-35637 RESERVED CVE-2020-35636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) - cgal 5.2-3 (bug #985671) + [buster] - cgal (Minor issue) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225 CVE-2020-35635 RESERVED @@ -21803,6 +21812,7 @@ CVE-2020-35629 RESERVED CVE-2020-35628 (A code execution vulnerability exists in the Nef polygon-parsing funct ...) - cgal 5.2-3 (bug #985671) + [buster] - cgal (Minor issue) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225 CVE-2021-21433 (Discord Recon Server is a bot that allows you to do your reconnaissanc ...) NOT-FOR-US: Discord Recon Server @@ -21870,6 +21880,7 @@ CVE-2021-21405 RESERVED CVE-2021-21404 (Syncthing is a continuous file synchronization program. In Syncthing b ...) - syncthing (bug #986593) + [buster] - syncthing (Minor issue) NOTE: https://github.com/syncthing/syncthing/security/advisories/GHSA-x462-89pf-6r5h NOTE: https://github.com/syncthing/syncthing/commit/fb4fdaf4c0a79c22cad000c42ac1394e3ccb6a97 CVE-2021-21403 (In github.com/kongchuanhujiao/server before version 1.3.21 there is an ...) @@ -21935,12 +21946,15 @@ CVE-2021-21375 (PJSIP is a free and open source multimedia communication library NOTE: https://github.com/pjsip/pjproject/commit/97b3d7addbaa720b7ddb0af9bf6f3e443e664365 CVE-2021-21374 (Nimble is a package manager for the Nim programming language. In Nim r ...) - nim + [buster] - nim (Minor issue) NOTE: https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/ CVE-2021-21373 (Nimble is a package manager for the Nim programming language. In Nim r ...) - nim + [buster] - nim (Minor issue) NOTE: https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/ CVE-2021-21372 (Nimble is a package manager for the Nim programming language. In Nim r ...) - nim + [buster] - nim (Minor issue) NOTE: https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/ CVE-2021-21371 (Tenable for Jira Cloud is an open source project design
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e96acccb by Moritz Muehlenhoff at 2021-04-07T19:43:28+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -410,6 +410,7 @@ CVE-2021-30005 RESERVED CVE-2021-30004 (In wpa_supplicant and hostapd 2.9, forging attacks may occur because A ...) - wpa + [buster] - wpa (Minor issue) NOTE: https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15 CVE-2021-30003 (An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices. Ther ...) NOT-FOR-US: Nokia G-120W-F 3FE46606AGAB91 devices @@ -1711,6 +1712,7 @@ CVE-2021-29422 RESERVED CVE-2021-29421 (models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Pyth ...) - pikepdf (bug #986274) + [buster] - pikepdf (Minor issue) NOTE: https://github.com/pikepdf/pikepdf/commit/3f38f73218e5e782fe411ccbb3b44a793c0b343a (v2.10.0) CVE-2021-29420 RESERVED @@ -2333,6 +2335,7 @@ CVE-2021-29137 RESERVED CVE-2021-29136 (Open Container Initiative umoci before 0.4.7 allows attackers to overw ...) - umoci 0.4.7+ds-1 + [buster] - umoci (Minor issue) NOTE: https://github.com/opencontainers/umoci/security/advisories/GHSA-9m95-8hx6-7p9v NOTE: https://github.com/opencontainers/umoci/commit/d9efc31daf2206f7d3fdb839863cf7a576a2eb57 (v0.4.7) CVE-2021-29135 @@ -2636,6 +2639,7 @@ CVE-2021-28995 RESERVED CVE-2021-28994 (kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8. ...) - kopanocore (bug #986272) + [buster] - kopanocore (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/03/19/6 CVE-2021-28993 RESERVED @@ -3383,6 +3387,7 @@ CVE-2021-28658 (In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3 NOTE: https://github.com/django/django/commit/4036d62bda0e9e9f6172943794b744a454ca49c2 (2.2.20) CVE-2021-28657 (A carefully crafted or corrupt file may trigger an infinite loop in Ti ...) - tika + [buster] - tika (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/03/30/3 CVE-2021-28656 RESERVED @@ -9053,10 +9058,12 @@ CVE-2021-3309 (packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can proce NOT-FOR-US: Wekan CVE-2021-26272 (It was possible to execute a ReDoS-type attack inside CKEditor 4 befor ...) - ckeditor 4.16.0+dfsg-1 (bug #982587) + [buster] - ckeditor (Minor issue) [stretch] - ckeditor (Fix along next DLA) NOTE: https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-416 CVE-2021-26271 (It was possible to execute a ReDoS-type attack inside CKEditor 4 befor ...) - ckeditor 4.16.0+dfsg-1 (bug #982587) + [buster] - ckeditor (Minor issue) [stretch] - ckeditor (Fix along next DLA) NOTE: https://github.com/ckeditor/ckeditor4/blob/major/CHANGES.md#ckeditor-416 CVE-2021-26270 @@ -9402,10 +9409,12 @@ CVE-2021-26121 CVE-2021-26120 (Smarty before 3.1.39 allows code injection via an unexpected function ...) {DLA-2618-1} - smarty3 3.1.39-1 + [buster] - smarty3 (Minor issue) NOTE: https://github.com/smarty-php/smarty/commit/4f634c0097ab4a8b2adc2a97caacd1676e88f9c8 CVE-2021-26119 (Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_ ...) {DLA-2618-1} - smarty3 3.1.39-1 + [buster] - smarty3 (Minor issue) NOTE: https://github.com/smarty-php/smarty/commit/c9272058d972045dda9c99c64a82acb21c93c6ad CVE-2021-26118 (While investigating ARTEMIS-2964 it was found that the creation of adv ...) NOT-FOR-US: Apache ActiveMQ Artemis @@ -23969,6 +23978,7 @@ CVE-2021-20270 (An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 m CVE-2021-20269 [incorrect permissions on kdump dmesg file] RESERVED - kexec-tools (bug #985105) + [buster] - kexec-tools (Minor issue) [stretch] - kexec-tools (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/03/11/2 CVE-2021-20268 (An out-of-bounds access flaw was found in the Linux kernel's implement ...) @@ -39107,6 +39117,7 @@ CVE-2020-26216 (TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2 CVE-2020-26215 (Jupyter Notebook before version 6.1.5 has an Open redirect vulnerabili ...) {DLA-2477-1} - jupyter-notebook 6.1.5-1 + [buster] - jupyter-notebook (Minor issue) NOTE: https://github.com/jupyter/notebook/security/advisories/GHSA-c7vm-f5p4-8fqh NOTE: https://github.com/jupyter/notebook/commit/2e1c56b0c4a903606d4a2eb13e32409296b9799d CVE-2020-26214 (In Alerta before version 8.1.0, users may be able to bypass LDAP authe ...)
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: cfb4f210 by Moritz Muehlenhoff at 2021-04-06T19:31:23+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -439,6 +439,7 @@ CVE-2021-30002 (An issue was discovered in the Linux kernel before 5.11.3 when a CVE-2021-3482 [heap-based buffer overflow in Jp2Image::readMetadata() in jp2image.cpp] RESERVED - exiv2 + [buster] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/1522 CVE-2021-3481 [Out of bounds read in function QRadialFetchSimd from crafted svg file] RESERVED @@ -1962,6 +1963,7 @@ CVE-2021-3469 CVE-2021-3468 [Local DoS by event-busy-loop from writing long lines to /run/avahi-daemon/socket] RESERVED - avahi (bug #984938) + [buster] - avahi (Minor issue) NOTE: https://github.com/lathiat/avahi/pull/330 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939614#c3 CVE-2021-29262 @@ -15661,6 +15663,7 @@ CVE-2021-23336 (The package python/cpython from 0 and before 3.6.13, from 3.7.0 - python3.5 - python2.7 [bullseye] - python2.7 (Python 2.7 in Bullseye not covered by security support) + [buster] - python2.7 (Minor issue) - pypy3 7.3.3+dfsg-3 [buster] - pypy3 (Minor issue) NOTE: https://github.com/python/cpython/pull/24297 @@ -20130,6 +20133,7 @@ CVE-2020-35922 (An issue was discovered in the mio crate before 0.7.6 for Rust. TODO: check CVE-2020-35920 (An issue was discovered in the socket2 crate before 0.3.16 for Rust. I ...) - rust-socket2 0.3.19-1 + [buster] - rust-socket2 (Minor issue) NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0079.html NOTE: https://github.com/rust-lang/socket2-rs/issues/119 CVE-2020-35918 (An issue was discovered in the branca crate before 0.10.0 for Rust. De ...) @@ -23649,8 +23653,9 @@ CVE-2021-20310 CVE-2021-20309 RESERVED CVE-2021-20308 (Integer overflow in the htmldoc 1.9.11 and before may allow attackers ...) - - htmldoc + - htmldoc (unimportant) NOTE: https://github.com/michaelrsweet/htmldoc/issues/423 + NOTE: Crash in CLI tool, no security impact CVE-2021-20307 (Format string vulnerability in panoFileOutputNamesCreate() in libpano1 ...) - libpano13 2.9.20~rc3+dfsg-1 (bug #985249) [buster] - libpano13 2.9.19+dfsg-3+deb10u1 @@ -23659,6 +23664,7 @@ CVE-2021-20306 RESERVED CVE-2021-20305 (A flaw was found in Nettle in versions before 3.7.2, where several Net ...) - nettle 3.7.2-1 (bug #985652) + [buster] - nettle (Minor issue) NOTE: https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html NOTE: New functions ecc_mod_mul_canonical and ecc_mod_sqr_canonical: NOTE: https://git.lysator.liu.se/nettle/nettle/-/commit/a63893791280d441c713293491da97c79c0950fe @@ -23932,11 +23938,12 @@ CVE-2021-20244 (A flaw was found in ImageMagick in MagickCore/visual-effects.c. NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/329dd528ab79531d884c0ba131e97d43f872ab5d NOTE: In IM6 the code seems to be in magick/fx.c CVE-2021-20243 (A flaw was found in ImageMagick in MagickCore/resize.c. An attacker wh ...) - - imagemagick + - imagemagick + [bullseye] - imagemagick (Minor issue) [buster] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/pull/3193 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/9751bd619872c8e58609fbed56c4827afa083b40 - TODO: check + NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/53cb91b3e7bf95d0e372cbc745e0055ac6054745 (resize.c hunk) CVE-2021-20242 REJECTED CVE-2021-20241 (A flaw was found in ImageMagick in coders/jp2.c. An attacker who submi ...) @@ -40200,6 +40207,7 @@ CVE-2020-25694 (A flaw was found in PostgreSQL versions before 13.1, before 12.5 CVE-2020-25693 (A flaw was found in CImg in versions prior to 2.9.3. Integer overflows ...) {DLA-2462-1} - cimg 2.9.4+dfsg-2 (bug #973770) + [buster] - cimg (Minor issue) NOTE: https://github.com/dtschump/CImg/pull/295 NOTE: https://bugs.launchpad.net/ubuntu/+source/cimg/+bug/1900983 NOTE: Fixed by: https://github.com/dtschump/CImg/commit/4f184f89f9ab6785a6c90fd238dbaa6d901d3505 @@ -70559,6 +70567,7 @@ CVE-2020-12365 (Untrusted pointer dereference in some Intel(R) Graphics Drivers CVE-2020-12364 (Null pointer reference in some Intel(R) Graphics Drivers for Windows* ...) - linux - firmware-nonfree 20210208-1 + [buster] - firmware-nonfree (Non-free not supported) NOTE: Short of details: https://www.intel.com
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 27ddacb3 by Moritz Mühlenhoff at 2021-04-05T21:36:26+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -372,7 +372,9 @@ CVE-2021-30002 (An issue was discovered in the Linux kernel before 5.11.3 when a CVE-2021-3481 [Out of bounds read in function QRadialFetchSimd from crafted svg file] RESERVED - qtsvg-opensource-src + [buster] - qtsvg-opensource-src (Minor issue) - qt4-x11 + [buster] - qt4-x11 (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1931444 NOTE: https://bugreports.qt.io/browse/QTBUG-91507 NOTE: https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=bfd6ee0d8cf34b63d32adf10ed93daa0086b359f (qt/qtsvg/dev) @@ -1631,7 +1633,9 @@ CVE-2021-29377 CVE-2021-29376 (ircII before 20210314 allows remote attackers to cause a denial of ser ...) - ircii-pana - ircii (bug #986214) + [buster] - ircii (Minor issue) - scrollz (bug #986215) + [buster] - scrollz (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/03/24/2 CVE-2021-29375 RESERVED @@ -4929,6 +4933,7 @@ CVE-2021-27928 (A remote code execution issue was discovered in MariaDB 10.2 bef NOTE: Fixed in MariaDB: 10.5.9, 10.4.18, 10.3.28, 10.2.27 CVE-2021-27927 (In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5 ...) - zabbix 1:5.0.8+dfsg-1 + [buster] - zabbix (Minor issue) [stretch] - zabbix (minor issue) NOTE: https://support.zabbix.com/browse/ZBX-18942 CVE-2021-27926 @@ -35596,6 +35601,7 @@ CVE-2020-27639 (The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP NOT-FOR-US: Mitel CVE-2020-27637 (The R programming language’s default package manager CRAN is aff ...) - r-base 4.0.3-1 + [buster] - r-base (Minor issue) [stretch] - r-base (Minor issue) NOTE: https://labs.bishopfox.com/advisories/cran-version-4.0.2 TODO: check details = data/dsa-needed.txt = @@ -32,6 +32,8 @@ python-bleach -- python-pysaml2 (jmm) -- +ruby-kramdown (jmm) +-- salt -- tomcat9 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27ddacb39affc4cf62ba8f71a310d8e7f492060e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27ddacb39affc4cf62ba8f71a310d8e7f492060e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d48ec47c by Moritz Muehlenhoff at 2021-03-31T21:09:56+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -32,6 +32,7 @@ CVE-2021-3480 CVE-2021-3479 [Out-of-memory caused by allocation of a very large buffer] RESERVED - openexr + [buster] - openexr (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25370 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/d80f11f4f55100d007ae80a162bf257ec291612c NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/830 @@ -483,14 +484,17 @@ CVE-2021-29425 RESERVED CVE-2021-3476 (A flaw was found in OpenEXR's B44 uncompression functionality in versi ...) - openexr + [buster] - openexr (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/eec0dba242bedd2778c973ae4af112107b33d9c9 CVE-2021-3475 (There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker ...) - openexr + [buster] - openexr (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/2a18ed424a854598c2a20b5dd7e782b436a1e753 CVE-2021-3474 (There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted inp ...) - openexr + [buster] - openexr (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/c3ed4a1db1f39bf4524a644cb2af81dc8cfab33f CVE-2021-29424 (The Net::Netmask module before 2. for Perl does not properly consi ...) @@ -13072,6 +13076,7 @@ CVE-2021-23980 [mutation XSS via allowed math or svg; p or br; and style, title, - python-bleach NOTE: https://github.com/mozilla/bleach/security/advisories/GHSA-vv2x-vrpj-qqpq NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1689399 + NOTE: https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13 CVE-2021-23979 (Mozilla developers reported memory safety bugs present in Firefox 85. ...) - firefox 86.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-07/#CVE-2021-23979 @@ -22540,6 +22545,7 @@ CVE-2021-20297 [Setting match.path and activating a profiles crashes NetworkMana CVE-2021-20296 RESERVED - openexr + [buster] - openexr (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/b0c63c0b96eb9b0d3998f603e12f9f414fb0d44a CVE-2021-20295 [Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm in Red Hat Enterprise Linux 8.3] = data/dsa-needed.txt = @@ -33,6 +33,8 @@ netty -- openjpeg2 (jmm) -- +python-bleach +-- python-pysaml2 (jmm) -- salt View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d48ec47cfb0b6467d56c4b5e0e78a1aad595c029 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d48ec47cfb0b6467d56c4b5e0e78a1aad595c029 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 9a13612a by Moritz Muehlenhoff at 2021-03-26T18:49:30+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -2258,12 +2258,14 @@ CVE-2021-28212 CVE-2021-28211 [possible heap corruption with LzmaUefiDecompressGetInfo] RESERVED - edk2 2020.11-1 + [buster] - edk2 (Minor issue) NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1816 NOTE: https://github.com/tianocore/edk2/pull/1138 NOTE: https://github.com/tianocore/edk2/commit/e7bd0dd26db7e56aa8ca70132d6ea916ee6f3db0 CVE-2021-28210 [unlimited FV recursion, round 2] RESERVED - edk2 2020.11-1 + [buster] - edk2 (Minor issue) NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1743 NOTE: https://github.com/tianocore/edk2/pull/1137 NOTE: https://github.com/tianocore/edk2/commit/47343af30435302c087027177613412a1a83e919 @@ -2514,6 +2516,7 @@ CVE-2021-28117 (libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover NOTE: Plasma 5.18: https://commits.kde.org/plasma/discover/fcd3b30552bf03a384b1a16f9bb8db029c111356 CVE-2021-28116 (Squid through 4.14 and 5.x through 5.0.5, in some configurations, allo ...) - squid + [buster] - squid (Minor issue, revisit once fixed upstream) - squid3 [stretch] - squid3 (Check later when information is public) NOTE: https://www.zerodayinitiative.com/advisories/ZDI-21-157/ @@ -5212,6 +5215,7 @@ CVE-2021-23201 RESERVED CVE-2020-36244 (The daemon in GENIVI Diagnostic Log and Trace (DLT) before 2.18.6 has ...) - dlt-daemon 2.18.6-1 + [buster] - dlt-daemon (Minor issue) NOTE: https://github.com/GENIVI/dlt-daemon/issues/265 NOTE: https://github.com/GENIVI/dlt-daemon/pull/269 NOTE: https://github.com/GENIVI/dlt-daemon/commit/af734fe097ed379b0aa5fcf551886b1ce5098052 (v2.18.6) @@ -12601,6 +12605,7 @@ CVE-2021-3116 (before_upstream_connection in AuthPlugin in http/proxy/auth.py in CVE-2021-3115 (Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to ...) - golang-1.15 1.15.7-1 - golang-1.11 + [buster] - golang-1.11 (Minor issue, only applies to inherently insecure setups) - golang-1.8 [stretch] - golang-1.8 (Minor issue, requires unsecure PATH and compiling a malicious dependency) - golang-1.7 @@ -13647,9 +13652,10 @@ CVE-2021-23336 (The package python/cpython from 0 and before 3.6.13, from 3.7.0 CVE-2021-23335 (All versions of package is-user-valid are vulnerable to LDAP Injection ...) NOT-FOR-US: Node is-user-valid CVE-2021-23334 (All versions of package static-eval are vulnerable to Arbitrary Code E ...) - - node-static-eval + - node-static-eval (unimportant) NOTE: https://snyk.io/vuln/SNYK-JS-STATICEVAL-1056765 NOTE: https://github.com/browserify/static-eval/issues/34 + NOTE: Explicitly documented as such by upstream: https://github.com/browserify/static-eval#security CVE-2021-2 RESERVED CVE-2021-23332 @@ -18783,6 +18789,7 @@ CVE-2020-35679 (smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfre NOTE: https://www.mail-archive.com/misc@opensmtpd.org/msg05188.html CVE-2020-35678 (Autobahn|Python before 20.12.3 allows redirect header injection. ...) - python-autobahn (bug #978416) + [buster] - python-autobahn (Minor issue) [stretch] - python-autobahn (Need a package which is not in this suite) NOTE: https://github.com/crossbario/autobahn-python/pull/1439 NOTE: https://github.com/crossbario/autobahn-python/commit/f7b7ad5c1066bdcc551775b73da15dca5c111623 (v20.12.3) @@ -21723,6 +21730,7 @@ CVE-2021-20268 (An out-of-bounds access flaw was found in the Linux kernel's imp CVE-2021-20267 RESERVED - neutron (bug #985104) + [buster] - neutron (Minor issue) NOTE: https://bugs.launchpad.net/neutron/+bug/1902917 NOTE: https://review.opendev.org/c/openstack/neutron/+/776599 CVE-2021-20266 @@ -29280,6 +29288,7 @@ CVE-2020-28499 (All versions of package merge are vulnerable to Prototype Pollut NOTE: Only bogus references listed, unclear what this is about CVE-2020-28498 (The package elliptic before 6.5.4 are vulnerable to Cryptographic Issu ...) - node-elliptic 6.5.4~dfsg-1 + [buster] - node-elliptic (Minor issue) NOTE: https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f NOTE: https://github.com/christianlundkvist/blog/blob/master/2020_05_26_secp256k1_twist_attacks/secp256k1_twist_attacks.md CVE-2020-28497 @@ -29295,6 +29304,7 @@ CVE-2020-28494 (This affects the package total.js before 3.4.7. The i
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b680c293 by Moritz Muehlenhoff at 2021-03-12T23:14:59+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -362,6 +362,7 @@ CVE-2016-20009 (** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer NOT-FOR-US: Wind River VxWorks CVE-2021-28153 (An issue was discovered in GNOME GLib before 2.66.8. When g_file_repla ...) - glib2.0 2.66.7-2 (bug #984969) + [buster] - glib2.0 (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2325 CVE-2021-3435 RESERVED @@ -28741,6 +28742,7 @@ CVE-2021-0385 (In createConnectToAvailableNetworkNotification of ConnectToNetwor NOT-FOR-US: Android CVE-2021-0384 (In read_and_discard_scanlines of jdapistd.c, there is a possible null ...) - libjpeg-turbo (bug #985082) + [buster] - libjpeg-turbo (Minor issue) [stretch] - libjpeg-turbo (Minor issue) NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/470 NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6d2e8837b440ce4d8befd805a5abc0d351028d70 = data/dsa-needed.txt = @@ -19,6 +19,8 @@ chromium knot-resolver Santiago Ruano Rincón proposed a debdiff for review -- +libhibernate3-java +-- linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b680c293b2f55de6c8f7b8a33ac0e9f14aa7fe3f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b680c293b2f55de6c8f7b8a33ac0e9f14aa7fe3f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 270ca809 by Moritz Muehlenhoff at 2021-03-12T18:57:18+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1154,6 +1154,7 @@ CVE-2020-35358 CVE-2021-27803 (A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant b ...) {DLA-2581-1} - wpa 2:2.9.0-21 + [buster] - wpa (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/02/25/3 NOTE: https://w1.fi/security/2021-1/wpa_supplicant-p2p-provision-discovery-processing-vulnerability.txt NOTE: https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch @@ -19149,6 +19150,7 @@ CVE-2021-20329 RESERVED CVE-2021-20328 (Specific versions of the Java driver that support client-side field le ...) - mongo-java-driver + [buster] - mongo-java-driver (Minor issue) [stretch] - mongo-java-driver (Minor issue) NOTE: https://jira.mongodb.org/browse/JAVA-4017 NOTE: https://github.com/mongodb/mongo-java-driver/commit/60d87d5a76645a331a77ccc45ef7c67aac88b234 @@ -26858,6 +26860,7 @@ CVE-2020-28484 RESERVED CVE-2020-28483 (This affects all versions of package github.com/gin-gonic/gin. When gi ...) - golang-github-gin-gonic-gin + [buster] - golang-github-gin-gonic-gin (Minor issue) NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736 NOTE: https://github.com/gin-gonic/gin/pull/2474#issuecomment-729696437 NOTE: https://github.com/gin-gonic/gin/commit/c9ea8ece4a3881028f7f715f008414346a7f4b88 @@ -35310,14 +35313,17 @@ CVE-2020-25790 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to u NOT-FOR-US: Typesetter CMS CVE-2020-25789 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-1 ...) - tt-rss 21~git20210204.b4cbc79+dfsg-1 (bug #970633) + [buster] - tt-rss (Minor issue) NOTE: https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799 NOTE: https://git.tt-rss.org/fox/tt-rss/commit/da5af2fae091041cca27b24b6f0e69e4a6d0dc60 CVE-2020-25788 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-1 ...) - tt-rss 21~git20210204.b4cbc79+dfsg-1 (bug #970633) + [buster] - tt-rss (Minor issue) NOTE: https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799 NOTE: https://git.tt-rss.org/fox/tt-rss/commit/c3d14e1fa54c7dade7b1b7955575e2991396d7ef CVE-2020-25787 (An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-1 ...) - tt-rss 21~git20210204.b4cbc79+dfsg-1 (bug #970633) + [buster] - tt-rss (Minor issue) NOTE: https://community.tt-rss.org/t/heads-up-several-vulnerabilities-fixed/3799 NOTE: https://git.tt-rss.org/fox/tt-rss/commit/c3d14e1fa54c7dade7b1b7955575e2991396d7ef CVE-2020-25786 (** UNSUPPORTED WHEN ASSIGNED ** webinc/js/info.php on D-Link DIR-816L ...) @@ -52543,6 +52549,7 @@ CVE-2020-17522 (When ORT (now via atstccfg) generates ip_allow.config files in A NOT-FOR-US: Apache Traffic Control CVE-2020-17521 (Apache Groovy provides extension methods to aid with creating temporar ...) - groovy 2.4.21-1 (bug #977399) + [buster] - groovy (Minor issue) [stretch] - groovy (Minor issue) - groovy2 NOTE: https://issues.apache.org/jira/browse/GROOVY-9824 @@ -77754,17 +77761,20 @@ CVE-2020-8287 (Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow t CVE-2020-8286 (curl 7.41.0 through 7.73.0 is vulnerable to an improper check for cert ...) {DLA-2500-1} - curl 7.74.0-1 (bug #977161) + [buster] - curl (Minor issue) NOTE: https://curl.se/docs/CVE-2020-8286.html NOTE: https://github.com/curl/curl/commit/d9d01672785b8ac04aab1abb6de95fe3072ae199 (curl-7_74_0) CVE-2020-8285 (curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recu ...) {DLA-2500-1} - curl 7.74.0-1 (bug #977162) + [buster] - curl (Minor issue) NOTE: https://curl.se/docs/CVE-2020-8285.html NOTE: https://github.com/curl/curl/issues/6255 NOTE: https://github.com/curl/curl/commit/69a358f2186e04cf44698b5100332cbf1ee7f01d (curl-7_74_0) CVE-2020-8284 (A malicious server can use the FTP PASV response to trick curl 7.73.0 ...) {DLA-2500-1} - curl 7.74.0-1 (bug #977163) + [buster] - curl (Minor issue) NOTE: https://curl.se/docs/CVE-2020-8284.html NOTE: https://github.com/curl/curl/commit/ec9cc725d598ac77de7b6df8afeec292b3c8ad46 (curl-7_74_0) CVE-2020-8283 (An authorised user on a Windows host running Citrix Universal Print Se ...) = data/
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6b2a2a7d by Moritz Muehlenhoff at 2021-03-10T20:30:04+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1671,6 +1671,7 @@ CVE-2021-27379 (An issue was discovered in Xen through 4.11.x, allowing x86 Inte NOTE: containing broken backport for XSA-321 / CVE-2020-15565 CVE-2021-27378 (An issue was discovered in the rand_core crate before 0.6.2 for Rust. ...) - rust-rand-core + [buster] - rust-rand-core (Minor issue) NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0023.html CVE-2021-27377 (An issue was discovered in the yottadb crate before 1.2.0 for Rust. Fo ...) NOT-FOR-US: Rust crate yottadb @@ -1735,6 +1736,7 @@ CVE-2021-27352 RESERVED CVE-2021-27351 (The Terminate Session feature in the Telegram application through 7.2. ...) - telegram-desktop 2.5.8+ds-1 + [buster] - telegram-desktop (Minor issue) NOTE: https://0ffsecninja.github.io/Telegram:CVE-2021-2735.html CVE-2021-27350 RESERVED @@ -2045,6 +2047,7 @@ CVE-2021-3411 (A flaw was found in the Linux kernel in versions prior to 5.10. A CVE-2021-3410 (A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in c ...) {DLA-2584-1} - libcaca (bug #983686) + [buster] - libcaca (Minor issue) NOTE: https://github.com/cacalabs/libcaca/issues/52 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1928437 NOTE: https://github.com/cacalabs/libcaca/commit/46b4ea7cea72d6b3ffe65d33e604b1774dcc2bbd @@ -2728,12 +2731,14 @@ CVE-2021-26907 RESERVED CVE-2021-26906 (An issue was discovered in res_pjsip_session.c in Digium Asterisk thro ...) - asterisk 1:16.16.1~dfsg-1 (bug #983159) + [buster] - asterisk (Minor issue) [stretch] - asterisk (Minor issue) NOTE: https://downloads.asterisk.org/pub/security/AST-2021-005.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29196 CVE-2021-3402 RESERVED - yara 4.0.4-1 + [buster] - yara (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/01/29/2 NOTE: https://www.x41-dsec.de/lab/advisories/x41-2021-001-yara/ CVE-2021-26905 (1Password SCIM Bridge before 1.6.2 mishandles validation of authentica ...) @@ -6776,18 +6781,22 @@ CVE-2021-25294 (OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activ CVE-2021-25293 RESERVED - pillow 8.1.1-1 + [buster] - pillow (Minor issue) NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html CVE-2021-25292 RESERVED - pillow 8.1.1-1 + [buster] - pillow (Minor issue) NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html CVE-2021-25291 RESERVED - pillow 8.1.1-1 + [buster] - pillow (Minor issue) NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html CVE-2021-25290 RESERVED - pillow 8.1.1-1 + [buster] - pillow (Minor issue) NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html CVE-2021-25289 RESERVED @@ -15121,6 +15130,7 @@ CVE-2020-36050 RESERVED CVE-2020-36049 (socket.io-parser before 3.4.1 allows attackers to cause a denial of se ...) - node-socket.io-parser 3.4.1-1 + [buster] - node-socket.io-parser (Minor issue) NOTE: https://blog.caller.xyz/socketio-engineio-dos/ NOTE: https://github.com/socketio/socket.io-parser/commit/dcb942d24db97162ad16a67c2a0cf30875342d55 CVE-2020-36048 (Engine.IO before 4.0.0 allows attackers to cause a denial of service ( ...) @@ -15461,6 +15471,7 @@ CVE-2020-35905 (An issue was discovered in the futures-util crate before 0.3.7 f NOT-FOR-US: futures-util rust crate CVE-2020-35904 (An issue was discovered in the crossbeam-channel crate before 0.4.4 fo ...) - rust-crossbeam-channel 0.4.4-1 + [buster] - rust-crossbeam-channel (Minor issue) NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0052.html NOTE: https://github.com/crossbeam-rs/crossbeam/pull/533 CVE-2020-35903 (An issue was discovered in the dync crate before 0.5.0 for Rust. VecCo ...) @@ -15874,6 +15885,7 @@ CVE-2020-35777 (NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by comma NOT-FOR-US: Netgear CVE-2020-35776 (A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk version ...) - asterisk 1:16.16.1~dfsg-1 (bug #983158) + [buster] - asterisk (Minor issue) [stretch] - asterisk (Minor issue) NOTE: https://downloads.asterisk.org/pub/security/AST-2021-001.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29227 @@ -19168,6 +19180,7 @@ CVE-2021-20231 RE
