[Secure-testing-commits] r29714 - data/CVE
Author: carnil Date: 2014-10-29 05:24:34 + (Wed, 29 Oct 2014) New Revision: 29714 Modified: data/CVE/list Log: CVE assigned for tnftp issue Modified: data/CVE/list === --- data/CVE/list 2014-10-28 22:24:22 UTC (rev 29713) +++ data/CVE/list 2014-10-29 05:24:34 UTC (rev 29714) @@ -1,4 +1,4 @@ -CVE-2014- [ftp(1) can be made execute arbitrary commands by malicious webserver] +CVE-2014-8517 [ftp(1) can be made execute arbitrary commands by malicious webserver] - tnftp (low; bug #767171) [wheezy] - tnftp (Minor issue) [squeeze] - tnftp (Minor issue) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29713 - data/CVE
Author: carnil Date: 2014-10-28 22:24:22 + (Tue, 28 Oct 2014) New Revision: 29713 Modified: data/CVE/list Log: Add bug reference for tnftp Modified: data/CVE/list === --- data/CVE/list 2014-10-28 22:16:00 UTC (rev 29712) +++ data/CVE/list 2014-10-28 22:24:22 UTC (rev 29713) @@ -1,5 +1,5 @@ CVE-2014- [ftp(1) can be made execute arbitrary commands by malicious webserver] - - tnftp (low) + - tnftp (low; bug #767171) [wheezy] - tnftp (Minor issue) [squeeze] - tnftp (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2014/10/28/4 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29712 - data/CVE
Author: jmm Date: 2014-10-28 22:16:00 + (Tue, 28 Oct 2014) New Revision: 29712 Modified: data/CVE/list Log: tnftp no-dsa Modified: data/CVE/list === --- data/CVE/list 2014-10-28 22:13:37 UTC (rev 29711) +++ data/CVE/list 2014-10-28 22:16:00 UTC (rev 29712) @@ -1,7 +1,8 @@ CVE-2014- [ftp(1) can be made execute arbitrary commands by malicious webserver] - - tnftp + - tnftp (low) + [wheezy] - tnftp (Minor issue) + [squeeze] - tnftp (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2014/10/28/4 - TODO: check CVE-2014- [Off-by-one count when parsing an 8BIM profile] - imagemagick 8:6.8.9.9-1 CVE-2014- [Don't clone a 0x0 image breaking some assumption] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29711 - data
Author: jmm Date: 2014-10-28 22:13:37 + (Tue, 28 Oct 2014) New Revision: 29711 Modified: data/dsa-needed.txt Log: add and take dokuwiki Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2014-10-28 22:07:03 UTC (rev 29710) +++ data/dsa-needed.txt 2014-10-28 22:13:37 UTC (rev 29711) @@ -16,6 +16,8 @@ -- chromium-browser -- +dokuwiki (jmm) +-- icedove (jmm) -- libgcrypt11 (carnil) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29710 - data/CVE
Author: carnil Date: 2014-10-28 22:07:03 + (Tue, 28 Oct 2014) New Revision: 29710 Modified: data/CVE/list Log: Add note for CVE-2014-5120, is fixed in php5 5.4.32 upstream Modified: data/CVE/list === --- data/CVE/list 2014-10-28 18:45:39 UTC (rev 29709) +++ data/CVE/list 2014-10-28 22:07:03 UTC (rev 29710) @@ -7617,6 +7617,7 @@ - libgd2 (Specific to integration of gd in PHP) NOTE: https://bugs.php.net/bug.php?id=67730 NOTE: https://bugs.php.net/patch-display.php?bug_id=67730&patch=gd-null-injection&revision=latest + NOTE: For the PHP5 5.4 branch this issue is fixed in version 5.4.32 CVE-2014-5115 (Absolute path traversal vulnerability in DirPHP 1.0 allows remote ...) NOT-FOR-US: DirPHP CVE-2014-5114 (WeBid 1.1.1 allows remote attackers to conduct an LDAP injection ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29709 - data/CVE