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 9df1aa04 by Moritz Muehlenhoff at 2021-03-09T20:02:20+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1265,6 +1265,7 @@ CVE-2021-27510 RESERVED CVE-2020-36254 (scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ...) - dropbear 2020.79-1 + [buster] - dropbear (Minor issue) NOTE: https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff CVE-2020-36253 RESERVED @@ -1941,7 +1942,7 @@ CVE-2021-3411 [stretch] - linux (Vulnerable code introduced later) CVE-2021-3410 (A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in c ...) {DLA-2584-1} - - libcaca (bug #983684) + - libcaca (bug #983686) NOTE: https://github.com/cacalabs/libcaca/issues/52 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1928437 NOTE: https://github.com/cacalabs/libcaca/commit/46b4ea7cea72d6b3ffe65d33e604b1774dcc2bbd @@ -2826,10 +2827,12 @@ CVE-2021-26827 RESERVED CVE-2021-26826 (A stack overflow issue exists in Godot Engine up to v3.2 and is caused ...) - godot (bug #982593) + [buster] - godot (Minor issue) NOTE: https://github.com/godotengine/godot/pull/45701 NOTE: https://github.com/godotengine/godot/commit/403e4fd08b0b212e96f53d926e6273e0745eaa5a CVE-2021-26825 (An integer overflow issue exists in Godot Engine up to v3.2 that can b ...) - godot (bug #982593) + [buster] - godot (Minor issue) NOTE: https://github.com/godotengine/godot/pull/45702 NOTE: https://github.com/godotengine/godot/commit/113b5ab1c45c01b8e6d54d13ac8876d091f883a8 CVE-2021-26824 @@ -97129,8 +97132,6 @@ CVE-2019-18824 (Barco ClickShare Button R9861500D01 devices before 1.10.0.13 hav NOT-FOR-US: Barco ClickShare Button R9861500D01 devices CVE-2019-18823 (HTCondor up to and including stable series 8.8.6 and development serie ...) - condor (bug #963777) - NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0001.html - NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0002.html NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0003.html NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0004.html NOTE: https://github.com/htcondor/htcondor/commit/95eaee86e7ad3852c17df46a1b8b193dabd1fd14 = data/dsa-needed.txt = @@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it. If needed, specify the release by adding a slash after the name of the source package. +-- +condor -- chromium -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9df1aa042c18829a2ebfd10f53b83f4d869304f8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9df1aa042c18829a2ebfd10f53b83f4d869304f8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fc55a768 by Moritz Muehlenhoff at 2021-02-21T22:24:20+01:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -605,6 +605,7 @@ CVE-2021-27230 CVE-2021-27229 (Mumble before 1.3.4 allows remote code execution if a victim navigates ...) {DLA-2562-1} - mumble (bug #982904) + [buster] - mumble (Minor issue) NOTE: https://github.com/mumble-voip/mumble/commit/e59ee87abe249f345908c7d568f6879d16bfd648 NOTE: https://github.com/mumble-voip/mumble/pull/4733 CVE-2021-27228 @@ -17481,24 +17482,28 @@ CVE-2021-20247 CVE-2021-20246 [Division by zero in ScaleResampleFilter in MagickCore/resample.c] RESERVED - imagemagick + [buster] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/3195 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/8d25d94a363b104acd6ff23df7470aeedb806c51 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/f3190d4a6e6e8556575c84b5d976f77d111caa74 CVE-2021-20245 [Division by zero in WriteAnimatedWEBPImage() in coders/webp.c] RESERVED - imagemagick + [buster] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/3176 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/ffb683e62ddedc6436a1b88388eb690d7ca57bf2 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/a78d92dc0f468e79c3d761aae9707042952cdaca CVE-2021-20244 [Division by zero in ImplodeImage in MagickCore/visual-effects.c] RESERVED - imagemagick + [buster] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/pull/3194 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/329dd528ab79531d884c0ba131e97d43f872ab5d TODO: check CVE-2021-20243 [Division by zero in GetResizeFilterWeight in MagickCore/resize.c] RESERVED - imagemagick + [buster] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/pull/3193 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/9751bd619872c8e58609fbed56c4827afa083b40 TODO: check @@ -17508,6 +17513,7 @@ CVE-2021-20242 CVE-2021-20241 [Division by zero in WriteJP2Image() in coders/jp2.c] RESERVED - imagemagick + [buster] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/pull/3177 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/dd33b451c3e01098efad34bbaca2df78d5391dc8 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/53cb91b3e7bf95d0e372cbc745e0055ac6054745 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc55a768dcc06e99727a4b8ee3430b4bdbd6d315 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc55a768dcc06e99727a4b8ee3430b4bdbd6d315 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: aa7970c6 by Moritz Muehlenhoff at 2021-01-22T19:36:44+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1411,8 +1411,11 @@ CVE-2021-3177 (Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in - python3.9 3.9.1-3 - python3.8 - python3.7 + [buster] - python3.7 (Minor issue) - python3.5 - python2.7 + [bullseye] - python2.7 (Python 2 not covered by security support) + [buster] - python2.7 (Minor issue) NOTE: https://bugs.python.org/issue42938 NOTE: https://github.com/python/cpython/pull/24239 NOTE: https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html @@ -10601,15 +10604,18 @@ CVE-2020-35682 CVE-2020-35681 [Potential leakage of session identifiers using legacy AsgiHandler] RESERVED - python-django-channels 3.0.3-1 (bug #979376) + [buster] - python-django-channels (Minor issue) NOTE: https://channels.readthedocs.io/en/latest/releases/3.0.3.html NOTE: https://github.com/django/channels/commit/e85874d9630474986a6937430eac52db79a2a022 (3.0.3) CVE-2020-35680 (smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurati ...) - opensmtpd 6.8.0p2-1 (bug #978039) + [buster] - opensmtpd (Minor issue) [stretch] - opensmtpd (new filter grammar support added in ec69ed85b6c) NOTE: https://github.com/openbsd/src/commit/6c3220444ed06b5796dedfd53a0f4becd903c0d1 NOTE: https://www.mail-archive.com/misc@opensmtpd.org/msg05188.html CVE-2020-35679 (smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, whi ...) - opensmtpd 6.8.0p2-1 (bug #978038) + [buster] - opensmtpd (Minor issue) [stretch] - opensmtpd (regex table supported added > 6.4.0 according to CHANGES.md) NOTE: https://github.com/openbsd/src/commit/79a034b4aed29e965f45a13409268290c9910043 NOTE: https://www.mail-archive.com/misc@opensmtpd.org/msg05188.html @@ -20358,10 +20364,12 @@ CVE-2021-1054 (NVIDIA GPU Display Driver for Windows, all versions, contains a v NOT-FOR-US: NVIDIA Windows drivers CVE-2021-1053 (NVIDIA GPU Display Driver for Windows and Linux, all versions, contain ...) - nvidia-graphics-drivers 460.32.03-1 (bug #979670) + [buster] - nvidia-graphics-drivers (Non-free not supported) [stretch] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #979675) CVE-2021-1052 (NVIDIA GPU Display Driver for Windows and Linux, all versions, contain ...) - nvidia-graphics-drivers 460.32.03-1 (bug #979670) + [buster] - nvidia-graphics-drivers (Non-free not supported) [stretch] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #979675) CVE-2021-1051 (NVIDIA GPU Display Driver for Windows, all versions, contains a vulner ...) @@ -48082,15 +48090,18 @@ CVE-2020-16590 (A double free vulnerability exists in the Binary File Descriptor CVE-2020-16589 (A head-based buffer overflow exists in Academy Software Foundation Ope ...) {DLA-2491-1} - openexr 2.5.3-2 + [buster] - openexr (Minor issue) NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/6bb36714528a9563dd3b92720c5063a1284b86f8 (v2.4.0-beta.1) NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/494 CVE-2020-16588 (A Null Pointer Deference issue exists in Academy Software Foundation O ...) {DLA-2491-1} - openexr 2.5.3-2 + [buster] - openexr (Minor issue) NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/74504503cff86e986bac441213c403b0ba28d58f (v2.4.0-beta.1) NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/493 CVE-2020-16587 (A heap-based buffer overflow vulnerability exists in Academy Software ...) - openexr 2.5.3-2 + [buster] - openexr (Minor issue) [stretch] - openexr (Vulnerable code not present, part number range checking added later) NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/8b5370c688a7362673c3a5256d93695617a4cd9a (v2.4.0-beta.1) NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/491 @@ -51651,6 +51662,7 @@ CVE-2020-15217 (In GLPI before version 9.5.2, there is a leakage of user informa - glpi CVE-2020-15216 (In goxmldsig (XML Digital Signatures implemented in pure Go) before ve ...) - golang-github-russellhaering-goxmldsig 1.1.0-1 (bug #971615) + [buster] - golang-github-russellhaering-goxmldsig (Minor issue) NOTE: https://github.com/russellhaering/goxmldsig/security/adv
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f6fb8c2b by Moritz Muehlenhoff at 2021-01-21T19:45:21+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -6205,6 +6205,7 @@ CVE-2021-3029 (** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS Ima NOT-FOR-US: EVOLUCARE ECSIMAGING (aka ECS Imaging) CVE-2021-3028 (git-big-picture before 1.0.0 mishandles ' characters in a branch name, ...) - git-big-picture 1.0.0-1 + [buster] - git-big-picture (Minor issue) NOTE: https://github.com/git-big-picture/git-big-picture/pull/62 CVE-2021-22696 RESERVED @@ -9096,11 +9097,13 @@ CVE-2021-21494 (MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.ph NOT-FOR-US: MK-AUTH CVE-2020-35965 (decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds ...) - ffmpeg 7:4.3.1-6 (bug #97) + [buster] - ffmpeg (Wait for 4.1.7) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26532 NOTE: https://github.com/FFmpeg/FFmpeg/commit/3e5959b3457f7f1856d997261e6ac672bba49e8b NOTE: https://github.com/FFmpeg/FFmpeg/commit/b0a8b40294ea212c1938348ff112ef1b9bf16bb3 CVE-2020-35964 (track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bo ...) - ffmpeg 7:4.3.1-6 (bug #98) + [buster] - ffmpeg (Wait for 4.1.7) NOTE: https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7 NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26622 CVE-2020-35963 (flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out- ...) @@ -26204,7 +26207,6 @@ CVE-2020-26665 RESERVED CVE-2020-26664 (A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media play ...) - vlc 3.0.12-1 (low; bug #979676) - [buster] - vlc (Minor issue, wait for 3.0.12 release) [stretch] - vlc (Minor issue, wait for next LTS release) NOTE: https://code.videolan.org/videolan/vlc-3.0/-/commit/ec1f55ee9ace5cc675395a1bc9700d99679e7e8c (3.0.12) NOTE: https://gist.githubusercontent.com/henices/db11664dd45b9f322f8514d182aef5ea/raw/d56940c8bf211992bf4f3309a85bb2b69383e511/CVE-2020-26664.txt @@ -29603,6 +29605,7 @@ CVE-2020-25266 (AppImage appimaged before 1.0.3 does not properly check whether NOT-FOR-US: AppImage appimaged CVE-2020-25265 (AppImage libappimage before 1.0.3 allows attackers to trigger an overw ...) - libappimage (bug #977192) + [buster] - libappimage (Minor issue) NOTE: https://github.com/AppImage/libappimage/pull/146 NOTE: https://github.com/refi64/CVE-2020-25265-25266 CVE-2020-25264 = data/dsa-needed.txt = @@ -36,6 +36,8 @@ salt (carnil) -- slurm-llnl (jmm) -- +vlc (jmm) +-- xcftools Hugo proposed to work on this update -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6fb8c2bc555f3aeb02d2a93cf380081f1d2e37b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6fb8c2bc555f3aeb02d2a93cf380081f1d2e37b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: cbb05856 by Moritz Muehlenhoff at 2020-12-02T19:37:20+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -122,6 +122,7 @@ CVE-2020-29395 (The EventON plugin through 3.0.5 for WordPress allows addons/?q= NOT-FOR-US: EventON plugin for WordPress CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in dlt_common.c in d ...) - dlt-daemon 2.18.5-0.3 (bug #976228) + [buster] - dlt-daemon (Minor issue) NOTE: https://github.com/GENIVI/dlt-daemon/issues/274 NOTE: https://github.com/GENIVI/dlt-daemon/pull/275 NOTE: https://github.com/GENIVI/dlt-daemon/commit/ff4f44c159df6f44b48bd38c9d2f104eb360be11 @@ -686,12 +687,14 @@ CVE-2020-29131 CVE-2020-29130 (slirp.c in libslirp through 4.3.1 has a buffer over-read because it tr ...) - libslirp - qemu 1:4.1-2 + [buster] - qemu (Fix along in future DSA) [stretch] - qemu (Fix along in future DLA, when fixed upstream) NOTE: https://lists.freedesktop.org/archives/slirp/2020-November/000115.html NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. CVE-2020-29129 (ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tri ...) - libslirp - qemu 1:4.1-2 + [buster] - qemu (Fix along in future DSA) [stretch] - qemu (Fix along in future DLA, when fixed upstream) NOTE: https://lists.freedesktop.org/archives/slirp/2020-November/000115.html NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. @@ -1117,6 +1120,7 @@ CVE-2020-28936 CVE-2020-28935 RESERVED - unbound + [buster] - unbound (Minor issue) [stretch] - unbound (DSA 4694-1) NOTE: https://github.com/NLnetLabs/unbound/issues/303 NOTE: Fixed by: https://github.com/NLnetLabs/unbound/commit/ad387832979b6ce4c93f64fe706301cd7d034e87 (release-1.13.0rc1) @@ -1176,6 +1180,7 @@ CVE-2020-28917 (An issue was discovered in the view_statistics (aka View fronten CVE-2020-28916 [e1000e: infinite loop scenario in case of null packet descriptor] RESERVED - qemu + [buster] - qemu (Fix along in future DSA) NOTE: https://www.openwall.com/lists/oss-security/2020/12/01/2 NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03185.html CVE-2020-28915 (A buffer over-read (at the framebuffer layer) in the fbcon code in the ...) @@ -11317,6 +11322,7 @@ CVE-2020-25830 (An issue was discovered in MantisBT before 2.24.3. Improper esca - mantis CVE-2020-25829 (An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x befo ...) - pdns-recursor 4.3.5-1 (bug #972159) + [buster] - pdns-recursor (Minor issue) NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html CVE-2020-25828 (An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through ...) {DSA-4767-1 DLA-2379-1} = data/dsa-needed.txt = @@ -25,11 +25,9 @@ linux (carnil) -- netty -- -pdns-recursor --- salt -- -thunderbird +thunderbird (jmm) -- xcftools Hugo proposed to work on this update View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbb058566811673796cb5ddf0164309bede0c82b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbb058566811673796cb5ddf0164309bede0c82b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 75c06cac by Moritz Muehlenhoff at 2020-11-22T13:54:03+01:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -197,7 +197,9 @@ CVE-2020-28897 CVE-2020-28896 RESERVED - mutt + [buster] - mutt (Minor issue) - neomutt 20201120+dfsg.1-1 + [buster] - neomutt (Minor issue) NOTE: https://gitlab.com/muttmua/mutt/-/commit/04b06aaa3e0cc0022b9b01dbca2863756ebbf59a NOTE: https://github.com/neomutt/neomutt/commit/9c36717a3e2af1f2c1b7242035455ec8112b4b06 CVE-2020-28895 @@ -22950,6 +22952,7 @@ CVE-2020-19669 RESERVED CVE-2020-19668 (Unverified indexs into the array lead to out of bound access in the gi ...) - libsixel + [buster] - libsixel (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/136 CVE-2020-19667 (Stack-based buffer overflow and unconditional jump in ReadXPMImage in ...) - imagemagick 8:6.9.11.24+dfsg-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75c06cac564f7199bd42bd0016bd0167a0066b6a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75c06cac564f7199bd42bd0016bd0167a0066b6a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 089d7ba7 by Moritz Muehlenhoff at 2020-11-18T19:38:07+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -4210,6 +4210,7 @@ CVE-2020-28169 RESERVED CVE-2020-28168 (Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) ...) - node-axios + [buster] - node-axios (Minor issue) NOTE: https://github.com/axios/axios/issues/3369 CVE-2020-28167 RESERVED @@ -5306,6 +5307,7 @@ CVE-2020-27747 (An issue was discovered in Click Studios Passwordstate 8.9 (Buil CVE-2020-27746 [X11 forwarding - avoid unsafe use of magic cookie as arg to xauth command] RESERVED - slurm-llnl (bug #974722) + [buster] - slurm-llnl (Minor issue) [stretch] - slurm-llnl (Minor issue) NOTE: https://www.schedmd.com/news.php?id=240 NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2020/45.html @@ -5313,6 +5315,7 @@ CVE-2020-27746 [X11 forwarding - avoid unsafe use of magic cookie as arg to xaut CVE-2020-27745 [PMIx - fix potential buffer overflows from use of unpackmem()] RESERVED - slurm-llnl (bug #974721) + [buster] - slurm-llnl (Minor issue) [stretch] - slurm-llnl (Minor issue) NOTE: https://www.schedmd.com/news.php?id=240 NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2020/45.html @@ -5328,12 +5331,16 @@ CVE-2020-27743 (libtac in pam_tacplus through 1.5.1 lacks a check for a failure NOTE: Fixed by: https://github.com/kravietz/pam_tacplus/commit/bceaab0cd51a09b88f40f19da799ac7390264bf8 (v1.6.1) CVE-2020-27742 (An Insecure Direct Object Reference vulnerability in Citadel WebCit th ...) - webcit (bug #973385) + [buster] - webcit (Minor issue) CVE-2020-27741 (Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit ...) - webcit (bug #973385) + [buster] - webcit (Minor issue) CVE-2020-27740 (Citadel WebCit through 926 allows unauthenticated remote attackers to ...) - webcit (bug #973385) + [buster] - webcit (Minor issue) CVE-2020-27739 (A Weak Session Management vulnerability in Citadel WebCit through 926 ...) - webcit (bug #973385) + [buster] - webcit (Minor issue) CVE-2020-27738 RESERVED CVE-2020-27737 @@ -10178,6 +10185,7 @@ CVE-2020-25713 [Out of bounds read leads to segfault in raptor_xml_writer_start_ RESERVED - raptor - raptor2 (bug #974664) + [buster] - raptor2 (Minor issue) NOTE: https://bugs.librdf.org/mantis/view.php?id=650 CVE-2020-25712 RESERVED @@ -10193,10 +10201,12 @@ CVE-2020-25708 [libvncserver/rfbserver.c has a divide by zero which could result CVE-2020-25707 [infinite loop in e1000e_write_packet_to_guest() in hw/net/e1000e_core.c] RESERVED - qemu (bug #974687) + [buster] - qemu (Fix along in future DSA) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1893895 NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03552.html CVE-2020-25706 (A cross-site scripting (XSS) vulnerability exists in templates_import. ...) - cacti 1.2.14+ds1-1 + [buster] - cacti (Minor issue) [stretch] - cacti (Minor issue) NOTE: https://github.com/Cacti/cacti/issues/3723 NOTE: https://github.com/Cacti/cacti/commit/39458efcd5286d50e6b7f905fedcdc1059354e6e @@ -29990,6 +3,7 @@ CVE-2020-16126 (An Ubuntu-specific modification to AccountsService in versions b CVE-2020-16125 (gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup ...) {DLA-2434-1} - gdm3 3.38.2-1 + [buster] - gdm3 (Minor issue on Debian) NOTE: https://github.com/GNOME/gdm/commit/dc8235128c3a1fcd5da8f30ab6839d413d353f28 NOTE: https://gitlab.gnome.org/GNOME/gdm/-/issues/642 CVE-2020-16124 (Integer Overflow or Wraparound vulnerability in the XML RPC library of ...) @@ -34719,6 +34730,7 @@ CVE-2020-14383 [An authenticated user can crash the DCE/RPC DNS with easily craf RESERVED [experimental] - samba 2:4.13.2+dfsg-1 - samba (bug #973398) + [buster] - samba (Minor issue) NOTE: https://www.samba.org/samba/security/CVE-2020-14383.html NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14472 CVE-2020-14382 (A vulnerability was found in upstream release cryptsetup-2.2.0 where, ...) @@ -34991,6 +35003,7 @@ CVE-2020-14324 (A high severity vulnerability was found in all active versions o CVE-2020-14323 (A null pointer dereference flaw was found in samba's Winbind service i ...) [experimental] - samba 2:4.13.2+dfsg-1 - samba (bug #973399) + [buster] - samba (Minor issue) NOTE: h
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2377d23e by Moritz Muehlenhoff at 2020-11-06T20:07:55+01:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -7282,10 +7282,10 @@ CVE-2020-25203 (The Framer Preview application 12 for Android exposes com.framer NOT-FOR-US: Framer Preview application CVE-2020-25576 (An issue was discovered in the rand_core crate before 0.4.2 for Rust. ...) - rust-rand-core 0.5.0-1 (bug #969911; low) - [buster] - rust-rand-core (Minor issue) + [buster] - rust-rand-core (Minor issue) - rust-rand-core-0.3 (bug #970186; low) - rust-rand-core-0.2 (bug #970185; low) - [buster] - rust-rand-core-0.2 (Minor issue) + [buster] - rust-rand-core-0.2 (Minor issue) NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0035.html NOTE: https://github.com/rust-random/rand/blob/master/rand_core/CHANGELOG.md#050---2019-06-06 CVE-2020-25574 (An issue was discovered in the http crate before 0.1.20 for Rust. An i ...) @@ -7786,14 +7786,14 @@ CVE-2020-24978 (In NASM 2.15.04rc3, there is a double-free vulnerability in pp_t NOTE: https://github.com/netwide-assembler/nasm/commit/8806c3ca007b84accac21dd88b900fb03614ceb7 CVE-2020-24977 (GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerabil ...) {DLA-2369-1} - - libxml2 2.9.10+dfsg-6.2 (bug #969529) - [buster] - libxml2 (Minor issue) + - libxml2 2.9.10+dfsg-6.2 (unimportant; bug #969529) NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2 NOTE: The issue is specific and restricted to xmllint: NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/178#note_892545 NOTE: and present before the 0b19f236a263 ("Fixed ICU to set flush correctly and NOTE: provide pivot buffer.") commit itself. + NOTE: Crash in CLI tool, no security impact CVE-2020-24976 RESERVED CVE-2020-24975 @@ -40547,7 +40547,7 @@ CVE-2020-11023 (In jQuery versions greater than or equal to 1.0.3 and before 3.5 - node-jquery 3.5.0+dfsg-2 [buster] - node-jquery (Minor issue) - otrs2 6.0.30-1 - [buster] - otrs2 (Non-free not supported) + [buster] - otrs2 (Non-free not supported) [stretch] - otrs2 (Non-free not supported) NOTE: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6 NOTE: https://www.drupal.org/sa-core-2020-002 @@ -40563,7 +40563,7 @@ CVE-2020-11022 (In jQuery versions greater than or equal to 1.2 and before 3.5.0 - drupal7 [jessie] - drupal7 (Vulnerable code not embedded) - otrs2 6.0.30-1 - [buster] - otrs2 (Non-free not supported) + [buster] - otrs2 (Non-free not supported) [stretch] - otrs2 (Non-free not supported) NOTE: https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2 NOTE: https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77 @@ -42020,7 +42020,7 @@ CVE-2020-10649 (DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windo NOT-FOR-US: ASUS Device Activation CVE-2020-10648 (Das U-Boot through 2020.01 allows attackers to bypass verified boot re ...) - u-boot 2020.04+dfsg-1 - [buster] - u-boot (Minor issue) + [buster] - u-boot (Minor issue) [stretch] - u-boot (Minor issue) [jessie] - u-boot (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2020/03/18/5 @@ -47324,7 +47324,7 @@ CVE-2019-20444 (HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP hea NOTE: https://github.com/netty/netty/commit/a7c18d44b46e02dadfe3da225a06e5091f5f328e (4.1) CVE-2020-8432 (In Das U-Boot through 2020.01, a double free has been found in the cmd ...) - u-boot 2020.01+dfsg-2 (low) - [buster] - u-boot (Minor issue) + [buster] - u-boot (Minor issue) [stretch] - u-boot (Minor issue) [jessie] - u-boot (Minor issue) NOTE: https://lists.denx.de/pipermail/u-boot/2020-January/396799.html @@ -48281,7 +48281,7 @@ CVE-2020-8039 CVE-2020-8038 RESERVED CVE-2020-8037 (The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a l ...) - - tcpdump (bug #973877) + - tcpdump (unimportant; bug #973877) NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/32027e199368dad9508965aae8cd8de5b6ab5231 CVE-2020-8036 (The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SO ...) - tcpdump (Vulnerable code and support for SOME/IP protocol added later) @@ -59214,9 +59214,9 @@ CVE-2020-3912 (An out-of-bounds read was addressed with improved inp
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a12e5d69 by Moritz Muehlenhoff at 2020-11-03T20:59:06+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -364,6 +364,7 @@ CVE-2020-28031 (eramba through c2.8.1 allows HTTP Host header injection with (fo NOT-FOR-US: eramba CVE-2020-28030 (In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was ...) - wireshark + [buster] - wireshark (Minor issue, can be fixed along in next DSA) NOTE: https://gitlab.com/wireshark/wireshark/-/commit/b287e7165e8aa89cde6ae37e7c257c5d87d16b9b NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16887 NOTE: https://www.wireshark.org/security/wnpa-sec-2020-15.html @@ -1146,8 +1147,7 @@ CVE-2020-27745 CVE-2020-27744 (An issue was discovered on Western Digital My Cloud NAS devices before ...) NOT-FOR-US: Western Digital My Cloud NAS devices CVE-2020-27743 (libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAN ...) - - libpam-tacplus (bug #973250) - [stretch] - libpam-tacplus (support for RAND_pseudo_bytes added later) + - libpam-tacplus (Vulnerable code added later) NOTE: https://github.com/kravietz/pam_tacplus/pull/163 NOTE: https://github.com/kravietz/pam_tacplus/security/advisories/GHSA-rp3p-jm35-jv76 CVE-2020-27742 (An Insecure Direct Object Reference vulnerability in Citadel WebCit th ...) @@ -1168,6 +1168,7 @@ CVE-2020-27735 RESERVED CVE-2018-21269 (checkpath in OpenRC through 0.42.1 might allow local users to take own ...) - openrc (bug #973245) + [buster] - openrc (Minor issue) NOTE: https://github.com/OpenRC/openrc/issues/201 NOTE: http://michael.orlitzky.com/cves/cve-2018-21269.xhtml CVE-2020-27734 @@ -1813,6 +1814,7 @@ CVE-2020-27618 [iconv when processing invalid multi-byte input sequences fails t CVE-2020-27617 [net: an assert failure via eth_get_gso_type] RESERVED - qemu (bug #973324) + [buster] - qemu (Fix along in future DSA) [stretch] - qemu (Minor issue, fix along in future DLA) NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg06023.html CVE-2020-27616 [ati-vga: potential crash via invalid x y parameter values] @@ -6119,6 +6121,7 @@ CVE-2020-25634 CVE-2020-25633 (A flaw was found in RESTEasy client in all versions of RESTEasy up to ...) - resteasy (bug #970585) - resteasy3.0 + [buster] - resteasy3.0 (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1879042 CVE-2020-25632 RESERVED @@ -27926,6 +27929,7 @@ CVE-2020-15251 (In the Channelmgnt plug-in for Sopel (a Python IRC bot) before v CVE-2020-15250 (In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryF ...) {DLA-2426-1} - junit4 4.13.1-1 (bug #972231) + [buster] - junit4 (Minor issue) NOTE: https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp NOTE: https://github.com/junit-team/junit4/commit/610155b8c22138329f0723eec22521627dbc52ae CVE-2020-15249 = data/dsa-needed.txt = @@ -25,6 +25,8 @@ linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. -- +mupdf +-- netty -- pdns-recursor View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a12e5d6953fad1bf60da05d606cfc8969bae885e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a12e5d6953fad1bf60da05d606cfc8969bae885e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6705aa2a by Moritz Muehlenhoff at 2020-10-27T19:24:08+01:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -562,6 +562,7 @@ CVE-2020-27662 CVE-2020-27661 [divide by zero in dwc2_handle_packet() in hw/usb/hcd-dwc2.c] RESERVED - qemu (bug #972864) + [buster] - qemu (Fix along in future DSA) [stretch] - qemu (Fix along in future DLA) NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg04263.html NOTE: Fixed by: https://git.qemu.org/?p=qemu.git;a=commit;h=bea2a9e3e00b275dc40cfa09c760c715b8753e03 @@ -1648,6 +1649,7 @@ CVE-2020-27151 CVE-2020-27153 (In BlueZ before 5.55, a double free was found in the gatttool disconne ...) {DLA-2410-1} - bluez 5.55-1 + [buster] - bluez (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1884817 NOTE: https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a CVE-2020-27150 @@ -3731,6 +3733,7 @@ CVE-2019-20921 (bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS) NOT-FOR-US: bootstrap-select CVE-2019-20920 (Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ...) - node-handlebars 3:4.5.3-1 + [buster] - node-handlebars (Minor issue) - libjs-handlebars [stretch] - libjs-handlebars (Only reverse depends was diaspora which not in stretch) NOTE: https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478 @@ -4952,6 +4955,7 @@ CVE-2020-25627 RESERVED CVE-2020-25626 (A flaw was found in Django REST Framework versions before 3.12.0 and b ...) - djangorestframework 3.12.1-1 (bug #971554) + [buster] - djangorestframework (Minor issue) [stretch] - djangorestframework (Minor issue) NOTE: https://github.com/encode/django-rest-framework/commit/4121b01b912668c049b26194a9a107c27a332429 NOTE: Fixed upstream in 3.12.0 and 3.11.2 @@ -7970,11 +7974,13 @@ CVE-2020-24268 CVE-2020-24267 RESERVED CVE-2020-24266 (An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ...) - - tcpreplay (bug #972889) + - tcpreplay (bug #972889; unimportant) NOTE: https://github.com/appneta/tcpreplay/issues/617 + NOTE: Crash in CLI tool, no security impact CVE-2020-24265 (An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap b ...) - - tcpreplay (bug #972890) + - tcpreplay (bug #972890; unimportant) NOTE: https://github.com/appneta/tcpreplay/issues/616 + NOTE: Crash in CLI tool, no security impact CVE-2020-24264 RESERVED CVE-2020-24263 @@ -30380,6 +30386,7 @@ CVE-2020-13944 (In Apache Airflow < 1.10.12, the "origin" parameter passed to CVE-2020-13943 (If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7 ...) {DLA-2407-1} - tomcat9 9.0.38-1 + [buster] - tomcat9 (Minor issue) - tomcat8 NOTE: https://github.com/apache/tomcat/commit/55911430df13f8c9998fbdee1f9716994d2db59b (9.0.38) NOTE: https://github.com/apache/tomcat/commit/9d7def063b47407a09a2f9202beed99f4dcb292a (8.5.58) @@ -30582,6 +30589,7 @@ CVE-2020-13872 (Royal TS before 5 has a 0.0.0.0 listener, which makes it easier CVE-2020-13871 (SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c bec ...) {DLA-2340-1} - sqlite3 3.32.2-2 + [buster] - sqlite3 (Vulnerability introduced later) [jessie] - sqlite3 (Vulnerable code not present) NOTE: New fix: https://www.sqlite.org/src/info/44a58d6cb135a104 NOTE: Fixed by: https://www.sqlite.org/src/info/79eff1d0383179c4 @@ -53383,6 +53391,7 @@ CVE-2020-5422 (BOSH System Metrics Server releases prior to 0.1.0 exposed the UA NOT-FOR-US: BOSH System Metrics Server CVE-2020-5421 (In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5. ...) - libspring-java + [buster] - libspring-java (Minor issue) [stretch] - libspring-java (Minor issue) NOTE: https://tanzu.vmware.com/security/cve-2020-5421 CVE-2020-5420 (Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 allow a mal ...) @@ -124819,6 +124828,7 @@ CVE-2019-0210 (In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go usin [experimental] - thrift 0.13.0-1 - thrift 0.13.0-2 NOTE: https://www.openwall.com/lists/oss-security/2019/10/17/2 + NOTE: https://github.com/apache/thrift/commit/264a3f318ed3e9e51573f67f963c8509786bcec2 CVE-2019-0209 REJECTED CVE-2019-0208 @@ -158327,7 +158337,8 @@ CVE-2018-6958 (VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulner CVE-2018-6957 (VMware Workstation (14.x before 14.1.1, 12.x) and Fus
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 86c8e4a7 by Moritz Muehlenhoff at 2020-10-22T23:55:15+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -648,6 +648,7 @@ CVE-2020-27561 RESERVED CVE-2020-27560 (ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames i ...) - imagemagick + [buster] - imagemagick (Minor issue) NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6e3b13c7ef94d72b40fba91987897c4326717a46 CVE-2020-27559 @@ -2432,6 +2433,7 @@ CVE-2020-26683 RESERVED CVE-2020-26682 (In libass 0.14.0, the `ass_outline_construct`'s call to `outline_strok ...) - libass + [buster] - libass (Minor issue) [stretch] - libass (Vulnerable code not present) NOTE: https://github.com/libass/libass/issues/431 NOTE: https://github.com/libass/libass/pull/432 @@ -3519,6 +3521,7 @@ CVE-2020-26165 RESERVED CVE-2020-26164 (In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the ...) - kdeconnect (bug #971736) + [buster] - kdeconnect (Minor issue) NOTE: https://kde.org/info/security/advisory-20201002-1.txt NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/f183b5447bad47655c21af87214579f03bf3a163 NOTE: https://invent.kde.org/network/kdeconnect-kde/-/commit/b279c52101d3f7cc30a26086d58de0b5f1c547fa View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86c8e4a7fa1de9d3ab12c4903bfb330afcd5e168 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86c8e4a7fa1de9d3ab12c4903bfb330afcd5e168 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 82afcf5a by Moritz Muehlenhoff at 2020-10-19T23:24:35+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -2436,6 +2436,7 @@ CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass intended NOTE: https://github.com/dgrijalva/jwt-go/pull/426 CVE-2020-26159 (In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expressi ...) - libonig (bug #972113) + [buster] - libonig (Minor issue) NOTE: https://github.com/kkos/oniguruma/commit/cbe9f8bd9cfc6c3c87a60fbae58fa1a85db59df0 NOTE: https://github.com/kkos/oniguruma/issues/207 CVE-2019-20922 (Handlebars before 4.4.5 allows Regular Expression Denial of Service (R ...) @@ -130186,6 +130187,7 @@ CVE-2018-16849 (A flaw was found in openstack-mistral. By manipulating the SSH p NOTE: https://bugs.launchpad.net/mistral/+bug/1783708 CVE-2018-16848 (A Denial of Service (DoS) condition is possible in OpenStack Mistral i ...) - mistral 10.0.0~rc1-2 + [buster] - mistral (Minor issue) [stretch] - mistral (OpenStack component; not supported in stretch LTS) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1645332 NOTE: https://bugs.launchpad.net/mistral/%2Bbug/1785657 = data/dsa-needed.txt = @@ -23,8 +23,12 @@ linux (carnil) Wait until more issues have piled up, though try to regulary rebase for point releases to more recent v4.19.y versions. -- +mariadb-10.3 (jmm) +-- netty -- +pdns-recursor +-- xcftools Hugo proposed to work on this update -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82afcf5a51f8fb42b17b08fcd67c5aea70048ce0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82afcf5a51f8fb42b17b08fcd67c5aea70048ce0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 116f39de by Moritz Muehlenhoff at 2020-10-12T19:45:22+02:00 buster triage reviewed the status of some old issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1769,6 +1769,7 @@ CVE-2020-26116 (http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3. - python3.9 3.9.0~b5-1 - python3.8 3.8.5-1 - python3.7 + [buster] - python3.7 (Minor issue) - python3.5 NOTE: https://bugs.python.org/issue39603 NOTE: https://python-security.readthedocs.io/vuln/http-header-injection-method.html @@ -2606,6 +2607,7 @@ CVE-2020-25740 CVE-2020-25739 (An issue was discovered in the gon gem before gon-6.4.0 for Ruby. Mult ...) {DLA-2380-1} - ruby-gon (bug #970938) + [buster] - ruby-gon (Minor issue) NOTE: https://github.com/gazay/gon/commit/fe3c7b2191a992386dc9edd37de5447a4e809bc7 CVE-2020-25738 RESERVED @@ -2825,6 +2827,7 @@ CVE-2020-25638 CVE-2020-25637 (A double free memory issue was found to occur in the libvirt API, in v ...) {DLA-2395-1} - libvirt (bug #971555) + [buster] - libvirt (Minor issue) NOTE: Introduced by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=0977b8aa071de550e1a013d35e2c72615e65d520 (v1.2.14-rc1) NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=955029bd0ad7ef96000f529ac38204a8f4a96401 (v6.8.0) NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=50864dcda191eb35732dbd80fb6ca251a6bba923 (v6.8.0) @@ -22336,11 +22339,13 @@ CVE-2020-16122 RESERVED {DLA-2399-1} - packagekit + [buster] - packagekit (Minor issue) NOTE: https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1882098 CVE-2020-16121 RESERVED {DLA-2399-1} - packagekit + [buster] - packagekit (Minor issue) NOTE: https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/187 CVE-2020-16120 RESERVED @@ -46935,6 +46940,7 @@ CVE-2020-7070 (In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x {DLA-2397-1} - php7.4 7.4.11-1 - php7.3 + [buster] - php7.3 (Minor issue, likely to introduce tegressions, wait for one more 7.3 upstream release) - php7.0 NOTE: Fixed in PHP 7.4.11, 7.3.23, 7.2.34 NOTE: PHP Bug: https://bugs.php.net/79699 @@ -46942,8 +46948,7 @@ CVE-2020-7070 (In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x CVE-2020-7069 (In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below ...) - php7.4 7.4.11-1 - php7.3 - - php7.0 - [stretch] - php7.0 (Affected code not present) + - php7.0 (Affected code not present) NOTE: Fixed in PHP 7.4.11, 7.3.23, 7.2.34 NOTE: PHP Bug: https://bugs.php.net/79601 NOTE: https://git.php.net/?p=php-src.git;a=commit;h=0216630ea2815a5789a24279a1211ac398d4de79 @@ -51686,12 +51691,14 @@ CVE-2020-5218 (Affected versions of Sylius give attackers the ability to switch NOT-FOR-US: Sylius CVE-2020-5217 (In Secure Headers (RubyGem secure_headers), a directive injection vuln ...) - ruby-secure-headers 6.3.1-1 (bug #94) + [buster] - ruby-secure-headers (Minor issue) NOTE: https://github.com/twitter/secure_headers/security/advisories/GHSA-xq52-rv6w-397c NOTE: https://github.com/twitter/secure_headers/commit/936a160e3e9659737a9f9eafce13eea36b5c9fa3 NOTE: https://github.com/twitter/secure_headers/issues/418 NOTE: https://github.com/twitter/secure_headers/pull/421 CVE-2020-5216 (In Secure Headers (RubyGem secure_headers), a directive injection vuln ...) - ruby-secure-headers 6.3.1-1 (bug #949998) + [buster] - ruby-secure-headers (Minor issue) NOTE: https://github.com/twitter/secure_headers/security/advisories/GHSA-w978-rmpf-qmwg NOTE: https://github.com/twitter/secure_headers/commit/301695706f6a70517c2a90c6ef9b32178440a2d0 CVE-2020-5215 (In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Pytho ...) @@ -129333,8 +129340,9 @@ CVE-2018-16849 (A flaw was found in openstack-mistral. By manipulating the SSH p [stretch] - mistral 3.0.0-4+deb9u1 NOTE: https://bugs.launchpad.net/mistral/+bug/1783708 CVE-2018-16848 (A Denial of Service (DoS) condition is possible in OpenStack Mistral i ...) - - mistral + - mistral 10.0.0~rc1-2 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1645332 + NOTE: https://bugs.launchpad.net/mistral/%2Bbug/1785657 CVE-2018-16847 (An OOB heap buffer r/w access issue was found in the NVM Express Contr ...) - qemu 1:3.1+dfsg-1 (bug #912655) [stretch] - qemu (support for Controller Memory Buffers
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 01469a67 by Moritz Muehlenhoff at 2020-10-08T19:47:05+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -623,6 +623,7 @@ CVE-2020-26576 RESERVED CVE-2020-26575 (In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) di ...) - wireshark + [buster] - wireshark (Minor issue, can be fixed along in next DSA) NOTE: https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16887 NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/467 @@ -24112,7 +24113,7 @@ CVE-2020-15401 (IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain p NOT-FOR-US: IOBit Malware Fighter Pro CVE-2020-15400 (CakePHP before 4.0.6 mishandles CSRF token generation. This might be r ...) - cakephp - [buster] - cakephp (Minor issue) + [buster] - cakephp (Minor issue) [stretch] - cakephp (Minor issue) CVE-2020-15399 RESERVED @@ -49789,7 +49790,7 @@ CVE-2020-5967 (NVIDIA Linux GPU Display Driver, all versions, contains a vulnera - nvidia-graphics-drivers-legacy-390xx 390.138-1 (bug #963908) [buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1 - nvidia-graphics-drivers-legacy-340xx - [buster] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) + [buster] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) [stretch] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx [stretch] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) @@ -49811,7 +49812,7 @@ CVE-2020-5963 (NVIDIA Windows GPU Display Driver, all versions, contains a vulne - nvidia-graphics-drivers-legacy-390xx 390.138-1 (bug #963908) [buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1 - nvidia-graphics-drivers-legacy-340xx - [buster] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) + [buster] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) [stretch] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx [stretch] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) @@ -55211,7 +55212,7 @@ CVE-2019-19925 (zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles NOTE: https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618 CVE-2019-19924 (SQLite 3.30.1 mishandles certain parser-tree rewriting, related to exp ...) - sqlite3 3.30.1+fossil191229-1 - [buster] - sqlite3 (Minor issue) + [buster] - sqlite3 (Minor issue) [stretch] - sqlite3 (Vulnerable code introduced later) [jessie] - sqlite3 (Vulnerable code introduced later) NOTE: https://github.com/sqlite/sqlite/commit/8654186b0236d556aa85528c2573ee0b6ab71be3 @@ -73287,7 +73288,7 @@ CVE-2019-16371 (LogMeIn LastPass before 4.33.0 allows attackers to construct a c NOT-FOR-US: LogMeIn LastPass CVE-2019-16370 (The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algori ...) - gradle (low; bug #941186) - [buster] - gradle (Minor issue) + [buster] - gradle (Minor issue) [stretch] - gradle (Minor issue) [jessie] - gradle (Minor issue, old gradle mainly used for building Debian packages with apt signatures) NOTE: https://github.com/gradle/gradle/commit/425b2b7a50cd84106a77cdf1ab665c89c6b14d2f @@ -75775,12 +75776,12 @@ CVE-2019-1 (FredReinink Wellness-app before 2019-06-19 allows SQL injection, NOT-FOR-US: FredReinink Wellness-app CVE-2019-15554 (An issue was discovered in the smallvec crate before 0.6.10 for Rust. ...) - rust-smallvec 0.6.10-1 - [buster] - rust-smallvec (Minor issue) + [buster] - rust-smallvec (Minor issue) NOTE: https://github.com/servo/rust-smallvec/issues/149 NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0012.html CVE-2019-15553 (An issue was discovered in the memoffset crate before 0.5.0 for Rust. ...) - rust-memoffset 0.5.1-1 (bug #936025) - [buster] - rust-memoffset (Minor issue) + [buster] - rust-memoffset (Minor issue) NOTE: https://github.com/Gilnaa/memoffset/issues/9#issuecomment-505461490 NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0011.html CVE-2019-15552 (An issue was discovered in the libflate crate before 0.1.25 for Rust. ...) @@ -75790,7 +75791,7 @@ CVE-2019-15552 (An issue was discovered in the libflate crate before 0.1.25 for NOTE: https://rustsec.org/advisories/RUST
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 4c7ffafe by Moritz Muehlenhoff at 2020-09-22T20:02:29+02:00 buster triage older ntp issue also fixed in sid - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -2640,6 +2640,7 @@ CVE-2020-24585 (An issue was discovered in the DTLS handshake implementation in NOTE: https://github.com/wolfSSL/wolfssl/commit/3be7f3ea3a56d178acf0f7f84ee4ae8cbfee8915 (v4.5.0-stable) CVE-2020-24584 (An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10 ...) - python-django 2:2.2.16-1 (bug #969367) + [buster] - python-django (Fix along in future DSA) [stretch] - python-django (Requires Python 3.7+) NOTE: https://github.com/django/django/commit/1853724acaf17ed7414d54c7d2b5563a25025a71 (master) NOTE: https://github.com/django/django/commit/2b099caa5923afa8cfb5f1e8c0d56b6e0e81915b (3.1.1) @@ -2647,6 +2648,7 @@ CVE-2020-24584 (An issue was discovered in Django 2.2 before 2.2.16, 3.0 before NOTE: https://github.com/django/django/commit/a3aebfdc8153dc230686b6d2454ccd32ed4c9e6f (2.2.16) CVE-2020-24583 (An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10 ...) - python-django 2:2.2.16-1 (bug #969367) + [buster] - python-django (Fix along in future DSA) [stretch] - python-django (Requires Python 3.7+) NOTE: https://github.com/django/django/commit/8d7271578d7b153435b40fe40236ebec43cbf1b9 (master) NOTE: https://github.com/django/django/commit/934430d22aa5d90c2ba33495ff69a6a1d997d584 (3.1.1) @@ -3201,23 +3203,23 @@ CVE-2020-24334 CVE-2020-24333 RESERVED CVE-2020-24332 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...) - - trousers - [stretch] - trousers (tss service gets started as non-root user via init script) + - trousers (unimportant) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1164472 NOTE: https://sourceforge.net/p/trousers/mailman/message/37015817/ NOTE: https://www.openwall.com/lists/oss-security/2020/08/14/1 + NOTE: In Debian, tcsd gets started under the tss user CVE-2020-24331 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...) - - trousers - [stretch] - trousers (tss service gets started as non-root user via init script) + - trousers (unimportant) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1164472 NOTE: https://sourceforge.net/p/trousers/mailman/message/37015817/ NOTE: https://www.openwall.com/lists/oss-security/2020/08/14/1 + NOTE: In Debian, tcsd gets started under the tss user CVE-2020-24330 (An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon ...) - - trousers - [stretch] - trousers (tss service gets started as non-root user via init script) + - trousers (unimportant) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1164472 NOTE: https://sourceforge.net/p/trousers/mailman/message/37015817/ NOTE: https://www.openwall.com/lists/oss-security/2020/08/14/1 + NOTE: In Debian, tcsd gets started under the tss user CVE-2020-24329 RESERVED CVE-2020-24328 @@ -19731,6 +19733,7 @@ CVE-2020-16151 RESERVED CVE-2020-16150 (A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/s ...) - mbedtls + [buster] - mbedtls (Minor issue) NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1 CVE-2020-16149 REJECTED @@ -42775,6 +42778,7 @@ CVE-2020-7712 (This affects the package json before 10.0.0. It is possible to in NOT-FOR-US: Node json CVE-2020-7711 (This affects all versions of package github.com/russellhaering/goxmlds ...) - golang-github-russellhaering-goxmldsig (bug #968928) + [buster] - golang-github-russellhaering-goxmldsig (Minor issue) NOTE: https://github.com/russellhaering/goxmldsig/issues/48 CVE-2020-7710 (This affects all versions of package safe-eval. It is possible for an ...) NOT-FOR-US: Node safe-eval @@ -147592,8 +147596,8 @@ CVE-2018-8958 CVE-2018-8957 (CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related ...) NOT-FOR-US: CoverCMS CVE-2018-8956 (ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote att ...) - - ntp (low) - [buster] - ntp (Minor issue) + - ntp 1:4.2.8p14+dfsg-1 (low) + [buster] - ntp (Minor issue) [stretch] - ntp (Minor issue) [jessie] - ntp (Minor issue, requires being part of same broadcast network, no patch) - ntpsec (Broadcast mode not present, see #961748) = data/dsa-needed.txt
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: bd4d8ac1 by Moritz Muehlenhoff at 2020-09-14T20:02:11+02:00 buster triage also track python-os-brick - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -2112,6 +2112,7 @@ CVE-2020-24553 (Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because tex - golang-1.15 (bug #969661) - golang-1.14 (bug #969662) - golang-1.11 + [buster] - golang-1.11 (Minor issue) - golang-1.8 - golang-1.7 NOTE: https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs @@ -16344,6 +16345,7 @@ CVE-2020-17481 RESERVED CVE-2020-17480 (TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parse ...) - tinymce + [buster] - tinymce (Minor issue) NOTE: https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95 CVE-2020-17479 (jpv (aka Json Pattern Validator) before 2.2.2 does not properly valida ...) NOT-FOR-US: jpv @@ -28260,6 +28262,7 @@ CVE-2020-12649 (Gurbalib through 2020-04-30 allows lib/cmds/player/help.c direct NOT-FOR-US: Gurbalib CVE-2020-12648 (A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlie ...) - tinymce + [buster] - tinymce (Minor issue) NOTE: https://labs.bishopfox.com/advisories/tinymce-version-5.2.1 CVE-2020-12647 (Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 6 ...) NOT-FOR-US: Unisys ALGOL Compiler @@ -28821,6 +28824,7 @@ CVE-2020-12414 (IndexedDB should be cleared when leaving private browsing mode a CVE-2020-12413 [racoon attack for NSS] RESERVED - nss + [buster] - nss (Minor issue) NOTE: https://raccoon-attack.com/ CVE-2020-12412 (By navigating a tab using the history API, an attacker could cause the ...) - firefox 70.0-1 @@ -34622,9 +34626,10 @@ CVE-2020-10755 (An insecure-credentials flaw was found in all openstack-cinder v [buster] - cinder (Minor issue) [stretch] - cinder (Minor issue) [jessie] - cinder (OpenStack component, not supported in jessie LTS) + - python-os-brick 3.1.0-1 (low) + [buster] - python-os-brick (Minor issue) NOTE: https://bugs.launchpad.net/cinder/+bug/1823200 NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0086 - TODO: check, affects as well python-os-brick or needs a respective update? CVE-2020-10754 (It was found that nmcli, a command line interface to NetworkManager di ...) - network-manager (unimportant) NOTE: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/448 @@ -46302,6 +46307,7 @@ CVE-2020-6098 (An exploitable denial of service vulnerability exists in the free NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1030 CVE-2020-6097 (An exploitable denial of service vulnerability exists in the atftpd da ...) - atftp (bug #970066) + [buster] - atftp (Minor issue) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1029 CVE-2020-6096 (An exploitable signed comparison vulnerability exists in the ARMv7 mem ...) - glibc 2.31-2 (low; bug #961452) @@ -91202,6 +91208,7 @@ CVE-2019-1010092 RESERVED CVE-2019-1010091 (tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization ...) - tinymce (bug #970256) + [buster] - tinymce (Minor issue) [jessie] - tinymce (Minor issue, requires manually copy/pasting javascript to execute it, can't reproduce on Jessie) NOTE: https://github.com/tinymce/tinymce/issues/4394 CVE-2019-1010090 = data/dsa-needed.txt = @@ -25,6 +25,8 @@ knot-resolver linux (carnil) Wait until more issues have piled up -- +python-flask-cors +-- rails (jmm) Sylvain Beucler proposed to help for the update, remaining CVEs to be done -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd4d8ac1a2499042c48f94efd4fa038f05fc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd4d8ac1a2499042c48f94efd4fa038f05fc You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 0560d2ac by Moritz Muehlenhoff at 2020-09-11T19:34:53+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -130,6 +130,7 @@ CVE-2020-25220 (The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, a NOTE: https://www.spinics.net/lists/stable/msg405099.html CVE-2020-25219 (url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a rem ...) - libproxy + [buster] - libproxy (Minor issue) NOTE: https://github.com/libproxy/libproxy/issues/134 CVE-2020-25218 RESERVED @@ -167,6 +168,7 @@ CVE-2020-25203 RESERVED CVE-2019- [RUSTSEC-2019-0035: Unaligned memory access in versions below 0.4.2] - rust-rand-core 0.5.0-1 (bug #969911; low) + [buster] - rust-rand-core (Minor issue) NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0035.html NOTE: https://github.com/rust-random/rand/blob/master/rand_core/CHANGELOG.md#050---2019-06-06 CVE-2019- [RUSTSEC-2019-0033: Integer Overflow in versions below 0.1.20 can cause DoS] @@ -671,6 +673,7 @@ CVE-2020-24973 RESERVED CVE-2020-24972 (The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG ...) - kleopatra + [buster] - kleopatra (Minor issue) NOTE: https://dev.gnupg.org/rKLEOPATRAb4bd63c1739900d94c04da03045e9445a5a5f54b NOTE: https://security.gentoo.org/glsa/202008-21 CVE-2020-24971 @@ -23151,6 +23154,7 @@ CVE-2020-14363 [Double free in libX11 locale handling code] RESERVED {DLA-2361-1} - libx11 (bug #969008) + [buster] - libx11 (Minor issue, will be fixed via spu) NOTE: https://lists.x.org/archives/xorg-announce/2020-August/003056.html NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/acdaaadcb3d85c61fd43669fc5dddf0f8c3f911d CVE-2020-14362 @@ -23231,7 +23235,7 @@ CVE-2020-14345 CVE-2020-14344 (An integer overflow leading to a heap-buffer overflow was found in The ...) {DLA-2312-1} - libx11 2:1.6.10-1 - [buster] - libx11 (Minor issue) + [buster] - libx11 (Minor issue, will be fixed via spu) NOTE: https://lists.x.org/archives/xorg-announce/2020-July/003050.html NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/0e6561efcfaa0ae7b5c74eac7e064b76d687544e NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/-/commit/388b303c62aa35a245f1704211a023440ad2c488 @@ -56789,7 +56793,7 @@ CVE-2020-1970 CVE-2020-1969 RESERVED CVE-2020-1968 (The Raccoon attack exploits a flaw in the TLS specification which can ...) - - openssl 1.1.1g-1 + - openssl 1.1.1~~pre9-1 - openssl1.0 NOTE: Marking the first openssl 1.1.1 version in unstable as the fixed version in sid NOTE: https://www.openssl.org/news/secadv/20200909.txt @@ -80139,6 +80143,7 @@ CVE-2019-13390 (In FFmpeg 4.1.3, there is a division by zero at adx_write_traile NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=aef24efb0c1e65097ab77a4bf9264189bdf3ace3 CVE-2019-13389 (RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as ...) - rainloop 1.14.0-1 + [buster] - rainloop (Minor issue) NOTE: https://github.com/RainLoop/rainloop-webmail/commit/8eb4588917b4741889fdd905d4c32e3e86317693 CVE-2019-13388 RESERVED @@ -106912,6 +106917,7 @@ CVE-2019-3682 (The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1 NOT-FOR-US: SuSE CVE-2019-3681 (A External Control of File Name or Path vulnerability in osc of SUSE L ...) - osc (bug #96) + [buster] - osc (Minor issue) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1122675 NOTE: https://github.com/openSUSE/osc/commit/a79c54418baf9b9785123bd07f350f12bd729ed3 (0.169.0) CVE-2019-3680 = data/dsa-needed.txt = @@ -16,6 +16,8 @@ chromium -- curl (ghedo) -- +inspircd +-- knot-resolver Santiago Ruano Rincón proposed a debdiff for review -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0560d2ac29b2140270508dca5aa2bab9ad0abb30 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0560d2ac29b2140270508dca5aa2bab9ad0abb30 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: dcaf52a8 by Moritz Muehlenhoff at 2020-08-31T19:55:46+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -342,6 +342,7 @@ CVE-2020-24862 RESERVED CVE-2020-25016 (A safety violation was discovered in the rgb crate before 0.8.20 for R ...) - rust-rgb (bug #969213) + [buster] - rust-rgb (Minor issue) NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0029.html NOTE: https://github.com/kornelski/rust-rgb/issues/35 CVE-2020-24861 @@ -15163,6 +15164,7 @@ CVE-2020-17496 (vBulletin 5.5.4 through 5.6.2 allows remote command execution vi NOT-FOR-US: vBulletin CVE-2020-17495 (django-celery-results through 1.2.1 stores task results in the databas ...) - python-django-celery-results (bug #968305) + [buster] - python-django-celery-results (Minor issue) NOTE: https://github.com/celery/django-celery-results/issues/142 CVE-2020-17494 RESERVED @@ -19981,6 +19983,7 @@ CVE-2020-15357 RESERVED CVE-2020-15358 (In SQLite before 3.32.3, select.c mishandles query-flattener optimizat ...) - sqlite3 3.32.3-1 + [buster] - sqlite3 (Minor issue) [stretch] - sqlite3 (Vulnerable code introduced in 3.25.0) [jessie] - sqlite3 (Vulnerable code introduced in 3.25.0) NOTE: https://www.sqlite.org/src/info/10fa79d00f8091e5 @@ -27597,6 +27600,7 @@ CVE-2020-12404 (For native-to-JS bridging the app requires a unique token to be CVE-2020-12403 RESERVED - nss 2:3.55-1 + [buster] - nss (Minor issue) NOTE: https://hg.mozilla.org/projects/nss/rev/f282556e6cc7715f5754aeaadda6f902590e7e38 NOTE: https://hg.mozilla.org/projects/nss/rev/c25adfdfab34ddb08d3262aac3242e3399de1095 NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1636771 @@ -39714,6 +39718,7 @@ CVE-2020-8160 RESERVED CVE-2020-8159 (There is a vulnerability in actionpack_page-caching gem < v1.2.1 th ...) - ruby-actionpack-page-caching 1.2.2-1 (bug #960680) + [buster] - ruby-actionpack-page-caching (Minor issue) NOTE: https://groups.google.com/forum/#!topic/rubyonrails-security/CFRVkEytdP8 CVE-2020-8158 RESERVED @@ -86149,6 +86154,7 @@ CVE-2019-11028 (GAT-Ship Web Module before 1.40 suffers from a vulnerability all NOT-FOR-US: GAT-Ship Web Module CVE-2015-9284 (The request phase of the OmniAuth Ruby gem (1.9.1 and earlier) is vuln ...) - ruby-omniauth + [buster] - ruby-omniauth (Minor issue) [stretch] - ruby-omniauth (Minor issue) [jessie] - ruby-omniauth (Fix is in additional gem and needs CSRF protection in apps) NOTE: https://github.com/omniauth/omniauth/pull/809 = data/dsa-needed.txt = @@ -22,6 +22,8 @@ knot-resolver linux (carnil) Wait until more issues have piled up -- +qemu +-- rails (jmm) Sylvain Beucler proposed to help for the update, remaining CVEs to be done -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcaf52a8d35f813ca8125f4425ed4a2c7b953bcb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcaf52a8d35f813ca8125f4425ed4a2c7b953bcb You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c4047393 by Moritz Muehlenhoff at 2020-08-28T19:48:20+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -400,6 +400,7 @@ CVE-2020-24662 RESERVED CVE-2020-24661 (GNOME Geary before 3.36.3 mishandles pinned TLS certificate verificati ...) - geary + [buster] - geary (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/geary/-/issues/866 CVE-2020-24660 RESERVED @@ -617,6 +618,7 @@ CVE-2020-24556 RESERVED CVE-2020-24614 (Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 a ...) - fossil 1:2.12.1-1 + [buster] - fossil (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2020/08/20/1 NOTE: https://fossil-scm.org/forum/info/a05ae3ce7760daf6 NOTE: https://fossil-scm.org/fossil/vdiff?branch=sec2020-2.12-patch&diff=1&w @@ -990,17 +992,19 @@ CVE-2020-24374 CVE-2020-24373 RESERVED CVE-2020-24372 (LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in ...) - - luajit + - luajit (unimportant) NOTE: https://github.com/LuaJIT/LuaJIT/issues/603 - TODO: Needs to be checked with upstream, unclear whether that's really a security issue + NOTE: No security impact, only "exploitable" with untrusted Lua code CVE-2020-24371 (lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the ...) - lua5.4 - lua5.3 + [buster] - lua5.3 (Minor isue) NOTE: https://github.com/lua/lua/commit/a6da1472c0c5e05ff249325f979531ad51533110 NOTE: https://www.lua.org/bugs.html#5.4.0-9 CVE-2020-24370 (ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation faul ...) - lua5.4 - lua5.3 + [buster] - lua5.3 (Minor isue) NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00324.html NOTE: https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b CVE-2020-24369 (ldebug.c in Lua 5.4.0 attempts to access debug information via the lin ...) @@ -1287,16 +1291,16 @@ CVE-2020-24244 CVE-2020-24243 RESERVED CVE-2020-24242 (In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_tex ...) - - nasm 2.15.04-1 - [stretch] - nasm (Minor issue) + - nasm 2.15.04-1 (unimportant) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392708 NOTE: https://github.com/netwide-assembler/nasm/commit/6299a3114ce0f3acd55d07de201a8ca2f0a83059 + NOTE: Crash in CLI tool, no security impact CVE-2020-24241 (In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in ...) - - nasm 2.15.04-1 - [stretch] - nasm (Minor issue) + - nasm 2.15.04-1 (unimportant) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392707 NOTE: https://github.com/netwide-assembler/nasm/commit/6ac6ac57e3d01ea8ed4ea47706eb724b59176461 NOTE: https://github.com/netwide-assembler/nasm/commit/78df8828a0a5d8e2d8ff3dced562bf1778ce2e6c + NOTE: Crash in CLI tool, no security impact CVE-2020-24240 (GNU Bison 3.7 has a use after free (UAF) vulnerability. A local attack ...) - bison (unimportant) NOTE: https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d (v3.7.1) @@ -14803,6 +14807,7 @@ CVE-2020-17498 (In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could NOTE: https://www.wireshark.org/security/wnpa-sec-2020-10.html CVE-2020-17497 (eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to ...) - iwd (bug #968996) + [buster] - iwd (Minor issue) NOTE: https://lists.01.org/hyperkitty/list/i...@lists.01.org/thread/4GUXL4Z6KZWWZINATGHNJVAEUTS3I7PG/ NOTE: https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=f22ba5aebb569ca54521afd2babdc1f67e3904ea CVE-2020-17496 (vBulletin 5.5.4 through 5.6.2 allows remote command execution via craf ...) @@ -18134,6 +18139,7 @@ CVE-2020-15918 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities were NOT-FOR-US: Mida eFramework CVE-2020-15917 (common/session.c in Claws Mail before 3.17.6 has a protocol violation ...) - claws-mail 3.17.6-1 + [buster] - claws-mail (Minor issue) [stretch] - claws-mail (low priority issue) NOTE: https://git.claws-mail.org/?p=claws.git;a=commit;h=fcc25329049b6f9bd8d890f1197ed61eb12e14d5 CVE-2020-15916 (goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices a ...) @@ -19738,11 +19744,13 @@ CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid chunkC - openexr 2.5.3-2 [jessie] - openexr (Minor issue) NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/738 + NO