Author: carnil Date: 2014-10-28 18:45:39 + (Tue, 28 Oct 2014) New Revision: 29709 Modified: data/CVE/list Log: Update information for imagemagick issue Modified: data/CVE/list === --- data/CVE/list 2014-10-28 18:02:08 UTC (rev 29708) +++ data/CVE/list 2014-10-28 18:45:39 UTC (rev 29709) @@ -10,6 +10,8 @@ - imagemagick 8:6.8.9.9-1 CVE-2014- [Remotely DOS: convert +profile regression enters infinite loop exhausting memory] - imagemagick 8:6.8.9.9-1 (bug #764872) + [wheezy] - imagemagick (Vulnerable code introduced later; regression) + [squeeze] - imagemagick (Vulnerable code introduced later; regression) CVE-2014-8489 RESERVED CVE-2014-8488 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29708 - data/CVE
Author: fgeek-guest Date: 2014-10-28 18:02:08 + (Tue, 28 Oct 2014) New Revision: 29708 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2014-10-28 17:01:08 UTC (rev 29707) +++ data/CVE/list 2014-10-28 18:02:08 UTC (rev 29708) @@ -8003,6 +8003,7 @@ NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=46778 CVE-2014-4974 RESERVED + NOT-FOR-US: ESET CVE-2014-4973 (The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the ...) NOT-FOR-US: ESET Personal Firewall CVE-2014-4972 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29707 - data/CVE
Author: carnil Date: 2014-10-28 17:01:08 + (Tue, 28 Oct 2014) New Revision: 29707 Modified: data/CVE/list Log: Add temporary item for tnftp issue Modified: data/CVE/list === --- data/CVE/list 2014-10-28 16:20:58 UTC (rev 29706) +++ data/CVE/list 2014-10-28 17:01:08 UTC (rev 29707) @@ -1,3 +1,7 @@ +CVE-2014- [ftp(1) can be made execute arbitrary commands by malicious webserver] + - tnftp + NOTE: http://www.openwall.com/lists/oss-security/2014/10/28/4 + TODO: check CVE-2014- [Off-by-one count when parsing an 8BIM profile] - imagemagick 8:6.8.9.9-1 CVE-2014- [Don't clone a 0x0 image breaking some assumption] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29706 - data/CVE
Author: carnil Date: 2014-10-28 16:20:58 + (Tue, 28 Oct 2014) New Revision: 29706 Modified: data/CVE/list Log: add CVE-2014-3708/nova Modified: data/CVE/list === --- data/CVE/list 2014-10-28 13:45:32 UTC (rev 29705) +++ data/CVE/list 2014-10-28 16:20:58 UTC (rev 29706) @@ -10962,8 +10962,10 @@ CVE-2014-3709 RESERVED NOT-FOR-US: JBoss KeyCloak -CVE-2014-3708 +CVE-2014-3708 [Nova network DoS through API filtering] RESERVED + - nova + NOTE: affected versions up to 2014.1.3, and 2014.2 CVE-2014-3707 RESERVED CVE-2014-3706 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29705 - data/CVE
Author: carnil Date: 2014-10-28 13:45:32 + (Tue, 28 Oct 2014) New Revision: 29705 Modified: data/CVE/list Log: Add fixed version for two dokuwiki CVEs Modified: data/CVE/list === --- data/CVE/list 2014-10-28 11:19:43 UTC (rev 29704) +++ data/CVE/list 2014-10-28 13:45:32 UTC (rev 29705) @@ -459,12 +459,12 @@ CVE-2014-8293 (Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests ...) NOT-FOR-US: Voice Of Web AllMyGuests CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP ...) - - dokuwiki (bug #766545) + - dokuwiki 0.0.20140929.a-1 (bug #766545) [squeeze] - dokuwiki (Will be fixed at the php level) NOTE: only fixed in Security Hotfix 2014-05-05b NOTE: Better fixed at the php5 level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP ...) - - dokuwiki (bug #766545) + - dokuwiki 0.0.20140929.a-1 (bug #766545) [squeeze] - dokuwiki (Will be fixed at the php level) NOTE: only fixed in Security Hotfix 2014-05-05b NOTE: Better fixed at the php5 level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29704 - in data: . CVE