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 0ad3c92a by Moritz Muehlenhoff at 2020-08-23T19:48:32+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -14224,7 +14224,9 @@ CVE-2020-17508 RESERVED CVE-2020-17507 (An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15. ...) - qtbase-opensource-src 5.14.2+dfsg-6 (bug #968444) + [buster] - qtbase-opensource-src (Minor issue) - qt4-x11 + [buster] - qt4-x11 (Minor issue) NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/308436 (dev branch) NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/308496 (5.15 branch) NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/308495 (5.12 branch) @@ -14246,6 +14248,7 @@ CVE-2020-17499 RESERVED CVE-2020-17498 (In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. ...) - wireshark 3.2.6-1 + [buster] - wireshark (Can be fixed along in next 3.0.x DSA) [stretch] - wireshark (Vulnerable compose_tvb code not present) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16672 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=76afda963de4f0b9be24f2d8e873990a5cbf221b @@ -14497,6 +14500,7 @@ CVE-2020-17381 CVE-2020-17380 [heap buffer overflow in sdhci_sdma_transfer_multi_blocks() in hw/sd/sdhci.c] RESERVED - qemu + [buster] - qemu (Minor issue, fix along in future DSA) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1862167 CVE-2020-17379 RESERVED @@ -17201,6 +17205,7 @@ CVE-2020-16093 RESERVED CVE-2020-16092 (In QEMU through 5.0.0, an assertion failure can occur in the network p ...) - qemu + [buster] - qemu (Minor issue, fix along in future DSA) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1860283 NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=035e69b063835a5fd23cacabd63690a3d84532a8 CVE-2020-16091 @@ -18146,10 +18151,13 @@ CVE-2020-15695 (An issue was discovered in Joomla! through 3.9.19. A missing tok NOT-FOR-US: Joomla! CVE-2020-15694 (In Nim 1.2.4, the standard library httpClient fails to properly valida ...) - nim 1.2.6-1 + [buster] - nim (Minor issue) CVE-2020-15693 (In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF ...) - nim 1.2.6-1 + [buster] - nim (Minor issue) CVE-2020-15692 (In Nim 1.2.4, the standard library browsers mishandles the URL argumen ...) - nim 1.2.6-1 + [buster] - nim (Minor issue) CVE-2020-15691 RESERVED CVE-2020-15690 @@ -18988,6 +18996,7 @@ CVE-2020-15367 (Venki Supravizio BPM 10.1.2 does not limit the number of authent NOT-FOR-US: Venki CVE-2020-15366 (An issue was discovered in ajv.validate() in Ajv (aka Another JSON Sch ...) - node-ajv 6.12.4-1 + [buster] - node-ajv (Minor issue) NOTE: https://github.com/ajv-validator/ajv/releases/tag/v6.12.3 CVE-2020-15365 (LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in ...) - libraw (Vulnerable code introduced in 0.20-Beta1) @@ -41203,6 +41212,7 @@ CVE-2020-7068 RESERVED - php7.4 7.4.9-1 - php7.3 + [buster] - php7.3 (Minor issue, fix along in future DSA) - php7.0 NOTE: Fixed in PHP 7.4.9, 7.3.21, 7.2.33 NOTE: PHP Bug: https://bugs.php.net/79797 = data/dsa-needed.txt = @@ -16,7 +16,7 @@ chromium -- curl (ghedo) -- -icingaweb2 +icingaweb2 (jmm) Maintainer prepared an update -- knot-resolver View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ad3c92ad003fc49bacbeef3fec836ef94cf7fe1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ad3c92ad003fc49bacbeef3fec836ef94cf7fe1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 1a0d3a9a by Moritz Muehlenhoff at 2020-08-03T17:09:04+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -801,8 +801,9 @@ CVE-2020-15891 RESERVED CVE-2020-15890 (LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc hand ...) {DLA-2296-1} - - luajit (bug #966148) + - luajit (unimportant; bug #966148) NOTE: https://github.com/LuaJIT/LuaJIT/issues/601 + NOTE: No security impact, only "exploitable" with untrusted Lua code CVE-2020-15889 (Lua through 5.4.0 has a getobjname heap-based buffer over-read because ...) - lua5.4 5.4.0-2 - lua5.3 @@ -9582,12 +9583,14 @@ CVE-2020-12402 (During RSA key generation, bignum implementations used a variati CVE-2020-12401 [ECDSA timing attack mitigation bypass] RESERVED - nss 2:3.55-1 + [buster] - nss (Minor issue) NOTE: https://hg.mozilla.org/projects/nss/rev/aeb2e583ee957a699d949009c7ba37af76515c20 NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1631573 (private) NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes CVE-2020-12400 [P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function] RESERVED - nss 2:3.55-1 + [buster] - nss (Minor issue) NOTE: https://hg.mozilla.org/projects/nss/rev/e55ab3145546ae3cf1333b43956a974675d2d25c NOTE: https://hg.mozilla.org/projects/nss/rev/3f022d5eca5d3cd0e366a825a5681953d76299d0 NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes @@ -20020,6 +20023,7 @@ CVE-2017-18641 (In LXC 2.0, many template scripts download code over cleartext H NOTE: https://github.com/lxc/lxc/pull/1371 for the lxc-fedora template. CVE-2020-8813 (graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute a ...) - cacti 1.2.10+ds1-1 (bug #951832) + [buster] - cacti (Minor issue) [stretch] - cacti (Vulnerable code not present) [jessie] - cacti (Vulnerable code not present) NOTE: https://gist.github.com/mhaskar/ebe6b74c32fd0f7e1eedf1aabfd44129 @@ -24746,6 +24750,7 @@ CVE-2020-6830 (For native-to-JS bridging, the app requires a unique token to be CVE-2020-6829 [Side channel attack on ECDSA signature generation] RESERVED - nss 2:3.55-1 + [buster] - nss (Minor issue) NOTE: https://hg.mozilla.org/projects/nss/rev/e55ab3145546ae3cf1333b43956a974675d2d25c NOTE: https://hg.mozilla.org/projects/nss/rev/3f022d5eca5d3cd0e366a825a5681953d76299d0 NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.55_release_notes View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a0d3a9a2e4f7c1c2602bfaf4c98507e455524a1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a0d3a9a2e4f7c1c2602bfaf4c98507e455524a1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d6071083 by Moritz Muehlenhoff at 2020-07-24T18:13:56+02:00 buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1348,7 +1348,8 @@ CVE-2020-15355 CVE-2020-15354 REJECTED CVE-2013-7489 (The Beaker library through 1.11.0 for Python is affected by deserializ ...) - - beaker + - beaker (bug #966197) + [buster] - beaker (Minor issue) NOTE: https://github.com/bbangert/beaker/issues/191 NOTE: https://www.openwall.com/lists/oss-security/2020/05/14/11 CVE-2020-15353 @@ -27323,15 +27324,13 @@ CVE-2020-5400 (Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, CVE-2020-5399 (Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL d ...) NOT-FOR-US: Cloud Foundry CredHub CVE-2020-5398 (In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x pri ...) - - libspring-java - [jessie] - libspring-java (Vulnerable code not present) + - libspring-java (Vulnerable code not present) NOTE: https://pivotal.io/security/cve-2020-5398 NOTE: https://github.com/spring-projects/spring-framework/issues/24220 NOTE: https://github.com/spring-projects/spring-framework/commit/41f40c6c229d3b4f768718f1ec229d8f0ad76d76 NOTE: https://github.com/spring-projects/spring-framework/commit/956ffe68587c8d5f21135b5ce4650af0c2dea933 CVE-2020-5397 (Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF ...) - - libspring-java - [jessie] - libspring-java (Vulnerable code not present) + - libspring-java (Only affects 5.2.x) NOTE: https://pivotal.io/security/cve-2020-5397 NOTE: https://github.com/spring-projects/spring-framework/issues/24327 NOTE: https://github.com/spring-projects/spring-framework/commit/bc7d01048579430b4b2df668178809b63d3f1929 @@ -38043,7 +38042,8 @@ CVE-2020-1724 (A flaw was found in Keycloak in versions before 9.0.2. This flaw CVE-2020-1723 RESERVED CVE-2020-1722 (A flaw was found in all ipa versions 4.x.x through 4.8.0. When sending ...) - - freeipa + - freeipa (bug #966200) + [buster] - freeipa (Minor issue) NOTE: https://pagure.io/freeipa/issue/8268 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793071 CVE-2020-1721 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d607108391ebef48a884a7c7c351c83a1869f23b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d607108391ebef48a884a7c7c351c83a1869f23b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f5565e7e by Moritz Muehlenhoff at 2020-07-14T18:08:51+02:00 buster triage mark one wp issue as undetermined, no actionable information except some second hand media reports - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -12765,6 +12765,7 @@ CVE-2020-11021 (Actions Http-Client (NPM @actions/http-client) before version 1. NOT-FOR-US: Actions Http-Client CVE-2020-11020 (Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1. ...) - ruby-faye (bug #959392) + [buster] - ruby-faye (Minor issue) NOTE: https://github.com/faye/faye/security/advisories/GHSA-qpg4-4w7w-2mq5 NOTE: https://github.com/faye/faye/commit/65d297d341b607f3cb0b5fa6021a625a991cc30e CVE-2020-11019 (In FreeRDP less than or equal to 2.0.0, when running with logger set t ...) @@ -13834,6 +13835,7 @@ CVE-2020-10731 RESERVED CVE-2020-10730 (A NULL pointer dereference, or possible use-after-free flaw was found ...) - ldb 2:2.1.4-1 + [buster] - ldb (Minor issue) - samba 2:4.12.5+dfsg-1 [buster] - samba (Minor issue, fix along in next DSA) [stretch] - ldb (Vulnerable code introduced later) @@ -105388,8 +105390,7 @@ CVE-2018-1000801 (okular version 18.08 and earlier contains a Directory Traversa CVE-2018-1000800 (zephyr-rtos version 1.12.0 contains a NULL base pointer reference vuln ...) NOT-FOR-US: zephyr-rtos CVE-2018-1000773 (WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation ...) - - wordpress - [jessie] - wordpress (cf. CVE-2017-1000600) + - wordpress NOTE: This CVE exists due to an incomplete fix in 4.9 for CVE-2017-1000600. CVE-2018-1000673 REJECTED = data/dsa-needed.txt = @@ -41,6 +41,8 @@ squid (jmm) -- teeworlds (jmm) -- +tomcat9 +-- xcftools Hugo proposed to work on this update -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5565e7ef2599faa3e60703e8e0263c2872f285c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5565e7ef2599faa3e60703e8e0263c2872f285c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fa31a1d0 by Moritz Muehlenhoff at 2020-07-09T19:43:51+02:00 buster triage mark Google Closure Library as NFU, if this were a security issue as bundled in Chromium, it would get fixed via Chromium updates anyway - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -178,6 +178,7 @@ CVE-2020-15570 (The parse_report() function in whoopsie.c in Whoopsie through 0. NOT-FOR-US: Whoopsie CVE-2020-15569 (PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free ...) - milkytracker + [buster] - milkytracker (Minor issue) NOTE: https://github.com/milkytracker/MilkyTracker/commit/7afd55c42ad80d01a339197a2d8b5461d214edaf CVE-2020-15568 RESERVED @@ -14601,7 +14602,9 @@ CVE-2020-10380 (RMySQL through 0.10.19 allows SQL Injection. ...) NOTE: Test: https://github.com/r-dbi/RMySQL/commit/6137ce887c1e36b278f11656a9a9fc1cae6a5f40 CVE-2020-10379 (In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/T ...) - pillow - [jessie] - pillow (Minor issue) + [buster] - pillow (Support for old-JPEG compressed TIFFs introduced in 6.0.0) + [stretch] - pillow (Support for old-JPEG compressed TIFFs introduced in 6.0.0) + [jessie] - pillow (Support for old-JPEG compressed TIFFs introduced in 6.0.0) NOTE: https://github.com/python-pillow/Pillow/pull/4538 NOTE: Fixed in 6.2.3 and 7.1.0 CVE-2020-10378 (In libImaging/PcxDecode.c in Pillow before before 7.0.1, an out-of-bou ...) @@ -17993,9 +17996,7 @@ CVE-2020-8912 CVE-2020-8911 RESERVED CVE-2020-8910 (A URL parsing issue in goog.uri of the Google Closure Library versions ...) - - chromium - [stretch] - chromium (see DSA 4562) - NOTE: https://github.com/google/closure-library/commit/294fc00b01d248419d8f8de37580adf2a0024fc9 + NOT-FOR-US: Google Closure Library CVE-2020-8909 RESERVED CVE-2020-8908 @@ -18173,6 +18174,7 @@ CVE-2020-8839 (Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converte CVE-2015-9542 (add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correct ...) {DLA-2116-1} - libpam-radius-auth 1.4.0-3 (bug #951396) + [buster] - libpam-radius-auth (Minor issue) NOTE: https://github.com/FreeRADIUS/pam_radius/commit/01173ec NOTE: https://github.com/FreeRADIUS/pam_radius/commit/6bae92d NOTE: https://github.com/FreeRADIUS/pam_radius/commit/ac2c1677 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa31a1d00b6697e9206b40bd534c5a4b309920d8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa31a1d00b6697e9206b40bd534c5a4b309920d8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 3e4c3e89 by Moritz Muehlenhoff at 2020-07-06T19:29:25+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -121,6 +121,7 @@ CVE-2020-15504 RESERVED CVE-2020-15503 (LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affect ...) - libraw + [buster] - libraw (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1853477 NOTE: https://github.com/LibRaw/LibRaw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d CVE-2020-15502 (** DISPUTED ** The DuckDuckGo application through 5.58.0 for Android, ...) @@ -186,6 +187,8 @@ CVE-2020-15475 (In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_mai NOTE: https://github.com/ntop/nDPI/commit/6a9f5e4f7c3fd5ddab3e6727b071904d76773952 CVE-2020-15474 (In nDPI through 3.2, there is a stack overflow in extractRDNSequence i ...) - ndpi + [buster] - ndpi (Vulnerable code not present) + [stretch] - ndpi (Vulnerable code not present) NOTE: https://github.com/ntop/nDPI/commit/23594f036536468072198a57c59b6e9d63caf6ce CVE-2020-15473 (In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-bas ...) - ndpi @@ -195,6 +198,8 @@ CVE-2020-15472 (In nDPI through 3.2, the H.323 dissector is vulnerable to a heap NOTE: https://github.com/ntop/nDPI/commit/b7e666e465f138ae48ab81976726e67deed12701 CVE-2020-15471 (In nDPI through 3.2, the packet parsing code is vulnerable to a heap-b ...) - ndpi + [buster] - ndpi (Vulnerable code not present) + [stretch] - ndpi (Vulnerable code not present) NOTE: https://github.com/ntop/nDPI/commit/61066fb106efa6d3d95b67e47b662de208b2b622 CVE-2020-15470 (ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_dec ...) NOT-FOR-US: ffjpeg @@ -1316,7 +1321,8 @@ CVE-2020-14949 CVE-2020-14948 RESERVED CVE-2020-14947 (OCS Inventory NG 2.7 allows Remote Command Execution via shell metacha ...) - TODO: check + - ocsinventory-server (unimportant) + NOTE: Only supported in trusted environments, see debtags CVE-2020-14946 (downloadFile.ashx in the Administrator section of the Surveillance mod ...) NOT-FOR-US: Surveillance module in Global RADAR BSA Radar CVE-2020-14945 (A privilege escalation vulnerability exists within Global RADAR BSA Ra ...) @@ -17681,6 +17687,7 @@ CVE-2020-8946 (Netis WF2471 v1.2.30142 devices allow an authenticated attacker t NOT-FOR-US: Netis devices CVE-2020-8945 (The proglottis Go wrapper before 0.1.1 for the GPGME library has a use ...) - golang-github-proglottis-gpgme 0.1.1-1 (bug #951372) + [buster] - golang-github-proglottis-gpgme (Minor issue) NOTE: https://github.com/proglottis/gpgme/pull/23 CVE-2020-8944 RESERVED @@ -19603,6 +19610,7 @@ CVE-2020-8132 (Lack of input validation in pdf-image npm package version <= 2 NOT-FOR-US: Node pdf-image package CVE-2020-8131 (Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows ...) - node-yarnpkg 1.22.4-2 (bug #952912) + [buster] - node-yarnpkg (Minor issue) NOTE: https://hackerone.com/reports/730239 NOTE: https://github.com/yarnpkg/yarn/pull/7831 CVE-2020-8130 (There is an OS command injection vulnerability in Ruby Rake < 12.3. ...) @@ -147563,7 +147571,8 @@ CVE-2018-1286 (In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileg NOT-FOR-US: Apache OpenMeetings CVE-2018-1285 (Apache log4net before 2.0.8 does not disable XML external entities whe ...) {DLA-2211-1} - - log4net + - log4net (low) + [buster] - log4net (Minor issue) NOTE: https://issues.apache.org/jira/browse/LOG4NET-575 NOTE: https://github.com/apache/logging-log4net/commit/d0b4b0157d4af36b23c24a23739c47925c3bd8d7 CVE-2018-1284 (In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs ...) = data/dsa-needed.txt = @@ -37,6 +37,8 @@ rails ruby2.5/stable Utkarsh Gupta proposed to work on an update -- +roundcube +-- squid/stable -- teeworlds/stable (jmm) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e4c3e89ce20df6ecaeac9c55f6a7bdfd27349f5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e4c3e89ce20df6ecaeac9c55f6a7bdfd27349f5 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/deb
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 0e9346d0 by Moritz Muehlenhoff at 2019-06-25T22:13:28Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -7022,9 +7022,10 @@ CVE-2019-10157 (It was found that Keycloak's Node.js adapter before version 4.8. NOT-FOR-US: Keycloak CVE-2019-10156 [templating causing an unexpected key file to be set on remote node] RESERVED - - ansible (bug #930065) + - ansible (low; bug #930065) + [buster] - ansible (Minor issue) + [stretch] - ansible (Minor issue) NOTE: https://github.com/ansible/ansible/pull/57188 - TODO: check details CVE-2019-10155 (The Libreswan Project has found a vulnerability in the processing of I ...) - libreswan 3.27-6 (bug #930338) - strongswan 5.1.0-1 @@ -47641,6 +47642,7 @@ CVE-2018-14568 (Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST CVE-2018-14567 (libxml2 2.9.8, if --with-lzma is used, allows remote attackers to caus ...) {DLA-1524-1} - libxml2 + [buster] - libxml2 (Minor issue) [stretch] - libxml2 (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/libxml2/issues/13 (not public yet) NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74 @@ -61844,7 +61846,8 @@ CVE-2018-9251 (The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzm NOTE: is applied. CVE-2017-18258 (The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote ...) {DLA-1524-1} - - libxml2 (bug #895245) + - libxml2 (low; bug #895245) + [buster] - libxml2 (Minor issue) [stretch] - libxml2 (Minor issue; wait for upstream fix for upstream bug 794914) [wheezy] - libxml2 (Minor issue; wait for upstream fix for upstream bug 794914) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=786696 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0e9346d0e4462d5c1e20efc44032d7808fd55871 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0e9346d0e4462d5c1e20efc44032d7808fd55871 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c4033775 by Moritz Muehlenhoff at 2019-06-25T20:45:50Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -245,6 +245,7 @@ CVE-2019-12856 RESERVED CVE-2019-12855 (In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP su ...) - twisted (bug #930626) + [buster] - twisted (Minor issue) [stretch] - twisted (Minor issue) [jessie] - twisted (Minor issue) NOTE: https://github.com/twisted/twisted/pull/1147 @@ -1098,15 +1099,21 @@ CVE-2019-12485 CVE-2019-12484 RESERVED CVE-2019-12483 (An issue was discovered in GPAC 0.7.1. There is a heap-based buffer ov ...) - - gpac + - gpac (bug #931088) + [buster] - gpac (Minor issue) + [stretch] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/issues/1249 NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1 CVE-2019-12482 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer derefer ...) - - gpac + - gpac (bug #931088) + [buster] - gpac (Minor issue) + [stretch] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/issues/1249 NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1 CVE-2019-12481 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer derefer ...) - - gpac + - gpac (bug #931088) + [buster] - gpac (Minor issue) + [stretch] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/issues/1249 NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1 CVE-2019-12480 (BACnet Protocol Stack through 0.8.6 could allow an unauthenticated, re ...) @@ -1393,6 +1400,7 @@ CVE-2019-12388 RESERVED CVE-2019-12387 (In Twisted before 19.2.1, twisted.web did not validate or sanitize URI ...) - twisted (bug #930389) + [buster] - twisted (Minor issue) [stretch] - twisted (Minor issue) [jessie] - twisted (Minor issue) NOTE: https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2 @@ -23347,6 +23355,8 @@ CVE-2019-3812 (QEMU, through version 2.10 and through version 3.1.0, is vulnerab NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=78c71af8049c40657b646d9dd722867fa15c0f1b CVE-2019-3811 (A vulnerability was found in sssd. If a user was configured with no ho ...) {DLA-1635-1} + [buster] - sssd (Minor issue) + [stretch] - sssd (Minor issue) - sssd (bug #919051) NOTE: Upstream ticket: https://pagure.io/SSSD/sssd/issue/3901 NOTE: Pull request: https://github.com/SSSD/sssd/pull/703 @@ -41418,6 +41428,7 @@ CVE-2018-16884 (A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1660375 CVE-2018-16883 (sssd versions from 1.13.0 to before 2.0.0 did not properly restrict ac ...) - sssd (bug #916824) + [buster] - sssd (Minor issue) [stretch] - sssd (Minor issue) [jessie] - sssd (Issue got introduced with 1.13.0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1659862 @@ -41687,6 +41698,8 @@ CVE-2018-16839 (Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer o NOTE: Fixed by: https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5 CVE-2018-16838 (A flaw was found in sssd Group Policy Objects implementation. When the ...) - sssd + [buster] - sssd (Minor issue) + [stretch] - sssd (Minor issue) [jessie] - sssd (GPO based access control introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1640820 NOTE: GPO based access control introduced in https://github.com/SSSD/sssd/commit/60cab26b12 @@ -57704,6 +57717,8 @@ CVE-2018-10853 (A flaw was found in the way Linux kernel KVM hypervisor before 4 NOTE: Fixed by: https://git.kernel.org/linus/3c9fa24ca7c9c47605672916491f79e8ccacb9e6 CVE-2018-10852 (The UNIX pipe which sudo uses to contact SSSD and read the available s ...) {DLA-1429-1} + [buster] - sssd (Minor issue) + [stretch] - sssd (Minor issue) - sssd (bug #902860) NOTE: https://pagure.io/SSSD/sssd/issue/3766 CVE-2018-10851 (PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4. ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c4033775c5141833ea637b88b4fb427fd1c725b8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c4033775c5141833ea637b88b4fb427fd1c725b8 You're receiving this email because of your account on salsa.debian.org. __
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 459ee02e by Moritz Muehlenhoff at 2019-06-21T22:05:48Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -49,7 +49,7 @@ CVE-2019-12906 CVE-2019-12905 (FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman& ...) NOT-FOR-US: FileRun CVE-2019-12904 (In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flu ...) - - libgcrypt20 + - libgcrypt20 (bug #930885) - libgcrypt11 NOTE: https://dev.gnupg.org/T4541 NOTE: https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020 @@ -61,7 +61,7 @@ CVE-2019-12902 (Pydio Cells before 1.5.0 does incomplete cleanup of a user's dat CVE-2019-12901 (Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing ...) NOT-FOR-US: Pydio Cells (relates to Pydio product) CVE-2019-12900 (BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bo ...) - - bzip2 + - bzip2 (bug #930886) NOTE: https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc TODO: check details CVE-2019-12899 (Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV star ...) @@ -6938,7 +6938,8 @@ CVE-2019-10154 - moodle CVE-2019-10153 [mis-handling of non-ASCII characters in guest comment fields] RESERVED - - fence-agents (low) + - fence-agents (low; bug #930887) + [buster] - fence-agents (Minor issue) [stretch] - fence-agents (Vulnerable code not present) [jessie] - fence-agents (Vulnerable code introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1670460 @@ -7246,6 +7247,7 @@ CVE-2019-10054 RESERVED CVE-2019-10053 (An issue was discovered in Suricata 4.1.x before 4.1.4. If the input o ...) - suricata 1:4.1.4-1 + [buster] - suricata (Minor issue) [stretch] - suricata (Minor issue) [jessie] - suricata (Minor issue) NOTE: https://redmine.openinfosecfoundation.org/issues/2883 @@ -7256,6 +7258,7 @@ CVE-2019-10051 RESERVED CVE-2019-10050 (A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4 ...) - suricata 1:4.1.4-1 + [buster] - suricata (Minor issue) [stretch] - suricata (Minor issue) [jessie] - suricata (Minor issue) NOTE: https://redmine.openinfosecfoundation.org/issues/2884 @@ -19708,6 +19711,7 @@ CVE-2019-5430 (In UniFi Video 3.10.0 and prior, due to the lack of CSRF protecti NOT-FOR-US: Ubiquiti Networks UniFi Video CVE-2019-5429 (Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacke ...) - filezilla (low; bug #928282) + [buster] - filezilla (Minor issue) [stretch] - filezilla (Minor issue) [jessie] - filezilla (Minor issue) NOTE: https://svn.filezilla-project.org/filezilla?revision=9097&view=revision View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/459ee02e48a7e7ae6cb8ae1ede2ce44f0b275e20 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/459ee02e48a7e7ae6cb8ae1ede2ce44f0b275e20 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 1712d1c2 by Moritz Muehlenhoff at 2019-06-21T21:08:48Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -138,6 +138,7 @@ CVE-2019-12866 RESERVED CVE-2019-12865 (In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a dou ...) - radare2 (bug #930704) + [buster] - radare2 (Minor issue) [stretch] - radare2 (Minor issue) [jessie] - radare2 (Minor issue) NOTE: https://github.com/radare/radare2/issues/14334 @@ -224,6 +225,7 @@ CVE-2019-12830 (In MyBB before 1.8.21, an attacker can exploit a parsing flaw in NOT-FOR-US: MyBB CVE-2019-12829 (radare2 through 3.5.1 mishandles the RParse API, which allows remote a ...) - radare2 (bug #930590) + [buster] - radare2 (Minor issue) [stretch] - radare2 (Minor issue) [jessie] - radare2 (Minor issue) NOTE: https://github.com/radare/radare2/issues/14303 @@ -420,12 +422,14 @@ CVE-2019-12762 (Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen NOT-FOR-US: Xiaomi Mi 5s Plus devices CVE-2019-12761 (A code injection issue was discovered in PyXDG before 0.26 via crafted ...) {DLA-1819-1} - - pyxdg (bug #930099) + - pyxdg (low; bug #930099) + [buster] - pyxdg (Minor issue) [stretch] - pyxdg (Minor issue) NOTE: https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562 NOTE: https://gitlab.freedesktop.org/xdg/pyxdg/issues/14 CVE-2019-12760 (A deserialization vulnerability exists in the way parso through 0.4.0 ...) - parso (bug #930356) + [buster] - parso (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1718212 NOTE: https://gist.github.com/dhondta/f71ae7e5c4234f8edfd2f12503a5dcc7 CVE-2019-12759 @@ -1790,15 +1794,23 @@ CVE-2019-12215 (** DISPUTED ** A full path disclosure vulnerability was discover - matomo (bug #448532) CVE-2019-12214 (In FreeImage 3.18.0, an out-of-bounds access occurs because of mishand ...) - freeimage (bug #929597) + [buster] - freeimage (Revisit when upstream fixes are available) + [stretch] - freeimage (Revisit when upstream fixes are available) NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/ CVE-2019-12213 (When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory ...) - freeimage (bug #929597) + [buster] - freeimage (Revisit when upstream fixes are available) + [stretch] - freeimage (Revisit when upstream fixes are available) NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/ CVE-2019-12212 (When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize ...) - freeimage (bug #929597) + [buster] - freeimage (Revisit when upstream fixes are available) + [stretch] - freeimage (Revisit when upstream fixes are available) NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/ CVE-2019-12211 (When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load ...) - freeimage (bug #929597) + [buster] - freeimage (Revisit when upstream fixes are available) + [stretch] - freeimage (Revisit when upstream fixes are available) NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/ CVE-2019-12210 (In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug ...) - pam-u2f (low; bug #930023) @@ -1936,7 +1948,8 @@ CVE-2019-12151 CVE-2019-12150 (Karamasoft UltimateEditor 1 does not ensure that an uploaded file is a ...) NOT-FOR-US: Karamasoft UltimateEditor CVE-2018-20839 (systemd 242 changes the VT1 mode upon a logout, which allows attackers ...) - - systemd (bug #929116) + - systemd (low; bug #929116) + [buster] - systemd (Minor issue) [stretch] - systemd (Minor issue) [jessie] - systemd (Not reproducible without Ubuntu-style persistant VT1 greeter; too invasive to fix) NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993 @@ -4605,6 +4618,7 @@ CVE-2019-11069 (Sequelize version 5 before 5.3.0 does not properly ensure that s CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism because ...) {DLA-1756-1} - libxslt (bug #926895) + [buster] - libxslt (Minor issue) [stretch] - libxslt (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/libxslt/issues/12 (not public) NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 @@ -8446,7 +8460,7 @@ CVE-2019-9836 CVE-2019-9835 (The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set L ...)
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2344f3af by Moritz Muehlenhoff at 2019-06-15T21:01:36Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -71,6 +71,8 @@ CVE-2019-12803 RESERVED CVE-2019-12802 (In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lan ...) - radare2 (bug #930510) + [buster] - radare2 (Minor issue) + [stretch] - radare2 (Minor issue) NOTE: https://github.com/radare/radare2/issues/14296 CVE-2019-12801 RESERVED @@ -6591,10 +6593,12 @@ CVE-2019-10161 RESERVED CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since ...) - python3.7 + [buster] - python3.7 (Minor issue) - python3.6 (Incomplete fix for CVE-2019-9636 not applied) - python3.5 (Incomplete fix for CVE-2019-9636 not applied) - python3.4 (Incomplete fix for CVE-2019-9636 not applied) - python2.7 + [buster] - python2.7 (Minor issue) [stretch] - python2.7 (Incomplete fix for CVE-2019-9636 not applied) NOTE: Introduced by: https://github.com/python/cpython/commit/d537ab0ff9767ef024f26246899728f0116b1ec3 (v3.8.0a4) NOTE: Fixed by: https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e (v3.8.0b1) @@ -6952,6 +6956,7 @@ CVE-2019-10045 (The "action" get_sess_id in the web application of Pydio through - ajaxplorer (bug #668381) CVE-2019-10044 (Telegram Desktop before 1.5.12 on Windows, and the Telegram applicatio ...) - telegram-desktop (bug #927711) + [buster] - telegram-desktop (Minor issue) NOTE: https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt CVE-2019-10043 RESERVED @@ -7157,10 +7162,12 @@ CVE-2019-9948 (urllib in Python 2.x through 2.7.16 supports the local_file: sche NOTE: https://github.com/python/cpython/pull/11842 CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...) - python3.7 + [buster] - python3.7 (Minor issue) - python3.6 - python3.5 - python3.4 - python2.7 + [buster] - python2.7 (Minor issue) NOTE: https://bugs.python.org/issue35906 NOTE: Introduced by: https://github.com/python/cpython/commit/cc54c1c0d2d05fe7404ba64c53df4b1352ed2262 CVE-2019-9946 (Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...) @@ -8519,10 +8526,12 @@ CVE-2019-9741 (An issue was discovered in net/http in Go 1.11.5. CRLF injection NOTE: https://github.com/golang/go/commit/f1d662f34788f4a5f087581d0951cdf4e0f6e708#diff-b97af51863ce82bf2a13003b52034aa9 CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...) - python3.7 + [buster] - python3.7 (Minor issue) - python3.6 - python3.5 - python3.4 - python2.7 + [buster] - python2.7 (Minor issue) NOTE: https://bugs.python.org/issue36276 NOTE: https://bugs.python.org/issue30458 CVE-2019-9739 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2344f3af695e08390afa8d73e1d38c0f8eaca530 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2344f3af695e08390afa8d73e1d38c0f8eaca530 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 9bfa5307 by Moritz Muehlenhoff at 2019-06-14T10:16:44Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1526,11 +1526,15 @@ CVE-2019-12211 (When FreeImage 3.18.0 reads a tiff file, it will be handed to th - freeimage (bug #929597) NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/ CVE-2019-12210 (In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug ...) - - pam-u2f (bug #930023) + - pam-u2f (low; bug #930023) + [buster] - pam-u2f (Minor issue) + [stretch] - pam-u2f (Minor issue) NOTE: https://github.com/Yubico/pam-u2f/commit/18b1914e32b74ff52000f10e97067e841e5fff62 NOTE: https://www.openwall.com/lists/oss-security/2019/06/05/1 CVE-2019-12209 (Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (defa ...) - - pam-u2f (bug #930021) + - pam-u2f (low; bug #930021) + [buster] - pam-u2f (Minor issue) + [stretch] - pam-u2f (Minor issue) NOTE: https://github.com/Yubico/pam-u2f/commit/7db3386fcdb454e33a3ea30dcfb8e8960d4c3aa3 NOTE: https://www.openwall.com/lists/oss-security/2019/06/05/1 CVE-2019-12208 (njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in ...) @@ -6341,6 +6345,7 @@ CVE-2019-10248 (Eclipse Vorto versions prior to 0.11 resolved Maven build artifa CVE-2019-10247 (In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, ...) [experimental] - jetty9 9.4.18-1 - jetty9 (bug #928444) + [buster] - jetty9 (Minor issue) [stretch] - jetty9 (Minor issue) - jetty8 [jessie] - jetty8 (Minor issue) @@ -6365,6 +6370,7 @@ CVE-2019-10242 (In Eclipse Kura versions up to 4.0.0, the SkinServlet did not ch CVE-2019-10241 (In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.1 ...) [experimental] - jetty9 9.4.18-1 - jetty9 (bug #928444) + [buster] - jetty9 (Minor issue) [stretch] - jetty9 (Minor issue) - jetty8 [jessie] - jetty8 (Minor issue) @@ -13351,6 +13357,7 @@ CVE-2019-7734 RESERVED CVE-2019-7733 (In Live555 0.95, there is a buffer overflow via a large integer in a C ...) - liblivemedia (low; bug #929948) + [buster] - liblivemedia (Minor issue) [stretch] - liblivemedia (Minor issue) [jessie] - liblivemedia (Minor issue) NOTE: https://github.com/rgaufman/live555/issues/21 @@ -33751,6 +33758,7 @@ CVE-2018-19505 (Remedy AR System Server in BMC Remedy 7.1 may fail to set the co NOT-FOR-US: Remedy AR System Server in BMC Remedy CVE-2018-19504 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2 ...) - faad2 (low; bug #914641) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) [jessie] - faad2 (Minor issue) NOTE: https://sourceforge.net/p/faac/bugs/240/ @@ -34445,6 +34453,7 @@ CVE-2019-0223 (While investigating bug PROTON-2014, we discovered that under som NOTE: the package to be vulnerable. CVE-2019-0222 (In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame ca ...) - activemq (bug #925964) + [buster] - activemq (Minor issue) [stretch] - activemq (Minor issue) [jessie] - activemq (MQTT support not enabled) NOTE: http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt @@ -47596,7 +47605,8 @@ CVE-2018-14405 RESERVED CVE-2018-14404 (A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPat ...) {DLA-1524-1} - - libxml2 (bug #901817) + - libxml2 (low; bug #901817) + [buster] - libxml2 (Minor issue) [stretch] - libxml2 (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/libxml2/issues/5 NOTE: https://gitlab.gnome.org/GNOME/libxml2/issues/10 @@ -95572,7 +95582,7 @@ CVE-2017-14860 (There is a heap-based buffer over-read in the Exiv2::Jp2Image::r CVE-2017-14859 (An Invalid memory address dereference was discovered in Exiv2::StringV ...) {DLA-1147-1} - exiv2 - [busters] - exiv2 (Minor issue) + [buster] - exiv2 (Minor issue) [stretch] - exiv2 (Minor issue) [jessie] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/74 @@ -146688,6 +146698,7 @@ CVE-2016-7152 (The HTTPS protocol does not consider the role of the TCP congesti NOTE: CVE assigned for the HTTP/2 protocol issue CVE-2016-7151 (Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a re ...) - capstone (low; bug #930002) + [buster] - capstone (Minor issue) [stretch] - capstone (Minor issue) [jessie] - caps
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a1875cce by Moritz Muehlenhoff at 2019-06-11T10:48:15Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -6,6 +6,8 @@ CVE-2019-12791 RESERVED CVE-2019-12790 (In radare2 through 3.5.1, there is a heap-based buffer over-read in th ...) - radare2 (bug #930344) + [buster] - radare2 (Minor issue) + [stretch] - radare2 (Minor issue) NOTE: https://github.com/radare/radare2/issues/14211 CVE-2019-12789 RESERVED @@ -140,7 +142,8 @@ CVE-2019-12731 RESERVED CVE-2019-12730 (aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 does not ...) {DSA-4449-1} - - ffmpeg + - ffmpeg (low) + [buster] - ffmpeg (Minor issue, wait until fixed in 4.1.x branch) NOTE: https://github.com/FFmpeg/FFmpeg/commit/ed188f6dcdf0935c939ed813cf8745d50742014b CVE-2019-12729 RESERVED @@ -1334,58 +1337,72 @@ CVE-2019-12223 RESERVED CVE-2019-1 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [buster] - libsdl2-image (Minor issue) [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [buster] - sdl-image1.2 (Minor issue) [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4621 CVE-2019-12221 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [buster] - libsdl2-image (Minor issue) [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [buster] - sdl-image1.2 (Minor issue) [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4628 CVE-2019-12220 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [buster] - libsdl2-image (Minor issue) [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [buster] - sdl-image1.2 (Minor issue) [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4627 CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [buster] - libsdl2-image (Minor issue) [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [buster] - sdl-image1.2 (Minor issue) [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625 CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [buster] - libsdl2-image (Minor issue) [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [buster] - sdl-image1.2 (Minor issue) [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4620 TODO: check details and correct vulnerability location CVE-2019-12217 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [buster] - libsdl2-image (Minor issue) [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [buster] - sdl-image1.2 (Minor issue) [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626 CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [buster] - libsdl2-image (Minor issue) [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [buster] - sdl-image1.2 (Minor issue) [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4619 @@ -9838,10 +9855,14 @@ CVE-2019-9153 RESERVED CVE-2019-9152 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...) - hdf5 + [buster] - hdf5 (Minor issue) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul8 NOTE: issue in upst
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 8cbad464 by Moritz Muehlenhoff at 2019-06-03T20:53:00Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -4572,7 +4572,8 @@ CVE-2019-10725 CVE-2019-10724 RESERVED CVE-2019-10723 (An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class i ...) - - libpodofo (bug #926667) + - libpodofo (low; bug #926667) + [buster] - libpodofo (Minor issue) [stretch] - libpodofo (Minor issue) [jessie] - libpodofo (clean exception quit/DoS, low popcon) NOTE: https://sourceforge.net/p/podofo/tickets/46/ @@ -26965,6 +26966,7 @@ CVE-2018-20098 (There is a heap-based buffer over-read in Exiv2::Jp2Image::encod CVE-2018-20097 (There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroup ...) {DLA-1691-1} - exiv2 (low) + [buster] - exiv2 (Minor issue) [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/590 NOTE: https://github.com/Exiv2/exiv2/commit/203ab0db28c9666b16069d4056ac5f66f753a51d @@ -32928,6 +32930,7 @@ CVE-2018-19536 CVE-2018-19535 (In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngch ...) {DLA-1691-1} - exiv2 (bug #915135) + [buster] - exiv2 (Minor issue) [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/428 NOTE: https://github.com/Exiv2/exiv2/pull/430 @@ -34462,6 +34465,7 @@ CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PS ...) {DLA-1691-1} - exiv2 (bug #913272) + [buster] - exiv2 (Minor issue) [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/426 NOTE: https://github.com/Exiv2/exiv2/pull/518 @@ -34470,6 +34474,7 @@ CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdi ...) {DLA-1691-1} - exiv2 (bug #913273) + [buster] - exiv2 (Minor issue) [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/427 NOTE: https://github.com/Exiv2/exiv2/pull/518 @@ -38441,6 +38446,7 @@ CVE-2018-17582 (Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. T CVE-2018-17581 (CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has e ...) {DLA-1691-1} - exiv2 (low; bug #910060) + [buster] - exiv2 (Minor issue) [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/460 NOTE: Fixed in: https://github.com/Exiv2/exiv2/commit/b3d077dcaefb6747fff8204490f33eba5a144edb @@ -41825,6 +41831,7 @@ CVE-2018-16337 (An issue was discovered in Cscms V4.1.8. There is a CSRF vulnera CVE-2018-16336 (Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote ...) {DLA-1551-1} - exiv2 (bug #916081) + [buster] - exiv2 (Minor issue) [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/400 NOTE: https://github.com/Exiv2/exiv2/commit/35b3e596edacd2437c2c5d3dd2b5c9502626163d @@ -42860,6 +42867,7 @@ CVE-2018-15890 RESERVED CVE-2018-15889 (In podofo 0.9.6, the function PoDoFo::PdfParser::ReadObjects() in base ...) - libpodofo (low; bug #916167) + [buster] - libpodofo (Minor issue) [stretch] - libpodofo (Minor issue) [jessie] - libpodofo (Minor issue) NOTE: (possible, but not yet confirmed) duplicate of CVE-2018-5783 @@ -46577,7 +46585,8 @@ CVE-2018-14499 (An issue was found in HYBBS through 2016-03-08. There is an XSS NOT-FOR-US: HYBBS CVE-2018-14498 (get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG th ...) {DLA-1719-1} - - libjpeg-turbo (bug #924678) + - libjpeg-turbo (low; bug #924678) + [buster] - libjpeg-turbo (Minor issue) [stretch] - libjpeg-turbo (Minor issue) - mozjpeg (bug #741487) NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55 @@ -50183,6 +50192,7 @@ CVE-2018-12984 (Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" cred NOT-FOR-US: Hycus CMS CVE-2018-12983 (A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryp ...) - libpodofo (low; bug #916580) + [buster] - libpodofo (Minor issue) [stretch] - libpodofo (Minor issue) [jessie] - libpodofo (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1595693 @@ -50448,7 +50458,9 @@ CVE-2018-12887 CVE-2018-12886 (stack_protect_p
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f5e1ba48 by Moritz Muehlenhoff at 2019-05-27T20:38:54Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1964,10 +1964,12 @@ CVE-2019-11504 (Zotonic before version 0.47 has mod_admin XSS. ...) NOT-FOR-US: Zotonic CVE-2019-11503 (snap-confine as included in snapd before 2.39 did not guard against sy ...) - snapd (low; bug #928052) + [buster] - snapd (Minor issue) [stretch] - snapd (Minor issue) NOTE: https://github.com/snapcore/snapd/pull/6642 CVE-2019-11502 (snap-confine in snapd before 2.38 incorrectly set the ownership of a s ...) - snapd (low; bug #928052) + [buster] - snapd (Minor issue) [stretch] - snapd (Minor issue) NOTE: https://github.com/snapcore/snapd/commit/bdbfeebef03245176ae0dc323392bb0522a339b1 CVE-2017-18367 (libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR ...) @@ -2117,6 +2119,7 @@ CVE-2019-11461 (An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 a [stretch] - nautilus (Vulnerable embedded gnome-desktop thumbnail script introduced later) [jessie] - nautilus (Vulnerable embedded gnome-desktop thumbnail script introduced later) NOTE: https://gitlab.gnome.org/GNOME/nautilus/issues/987 + NOTE: https://gitlab.gnome.org/GNOME/nautilus/commit/2ddba428ef2b13d0620bd599c3635b9c11044659 CVE-2019-11460 (An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 pr ...) - gnome-desktop3 (low; bug #928732) [buster] - gnome-desktop3 (Minor issue) @@ -3172,6 +3175,7 @@ CVE-2019-11027 RESERVED CVE-2019-11026 (FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infini ...) - poppler (low; bug #926721) + [buster] - poppler (Minor issue) [stretch] - poppler (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/752 NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/8051f678b3b43326e5fdfd7c03f39de21059f426 @@ -33143,6 +33147,7 @@ CVE-2019-0188 NOT-FOR-US: Apache Camel CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in distributed mod ...) - jakarta-jmeter + [buster] - jakarta-jmeter (Minor issue) [stretch] - jakarta-jmeter (Minor issue) [jessie] - jakarta-jmeter (Minor issue) NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5e1ba48fa337a6b5b7af130994bb8d0488d0ef8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f5e1ba48fa337a6b5b7af130994bb8d0488d0ef8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 3522a0c8 by Moritz Muehlenhoff at 2019-05-09T20:46:48Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -435,6 +435,7 @@ CVE-2019-11645 RESERVED CVE-2019-11675 (The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ...) - groonga 9.0.1-2 (bug #928304) + [buster] - groonga 9.0.0-1+deb10u1 [stretch] - groonga (Minor issue, can be fixed via point release) CVE-2019-11644 RESERVED @@ -942,7 +943,8 @@ CVE-2019-11461 (An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 a [jessie] - nautilus (Vulnerable embedded gnome-desktop thumbnail script introduced later) NOTE: https://gitlab.gnome.org/GNOME/nautilus/issues/987 CVE-2019-11460 (An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 pr ...) - - gnome-desktop3 + - gnome-desktop3 (low; bug #928732) + [buster] - gnome-desktop3 (Minor issue) [stretch] - gnome-desktop3 (Vulnerable embedded gnome-desktop thumbnail script introduced later) [jessie] - gnome-desktop3 (Vulnerable embedded gnome-desktop thumbnail script introduced later) NOTE: https://gitlab.gnome.org/GNOME/gnome-desktop/issues/112 @@ -19870,6 +19872,7 @@ CVE-2019-3845 (A lack of access control was found in the message queues maintain CVE-2019-3844 (It was discovered that a systemd service that uses DynamicUser propert ...) [experimental] - systemd 242-1 - systemd (bug #928102) + [buster] - systemd (Minor issue; exploit vector needs control both of the service and a helper outside) [stretch] - systemd (Minor issue; exploit vector needs control both of the service and a helper outside) [jessie] - systemd (Vulnerable code introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1684610 @@ -19879,6 +19882,7 @@ CVE-2019-3844 (It was discovered that a systemd service that uses DynamicUser pr CVE-2019-3843 (It was discovered that a systemd service that uses DynamicUser propert ...) [experimental] - systemd 242-1 - systemd (bug #928102) + [buster] - systemd (Minor issue; exploit vector needs control both of the service and a helper outside) [stretch] - systemd (Minor issue; exploit vector needs control both of the service and a helper outside) [jessie] - systemd (Vulnerable code introduced later) NOTE: https://github.com/systemd/systemd/commit/3c27973b13724ede05a06a5d346a569794cda433 @@ -162558,6 +162562,7 @@ CVE-2016-1586 (A malicious webview could install long-lived unload handlers that NOT-FOR-US: Oxide CVE-2016-1585 (In all versions of AppArmor mount rules are accidentally widened when ...) - apparmor (low) + [buster] - apparmor (Minor overall security impact) [stretch] - apparmor (Minor overall security impact) [jessie] - apparmor (Minor overall security impact) NOTE: https://bugs.launchpad.net/apparmor/+bug/1597017 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3522a0c8a2e793cec752d362ac3b63a34dae84f1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3522a0c8a2e793cec752d362ac3b63a34dae84f1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 47f39040 by Moritz Muehlenhoff at 2019-04-26T21:17:52Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -107,10 +107,10 @@ CVE-2019-11505 (In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8 CVE-2019-11504 (Zotonic before version 0.47 has mod_admin XSS. ...) NOT-FOR-US: Zotonic CVE-2019-11503 (snap-confine as included in snapd before 2.39 did not guard against sy ...) - - snapd + - snapd (bug #928052) NOTE: https://github.com/snapcore/snapd/pull/6642 CVE-2019-11502 (snap-confine in snapd before 2.38 incorrectly set the ownership of a s ...) - - snapd + - snapd (bug #928052) NOTE: https://github.com/snapcore/snapd/commit/bdbfeebef03245176ae0dc323392bb0522a339b1 CVE-2017-18367 (libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR ...) - golang-github-seccomp-libseccomp-golang (bug #927981) @@ -234,7 +234,7 @@ CVE-2019-11463 (A memory leak in archive_read_format_zip_cleanup in archive_read CVE-2019-11462 RESERVED CVE-2019-11461 (An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.3 ...) - - nautilus + - nautilus (bug #928054) [stretch] - nautilus (Vulnerable embedded gnome-desktop thumbnail script introduced later) [jessie] - nautilus (Vulnerable embedded gnome-desktop thumbnail script introduced later) NOTE: https://gitlab.gnome.org/GNOME/nautilus/issues/987 @@ -392,19 +392,19 @@ CVE-2019-11393 (An issue was discovered in /admin/users/update in M/Monit before CVE-2019-11392 RESERVED CVE-2019-11391 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...) - - modsecurity-crs + - modsecurity-crs (bug #928053) NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1357 CVE-2019-11390 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...) - - modsecurity-crs + - modsecurity-crs (bug #928053) NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1358 CVE-2019-11389 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...) - - modsecurity-crs + - modsecurity-crs (bug #928053) NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1356 CVE-2019-11388 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...) - - modsecurity-crs + - modsecurity-crs (bug #928053) NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1354 CVE-2019-11387 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...) - - modsecurity-crs + - modsecurity-crs (bug #928053) NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1359 CVE-2019-11386 RESERVED @@ -47960,13 +47960,12 @@ CVE-2018-12643 CVE-2018-12642 (Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not ...) NOT-FOR-US: Floxlor CVE-2018-12641 (An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as ...) - - binutils (low) - [stretch] - binutils (Minor issue) - [jessie] - binutils (Minor issue) + - binutils (unimportant) NOTE: https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763099 NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85452 NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23058 NOTE: Fixed by: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9 + NOTE: binutils not covered by security support CVE-2018-12640 (The webService binary on Insteon HD IP Camera White 2864-222 devices h ...) NOT-FOR-US: Insteon CVE-2018-12639 @@ -73155,7 +73154,8 @@ CVE-2017-18010 (The E-goi Smart Marketing SMS and Newsletters Forms plugin befor NOT-FOR-US: E-goi Smart Marketing SMS and Newsletters Forms plugin for WordPress CVE-2017-18009 (In OpenCV 3.3.1, a heap-based buffer over-read exists in the function ...) [experimental] - opencv 3.4.4+dfsg-1~exp1 - - opencv (bug #924884) + - opencv (low; bug #924884) + [buster] - opencv (Minor issue) [stretch] - opencv (Vulnerable code introduced later) [jessie] - opencv (Vulnerable code introduced later) [wheezy] - opencv (Vulnerable code introduced later) @@ -95119,13 +95119,11 @@ CVE-2017-13718 CVE-2017-13717 RESERVED CVE-2017-13716 (The C++ symbol demangler routine in cplus-dem.c in libiberty, as distr ...) - - binutils (low) - [stretch] - binutils (Minor issue) - [jessie] - binutils (Minor issue) - [wheezy] - binutils (Minor issue) + - binutils (unimportant) NOTE: https://sourceware.org/bugzilla/
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d0427b3a by Moritz Muehlenhoff at 2019-04-24T20:58:23Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -121,10 +121,11 @@ CVE-2019-11460 (An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3 [jessie] - gnome-desktop3 (Vulnerable embedded gnome-desktop thumbnail script introduced later) NOTE: https://gitlab.gnome.org/GNOME/gnome-desktop/issues/112 CVE-2019-11459 (The tiff_document_render() and tiff_document_get_thumbnail() functions ...) - - atril (bug #927821) - - evince (bug #927820) + - atril (unimportant; bug #927821) + - evince (unimportant; bug #927820) NOTE: https://gitlab.gnome.org/GNOME/evince/issues/1129 NOTE: Fixed by: https://gitlab.gnome.org/GNOME/evince/commit/3e38d5ad724a042eebadcba8c2d57b0f48b7a8c7 + NOTE: Negligible security impact CVE-2013-7470 (cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel befo ...) - linux 3.11.7-1 NOTE: Fixed by: https://git.kernel.org/linus/f2e5ddcc0d12f9c4c7b254358ad245c9dddce13b @@ -8370,21 +8371,19 @@ CVE-2019-8359 CVE-2019-8358 (In Hiawatha before 10.8.4, a remote attacker is able to do directory t ...) NOT-FOR-US: Hiawatha CVE-2019-8357 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...) - - sox (low) - [buster] - sox (Minor issue) - [stretch] - sox (Minor issue) + - sox (low; bug #927906) NOTE: https://sourceforge.net/p/sox/bugs/318 NOTE: https://sourceforge.net/p/sox/code/ci/2ce02fea7b350de9ddfbcf542ba4dd59a8ab255b/ CVE-2019-8356 (An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 ...) - - sox + - sox (bug #927906) NOTE: https://sourceforge.net/p/sox/bugs/321 NOTE: https://sourceforge.net/p/sox/code/ci/b7883ae1398499daaa926ae6621f088f0f531ed8/ CVE-2019-8355 (An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integ ...) - - sox + - sox (bug #927906) NOTE: https://sourceforge.net/p/sox/bugs/320 NOTE: https://sourceforge.net/p/sox/code/ci/f8587e2d50dad72d40453ac1191c539ee9e50381/ CVE-2019-8354 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...) - - sox + - sox (bug #927906) NOTE: https://sourceforge.net/p/sox/bugs/319 NOTE: https://sourceforge.net/p/sox/code/ci/f8587e2d50dad72d40453ac1191c539ee9e50381/ CVE-2019-8353 @@ -90260,9 +90259,7 @@ CVE-2017-15234 CVE-2017-15233 RESERVED CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and j ...) - - libjpeg-turbo (low; bug #878567) - [stretch] - libjpeg-turbo (Minor issue) - [jessie] - libjpeg-turbo (Minor issue) + - libjpeg-turbo (unimportant; bug #878567) - libjpeg6b (Vulnerable code not present) - libjpeg8 (Vulnerable code not present) - libjpeg9 (Vulnerable code not present) @@ -90271,6 +90268,7 @@ CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c NOTE: IJG libjpeg releases not affected, see https://lists.debian.org/debian-lts/2017/10/msg00061.html NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/073b0e88a192adebbb479ee2456beb089d8b5de7 NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/5bc43c7821df982f65aa1c738f67fbf7cba8bd69 + NOTE: Crash in CLI tools, no security impact CVE-2017-15231 RESERVED CVE-2017-15230 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0427b3a6f83fcd238cab4ed17338d7c50440a8e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d0427b3a6f83fcd238cab4ed17338d7c50440a8e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e7d70537 by Moritz Muehlenhoff at 2019-04-21T20:39:39Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1554,7 +1554,9 @@ CVE-2019-10742 CVE-2019-10741 (K-9 Mail v5.600 can include the original quoted HTML code of a special ...) NOT-FOR-US: K-9 Mail CVE-2019-10740 (In Roundcube Webmail 1.3.4, an attacker in possession of S/MIME or PGP ...) - - roundcube + - roundcube (bug #927713) + [buster] - roundcube (Revisit when fixed upstream) + [stretch] - roundcube (Revisit when fixed upstream) NOTE: https://github.com/roundcube/roundcubemail/issues/6638 CVE-2019-10739 RESERVED @@ -3174,7 +3176,7 @@ CVE-2019-10046 CVE-2019-10045 RESERVED CVE-2019-10044 (Telegram Desktop before 1.5.12 on Windows, and the Telegram applicatio ...) - - telegram-desktop + - telegram-desktop (bug #927711) NOTE: https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt CVE-2019-10043 RESERVED @@ -4635,6 +4637,7 @@ CVE-2019-9752 (An issue was discovered in Open Ticket Request System (OTRS) 5.x NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d4e3dfbaa054762b29df54705aa412685dd37e15 CVE-2019-9751 (An issue was discovered in Open Ticket Request System (OTRS) 6.x befor ...) - otrs2 6.0.17-1 + [buster] - otrs2 (Non-free not supported) [stretch] - otrs2 (Non-free not supported) [jessie] - otrs2 (Vulnerable code not present) NOTE: https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework @@ -18493,7 +18496,7 @@ CVE-2019-3886 (An incorrect permissions check was discovered in libvirt 4.8.0 an NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=2a07c990bd9143d7a0fe8d1b6b7c763c52185240 NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=ae076bb40e0e150aef41361b64001138d04d6c60 CVE-2019-3885 (A use-after-free flaw was found in pacemaker up to and including versi ...) - - pacemaker + - pacemaker (bug #927714) NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1 CVE-2019-3884 RESERVED @@ -29943,14 +29946,14 @@ CVE-2018-19417 (An issue was discovered in the MQTT server in Contiki-NG before NOT-FOR-US: Contiki-NG CVE-2018-19517 (An issue was discovered in sysstat 12.1.1. The remap_struct function i ...) [experimental] - sysstat 12.0.3-1 - - sysstat (low; bug #914553) + - sysstat 12.0.3-2 (low; bug #914553) [stretch] - sysstat (Vulnerable code introduced later) [jessie] - sysstat (Vulnerable code introduced later) NOTE: https://github.com/sysstat/sysstat/issues/199 NOTE: Fixed by: https://github.com/sysstat/sysstat/commit/fbc691eaaa10d0bcea6741d5a223dc3906106548 CVE-2018-19416 (An issue was discovered in sysstat 12.1.1. The remap_struct function i ...) [experimental] - sysstat 12.0.3-1 - - sysstat (low; bug #914384) + - sysstat 12.0.3-2 (low; bug #914384) [stretch] - sysstat (Vulnerable code introduced later) [jessie] - sysstat (vulnerable code was introduced later) NOTE: https://github.com/sysstat/sysstat/issues/196 @@ -36871,10 +36874,10 @@ CVE-2018-16880 (A flaw was found in the Linux kernel's handle_rx() function in t CVE-2018-16879 (Ansible Tower before version 3.3.3 does not set a secure channel as it ...) NOT-FOR-US: Ansible Tower CVE-2018-16878 (A flaw was found in pacemaker up to and including version 2.0.1. An in ...) - - pacemaker + - pacemaker (bug #927714) NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1 CVE-2018-16877 (A flaw was found in the way pacemaker's client-server authentication w ...) - - pacemaker + - pacemaker (bug #927714) NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1 CVE-2018-16876 (ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a infor ...) {DSA-4396-1} @@ -52912,6 +52915,7 @@ CVE-2018-10894 (It was found that SAML authentication in Keycloak 3.4.3.Final in NOT-FOR-US: Keycloak CVE-2018-10893 (Multiple integer overflow and buffer overflow issues were discovered i ...) - spice-gtk (bug #904161) + [buster] - spice-gtk (Minor issue) [stretch] - spice-gtk (Minor issue) [jessie] - spice-gtk (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598234 @@ -81098,7 +81102,7 @@ CVE-2018-1110 [Improper Input Validation] NOTE: http://www.openwall.com/lists/oss-security/2018/04/23/2 CVE-2018-1109 RESERVED - - node-braces + - node-braces (bug #927716) [stretch] - node-braces (Nodejs in stretch not covered by