Author: hertzog Date: 2014-10-28 11:19:43 + (Tue, 28 Oct 2014) New Revision: 29704 Modified: data/CVE/list data/dla-needed.txt Log: For Squeeze LTS handle dokuwiki privilege escalation at the php level I would suggest to do the same for wheezy. Modified: data/CVE/list === --- data/CVE/list 2014-10-28 10:02:22 UTC (rev 29703) +++ data/CVE/list 2014-10-28 11:19:43 UTC (rev 29704) @@ -460,10 +460,14 @@ NOT-FOR-US: Voice Of Web AllMyGuests CVE-2014-8764 (DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP ...) - dokuwiki (bug #766545) + [squeeze] - dokuwiki (Will be fixed at the php level) NOTE: only fixed in Security Hotfix 2014-05-05b + NOTE: Better fixed at the php5 level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c CVE-2014-8763 (DokuWiki before 2014-05-05b, when using Active Directory for LDAP ...) - dokuwiki (bug #766545) + [squeeze] - dokuwiki (Will be fixed at the php level) NOTE: only fixed in Security Hotfix 2014-05-05b + NOTE: Better fixed at the php5 level: http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c CVE-2014-8762 (The ajax_mediadiff function in DokuWiki before 2014-05-05a allows ...) - dokuwiki 0.0.20140505.a+dfsg-1 (bug #766545) CVE-2014-8761 (inc/template.php in DokuWiki before 2014-05-05a only checks for access ...) Modified: data/dla-needed.txt === --- data/dla-needed.txt 2014-10-28 10:02:22 UTC (rev 29703) +++ data/dla-needed.txt 2014-10-28 11:19:43 UTC (rev 29704) @@ -55,6 +55,9 @@ -- openjdk-6 -- +php5 + NOTE: Please include http://git.php.net/?p=php-src.git;a=commitdiff;h=ad1b9eef98df53adefa0c79c02e5dc1f2b928b8c to fix issues with other PHP apps (see CVE-2014-8763/CVE-2014-8764 for example) +-- qemu -- qt4-x11 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29703 - org
Author: carnil Date: 2014-10-28 10:02:22 + (Tue, 28 Oct 2014) New Revision: 29703 Modified: org/TODO Log: TODO done, removed references to contact the team via RT Modified: org/TODO === --- org/TODO2014-10-28 09:31:24 UTC (rev 29702) +++ org/TODO2014-10-28 10:02:22 UTC (rev 29703) @@ -66,9 +66,6 @@ - check if the developers-reference (https://www.debian.org/doc/manuals/developers-reference/pkgs.html#bug-security) still holds updated information. - check if the security related information in wiki.d.o is updated. (luciano) - - Drop references that we prefer to be contacted over RT. - Developers Reference and Wiki pages, as well as - http://security.debian.org (carnil, bug #738607) - Create webpage like release team has (http://release.debian.org) e.g. pointing to http://security-team.debian.org holding all relevant entry points for tasks, relevant information on workflows, etc ... (luciano) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29702 - data/CVE
Author: fgeek-guest Date: 2014-10-28 09:31:24 + (Tue, 28 Oct 2014) New Revision: 29702 Modified: data/CVE/list Log: CVE-2014-3566/lighttpd bug. thanks Elrond Modified: data/CVE/list === --- data/CVE/list 2014-10-28 08:06:54 UTC (rev 29701) +++ data/CVE/list 2014-10-28 09:31:24 UTC (rev 29702) @@ -11458,7 +11458,7 @@ [squeeze] - icedove - iceweasel [squeeze] - iceweasel - - lighttpd + - lighttpd (bug #765702) - matrixssl - midori (unimportant) - mini-httpd ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29701 - data/CVE