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f4dfa4fa by Moritz Muehlenhoff at 2019-04-20T22:36:57Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9,11 +9,11 @@ CVE-2019-11375 (Msvod v10 has a CSRF vulnerability to change user information vi CVE-2019-11374 (74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the ...) NOT-FOR-US: 74CMS CVE-2019-11373 (An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer ...) - - libmediainfo (low) + - libmediainfo (low; bug #927672) NOTE: https://github.com/MediaArea/MediaInfoLib/pull/ NOTE: https://sourceforge.net/p/mediainfo/bugs/1101/ CVE-2019-11372 (An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test ...) - - libmediainfo (low) + - libmediainfo (low; bug #927672) NOTE: https://github.com/MediaArea/MediaInfoLib/pull/ NOTE: https://sourceforge.net/p/mediainfo/bugs/1101/ CVE-2019-11371 (BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow vi ...) @@ -698,6 +698,7 @@ CVE-2019-11066 RESERVED CVE-2019-11065 (Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download ...) - gradle (bug #926923) + [buster] - gradle (Minor issue) [stretch] - gradle (Minor issue) NOTE: https://github.com/gradle/gradle/pull/8927 CVE-2019-11071 (SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visit ...) @@ -16140,7 +16141,8 @@ CVE-2018-20671 (load_specific_debug_section in objdump.c in GNU Binutils through CVE-2018-20670 RESERVED CVE-2019-5008 (hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dere ...) - - qemu (bug #927439) + - qemu (low; bug #927439) + [stretch] - qemu (Minor issue) - qemu-kvm NOTE: https://fakhrizulkifli.github.io/posts/2019/01/03/CVE-2019-5008/ NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=ad280559c68360c9f1cd7be063857853759e6a73 (4.0.0-rc0) @@ -18367,7 +18369,7 @@ CVE-2019-3903 RESERVED CVE-2019-3902 [path-checking logic bypass vie symlinks and subrepositories] RESERVED - - mercurial 4.9-1 + - mercurial 4.9-1 (bug #927674) NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.9_.282019-02-01.29 CVE-2019-3901 [perf_event_open() and execve() race in setuid programs allows a data leak] RESERVED @@ -36461,6 +36463,7 @@ CVE-2018-17020 (ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 a NOT-FOR-US: ASUS GT-AC5300 devices CVE-2018-17019 (In Bro through 2.5.5, there is a DoS in IRC protocol names command par ...) - bro (bug #908779) + [buster] - bro (Minor issue) [stretch] - bro (Minor issue) NOTE: https://github.com/bro/bro/commit/c2b18849f8bb833253538f5dfedb4ed1dc176a30 CVE-2018-17018 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7 ...) @@ -37150,6 +37153,7 @@ CVE-2018-16808 (An issue was discovered in Dolibarr through 7.0.0. There is Stor NOTE: https://github.com/Dolibarr/dolibarr/issues/9449 CVE-2018-16807 (In Bro through 2.5.5, there is a memory leak potentially leading to Do ...) - bro (low; bug #908614) + [buster] - bro (Minor issue) [stretch] - bro (Minor issue) NOTE: https://github.com/bro/bro/commit/34d0cf886ca16c665f673a299e295b2a2bc14533 CVE-2018-16806 (A Pektron Passive Keyless Entry and Start (PKES) system, as used on th ...) @@ -72777,7 +72781,7 @@ CVE-2017-18010 (The E-goi Smart Marketing SMS and Newsletters Forms plugin befor NOT-FOR-US: E-goi Smart Marketing SMS and Newsletters Forms plugin for WordPress CVE-2017-18009 (In OpenCV 3.3.1, a heap-based buffer over-read exists in the function ...) [experimental] - opencv 3.4.4+dfsg-1~exp1 - - opencv (bug #924884) + - opencv 3.2.0+dfsg-6 (bug #924884) [stretch] - opencv (Vulnerable code introduced later) [jessie] - opencv (Vulnerable code introduced later) [wheezy] - opencv (Vulnerable code introduced later) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4dfa4fa27cbee96cb03f5f1020387398d4f2cfa -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4dfa4fa27cbee96cb03f5f1020387398d4f2cfa You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d1aa257f by Moritz Muehlenhoff at 2019-04-20T21:53:56Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1497,6 +1497,8 @@ CVE-2019-10736 RESERVED CVE-2019-10735 (In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encry ...) - claws-mail (low; bug #926705) + [buster] - claws-mail (Revisit when fixed upstream) + [stretch] - claws-mail (Revisit when fixed upstream) NOTE: https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4159 CVE-2019-10734 (In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypt ...) - trojita (bug #795701) @@ -1505,6 +1507,9 @@ CVE-2019-10733 RESERVED CVE-2019-10732 (In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypt ...) - kmail (bug #926996) + [buster] - kmail (Revisit when fixed upstream) + - kdepim + [stretch] - kdepim (Revisit when fixed upstream) NOTE: https://bugs.kde.org/show_bug.cgi?id=404698 CVE-2019-10731 RESERVED @@ -18630,6 +18635,7 @@ CVE-2019-3830 (A vulnerability was found in ceilometer before version 12.0.0.0rc [jessie] - ceilometer (vulnerable code is not present) NOTE: https://bugs.launchpad.net/ceilometer/+bug/1811098/ NOTE: Introduced in https://github.com/openstack/ceilometer/commit/50415c0d08a3199d2280f3638dd121779585f0fe (10.0.0.0) + NOTE: Fixed in https://github.com/openstack/ceilometer/commit/8881a42af169a2d7c912b1434911f978883c83f3 CVE-2019-3829 (A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. ...) [experimental] - gnutls28 3.6.7-1 - gnutls28 3.6.7-2 @@ -19979,14 +19985,14 @@ CVE-2018-20535 (There is a use-after-free at asm/preproc.c (function pp_getline) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392530 NOTE: Crash in CLI tool, no security impact CVE-2018-20534 (** DISPUTED ** There is an illegal address access at ext/testcase.c in ...) - - libsolv (low; bug #923002) - [stretch] - libsolv (Minor issue) - [jessie] - libsolv (Minor issue) + - libsolv (unimportant; bug #923002) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652604 NOTE: https://github.com/openSUSE/libsolv/pull/291 NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e + NOTE: Only affects the test suite CVE-2018-20533 (There is a NULL pointer dereference at ext/testcase.c (function testca ...) - libsolv (low; bug #923002) + [buster] - libsolv (Minor issue) [stretch] - libsolv (Minor issue) [jessie] - libsolv (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652599 @@ -19994,6 +2,7 @@ CVE-2018-20533 (There is a NULL pointer dereference at ext/testcase.c (function NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e CVE-2018-20532 (There is a NULL pointer dereference at ext/testcase.c (function testca ...) - libsolv (low; bug #923002) + [buster] - libsolv (Minor issue) [stretch] - libsolv (Minor issue) [jessie] - libsolv (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652605 @@ -49177,11 +49184,13 @@ CVE-2018-12184 RESERVED CVE-2018-12183 (Stack overflow in DxeCore for EDK II may allow an unauthenticated user ...) - edk2 0~20181115.85588389-1 + [buster] - edk2 (Minor issue) [stretch] - edk2 (Minor issue) [jessie] - edk2 (non-free) NOTE: https://github.com/tianocore/edk2/commit/0a0d5296e448fc350de1594c49b9c0deff7fad60 CVE-2018-12182 (Insufficient memory write check in SMM service for EDK II may allow an ...) - edk2 (low; bug #927484) + [buster] - edk2 (Minor issue) [stretch] - edk2 (Minor issue) [jessie] - edk2 (non-free is not supported) NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1136 @@ -87759,7 +87768,7 @@ CVE-2016-10544 (uws is a WebSocket server library. By sending a 256mb websocket CVE-2016-10543 (call is an HTTP router that is primarily used by the hapi framework. T ...) NOT-FOR-US: call HTTP router CVE-2016-10542 (ws is a "simple to use, blazing fast and thoroughly tested websocket c ...) - - node-ws + - node-ws (bug #927671) [stretch] - node-ws (Nodejs in stretch not covered by security support) NOTE: https://nodesecurity.io/advisories/120 NOTE: https://github.com/nodejs/node/issues/7388 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d1aa257f0c2e5f596ebc21d06f5f42c215d4fa8c -- View it on GitLab: https://salsa.debian.org/security-tracker-te
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 56702eea by Moritz Muehlenhoff at 2019-04-04T21:03:58Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2173,6 +2173,7 @@ CVE-2019-9905 RESERVED CVE-2019-9904 (An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2. ...) - graphviz (low; bug #925284) + [buster] - graphviz (Minor issue) [stretch] - graphviz (Minor issue) [jessie] - graphviz (Minor issue) NOTE: https://gitlab.com/graphviz/graphviz/issues/1512 @@ -6702,7 +6703,9 @@ CVE-2019-8359 CVE-2019-8358 (In Hiawatha before 10.8.4, a remote attacker is able to do directory t ...) NOT-FOR-US: Hiawatha CVE-2019-8357 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c ...) - - sox + - sox (low) + [buster] - sox (Minor issue) + [stretch] - sox (Minor issue) NOTE: https://sourceforge.net/p/sox/bugs/318 CVE-2019-8356 (An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 ...) - sox @@ -10702,6 +10705,7 @@ CVE-2019-6707 (PHPSHE 1.7 has SQL injection via the admin.php?mod=product&ac NOT-FOR-US: PHPSHE CVE-2019-6706 (Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For examp ...) - lua5.3 (bug #920321) + [buster] - lua5.3 (Minor issue, revisit when fixed upstream) [stretch] - lua5.3 (Minor issue, revisit when fixed upstream) - lua5.2 (Vulnerable code introduced later) - lua5.1 (Vulnerable code introduced later) @@ -24460,6 +24464,7 @@ CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a b [experimental] - qtbase-opensource-src 5.11.3+dfsg-1 - qtbase-opensource-src 5.11.3+dfsg-2 (low) - qt4-x11 (low; bug #923003) + [buster] - qt4-x11 (Minor issue) [stretch] - qt4-x11 (Minor issue) [jessie] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ @@ -24476,6 +24481,7 @@ CVE-2018-19871 (An issue was discovered in Qt before 5.11.3. There is QTgaFile U [stretch] - qtimageformats-opensource-src (Minor issue) [jessie] - qtimageformats-opensource-src (Minor issue) - qt4-x11 (low; bug #923003) + [buster] - qt4-x11 (Minor issue) [stretch] - qt4-x11 (Minor issue) [jessie] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ @@ -24487,6 +24493,7 @@ CVE-2018-19870 (An issue was discovered in Qt before 5.11.3. A malformed GIF ima [experimental] - qtbase-opensource-src 5.11.3+dfsg-1 - qtbase-opensource-src 5.11.3+dfsg-2 (low) - qt4-x11 (low; bug #923003) + [buster] - qt4-x11 (Minor issue) [stretch] - qt4-x11 (Minor issue) [jessie] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/56702eead52b6138e7d4aa13835cfbeebaf85bd8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/56702eead52b6138e7d4aa13835cfbeebaf85bd8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 18ca403c by Moritz Muehlenhoff at 2019-03-30T23:34:33Z buster triage - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes: = data/CVE/list = @@ -2732,6 +2732,7 @@ CVE-2019-9755 [heap buffer overflow] NOTE: https://sourceforge.net/p/ntfs-3g/ntfs-3g/ci/85c1634a26faa572d3c558d4cf8aaaca5202d4e9/ CVE-2019-9754 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...) - tcc (low; bug #925127) + [buster] - tcc (Minor issue) [stretch] - tcc (Minor issue) [jessie] - tcc (Minor issue) NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2019-03/msg00038.html @@ -44678,6 +44679,8 @@ CVE-2018-12929 (ntfs_read_locked_inode in the ntfs.ko filesystem driver in the L - linux CVE-2018-12928 (In the Linux kernel 4.15.0, a NULL pointer dereference was discovered ...) - linux (low) + [buster] - linux (Minor issue) + [stretch] - linux (Minor issue) [jessie] - linux-4.9 NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384 NOTE: https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2 @@ -116378,8 +116381,8 @@ CVE-2017-5978 (The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 a - zziplib 0.13.62-3.1 (bug #854727) NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c/ CVE-2017-5977 (The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.6 ...) - - zziplib (bug #864150; bug #854727) - [stretch] - zziplib (Minor issue) + {DSA-3878-1} + - zziplib 0.13.62-3.1 (bug #864150; bug #854727) [jessie] - zziplib (Minor issue) [wheezy] - zziplib (Minor issue) NOTE: http://blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c/ @@ -162254,6 +162257,7 @@ CVE-2015-8553 (Xen allows guest OS users to obtain sensitive information from un NOTE: http://xenbits.xen.org/xsa/advisory-120.html NOTE: Patch is discussed in http://thread.gmane.org/gmane.comp.emulators.xen.devel/140440/focus=140441 NOTE: and http://thread.gmane.org/gmane.linux.kernel/1924087/focus=1924088 + NOTE: https://git.kernel.org/linus/7681f31ec9cdacab4fd10570be924f2cef6669ba CVE-2015-8552 (The PCI backend driver in Xen, when running on an x86 system and using ...) {DSA-3434-1} [experimental] - linux 4.4~rc6-1~exp1 @@ -166280,6 +166284,7 @@ CVE-2015-7812 (The hypercall_create_continuation function in arch/arm/domain.c i NOTE: http://xenbits.xen.org/xsa/advisory-145.html CVE-2013-7445 (The Direct Rendering Manager (DRM) subsystem in the Linux kernel throu ...) - linux + [buster] - linux (Minor issue, requires invasive changes) [stretch] - linux (Minor issue, requires invasive changes) [jessie] - linux (Minor issue, requires invasive changes) [wheezy] - linux (Minor issue, requires invasive changes) = data/DSA/list = @@ -1869,7 +1869,7 @@ {CVE-2016-10324 CVE-2016-10325 CVE-2016-10326 CVE-2017-7853} [jessie] - libosip2 4.1.0-2+deb8u1 [12 Jun 2017] DSA-3878-1 zziplib - security update - {CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5978 CVE-2017-5979 CVE-2017-5980 CVE-2017-5981} + {CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5977 CVE-2017-5978 CVE-2017-5979 CVE-2017-5980 CVE-2017-5981} [jessie] - zziplib 0.13.62-3+deb8u1 [10 Jun 2017] DSA-3877-1 tor - security update {CVE-2017-0376} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18ca403c2a20a11c2ae0836e7fa7873b76ad1319 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18ca403c2a20a11c2ae0836e7fa7873b76ad1319 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 41237a80 by Moritz Muehlenhoff at 2019-03-30T21:41:04Z buster triage py3.6 removed - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1504,7 +1504,7 @@ CVE-2019-9948 (urllib in Python 2.x through 2.7.16 supports the local_file: sche NOTE: https://github.com/python/cpython/pull/11842 CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...) - python3.7 - - python3.6 + - python3.6 - python3.5 - python3.4 - python2.7 @@ -2790,7 +2790,7 @@ CVE-2019-9741 (An issue was discovered in net/http in Go 1.11.5. CRLF injection NOTE: https://github.com/golang/go/commit/f1d662f34788f4a5f087581d0951cdf4e0f6e708#diff-b97af51863ce82bf2a13003b52034aa9 CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...) - python3.7 - - python3.6 + - python3.6 - python3.5 - python3.4 - python2.7 @@ -3030,7 +3030,7 @@ CVE-2019-9642 RESERVED CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Impr ...) - python3.7 3.7.3~rc1-1 (bug #924072) - - python3.6 + - python3.6 - python3.5 - python3.4 - python2.7 (bug #924073) @@ -14151,7 +14151,7 @@ CVE-2019-5010 [NULL pointer dereference using a specially crafted X509 certifica RESERVED {DLA-1663-1} - python3.7 3.7.2-2 (bug #921064) - - python3.6 (bug #921063) + - python3.6 (bug #921063) - python3.5 [stretch] - python3.5 (Minor issue, can be fixed along in a future DSA) - python3.4 @@ -2,7 +2,8 @@ CVE-2019-1545 CVE-2019-1544 RESERVED CVE-2019-1543 (ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input ...) - - openssl + - openssl (low) + [buster] - openssl (Minor issue, fix along in next 1.1.x) [stretch] - openssl (Minor issue, fix along in future DSA) [jessie] - openssl (Minor issue, fix along in future DLA) - openssl1.0 (Vulnerability does not impact 1.0.2 series) @@ -26024,7 +26025,7 @@ CVE-2019-0817 RESERVED CVE-2019-0816 [extra ssh keys added to authorized_keys] RESERVED - - cloud-init + - cloud-init (bug #926043) [jessie] - cloud-init (version uses a different mechanism to set public keys.) NOTE: https://code.launchpad.net/~jasonzio/cloud-init/+git/cloud-init/+merge/363445 NOTE: https://support.microsoft.com/en-us/help/4491476/extraneous-ssh-public-keys-added-to-authorized-keys-file-on-linux-vm @@ -28826,9 +28827,9 @@ CVE-2018-19143 (Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x bef NOTE: https://community.otrs.com/security-advisory-2018-07-security-update-for-otrs-framework/ CVE-2018-19120 (The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows ...) - kio-extras 4:18.08.3-1 (bug #913595) - [buster] - kio-extras (Minor issue) [stretch] - kio-extras (Minor issue) - kde-runtime (bug #913596) + [buster] - kde-runtime (Minor issue) [stretch] - kde-runtime (Minor issue) [jessie] - kde-runtime (Minor issue) NOTE: https://www.kde.org/info/security/advisory-20181012-1.txt @@ -77603,7 +77604,7 @@ CVE-2017-17522 (** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does no - python3.2 (unimportant) - python3.4 (unimportant) - python3.5 (unimportant) - - python3.6 (unimportant) + - python3.6 (unimportant) - python3.7 (unimportant) NOTE: Lib/webbrowser.py does not validate strings before launching the program NOTE: specified by the BROWSER environment variable. @@ -78125,12 +78126,8 @@ CVE-2017-17448 (net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4 CVE-2018-1280 (Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains ...) NOT-FOR-US: Pivotal CVE-2018-1279 (Pivotal RabbitMQ for PCF, all versions, uses a deterministically gener ...) - - rabbitmq-server (bug #924768) - [stretch] - rabbitmq-server (Minor issue) - [jessie] - rabbitmq-server (Minor issue) + - rabbitmq-server (Specific to RabbitMQ setup in Pivotal, see bug #924768) NOTE: https://pivotal.io/security/cve-2018-1279 - NOTE: Underlying issue is the use of deterministically generated cookie. - NOTE: Issue can be mitigated by restricting network access from untrusted sources. CVE-2018-1278 (Apps Manager included in Pivotal Application Service, versions 1.12.x ...) NOT-FOR-US: Pivotal CVE-2018-1277 (Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctl ...) View it on Gi
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2576ab77 by Moritz Muehlenhoff at 2019-03-30T15:25:17Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2941,7 +2941,9 @@ CVE-2019-9660 (Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html CVE-2019-9659 (The Chuango 433 MHz burglar-alarm product line uses static codes in th ...) NOT-FOR-US: Chuango CVE-2019-9658 (Checkstyle before 8.18 loads external DTDs by default. ...) - - checkstyle (bug #924598) + - checkstyle (low; bug #924598) + [buster] - checkstyle (Minor issue) + [stretch] - checkstyle (Minor issue) NOTE: https://github.com/checkstyle/checkstyle/issues/6474 NOTE: https://github.com/checkstyle/checkstyle/issues/6478 NOTE: https://github.com/checkstyle/checkstyle/pull/6476 @@ -8265,6 +8267,7 @@ CVE-2019-7443 [Insecure handling of arguments in helpers] - kauth 5.54.0-2 (bug #921995) [stretch] - kauth (Minor issue, will be fixed in a point release) - kde4libs (bug #922727) + [buster] - kde4libs (Minor issue) [stretch] - kde4libs (Minor issue) [jessie] - kde4libs (Minor issue) NOTE: https://mail.kde.org/pipermail/kde-announce/2019-February/11.html @@ -60298,7 +60301,7 @@ CVE-2018-178 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 - ruby2.1 - ruby1.9.1 - rubygems - - jruby (bug #895778) + - jruby 9.1.17.0-1 (bug #895778) [jessie] - jruby (See DSA-4219-1) NOTE: https://github.com/rubygems/rubygems/commit/66a28b9275551384fdab45f3591a82d6b59952cb NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/ @@ -162278,7 +162281,8 @@ CVE-2015-8567 (Memory leak in net/vmxnet3.c in QEMU allows remote attackers to c NOTE: https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02299.html NOTE: http://www.openwall.com/lists/oss-security/2015/12/15/4 CVE-2015-8559 (The knife bootstrap command in chef leaks the validator.pem private RS ...) - - chef (bug #809670) + - chef (low; bug #809670) + [buster] - chef (Minor issue; workaround using validatorless bootstrapping) [stretch] - chef (Minor issue; workaround using validatorless bootstrapping) [jessie] - chef (Minor issue; workaround using validatorless bootstrapping) [wheezy] - chef (Minor issue; workaround using validatorless bootstrapping) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2576ab770ee0c87cc0bc4a2da3be92d336970e6f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2576ab770ee0c87cc0bc4a2da3be92d336970e6f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 09c3d736 by Moritz Muehlenhoff at 2019-03-23T21:08:13Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -48839,7 +48839,7 @@ CVE-2018-10911 (A flaw was found in the way dic_unserialize function of glusterf NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657 NOTE: https://github.com/gluster/glusterfs/commit/cc3271ebf3aacdbbc77fdd527375af78ab12ea8d CVE-2018-10910 (A bug in Bluez may allow for the Bluetooth Discoverable state being se ...) - - bluez (low) + - bluez (low; bug #925369) [buster] - bluez (Minor issue) [stretch] - bluez (Minor issue, does not affected Gnome Bluetooth in stretch) [jessie] - bluez (Minor issue because in gnome-bluetooth <= 3.26 the D-Bus calls were synchronous and thus the issue in bluez will have no actual affect) @@ -130578,7 +130578,7 @@ CVE-2016-9607 CVE-2016-9606 (JBoss RESTEasy before version 3.1.2 could be forced into parsing a req ...) - resteasy 3.1.4-1 (bug #851430) [jessie] - resteasy (Minor issue) - - resteasy3.0 + - resteasy3.0 3.0.26-1 NOTE: See CVE-2018-1051 to address original incomplete fix for CVE-2016-9606 CVE-2016-9605 (A flaw was found in cobbler software component version 2.6.11-1. It su ...) - cobbler (bug #858844) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09c3d736d480727303aac029277414f20c7a42f4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/09c3d736d480727303aac029277414f20c7a42f4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 7834dc81 by Moritz Muehlenhoff at 2019-03-23T21:00:11Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -48839,13 +48839,15 @@ CVE-2018-10911 (A flaw was found in the way dic_unserialize function of glusterf NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1601657 NOTE: https://github.com/gluster/glusterfs/commit/cc3271ebf3aacdbbc77fdd527375af78ab12ea8d CVE-2018-10910 (A bug in Bluez may allow for the Bluetooth Discoverable state being se ...) - - bluez + - bluez (low) + [buster] - bluez (Minor issue) [stretch] - bluez (Minor issue, does not affected Gnome Bluetooth in stretch) [jessie] - bluez (Minor issue because in gnome-bluetooth <= 3.26 the D-Bus calls were synchronous and thus the issue in bluez will have no actual affect) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1606203 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1602985 NOTE: Bug in src:bluez itself and would need fixing there, but it is workaroundable in NOTE: gnome-bluetooth: https://gitlab.gnome.org/GNOME/gnome-bluetooth/commit/6b5086d42ea64d46277f3c93b43984f331d12f89 + NOTE: workaround in gnome-bluetooth landed in 3.28.2 CVE-2018-10909 RESERVED CVE-2018-10908 (It was found that vdsm before version 4.20.37 invokes qemu-img on untr ...) @@ -58667,7 +58669,7 @@ CVE-2018-179 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 [wheezy] - ruby1.9.1 (Minor issue, too intrusive to backport) - rubygems [wheezy] - rubygems (Vulnerable code not present) - - jruby (bug #895778) + - jruby 9.1.17.0-1 (bug #895778) [jessie] - jruby (Vulnerable code not present) [wheezy] - jruby (Vulnerable code not present) NOTE: https://github.com/rubygems/rubygems/commit/f83f911e19e27cbac1ccce7471d96642241dd759 @@ -58691,7 +58693,7 @@ CVE-2018-177 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 - ruby2.1 - ruby1.9.1 - rubygems - - jruby (bug #895778) + - jruby 9.1.17.0-1 (bug #895778) [jessie] - jruby (See DSA-4219-1) NOTE: https://github.com/rubygems/rubygems/commit/feadefc2d351dcb95d6492f5ad17ebca546eb964 NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/ @@ -58702,7 +58704,7 @@ CVE-2018-176 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 - ruby2.1 - ruby1.9.1 - rubygems - - jruby (bug #895778) + - jruby 9.1.17.0-1 (bug #895778) [jessie] - jruby (See DSA-4219-1) NOTE: https://github.com/rubygems/rubygems/commit/f5042b879259b1f1ce95a0c5082622c646376693 NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/ @@ -58713,7 +58715,7 @@ CVE-2018-175 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 - ruby2.1 - ruby1.9.1 - rubygems - - jruby (bug #895778) + - jruby 9.1.17.0-1 (bug #895778) [jessie] - jruby (See DSA-4219-1) NOTE: https://github.com/rubygems/rubygems/commit/92e98bf8f810bd812f919120d4832df51bc25d83 NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/ @@ -58726,7 +58728,7 @@ CVE-2018-174 (RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 [wheezy] - ruby1.9.1 (Minor issue, too intrusive to backport) - rubygems [wheezy] - rubygems (Minor issue) - - jruby (bug #895778) + - jruby 9.1.17.0-1 (bug #895778) [jessie] - jruby (See DSA-4219-1) NOTE: https://github.com/rubygems/rubygems/commit/254e3d0ee873c008c0b74e8b8abcbdab4caa0a6d NOTE: https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/ @@ -121779,17 +121781,13 @@ CVE-2016-9921 (Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulato NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70 (v2.8.0-rc3) NOTE: CVE for the "'cirrus_get_bpp' returns zero(0), which could lead to a divide by zero" issue. CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump ...) - - bluez (bug #847837) - [stretch] - bluez (Minor issue) - [jessie] - bluez (Minor issue) - [wheezy] - bluez (Minor issue) + - bluez (unimportant; bug #847837) NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html + NOTE: Crash in btmon CLI tool, no security impact CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ...) - - bluez (bug #847837) - [stretch] - bluez
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 0efc30d2 by Moritz Muehlenhoff at 2019-03-18T22:11:15Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1557,6 +1557,7 @@ CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an int NOTE: Fixed by https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02 CVE-2018-20797 (An issue was discovered in PoDoFo 0.9.6. There is an attempted excessi ...) - libpodofo (low; bug #923415) + [buster] - libpodofo (Minor issue) [stretch] - libpodofo (Minor issue) [jessie] - libpodofo (Minor issue) NOTE: https://sourceforge.net/p/podofo/tickets/34/ @@ -3641,10 +3642,9 @@ CVE-2019-8345 (The Help feature in the ES File Explorer File Manager application CVE-2019-8344 RESERVED CVE-2019-8343 (In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in past ...) - - nasm (bug #922433) - [stretch] - nasm (Minor issue) - [jessie] - nasm (Minor issue) + - nasm (unimportant; bug #922433) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392556 + NOTE: Crash in CLI tool, no security impact CVE-2019-8342 RESERVED CVE-2019-8341 (An issue was discovered in Jinja2 2.10. The from_string function is pr ...) @@ -15319,10 +15319,9 @@ CVE-2018-20539 (There is a Segmentation fault triggered by illegal address acces [jessie] - liblas (Minor issue) NOTE: https://github.com/libLAS/libLAS/issues/159 CVE-2018-20538 (There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ...) - - nasm (bug #918269) - [stretch] - nasm (Minor issue) - [jessie] - nasm (Minor issue) + - nasm (unimportant; bug #918269) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392531 + NOTE: Crash in CLI tool, no security impact CVE-2018-20537 (There is a NULL pointer dereference at liblas::SpatialReference::GetGT ...) - liblas (low; bug #924614) [buster] - liblas (Minor issue) @@ -15336,10 +15335,9 @@ CVE-2018-20536 (There is a heap-based buffer over-read at liblas::SpatialReferen [jessie] - liblas (Minor issue) NOTE: https://github.com/libLAS/libLAS/issues/161 CVE-2018-20535 (There is a use-after-free at asm/preproc.c (function pp_getline) in Ne ...) - - nasm (bug #918270) - [stretch] - nasm (Minor issue) - [jessie] - nasm (Minor issue) + - nasm (unimportant; bug #918270) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392530 + NOTE: Crash in CLI tool, no security impact CVE-2018-20534 (There is an illegal address access at src/pool.h (function pool_whatpr ...) - libsolv (low; bug #923002) [stretch] - libsolv (Minor issue) @@ -19964,10 +19962,9 @@ CVE-2018-20007 CVE-2018-20006 (An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulne ...) NOT-FOR-US: PHPok CVE-2018-20005 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after ...) - - mxml (low) - [stretch] - mxml (Minor issue) - [jessie] - mxml (Minor issue) + - mxml (unimportant) NOTE: https://github.com/michaelrsweet/mxml/issues/234 + NOTE: Crash in mxmldoc CLI tool, no security impact CVE-2018-20004 (An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-bas ...) {DLA-1641-1} - mxml 2.12-2 (low; bug #918007) @@ -21505,11 +21502,10 @@ CVE-2018-19757 (There is a NULL pointer dereference at function sixel_helper_set CVE-2018-19756 (There is a heap-based buffer over-read at stb_image.h (function: stbi_ ...) TODO: check CVE-2018-19755 (There is an illegal address access at asm/preproc.c (function: is_mmac ...) - - nasm (bug #915087) - [stretch] - nasm (Minor issue) - [jessie] - nasm (Minor issue) + - nasm (unimportant; bug #915087) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392528 NOTE: https://repo.or.cz/nasm.git/commit/3079f7966dbed4497e36d5067cbfd896a90358cb + NOTE: Crash in CLI tool, no security impact CVE-2018-19754 (Tarantella Enterprise before 3.11 allows bypassing Access Control. ...) NOT-FOR-US: Tarantella Enterprise CVE-2018-19753 (Tarantella Enterprise before 3.11 allows Directory Traversal. ...) @@ -34539,12 +34535,9 @@ CVE-2018-15891 CVE-2018-15890 RESERVED CVE-2018-15889 (In podofo 0.9.6, the function PoDoFo::PdfParser::ReadObjects() in base ...) - - libpodofo (low; bug #916167) - [stretch] - libpodofo (Minor issue) - [jessie] - libpodofo (Minor issue) + NOTE: Duplicate of CVE-2018-5783 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1620065 NOTE: https://sourceforge.net/p/podofo/tickets/27/ - NOTE: upst
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d832a2f7 by Moritz Muehlenhoff at 2019-03-15T18:50:36Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -29022,6 +29022,7 @@ CVE-2012-6710 (ext_find_user in eXtplorer through 2.1.2 allows remote attackers - extplorer CVE-2018-18020 (In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and ...) - qpdf + [buster] - qpdf (Minor issue) [stretch] - qpdf (Minor issue) [jessie] - qpdf (Minor issue) NOTE: https://github.com/qpdf/qpdf/issues/243 @@ -49915,14 +49916,16 @@ CVE-2018-10114 (An issue was discovered in GEGL through 0.3.32. The ...) NOTE: https://git.gnome.org/browse/gegl/commit/?id=c83b05d565a1e3392c9606a4ecaa560eb9a4ee29 NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#1-gegl-outbound-write-1 CVE-2018-10113 (An issue was discovered in GEGL through 0.3.32. The process function in ...) - - gegl (low) + - gegl 0.4.0-1 (low) [stretch] - gegl (Minor issue) [jessie] - gegl (Minor issue) [wheezy] - gegl (Minor issue) - NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#3-gegl-dos-2 + NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795248 + NOTE: https://gitlab.gnome.org/GNOME/gegl/commit/c83b05d565a1e3392c9606a4ecaa560eb9a4ee29 CVE-2018-10112 (An issue was discovered in GEGL through 0.3.32. The ...) - gegl (low) - [stretch] - gegl (Minor issue) + [buster] - gegl (Minor issue, architectual limitation) + [stretch] - gegl (Minor issue, architectual limitation) [jessie] - gegl (Minor issue) [wheezy] - gegl (Minor issue) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795249 @@ -49930,9 +49933,12 @@ CVE-2018-10112 (An issue was discovered in GEGL through 0.3.32. The ...) NOTE: https://github.com/xiaoqx/pocs/tree/master/gegl#4-gegl-outbound-write-2 CVE-2018-10111 (An issue was discovered in GEGL through 0.3.32. The render_rectangle ...) - gegl (low) - [stretch] - gegl (Minor issue) + [buster] - gegl (Minor issue, architectual limitation) + [stretch] - gegl (Minor issue, architectual limitation) [jessie] - gegl (Minor issue) [wheezy] - gegl (Minor issue) + NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=795249 + NOTE: https://gitlab.gnome.org/GNOME/gegl/issues/65 NOTE: POC https://github.com/xiaoqx/pocs/tree/master/gegl#2-gegl-dos-1 CVE-2018-10110 (D-Link DIR-615 T1 devices allow XSS via the Add User feature. ...) NOT-FOR-US: D-Link @@ -56008,25 +56014,13 @@ CVE-2018-7716 (PrivateVPN 2.0.31 for macOS suffers from a root privilege escalat CVE-2018-7715 (PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation ...) NOT-FOR-US: PrivateVPN for macOS CVE-2018-7714 (The validateInputImageSize function in ...) - - opencv (low) - [stretch] - opencv (Minor issue) - [jessie] - opencv (Minor issue) - [wheezy] - opencv (Minor issue) - NOTE: https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert + NOTE: Non-issue, needs to be handled within applications using opencv NOTE: https://github.com/opencv/opencv/issues/10998 CVE-2018-7713 (The validateInputImageSize function in ...) - - opencv (low) - [stretch] - opencv (Minor issue) - [jessie] - opencv (Minor issue) - [wheezy] - opencv (Minor issue) - NOTE: https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert + NOTE: Non-issue, needs to be handled within applications using opencv NOTE: https://github.com/opencv/opencv/issues/10998 CVE-2018-7712 (The validateInputImageSize function in ...) - - opencv (low) - [stretch] - opencv (Minor issue) - [jessie] - opencv (Minor issue) - [wheezy] - opencv (Minor issue) - NOTE: https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert + NOTE: Non-issue, needs to be handled within applications using opencv NOTE: https://github.com/opencv/opencv/issues/10998 CVE-2018-7710 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d832a2f7dfc5cd3cc9e96eeef48ce47ec157390d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d832a2f7dfc5cd3cc9e96eeef48ce47ec157390d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: ed21bb0c by Moritz Muehlenhoff at 2019-03-15T07:01:14Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -510,8 +510,9 @@ CVE-2019-9626 (PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection NOT-FOR-US: PHPSHE CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to ...) NOT-FOR-US: JBMC DirectAdmin -CVE-2019- [high memory usage with long running sessions] +CVE-2019- [high memory usage with some long running sessions] - proftpd-dfsg 1.3.5d-1 (bug #923926) + [stretch] - proftpd-dfsg (Minor issue) NOTE: https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713 NOTE: https://forum.armbian.com/topic/9692-nanopi-neo-2-memory-leak-in-proftpd-even-worse-if-ssl-encrypted/?do=findComment&comment=73069 CVE-2019-9624 (Webmin 1.900 allows remote attackers to execute arbitrary code by ...) @@ -46875,10 +46876,7 @@ CVE-2018-11206 (An out of bounds read was discovered in H5O_fill_new_decode and [jessie] - hdf5 (Minor issue) [wheezy] - hdf5 (Minor issue) CVE-2018-11205 (A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the ...) - - hdf5 (low) - [stretch] - hdf5 (Minor issue) - [jessie] - hdf5 (Minor issue) - [wheezy] - hdf5 (Minor issue) + - hdf5 CVE-2018-11204 (A NULL pointer dereference was discovered in H5O__chunk_deserialize in ...) - hdf5 1.10.4+repack-1 (low) [stretch] - hdf5 (Minor issue) @@ -68282,9 +68280,8 @@ CVE-2018-3631 CVE-2018-3630 [Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c] RESERVED - edk2 (unimportant) - [jessie] - edk2 (non-free is not supported) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683653 - NOTE: No security impact + NOTE: Non issue, no security impact CVE-2018-3629 (Buffer overflow in event handler in Intel Active Management Technology ...) NOT-FOR-US: Intel CVE-2018-3628 (Buffer overflow in HTTP handler in Intel Active Management Technology ...) @@ -72277,8 +72274,7 @@ CVE-2017-17690 RESERVED CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) ...) - evolution (bug #898633; unimportant) - - kmail (bug #898634) - - kf5-messagelib (bug #899127) + - kf5-messagelib 4:18.08.1-1 (bug #899127) [stretch] - kf5-messagelib (Defaults to secure handling, change to disable it entirely can be fixed via spu) - kdepim (bug #899128) [stretch] - kdepim (Defaults to secure handling, change to disable it entirely can be fixed via spu) @@ -72287,6 +72283,7 @@ CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) .. NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=796135 NOTE: https://dot.kde.org/2018/05/15/efail-and-kmail NOTE: protocol vulnerability can't be fixed in implementations but they can prevent exploitation by disabling loading of remote content + NOTE: kmail bug is #898634, but src:kmail is not affected, the code in question is in kf5-messagelib CVE-2017-17688 (** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode ...) - enigmail 2:2.0.6.1-4 (bug #898630) [jessie] - enigmail (see https://lists.debian.org/debian-lts-announce/2019/02/msg2.html) @@ -74837,7 +74834,8 @@ CVE-2017-17508 (In HDF5 1.10.1, there is a divide-by-zero vulnerability in the f NOTE: POC: https://github.com/xiaoqx/pocs/blob/master/hdf5/1-hdf5-divbyzero-H5T_set_loc NOTE: https://github.com/xiaoqx/pocs/blob/master/hdf5/readme.md CVE-2017-17507 (In HDF5 1.10.1, there is an out of bounds read vulnerability in the ...) - - hdf5 (bug #915807) + - hdf5 (low; bug #915807) + [buster] - hdf5 (Minor issue, requires ABI change) [stretch] - hdf5 (Minor issue) [jessie] - hdf5 (Minor issue) [wheezy] - hdf5 (Minor issue) @@ -75992,10 +75990,12 @@ CVE-2018-1100 (zsh through version 5.4.2 is vulnerable to a stack-based buffer . NOTE: https://sourceforge.net/p/zsh/code/ci/31f72205630687c1cef89347863aab355296a27f/ CVE-2018-1099 (DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An ...) - etcd (low; bug #921156) + [buster] - etcd (Minor issue) NOTE: https://github.com/coreos/etcd/issues/9353 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552717 CVE-2018-1098 (A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. ...) - etcd (low; bug #921156) + [buster] - etcd (Minor issue) NOTE: https://github.com/coreos/etcd/issues/9353 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552714 CVE-2018-1097 (A fl
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b1bac99d by Moritz Muehlenhoff at 2019-03-14T21:52:28Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1556,7 +1556,7 @@ CVE-2019-9170 [IDOR milestone name information disclosure] - gitlab (bug #924447) NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/ CVE-2019-9169 (In the GNU C Library (aka glibc or libc6) through 2.29, ...) - - glibc + - glibc (bug #924612) [stretch] - glibc (Minor issue) [jessie] - glibc (Minor issue) - eglibc @@ -1600,7 +1600,7 @@ CVE-2018-20796 (In the GNU C Library (aka glibc or libc6) through 2.29, ...) NOTE: No treated as vulnerability: https://sourceware.org/glibc/wiki/Security%20Exceptions CVE-2009-5155 (In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in ...) [experimental] - gnulib 20180621~6979c25-1 - - gnulib + - gnulib (bug #924613) - glibc 2.28-1 [stretch] - glibc (Minor issue) [jessie] - glibc (Minor issue) @@ -5015,35 +5015,35 @@ CVE-2019-7639 (An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. NOT-FOR-US: gsi-openssh-server (OpenSSH patched with openssh-7.9p1-gsissh.patch) CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) {DLA-1714-1 DLA-1713-1} - - libsdl1.2 + - libsdl1.2 (bug #924609) [stretch] - libsdl1.2 (Minor issue) - - libsdl2 + - libsdl2 (bug #924610) [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4500 NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2) NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) {DLA-1714-1 DLA-1713-1} - - libsdl1.2 + - libsdl1.2 (bug #924609) [stretch] - libsdl1.2 (Minor issue) - - libsdl2 + - libsdl2 (bug #924610) [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497 NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3630 CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) {DLA-1714-1 DLA-1713-1} - - libsdl1.2 + - libsdl1.2 (bug #924609) [stretch] - libsdl1.2 (Minor issue) - - libsdl2 + - libsdl2 (bug #924610) [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499 NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2) NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) {DLA-1714-1 DLA-1713-1} - - libsdl1.2 + - libsdl1.2 (bug #924609) [stretch] - libsdl1.2 (Minor issue) - - libsdl2 + - libsdl2 (bug #924610) [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498 NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3637 @@ -5171,59 +5171,59 @@ CVE-2019-7579 RESERVED CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) {DLA-1714-1 DLA-1713-1} - - libsdl1.2 + - libsdl1.2 (bug #924609) [stretch] - libsdl1.2 (Minor issue) - - libsdl2 + - libsdl2 (bug #924610) [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4494 NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623 CVE-2019-7577 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) {DLA-1714-1 DLA-1713-1} - - libsdl1.2 + - libsdl1.2 (bug #924609) [stretch] - libsdl1.2 (Minor issue) - - libsdl2 + - libsdl2 (bug #924610) [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4492 NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608 NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694 CVE-2019-7576 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) {DLA-1714-1 DLA-1713-1} - - libsdl1.2 + - libsdl1.2 (bug #924609) [stretch] - libsdl1.2 (Minor issue) - - libsdl2 + - libsdl2 (bug #924610) [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4490 NOTE: Proposed patch: https://bugzilla.libsdl.org/attachment.cgi?id=3620
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2a09b65c by Moritz Muehlenhoff at 2019-03-11T21:59:09Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1987,6 +1987,7 @@ CVE-2019-8936 [Crafted null dereference attack in authenticated mode 6 packet] CVE-2019-8934 [ppc64: sPAPR emulator leaks the host hardware identity] RESERVED - qemu (bug #922923) + [buster] - qemu (Too intrusive to backport, marginal impact) - qemu-kvm NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html CVE-2019-8933 (In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ ...) @@ -3052,6 +3053,7 @@ CVE-2019-8414 RESERVED CVE-2013-7469 (Seafile through 6.2.11 always uses the same Initialization Vector (IV) ...) - seafile (bug #923009) + [buster] - seafile (Minor issue) NOTE: https://github.com/haiwen/seafile/issues/350 CVE-2019-8413 (On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer ...) NOT-FOR-US: Xiaomi @@ -14606,6 +14608,7 @@ CVE-2018-20594 (An issue was discovered in hsweb 3.0.4. It is a reflected XSS .. NOT-FOR-US: hsweb CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in ...) - mxml + [buster] - mxml (Minor issue) [stretch] - mxml (Minor issue) [jessie] - mxml (Minor issue, only affects the mxmldoc tool) NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt @@ -14616,6 +14619,7 @@ CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer overfl NOTE: upstream tagged the issue with 'wontfix' and removed mxmldoc code completely CVE-2018-20592 (In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd ...) - mxml + [buster] - mxml (Minor issue) [stretch] - mxml (Minor issue) [jessie] - mxml (Minor issue, only affected the mxmldoc tool) NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt @@ -18398,7 +18402,8 @@ CVE-2018-20074 RESERVED CVE-2018-20073 [chromium stores download meta data in extended attributes] RESERVED - - chromium + - chromium (low) + [buster] - chromium (Wait until fixed upstream) [stretch] - chromium (Wait until fixed upstream) CVE-2018-20072 RESERVED @@ -32866,6 +32871,7 @@ CVE-2018-16385 (ThinkPHP before 5.1.23 allows SQL Injection via the ...) NOT-FOR-US: ThinkPHP CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity ...) - modsecurity-crs (low) + [buster] - modsecurity-crs (Minor issue) [stretch] - modsecurity-crs (Minor issue) [jessie] - modsecurity-crs (Minor issue) NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1167 @@ -86595,6 +86601,7 @@ CVE-2017-14611 (SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remo NOT-FOR-US: Cockpit CMS (different from src:cockpit) CVE-2017-14610 (bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16.2.6 ...) - bareos (bug #877334) + [buster] - bareos (Minor issue) [stretch] - bareos (Minor issue) [jessie] - bareos (Minor issue) NOTE: https://bugs.bareos.org/view.php?id=847 @@ -121756,6 +121763,7 @@ CVE-2017-3225 (Das U-Boot is a device bootloader that can read its configuration NOTE: Negligible security impact CVE-2017-3224 (Open Shortest Path First (OSPF) protocol implementations may ...) - quagga (low; bug #871617) + [buster] - quagga (Minor issue) [stretch] - quagga (Minor issue) [jessie] - quagga (Minor issue) [wheezy] - quagga (Minor issue) @@ -140684,6 +140692,7 @@ CVE-2016-6185 (The XSLoader::load method in XSLoader in Perl does not properly l - perl 5.22.2-2 (bug #829578) CVE-2016-6175 (Eval injection vulnerability in php-gettext 1.0.12 and earlier allows ...) - php-gettext (bug #851771) + [buster] - php-gettext (Minor issue) [stretch] - php-gettext (Minor issue) [jessie] - php-gettext (Minor issue) [wheezy] - php-gettext (Minor issue) @@ -148156,7 +148165,8 @@ CVE-2016-3993 (Off-by-one error in the __imlib_MergeUpdate function in lib/updat NOTE: https://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/5 CVE-2012- [Option -localhost seems to fail to restrict ipv6 access] - - x11vnc (bug #672435) + - x11vnc (low; bug #672435) + [buster] - x11vnc (Minor issue; workaround exits) [stretch] - x11vnc (Minor issue; workaround exits)
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b2df4ff1 by Moritz Muehlenhoff at 2019-02-27T22:27:10Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -5276,6 +5276,8 @@ CVE-2019-6957 RESERVED CVE-2019-6956 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...) - faad2 (bug #914641) + [buster] - faad2 (Minor issue) + [stretch] - faad2 (Minor issue) NOTE: https://sourceforge.net/p/faac/bugs/240/ CVE-2019-6955 RESERVED @@ -7008,9 +7010,10 @@ CVE-2019-6250 (A pointer overflow, with code execution, was discovered in ZeroMQ CVE-2019-6248 (PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 ...) NOT-FOR-US: PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script CVE-2019-6247 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...) - - svgpp (bug #919321) + - svgpp (unimportant; bug #919321) NOTE: https://github.com/svgpp/svgpp/issues/70 NOTE: Issue only in src:svgpp which does not call the AGG-API in correct way. + NOTE: No security impact, only used to build examples, see #921097 CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the ...) - svgpp 1.2.3+dfsg1-5 (bug #919321) NOTE: https://github.com/svgpp/svgpp/issues/70 @@ -7018,11 +7021,12 @@ CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used {DLA-1656-1} - agg 1:2.4-r127+dfsg1-1 (low; bug #919322) [stretch] - agg (Minor issue) - - svgpp (bug #919321) + - svgpp (unimportant; bug #919321) NOTE: https://github.com/svgpp/svgpp/issues/70 NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/ NOTE: and possibly already fixed with the inclusion of 05-fix-recursion-crash.patch NOTE: in 2.5+dfsg1-3. + NOTE: No security impact on svgpp, only used to build examples, see #921097 CVE-2018-20703 (CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string. ...) NOT-FOR-US: CubeCart CVE-2018-20702 @@ -14700,6 +14704,7 @@ CVE-2018-20196 (There is a stack-based buffer overflow in the third instance of NOTE: https://github.com/knik0/faad2/issues/19 CVE-2018-20195 (A NULL pointer dereference was discovered in ic_predict of ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/25 CVE-2018-20194 (There is a stack-based buffer underflow in the third instance of the ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2df4ff16e7561e49184e6e2f028e7c410f57001 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2df4ff16e7561e49184e6e2f028e7c410f57001 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b4d72d25 by Moritz Muehlenhoff at 2019-02-25T19:17:43Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -25830,7 +25830,8 @@ CVE-2018-18444 (makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of - openexr (unimportant) NOTE: Issue in exrmultiview which is not installed in the binary package. CVE-2018-18443 (OpenEXR 2.3.0 has a memory leak in ThreadPool in ...) - - openexr + - openexr (low) + [buster] - openexr (Minor issue) [stretch] - openexr (Minor issue) [jessie] - openexr (Minor issue) NOTE: https://github.com/openexr/openexr/issues/350 @@ -26934,7 +26935,8 @@ CVE-2018-18065 (_set_key in agent/helpers/table_container.c in Net-SNMP before 5 NOTE: https://dumpco.re/blog/net-snmp-5.7.3-remote-dos NOTE: https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/ CVE-2018-18064 (cairo through 1.15.14 has an out-of-bounds stack-memory write during ...) - - cairo (bug #916083) + - cairo (low; bug #916083) + [buster] - cairo (Minor issue) [stretch] - cairo (Minor issue) NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/341 CVE-2018-18063 @@ -29375,10 +29377,9 @@ CVE-2018-17078 CVE-2018-17077 (An issue was discovered in yiqicms through 2016-11-20. There is stored ...) NOT-FOR-US: yiqicms CVE-2018-17076 (GPP through 2.25 will try to use more memory space than is available on ...) - - gpp (bug #908939) - [stretch] - gpp (Minor issue) - [jessie] - gpp (Minor issue) + - gpp (unimportant; bug #908939) NOTE: https://github.com/logological/gpp/issues/26 + NOTE: Crash in CLI tool, no security impact CVE-2018-17075 (The html package (aka x/net/html) before 2018-07-13 in Go mishandles ...) - golang-golang-x-net-dev (Vulnerable code introduced later) - golang-go.net-dev (Vulnerable code introduced later) @@ -73201,6 +73202,7 @@ CVE-2018-1298 (A Denial of Service vulnerability was found in Apache Qpid Broker NOTE: https://git-wip-us.apache.org/repos/asf?p=qpid-broker-j.git;h=4b9fb37 CVE-2018-1297 (When using Distributed Test only (RMI based), Apache JMeter 2.x and ...) - jakarta-jmeter (low; bug #897259) + [buster] - jakarta-jmeter (Minor issue, too intrusive to backport) [stretch] - jakarta-jmeter (Minor issue, too intrusive to backport) [jessie] - jakarta-jmeter (Minor issue, too intrusive to backport) [wheezy] - jakarta-jmeter (Minor issue) @@ -73228,6 +73230,7 @@ CVE-2018-1288 (In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0. - kafka (bug #786460) CVE-2018-1287 (In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI ...) - jakarta-jmeter (low) + [buster] - jakarta-jmeter (Minor issue) [stretch] - jakarta-jmeter (Minor issue) [jessie] - jakarta-jmeter (Minor issue) [wheezy] - jakarta-jmeter (Minor issue) @@ -97588,6 +97591,7 @@ CVE-2017-9815 (In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in ...) NOTE: The issue is addressed with the same commit as for CVE-2017-9403 CVE-2017-9814 (cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote ...) - cairo (low; bug #868580) + [buster] - cairo (Minor issue) [stretch] - cairo (Minor issue) [jessie] - cairo (Minor issue) [wheezy] - cairo (Minor issue) @@ -106900,6 +106904,7 @@ CVE-2017-7476 (Gnulib before 2017-04-26 has a heap-based buffer overflow with th NOTE: Introduced with 4bc76593 and 4e6e16b3f. CVE-2017-7475 (Cairo version 1.15.4 is vulnerable to a NULL pointer dereference ...) - cairo (low; bug #870264) + [buster] - cairo (Minor issue) [stretch] - cairo (Minor issue) [jessie] - cairo (Minor issue) [wheezy] - cairo (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b4d72d25b2ce11a0db70fe537dc7a8d905ed1c27 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b4d72d25b2ce11a0db70fe537dc7a8d905ed1c27 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 93c3b8ff by Moritz Muehlenhoff at 2019-02-22T22:30:40Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -12449,6 +12449,7 @@ CVE-2018-20651 (A NULL pointer dereference was discovered in ...) NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f CVE-2018-20650 (A reachable Object::dictLookup assertion in Poppler 0.72.0 allows ...) - poppler (low; bug #917974) + [buster] - poppler (Minor issue) [stretch] - poppler (Minor issue) [jessie] - poppler (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7 @@ -12984,19 +12985,19 @@ CVE-2018-20535 (There is a use-after-free at asm/preproc.c (function pp_getline) [jessie] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392530 CVE-2018-20534 (There is an illegal address access at src/pool.h (function ...) - - libsolv (low) + - libsolv (low; bug #923002) [stretch] - libsolv (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652604 NOTE: https://github.com/openSUSE/libsolv/pull/291 NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e CVE-2018-20533 (There is a NULL pointer dereference at ext/testcase.c (function ...) - - libsolv (low) + - libsolv (low; bug #923002) [stretch] - libsolv (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652599 NOTE: https://github.com/openSUSE/libsolv/pull/291 NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e CVE-2018-20532 (There is a NULL pointer dereference at ext/testcase.c (function ...) - - libsolv (low) + - libsolv (low; bug #923002) [stretch] - libsolv (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652605 NOTE: https://github.com/openSUSE/libsolv/pull/291 @@ -23757,6 +23758,7 @@ CVE-2018-19143 (Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x bef NOTE: https://community.otrs.com/security-advisory-2018-07-security-update-for-otrs-framework/ CVE-2018-19120 (The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows ...) - kio-extras 4:18.08.3-1 (bug #913595) + [buster] - kio-extras (Minor issue) [stretch] - kio-extras (Minor issue) - kde-runtime (bug #913596) [stretch] - kde-runtime (Minor issue) @@ -73665,11 +73667,13 @@ CVE-2018-1100 (zsh through version 5.4.2 is vulnerable to a stack-based buffer . NOTE: https://www.zsh.org/cgi-bin/mla/redirect?WORKERNUMBER=42607 NOTE: https://sourceforge.net/p/zsh/code/ci/31f72205630687c1cef89347863aab355296a27f/ CVE-2018-1099 (DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An ...) - - etcd (bug #921156) + - etcd (low; bug #921156) + [stretch] - etcd (Minor issue, revisit when fixed upstream and possibly backported to 3.2.x) NOTE: https://github.com/coreos/etcd/issues/9353 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552717 CVE-2018-1098 (A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. ...) - - etcd (bug #921156) + - etcd (low; bug #921156) + [stretch] - etcd (Minor issue, revisit when fixed upstream and possibly backported to 3.2.x) NOTE: https://github.com/coreos/etcd/issues/9353 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1552714 CVE-2018-1097 (A flaw was found in foreman before 1.16.1. The issue allows users with ...) @@ -150003,7 +150007,8 @@ CVE-2016-2569 (Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly ap NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-14552.patch NOTE: Upstream confirmed it does not affect squid 2.7.x CVE-2016-2568 (pkexec, when used with --user nonpriv, allows local users to escape to ...) - - policykit-1 (bug #816062; bug #812512) + - policykit-1 (low; bug #816062; bug #812512) + [buster] - policykit-1 (Minor issue) [stretch] - policykit-1 (Minor issue) [jessie] - policykit-1 (Minor issue) [wheezy] - policykit-1 (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/93c3b8ff16d55dbb4955ff8781d7e1fd3abe1573 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/93c3b8ff16d55dbb4955ff8781d7e1fd3abe1573 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-track
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 10c91f31 by Moritz Muehlenhoff at 2019-02-20T22:45:10Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -6293,9 +6293,10 @@ CVE-2019-6240 [Arbitrary repo read in Gitlab project import] - gitlab 11.5.7+dfsg-1 (bug #919822) NOTE: https://about.gitlab.com/2019/01/16/critical-security-release-gitlab-11-dot-6-dot-4-released/ CVE-2018-20699 (Docker Engine before 18.09 allows attackers to cause a denial of ...) - - docker.io + - docker.io (unimportant) NOTE: https://github.com/docker/engine/pull/70 NOTE: https://github.com/moby/moby/pull/37967 + NOTE: Negligible security impact CVE-2019-6239 RESERVED CVE-2019-6238 @@ -38176,6 +38177,7 @@ CVE-2018-13441 (qh_help in Nagios Core version 4.4.1 and earlier is prone to a N NOTE: https://github.com/NagiosEnterprises/nagioscore/commit/b1a92a3b52d292ccb601e77a0b29cb1e67ac9d76 CVE-2018-13440 (The audiofile Audio File Library 0.3.6 has a NULL pointer dereference ...) - audiofile (low; bug #903499) + [buster] - audiofile (Minor issue) [stretch] - audiofile (Minor issue) [jessie] - audiofile (Minor issue) NOTE: https://github.com/mpruett/audiofile/issues/49 @@ -65039,8 +65041,7 @@ CVE-2017-1000434 (Wordpress plugin Furikake version 0.1.0 is vulnerable to an Op NOT-FOR-US: Wordpress plugin Furikake CVE-2017-1000433 (pysaml2 version 4.4.0 and older accept any password when run with ...) {DLA-1410-1} - [experimental] - python-pysaml2 4.5.0-1 - - python-pysaml2 (bug #886423) + - python-pysaml2 4.5.0-2 (bug #886423) [stretch] - python-pysaml2 (Minor issue) NOTE: https://github.com/rohe/pysaml2/issues/451 NOTE: Fixed by: https://github.com/rohe/pysaml2/commit/6312a41e037954850867f29d329e5007df1424a5 @@ -93576,11 +93577,12 @@ CVE-2017-11574 (FontForge 20161012 is vulnerable to a heap-based buffer overflow NOTE: https://github.com/fontforge/fontforge/issues/3090 NOTE: https://github.com/fontforge/fontforge/commit/62b6433a81ee7ed6e0ac2d6b09ac85b885046ac3 CVE-2017-11573 (FontForge 20161012 is vulnerable to a buffer over-read in ...) - - fontforge (low; bug #873588) + - fontforge (unimportant; bug #873588) [stretch] - fontforge (Minor issue) [jessie] - fontforge (Minor issue) [wheezy] - fontforge (Minor issue) NOTE: https://github.com/fontforge/fontforge/issues/3098 + NOTE: Crash in GUI tool/related desktop libs, no security impact CVE-2017-11572 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in ...) {DSA-3958-1 DLA-1065-1} - fontforge 1:20170731~dfsg-1 (bug #869614) @@ -93591,11 +93593,9 @@ CVE-2017-11571 (FontForge 20161012 is vulnerable to a stack-based buffer overflo NOTE: https://github.com/fontforge/fontforge/issues/3087 NOTE: https://github.com/fontforge/fontforge/commit/5a0c6522682b0788fc478dd159dd6168cb5fa38b CVE-2017-11570 (FontForge 20161012 is vulnerable to a buffer over-read in umodenc ...) - - fontforge (low; bug #873587) - [stretch] - fontforge (Minor issue) - [jessie] - fontforge (Minor issue) - [wheezy] - fontforge (Minor issue) + - fontforge (unimportant; bug #873587) NOTE: https://github.com/fontforge/fontforge/issues/3097 + NOTE: Crash in GUI tool/related desktop libs, no security impact CVE-2017-11569 (FontForge 20161012 is vulnerable to a heap-based buffer over-read in ...) {DSA-3958-1 DLA-1065-1} - fontforge 1:20170731~dfsg-1 (bug #869614) @@ -113917,6 +113917,7 @@ CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hard NOT-FOR-US: D-Link CVE-2016-10127 (PySAML2 allows remote attackers to conduct XML external entity (XXE) ...) - python-pysaml2 (low; bug #859135) + [buster] - python-pysaml2 (Minor issue) [stretch] - python-pysaml2 (Minor issue) [jessie] - python-pysaml2 (Minor issue) NOTE: https://github.com/rohe/pysaml2/issues/366 @@ -179723,10 +179724,7 @@ CVE-2015-1402 (Cross-site scripting (XSS) vulnerability in the Content Rating .. CVE-2015-1401 (Improper Authentication vulnerability in the "LDAP / SSO ...) NOT-FOR-US: typo3 extension CVE-2015-1554 (kgb-bot 1.33-2 allows remote attackers to cause a denial of service ...) - - kgb-bot (low; bug #776424) - [stretch] - kgb-bot (Minor issue) - [jessie] - kgb-bot (Minor issue) - [wheezy] - kgb-bot (Minor issue) + - kgb-bot (low; bug #776424) CVE-2015-1369 (SQL injection vulnerability in Sequelize before 2.0.0-rc7 for Node.js ...) NOT-FOR-US: sequelize CVE-2015-1354 View it on GitLab: http
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: bd11f797 by Moritz Muehlenhoff at 2019-02-19T22:21:14Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -5466,7 +5466,7 @@ CVE-2019-6503 (There is a deserialization vulnerability in Chatopera cosin v3.10 CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory ...) - opensc (unimportant) NOTE: https://github.com/OpenSC/OpenSC/issues/1586 - NOTE: Negligable security impact, assigning a CVE seems out of proportion... + NOTE: Negligible security impact, assigning a CVE seems out of proportion... CVE-2019-1003004 (An improper authorization vulnerability exists in Jenkins 2.158 and ...) NOT-FOR-US: Jenkins CVE-2019-1003003 (An improper authorization vulnerability exists in Jenkins 2.158 and ...) @@ -5632,22 +5632,22 @@ CVE-2019-6461 (An issue was discovered in cairo 1.16.0. There is an assertion pr NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/352 CVE-2019-6460 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer ...) - recutils (unimportant) - NOTE: Negligable security impact + NOTE: Negligible security impact CVE-2019-6459 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...) - recutils (unimportant) - NOTE: Negligable security impact + NOTE: Negligible security impact CVE-2019-6458 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...) - recutils (unimportant) - NOTE: Negligable security impact + NOTE: Negligible security impact CVE-2019-6457 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...) - recutils (unimportant) - NOTE: Negligable security impact + NOTE: Negligible security impact CVE-2019-6456 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer ...) - recutils (unimportant) - NOTE: Negligable security impact + NOTE: Negligible security impact CVE-2019-6455 (An issue was discovered in GNU Recutils 1.8. There is a double-free ...) - recutils (unimportant) - NOTE: Negligable security impact + NOTE: Negligible security impact CVE-2019-6454 [systemd (PID1) crash with specially crafted D-Bus message] RESERVED {DSA-4393-1 DLA-1684-1} @@ -5709,17 +5709,14 @@ CVE-2015-9277 (MailEnable before 8.60 allows Directory Traversal for reading the CVE-2015-9276 (SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS ...) NOT-FOR-US: SmarterTools SmarterMail CVE-2019-6446 (An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle ...) - - python-numpy - [stretch] - python-numpy (Minor issue) + - python-numpy 1:1.10.4-1 [jessie] - python-numpy (Minor issue) NOTE: https://github.com/numpy/numpy/issues/12759 - NOTE: For upstream this works as intended and is documented. Proposed - NOTE: solution of switching the default might be dangerous for users who rely on - NOTE: the current behavior. + NOTE: For upstream this works as intended and is documented. NOTE: https://github.com/numpy/numpy/commit/a2bd3a7eabfe053d6d16a2130fdcad9e5211f6bb - NOTE: adds already support to disable use of picke in load/save. - NOTE: Proposed fix/partial mitigation via: - NOTE: https://github.com/numpy/numpy/pull/12889 + NOTE: added support to disable use of picke in load/save, marking that as the fixed + NOTE: version. The use of that is at the discretion of anyone using numpy + NOTE: Further discussion at https://github.com/numpy/numpy/pull/12889 CVE-2019-6445 (An issue was discovered in NTPsec before 1.1.3. An authenticated ...) - ntpsec 1.1.3+dfsg1-1 (bug #919513) CVE-2019-6444 (An issue was discovered in NTPsec before 1.1.3. process_control() in ...) @@ -13191,15 +13188,15 @@ CVE-2018-20377 (Orange Livebox 00.96.320S devices allow remote attackers to disc NOT-FOR-US: Orange Livebox CVE-2018-20376 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...) - tcc (unimportant) - NOTE: Negligable security impact + NOTE: Negligible security impact NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00013.html CVE-2018-20375 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...) - tcc (unimportant) - NOTE: Negligable security impact + NOTE: Negligible security impact NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2018-12/msg00014.html CVE-2018-20374 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...) - tcc (unimportant) - NOTE: Negligable security impa
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 00a06476 by Moritz Muehlenhoff at 2019-02-19T21:13:40Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -32444,6 +32444,7 @@ CVE-2018-15686 (A vulnerability in unit_deserialize of systemd allows an attacke NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1687 NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796402 NOTE: https://github.com/systemd/systemd/pull/10519 + NOTE: https://github.com/systemd/systemd/commit/9f1c81d80a435d15ca1bd536a6d043c18c81c047 CVE-2018-15685 (GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain ...) - electron (bug #842420) CVE-2018-15684 (An issue was discovered in BTITeam XBTIT. PHP error logs are stored in ...) @@ -58131,10 +58132,13 @@ CVE-2018-6261 (NVIDIA GeForce Experience prior to 3.15 contains a vulnerability NOT-FOR-US: NVIDIA GeForce Experience CVE-2018-6260 (NVIDIA graphics driver contains a vulnerability that may allow access ...) - nvidia-graphics-drivers (bug #913467) + [buster] - nvidia-graphics-drivers (Non-free not supported) [stretch] - nvidia-graphics-drivers (Non-free not supported) [jessie] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-legacy-390xx + [buster] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx + [buster] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) [stretch] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx [stretch] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) @@ -73541,7 +73545,7 @@ CVE-2018-1064 (libvirt version before 4.2.0-rc1 is vulnerable to a resource ...) - libvirt 4.1.0-1 NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=fbf31e1a4cd19d6f6e33e0937a009775cd7d9513 CVE-2018-1063 (Context relabeling of filesystems is vulnerable to symbolic link ...) - - policycoreutils + - policycoreutils 2.7-1 [stretch] - policycoreutils (Minor issue) [jessie] - policycoreutils (Minor issue) [wheezy] - policycoreutils (Minor issue) @@ -73549,6 +73553,7 @@ CVE-2018-1063 (Context relabeling of filesystems is vulnerable to symbolic link NOTE: Mitigation by removing any symbolic link in /tmp and /var/tmp directories NOTE: before relabeling the file system. Futhtermore only triggerable at NOTE: relabeling time. + NOTE: https://github.com/SELinuxProject/selinux/commit/2608b4d6660af0fb8ad93f2cc144bdaab3c2afa8 CVE-2018-1062 (A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the ...) NOT-FOR-US: ovirt-engine CVE-2018-1061 (python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/00a06476a73bbe51ad4b11f0fbca7d0db6432d9c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/00a06476a73bbe51ad4b11f0fbca7d0db6432d9c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f9762516 by Moritz Muehlenhoff at 2019-02-18T22:26:13Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -4329,7 +4329,8 @@ CVE-2019-118 (rssh version 2.3.4 contains a CWE-77: Improper Neutralization CVE-2019-6989 RESERVED CVE-2019-6988 (An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers ...) - - openjpeg2 (low) + - openjpeg2 (low; bug #922648) + [buster] - openjpeg2 (Minor issue) [stretch] - openjpeg2 (Minor issue) [jessie] - openjpeg2 (Minor issue) NOTE: https://github.com/uclouvain/openjpeg/issues/1178 @@ -18518,10 +18519,12 @@ CVE-2018-19869 (An issue was discovered in Qt before 5.11.3. A malformed SVG ima [stretch] - qtsvg-opensource-src (Minor issue) [jessie] - qtsvg-opensource-src (Minor issue) - qt4-x11 (low) + [buster] - qt4-x11 (Minor issue) [stretch] - qt4-x11 (Minor issue) [jessie] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/234142/ + NOTE: https://github.com/qt/qtsvg/commit/8c199714e9bc638fb3f6ec747fb7a23373e49335 CVE-2018-19868 RESERVED CVE-2018-19867 @@ -117033,16 +117036,13 @@ CVE-2016-10042 (Authorization Bypass in the Web interface of Arcadyan SLT-00 Sta CVE-2016-10041 (An issue was discovered in Sprecher Automation SPRECON-E Service ...) NOT-FOR-US: Sprecher Automation SPRECON-E Service CVE-2016-10040 (Stack-based buffer overflow in QXmlSimpleReader in Qt 4.8.5 allows ...) - - qt4-x11 (low; bug #851058) - [buster] - qt4-x11 (Minor issue) - [stretch] - qt4-x11 (Minor issue) + - qt4-x11 4:4.8.7+dfsg-1 (low; bug #851058) [jessie] - qt4-x11 (Minor issue) [wheezy] - qt4-x11 (Minor issue) - - qtbase-opensource-src (low; bug #850954) - [stretch] - qtbase-opensource-src (Minor issue) - [jessie] - qtbase-opensource-src (Minor issue) + - qtbase-opensource-src 5.2.0+dfsg-7 NOTE: CVE assignment specific to http://www.openwall.com/lists/oss-security/2016/12/24/2 NOTE: http://www.openwall.com/lists/oss-security/2016/12/24/1 + NOTE: https://github.com/qt/qtbase/commit/f1053d94f59f053ce4acad9320df14f1fbe4faac CVE-2016-10039 (Directory traversal in /connectors/index.php in MODX Revolution before ...) NOT-FOR-US: MODX Revolution CVE-2016-10038 (Directory traversal in /connectors/index.php in MODX Revolution before ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f97625168ba5f33a000411b3f0bde95a84d63d63 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f97625168ba5f33a000411b3f0bde95a84d63d63 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2634ae18 by Moritz Muehlenhoff at 2019-02-16T12:38:10Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -10789,12 +10789,14 @@ CVE-2019-3576 (inxedu through 2018-12-24 has a SQL Injection vulnerability that CVE-2019-3575 (Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary ...) NOT-FOR-US: Sqla_yaml_fixtures CVE-2019-3574 (In libsixel v1.8.2, there is a heap-based buffer over-read in the ...) - - libsixel (low) + - libsixel (low; bug #922460) + [buster] - libsixel (Minor issue) [stretch] - libsixel (Minor issue) [jessie] - libsixel (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/83 CVE-2019-3573 (In libsixel v1.8.2, there is an infinite loop in the function ...) - - libsixel (low) + - libsixel (low; bug #922460) + [buster] - libsixel (Minor issue) [stretch] - libsixel (Minor issue) [jessie] - libsixel (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/83 @@ -11499,7 +11501,7 @@ CVE-2018-20541 (There is a heap-based buffer overflow in libxsmm_sparse_csc_read NOTE: https://github.com/hfp/libxsmm/commit/151481489192e6d1997f8bde52c5c425ea41741d NOTE: https://github.com/hfp/libxsmm/issues/287 CVE-2018-20540 (There is memory leak at liblas::Open (liblas/liblas.hpp) in libLAS ...) - - liblas + - liblas (bug #922459) [stretch] - liblas (Minor issue) [jessie] - liblas (Minor issue) NOTE: https://github.com/libLAS/libLAS/issues/158 @@ -45804,6 +45806,7 @@ CVE-2018-10197 (There is a time-based blind SQL injection vulnerability in the A NOT-FOR-US: ELO CVE-2018-10196 (NULL pointer dereference vulnerability in the rebuild_vlists function ...) - graphviz (low; bug #898841) + [buster] - graphviz (Minor issue) [stretch] - graphviz (Minor issue) [jessie] - graphviz (Minor issue) [wheezy] - graphviz (Minor issue) @@ -222377,6 +222380,7 @@ CVE-2013-1842 (SQL injection vulnerability in the Extbase Framework in TYPO3 4.5 - typo3-src 4.5.19+dfsg1-5 (bug #702574) CVE-2013-1841 (Net-Server, when the reverse-lookups option is enabled, does not check ...) - libnet-server-perl (low; bug #702914) + [buster] - libnet-server-perl (Minor issue) [stretch] - libnet-server-perl (Minor issue) [jessie] - libnet-server-perl (Minor issue) [wheezy] - libnet-server-perl (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2634ae18f34c599c78d30a8c3d47b2fb01431ffe -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2634ae18f34c599c78d30a8c3d47b2fb01431ffe You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 1c7815c3 by Moritz Muehlenhoff at 2019-02-11T19:07:52Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -10657,26 +10657,32 @@ CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause CVE-2018-20362 (A NULL pointer dereference was discovered in ifilter_bank of ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/26 CVE-2018-20361 (An invalid memory address dereference was discovered in the hf_assembly ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/30 CVE-2018-20360 (An invalid memory address dereference was discovered in the ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/32 CVE-2018-20359 (An invalid memory address dereference was discovered in the ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/29 CVE-2018-20358 (An invalid memory address dereference was discovered in the ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/31 CVE-2018-20357 (A NULL pointer dereference was discovered in sbr_process_channel of ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/28 CVE-2018-20356 @@ -11257,10 +11263,12 @@ CVE-2018-20200 RESERVED CVE-2018-20199 (A NULL pointer dereference was discovered in ifilter_bank of ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/24 CVE-2018-20198 (A NULL pointer dereference was discovered in ifilter_bank of ...) - faad2 (low) + [buster] - faad2 (Minor issue) [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/23 CVE-2018-20197 (There is a stack-based buffer underflow in the third instance of the ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c7815c344a3f37b737c62cf7b1cf1a6506007c4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1c7815c344a3f37b737c62cf7b1cf1a6506007c4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 82a8541d by Moritz Muehlenhoff at 2019-02-10T18:43:41Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -29934,11 +29934,11 @@ CVE-2018-1000656 (The Pallets Project flask version Before 0.12.3 contains a CWE CVE-2018-1000655 (Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference ...) NOT-FOR-US: Jsish CVE-2018-1000654 (GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 ...) - - libtasn1-6 (bug #906768) - [stretch] - libtasn1-6 (Minor issue) - [jessie] - libtasn1-6 (Minor issue since this cannot be exploited at runtime) + - libtasn1-6 (unimportant; bug #906768) - libtasn1-3 NOTE: https://gitlab.com/gnutls/libtasn1/issues/4 + NOTE: No security impact, does not affect libtasn, but only the asn1Parser from + NOTE: libtasn1-bin CVE-2018-1000653 (zzcms version 8.3 and earlier contains a SQL Injection vulnerability ...) NOT-FOR-US: zzcms CVE-2018-1000652 (JabRef version <=4.3.1 contains a XML External Entity (XXE) ...) @@ -78279,6 +78279,7 @@ CVE-2017-15638 (The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux .. NOT-FOR-US: SuSEfirewall2 in SUSE CVE-2012-6707 (WordPress through 4.8.2 uses a weak MD5-based password hashing ...) - wordpress (bug #880868) + [buster] - wordpress (Minor issue, can be revisited with upstream has picked a new hashing solution) [stretch] - wordpress (Minor issue, can be revisited with upstream has picked a new hashing solution) [jessie] - wordpress (Minor issue, can be revisited with upstream has picked a new hashing solution) [wheezy] - wordpress (Minor issue, can be revisited with upstream has picked a new hashing solution) @@ -232280,6 +232281,7 @@ CVE-2012-4231 (Cross-site scripting (XSS) vulnerability in admin/index.php in jC NOT-FOR-US: jCore CVE-2012-4230 (The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the ...) - tinymce (low; bug #796117) + [buster] - tinymce (Minor issue) [stretch] - tinymce (Minor issue) [jessie] - tinymce (Minor issue) [squeeze] - tinymce (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/82a8541d73f997d03c5e6def88ac86ddd41a4254 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/82a8541d73f997d03c5e6def88ac86ddd41a4254 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b565d010 by Moritz Muehlenhoff at 2019-02-10T13:31:12Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -13676,6 +13676,7 @@ CVE-2018-20030 [Input validation issue resulting in a denial of service] [stretch] - libexif (Minor issue) [jessie] - libexif (Minor issue) NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-28/ + NOTE: https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89 CVE-2018-20029 (The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before ...) NOT-FOR-US: nxfs.sys driver in the DokanFS library in NoMachine on Windows CVE-2019-2394 @@ -26408,7 +26409,7 @@ CVE-2018-16890 (libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a NOTE: Introduced by: https://github.com/curl/curl/commit/86724581b6c02d160b52f817550cfdfc9c93af62 CVE-2018-16889 (Ceph does not properly sanitize encryption keys in debug logging for ...) - ceph (low; bug #918969) - [stretch] - ceph (Minor issue) + [stretch] - ceph (Minor issue) [jessie] - ceph (Vulnerable code not present) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665334 NOTE: http://tracker.ceph.com/issues/37847 @@ -26630,7 +26631,7 @@ CVE-2018-16847 (An OOB heap buffer r/w access issue was found in the NVM Express NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=87ad860c622cc8f8916b5232bd8728c08f938fce CVE-2018-16846 (It was found in Ceph versions before 13.2.4 that authenticated ceph ...) - - ceph + - ceph (bug #921947) NOTE: http://tracker.ceph.com/issues/35994 NOTE: https://github.com/ceph/ceph/commit/ab29bed2fc9f961fe895de1086a8208e21ddaddc NOTE: Backport to 12.2.11: https://tracker.ceph.com/issues/37831 @@ -32113,7 +32114,7 @@ CVE-2018-14663 (An issue has been found in PowerDNS DNSDist before 1.3.3 allowin [stretch] - dnsdist (Minor issue) NOTE: https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2018-08.html CVE-2018-14662 (It was found Ceph versions before 13.2.4 that authenticated ceph users ...) - - ceph + - ceph (bug #921948) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1637327 NOTE: https://github.com/ceph/ceph/commit/a2acedd2a7e12d58af6db35edbd8a9d29c557578 CVE-2018-14661 (It was found that usage of snprintf function in feature/locks ...) @@ -47713,12 +47714,14 @@ CVE-2018-8832 (enhavo 0.4.0 has XSS via a user-group that contains executable .. NOT-FOR-US: enhavo CVE-2018-8831 (A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through ...) - kodi (low) + [buster] - kodi (Minor issue) [stretch] - kodi (Minor issue) - xbmc [jessie] - xbmc (Minor issue) [wheezy] - xbmc (Minor issue) NOTE: http://seclists.org/fulldisclosure/2018/Apr/36 NOTE: https://trac.kodi.tv/ticket/17814 + NOTE: Fixed in v18 CVE-2018-8830 RESERVED CVE-2018-8829 @@ -98924,6 +98927,7 @@ CVE-2017-8872 (The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9. NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/123234f2cfcd9e9b9f83047eee1dc17b4c3f4407 CVE-2017-8871 (The cr_parser_parse_selector_core function in cr-parser.c in libcroco ...) - libcroco (bug #864666; low) + [buster] - libcroco (Minor issue) [stretch] - libcroco (Minor issue) [jessie] - libcroco (Minor issue) [wheezy] - libcroco (Vulnerable code not present) @@ -99051,6 +99055,7 @@ CVE-2016-10369 (unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp fo NOTE: Fixed by: https://git.lxde.org/gitweb/?p=lxde/lxterminal.git;a=commit;h=f99163c6ff8b2f57c5f37b1ce5d62cf7450d4648 CVE-2017-8834 (The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 ...) - libcroco (bug #864666; low) + [buster] - libcroco (Minor issue) [stretch] - libcroco (Minor issue) [jessie] - libcroco (Minor issue) [wheezy] - libcroco (Vulnerable code not present) @@ -108047,6 +108052,7 @@ CVE-2017-5983 (The JIRA Workflow Designer Plugin in Atlassian JIRA Server before NOT-FOR-US: JIRA Workflow Designer Plugin CVE-2017-5982 (Directory traversal vulnerability in the Chorus2 2.4.2 add-on for Kodi ...) - kodi (bug #855225) + [buster] - kodi (Minor issue) [stretch] - kodi (Minor issue) [jessie] - kodi (Minor issue) - xbmc (bug #861274) @@ -129835,7 +129841,8 @@ CVE-2016-7965 (DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead o NOTE: Can be adresesd by prop
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: ca9e1ae1 by Moritz Muehlenhoff at 2019-02-09T19:28:25Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -3324,6 +3324,7 @@ CVE-2017-18356 (In the Automattic WooCommerce plugin before 3.2.4 for WordPress, NOT-FOR-US: Automattic WooCommerce plugin for WordPress CVE-2019-6293 (An issue was discovered in the function mark_beginning_as_normal in ...) - flex (low; bug #919428) + [buster] - flex (Minor issue) [stretch] - flex (Minor issue) [jessie] - flex (Minor issue) NOTE: https://github.com/westes/flex/issues/414 @@ -15667,35 +15668,29 @@ CVE-2018-19893 (SearchController.php in PbootCMS 1.2.1 has SQL injection via the CVE-2018-19892 (DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php ...) NOT-FOR-US: DomainMOD CVE-2018-19891 (An invalid memory address dereference was discovered in the huffcode ...) - - faac (bug #915763) - [stretch] - faac (Non-free not supported) - [jessie] - faac (Non-free not supported) + - faac (unimportant; bug #915763) NOTE: https://github.com/knik0/faac/issues/24 + NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal) CVE-2018-19890 (An invalid memory address dereference was discovered in the huffcode ...) - - faac (bug #915763) - [stretch] - faac (Non-free not supported) - [jessie] - faac (Non-free not supported) + - faac (unimportant; bug #915763) NOTE: https://github.com/knik0/faac/issues/20 + NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal) CVE-2018-19889 (An invalid memory address dereference was discovered in the huffcode ...) - - faac (bug #915763) - [stretch] - faac (Non-free not supported) - [jessie] - faac (Non-free not supported) + - faac (unimportant; bug #915763) NOTE: https://github.com/knik0/faac/issues/22 + NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal) CVE-2018-19888 (An invalid memory address dereference was discovered in the huffcode ...) - - faac (bug #915763) - [stretch] - faac (Non-free not supported) - [jessie] - faac (Non-free not supported) + - faac (unimportant; bug #915763) NOTE: https://github.com/knik0/faac/issues/25 + NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal) CVE-2018-19887 (An invalid memory address dereference was discovered in the huffcode ...) - - faac (bug #915763) - [stretch] - faac (Non-free not supported) - [jessie] - faac (Non-free not supported) + - faac (unimportant; bug #915763) NOTE: https://github.com/knik0/faac/issues/21 + NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal) CVE-2018-19886 (An invalid memory address dereference was discovered in the huffcode ...) - - faac (bug #915763) - [stretch] - faac (Non-free not supported) - [jessie] - faac (Non-free not supported) + - faac (unimportant; bug #915763) NOTE: https://github.com/knik0/faac/issues/23 + NOTE: Negligable security impact, crash in CLI tool (builds a lib, but only internal) CVE-2018-19885 RESERVED CVE-2018-19884 @@ -49745,6 +49740,7 @@ CVE-2018-8003 (Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a direc NOT-FOR-US: Apache Ambari CVE-2018-8002 (In PoDoFo 0.9.5, there exists an infinite loop vulnerability in ...) - libpodofo (low; bug #892557) + [buster] - libpodofo (Minor issue) [stretch] - libpodofo (Minor issue) [jessie] - libpodofo (Minor issue) [wheezy] - libpodofo (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca9e1ae101b2f23cbe4484192da050c531ebcc14 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca9e1ae101b2f23cbe4484192da050c531ebcc14 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b64e74c8 by Moritz Muehlenhoff at 2019-02-08T22:06:30Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -8623,7 +8623,7 @@ CVE-2019-3826 [Stored DOM cross-site scripting (XSS) attack via crafted URL] [stretch] - prometheus (Only affects 2.1.0 onwards) NOTE: https://github.com/prometheus/prometheus/pull/5163 CVE-2019-3825 (A vulnerability was discovered in gdm before 3.31.4. When timed login ...) - - gdm3 (low) + - gdm3 (low; bug #921764) [stretch] - gdm3 (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/460 CVE-2019-3824 @@ -10720,6 +10720,7 @@ CVE-2018-1000826 (Microweber version <= 1.0.7 contains a Cross Site Scripting NOT-FOR-US: Microweber CVE-2018-1000825 (FreeCol version <= nightly-2018-08-22 contains a XML External Entity ...) - freecol (bug #917023; low) + [buster] - freecol (Minor issue) [stretch] - freecol (Minor issue) [jessie] - freecol (Games are not supported) NOTE: https://github.com/FreeCol/freecol/issues/26 @@ -20699,9 +20700,7 @@ CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called fro CVE-2018-19106 RESERVED CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service ...) - - librecad - [stretch] - librecad (Minor issue) - [jessie] - librecad (Minor issue) + - librecad NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html CVE-2018-19104 (In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be ...) NOT-FOR-US: BageCMS @@ -24539,8 +24538,9 @@ CVE-2018-17615 (This vulnerability allows remote attackers to execute arbitrary CVE-2018-17614 (This vulnerability allows remote attackers to execute arbitrary code ...) NOT-FOR-US: Losant Arduino MQTT Client CVE-2018-17613 (Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is ...) - - telegram-desktop (bug #921133) + - telegram-desktop (unimportant; bug #921133) NOTE: https://www.inputzero.io/2018/09/telegram-share-password-in-cleartext.html + NOTE: Non issue, works as expected, should probably be rejected CVE-2018-17612 (Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) ...) NOT-FOR-US: Sennheiser CVE-2018-17611 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...) @@ -28894,7 +28894,8 @@ CVE-2018-15913 CVE-2018-15912 (An issue was discovered in manjaro-update-system.sh in manjaro-system ...) NOT-FOR-US: manjaro-update-system.sh in manjaro-system on Manjaro Linux CVE-2018-15919 (Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 ...) - - openssh (bug #907503) + - openssh (low; bug #907503) + [buster] - openssh (Minor issue) [stretch] - openssh (Minor issue) [jessie] - openssh (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2018/08/27/2 @@ -32134,7 +32135,7 @@ CVE-2018-14638 (A flaw was found in 389-ds-base before version 1.3.8.4-13. The p CVE-2018-14637 (The SAML broker consumer endpoint in Keycloak before version ...) NOT-FOR-US: Keycloak CVE-2018-14636 (Live-migrated instances are briefly able to inspect traffic for other ...) - - neutron (low) + - neutron 2:13.0.0-1 (low) [stretch] - neutron (Minor issue) [jessie] - neutron (Minor issue) CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants are ...) @@ -39052,7 +39053,7 @@ CVE-2018-12030 (Chevereto Free before 1.0.13 has XSS. ...) NOT-FOR-US: Chevereto Free CVE-2018-12029 (A race condition in the nginx module in Phusion Passenger 3.x through ...) {DLA-1399-1} - - passenger + - passenger (bug #921767) - ruby-passenger NOTE: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/ NOTE: https://github.com/phusion/passenger/commit/207870f5b7f5cc240587ab0977d6046782ae1d86 @@ -39814,21 +39815,25 @@ CVE-2018-11741 (NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Sess NOT-FOR-US: NEC Univerge Sv9100 WebPro devices CVE-2018-11740 (An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from ...) - sleuthkit (low; bug #902187) + [buster] - sleuthkit (Minor issue) [stretch] - sleuthkit (Minor issue) [jessie] - sleuthkit (Minor issue) NOTE: https://github.com/sleuthkit/sleuthkit/issues/1264 CVE-2018-11739 (An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from ...) - sleuthkit (low; bug #902187) + [buster] - sleuthkit (Minor issue) [stretch] - sleuthkit (Minor issue) [jessie] - sleuthkit (Mi
[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f70866c1 by Moritz Muehlenhoff at 2019-02-02T00:04:59Z buster triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2358,7 +2358,8 @@ CVE-2019-6293 (An issue was discovered in the function mark_beginning_as_normal [jessie] - flex (Minor issue) NOTE: https://github.com/westes/flex/issues/414 CVE-2019-6292 (An issue was discovered in singledocparser.cpp in yaml-cpp (aka ...) - - yaml-cpp (bug #919430) + - yaml-cpp (low; bug #919430) + [buster] - yaml-cpp (Minor issue) [stretch] - yaml-cpp (Minor issue) [jessie] - yaml-cpp (Minor issue) - yaml-cpp0.3 @@ -2384,7 +2385,8 @@ CVE-2019-6286 (In LibSass 3.5.5, a heap-based buffer over-read exists in ...) [stretch] - libsass (Minor issue) NOTE: https://github.com/sass/libsass/issues/2815 CVE-2019-6285 (The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka ...) - - yaml-cpp (bug #919432) + - yaml-cpp (low; bug #919432) + [buster] - yaml-cpp (Minor issue) [stretch] - yaml-cpp (Minor issue) [jessie] - yaml-cpp (Minor issue) - yaml-cpp0.3 @@ -8779,6 +8781,7 @@ CVE-2018-20575 (Orange Livebox 00.96.320S devices have an undocumented ...) NOT-FOR-US: Orange Livebox 00.96.320S devices CVE-2018-20574 (The SingleDocParser::HandleFlowMap function in yaml-cpp (aka ...) - yaml-cpp (low; bug #918145) + [buster] - yaml-cpp (Minor issue) [stretch] - yaml-cpp (Minor issue) [jessie] - yaml-cpp (Minor issue) - yaml-cpp0.3 (low; bug #918146) @@ -8787,6 +8790,7 @@ CVE-2018-20574 (The SingleDocParser::HandleFlowMap function in yaml-cpp (aka ... NOTE: https://github.com/jbeder/yaml-cpp/issues/654 CVE-2018-20573 (The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) ...) - yaml-cpp (low; bug #918147) + [buster] - yaml-cpp (Minor issue) [stretch] - yaml-cpp (Minor issue) [jessie] - yaml-cpp (Minor issue) - yaml-cpp0.3 (low; bug #918148) @@ -30231,7 +30235,7 @@ CVE-2018-1000637 (zutils version prior to version 1.8-pre2 contains a Buffer Ove NOTE: https://lists.nongnu.org/archive/html/zutils-bug/2018-08/msg0.html NOTE: Fixed by: upstream/0001-zcat-buffer-overrun.patch (in 1.7-3) CVE-2018-14938 (An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through ...) - - tcpflow (bug #905483) + - tcpflow 1.5.0+repack1-1 (bug #905483) [stretch] - tcpflow (Minor issue) [jessie] - tcpflow (Minor issue) NOTE: https://github.com/simsong/tcpflow/commit/a4e1cd14eb5ccc51ed271b65b3420f7d692c40eb @@ -52207,6 +52211,7 @@ CVE-2018-6869 (In ZZIPlib 0.13.68, there is an uncontrolled memory allocation an [stretch] - zziplib (Minor issue) [jessie] - zziplib (Minor issue) NOTE: https://github.com/gdraheim/zziplib/issues/22 + NOTE: https://github.com/gdraheim/zziplib/commit/0c0c9256b0903f664bca25dd8d924211f81e01d3 CVE-2018-6868 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Slickdeals / ...) NOT-FOR-US: PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script CVE-2018-6867 (Cross Site Scripting (XSS) exists in PHP Scripts Mall Alibaba Clone ...) @@ -73691,11 +73696,9 @@ CVE-2017-16810 (Cross-site scripting (XSS) vulnerability in the All Variables ta CVE-2017-16809 RESERVED CVE-2017-16808 (tcpdump 4.9.2 has a heap-based buffer over-read related to aoe_print in ...) - - tcpdump (low; bug #881862) - [stretch] - tcpdump (Can be fixed along in a future update) - [jessie] - tcpdump (Can be fixed along in a future update) - [wheezy] - tcpdump (Can be fixed along in a future update) + - tcpdump (unimportant; bug #881862) NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/645 + NOTE: Crash in CLI tool, no security impact CVE-2017-16807 (A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, ...) NOT-FOR-US: Kirby Panel CVE-2017-16806 (The Process function in RemoteTaskServer/WebServer/HttpServer.cs in ...) @@ -89049,7 +89052,8 @@ CVE-2017-11694 (MEDHOST Document Management System contains hard-coded credentia CVE-2017-11693 (MEDHOST Document Management System contains hard-coded credentials that ...) NOT-FOR-US: MEDHOST Document Management System CVE-2017-11692 (The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 ...) - - yaml-cpp (bug #870326) + - yaml-cpp (low; bug #870326) + [buster] - yaml-cpp (Minor issue) [stretch] - yaml-cpp (Minor issue) [jessie] - yaml-cpp (Minor issue) [wheezy] - yaml-cpp (Minor issue) @@ -107006,6 +107010,7 @@ CVE-2017-5951 (The