Author: carnil Date: 2014-10-28 08:06:54 + (Tue, 28 Oct 2014) New Revision: 29701 Modified: data/CVE/list Log: Fix indentation Modified: data/CVE/list === --- data/CVE/list 2014-10-28 08:06:38 UTC (rev 29700) +++ data/CVE/list 2014-10-28 08:06:54 UTC (rev 29701) @@ -918,10 +918,10 @@ RESERVED CVE-2014-8080 [Denial Of Service XML Expansion] RESERVED -- ruby1.8 -- ruby1.9.1 -- ruby2.0 -- ruby2.1 + - ruby1.8 + - ruby1.9.1 + - ruby2.0 + - ruby2.1 NOTE: https://www.ruby-lang.org/en/news/2014/10/27/rexml-dos-cve-2014-8080/ NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/?pathrev=48161 TODO: check (and if complete set of ruby versions) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29699 - data/CVE
Author: carnil Date: 2014-10-28 08:06:22 + (Tue, 28 Oct 2014) New Revision: 29699 Modified: data/CVE/list Log: Add CVE-2014-8080/ruby, not checked at all Modified: data/CVE/list === --- data/CVE/list 2014-10-28 08:00:58 UTC (rev 29698) +++ data/CVE/list 2014-10-28 08:06:22 UTC (rev 29699) @@ -916,8 +916,15 @@ RESERVED CVE-2014-8081 RESERVED -CVE-2014-8080 +CVE-2014-8080 [Denial Of Service XML Expansion] RESERVED +- ruby1.8 +- ruby1.9.1 +- ruby2.0 +- ruby2.1 + NOTE: https://www.ruby-lang.org/en/news/2014/10/27/rexml-dos-cve-2014-8080/ + NOTE: http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/?pathrev=48161 + TODO: check (and if complete set of ruby versions) CVE-2014-8079 (Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x ...) NOT-FOR-US: Drupal theme MAYO CVE-2014-8078 (Cross-site scripting (XSS) vulnerability in the Print (aka Printer, ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29700 - data/CVE
Author: carnil Date: 2014-10-28 08:06:38 + (Tue, 28 Oct 2014) New Revision: 29700 Modified: data/CVE/list Log: Remove trailing whitespaces Modified: data/CVE/list === --- data/CVE/list 2014-10-28 08:06:22 UTC (rev 29699) +++ data/CVE/list 2014-10-28 08:06:38 UTC (rev 29700) @@ -11482,7 +11482,7 @@ NOTE: https://www.openssl.org/~bodo/ssl-poodle.pdf NOTE: http://googleonlinesecurity.blogspot.fr/2014/10/this-poodle-bites-exploiting-ssl-30.html NOTE: This is only about the SSLv3 CBC padding, not about any downgrade attack or support for the fallback SCSV - NOTE: Fix is to disable SSLv3 in library or application configurations + NOTE: Fix is to disable SSLv3 in library or application configurations NOTE: Browsers based on webkit (with the exception of Chromium) or khtml are not covered by security support CVE-2014-3565 (snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is ...) - net-snmp 5.7.2.1~dfsg-7 (bug #760132) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r29698 - data/CVE
Author: carnil Date: 2014-10-28 08:00:58 + (Tue, 28 Oct 2014) New Revision: 29698 Modified: data/CVE/list Log: Add CVE-2014-7815 Modified: data/CVE/list === --- data/CVE/list 2014-10-28 05:47:22 UTC (rev 29697) +++ data/CVE/list 2014-10-28 08:00:58 UTC (rev 29698) @@ -1502,8 +1502,12 @@ RESERVED CVE-2014-7816 RESERVED -CVE-2014-7815 +CVE-2014-7815 [insufficient bits_per_pixel from the client sanitization] RESERVED + - qemu + - qemu-kvm + NOTE: http://lists.gnu.org/archive/html/qemu-devel/2014-10/msg03210.html + TODO: check CVE-2014-7814 RESERVED CVE-2014-7813 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits