[Secure-testing-commits] r34618 - data/CVE
Author: carnil Date: 2015-05-31 20:17:04 + (Sun, 31 May 2015) New Revision: 34618 Modified: data/CVE/list Log: Four more CVEs for wpa Modified: data/CVE/list === --- data/CVE/list 2015-05-31 18:43:31 UTC (rev 34617) +++ data/CVE/list 2015-05-31 20:17:04 UTC (rev 34618) @@ -1203,13 +1203,34 @@ [jessie] - didjvu no-dsa (Minor issue) NOTE: https://bitbucket.org/jwilk/didjvu/issue/8 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/09/7 -CVE-2015- [EAP-pwd missing payload length validation] +CVE-2015-4146 [EAP-pwd missing payload length validation] - wpa unfixed - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) NOTE: http://w1.fi/security/2015-4/ + NOTE: http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch +CVE-2015-4145 [EAP-pwd missing payload length validation] + - wpa unfixed + - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) + - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) + NOTE: http://w1.fi/security/2015-4/ + NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch + NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch +CVE-2015-4144 [EAP-pwd missing payload length validation] + - wpa unfixed + - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) + - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) + NOTE: http://w1.fi/security/2015-4/ + NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch + NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch +CVE-2015-4143 [EAP-pwd missing payload length validation] + - wpa unfixed + - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) + - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) + NOTE: http://w1.fi/security/2015-4/ NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/07/5 + NOTE: http://w1.fi/security/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch + NOTE: http://w1.fi/security/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch CVE-2015-4142 [Integer underflow in AP mode WMM Action frame processing] - wpa unfixed - wpasupplicant removed ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34619 - data/CVE
Author: carnil Date: 2015-05-31 20:17:12 + (Sun, 31 May 2015) New Revision: 34619 Modified: data/CVE/list Log: Cleanup CVE request links Modified: data/CVE/list === --- data/CVE/list 2015-05-31 20:17:04 UTC (rev 34618) +++ data/CVE/list 2015-05-31 20:17:12 UTC (rev 34619) @@ -1238,7 +1238,7 @@ - hostapd removed NOTE: http://w1.fi/security/2015-3/ NOTE: http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/09/5 + NOTE: http://www.openwall.com/lists/oss-security/2015/05/09/5 CVE-2015-4141 [WPS UPnP vulnerability with HTTP chunked transfer encoding] - wpa unfixed - wpasupplicant removed (unimportant) @@ -1247,7 +1247,7 @@ [squeeze] - hostapd not-affected (Affects 0.7.0-v2.4 with CONFIG_WPS_UPNP=y in the build configuration and upnp_iface parameter on runtime) NOTE: http://w1.fi/security/2015-2/ NOTE: http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/09/4 + NOTE: http://www.openwall.com/lists/oss-security/2015/05/09/4 CVE-2015- [incorrect parsing of from header when assigning pgp keys] - semi 1.14.7~0.20120428-17 (bug #784712) [squeeze] - semi no-dsa (Minor issue) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34624 - data/CVE
Author: sectracker Date: 2015-05-31 21:10:14 + (Sun, 31 May 2015) New Revision: 34624 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2015-05-31 20:44:07 UTC (rev 34623) +++ data/CVE/list 2015-05-31 21:10:14 UTC (rev 34624) @@ -178,6 +178,7 @@ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/26/11 TODO: check CVE-2015-4082 [encrypted backups attack] + RESERVED - attic unfixed NOTE: https://github.com/jborg/attic/issues/271 NOTE: https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34616 - data/CVE
Author: carnil Date: 2015-05-31 18:12:28 + (Sun, 31 May 2015) New Revision: 34616 Modified: data/CVE/list Log: Process more NFUs Modified: data/CVE/list === --- data/CVE/list 2015-05-31 18:12:16 UTC (rev 34615) +++ data/CVE/list 2015-05-31 18:12:28 UTC (rev 34616) @@ -11,7 +11,7 @@ CVE-2015-4134 (Open redirect vulnerability in goto.php in phpwind 8.7 allows remote ...) NOT-FOR-US: PHPWind CVE-2015-4133 (Unrestricted file upload vulnerability in ...) - TODO: check + NOT-FOR-US: ReFlex Gallery plugin for WordPress CVE-2015-4132 (Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ...) TODO: check CVE-2015-4131 @@ -23,7 +23,7 @@ CVE-2015-4128 RESERVED CVE-2015-4127 (Cross-site scripting (XSS) vulnerability in the church_admin plugin ...) - TODO: check + NOT-FOR-US: church_admin plugin for WordPress CVE-2015- [ns: user namespaces panic] - linux not-affected (Commit was applied to 4.0.2 as well but fixed in Debian by two subsequent commits) NOTE: Debian both applies mnt: Fail collect_mounts when applied to unmounted mounts @@ -119,7 +119,7 @@ CVE-2015-4086 RESERVED CVE-2015-4084 (Cross-site scripting (XSS) vulnerability in the Free Counter plugin ...) - TODO: check + NOT-FOR-US: Free Counter plugin for WordPress CVE-2015-4083 RESERVED CVE-2015-4081 @@ -153,7 +153,7 @@ CVE-2015-4067 RESERVED CVE-2015-4066 (Multiple SQL injection vulnerabilities in admin/handlers.php in the ...) - TODO: check + NOT-FOR-US: GigPress plugin for WordPress CVE-2015-4061 RESERVED CVE-2015-4060 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34617 - data/CVE
Author: ghedo Date: 2015-05-31 18:43:31 + (Sun, 31 May 2015) New Revision: 34617 Modified: data/CVE/list Log: CVEs assigned for wpa issues Modified: data/CVE/list === --- data/CVE/list 2015-05-31 18:12:28 UTC (rev 34616) +++ data/CVE/list 2015-05-31 18:43:31 UTC (rev 34617) @@ -1210,7 +1210,7 @@ NOTE: http://w1.fi/security/2015-4/ NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/07/5 -CVE-2015- [Integer underflow in AP mode WMM Action frame processing] +CVE-2015-4142 [Integer underflow in AP mode WMM Action frame processing] - wpa unfixed - wpasupplicant removed [squeeze] - wpasupplicant not-affected (0.7.0-v2.4 with with specific configurations) @@ -1218,7 +1218,7 @@ NOTE: http://w1.fi/security/2015-3/ NOTE: http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/09/5 -CVE-2015- [WPS UPnP vulnerability with HTTP chunked transfer encoding] +CVE-2015-4141 [WPS UPnP vulnerability with HTTP chunked transfer encoding] - wpa unfixed - wpasupplicant removed (unimportant) [squeeze] - wpasupplicant not-affected (Affects v0.7.0-v2.4 with CONFIG_WPS_ER=y in the build configuration) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34615 - data/CVE
Author: carnil Date: 2015-05-31 18:12:16 + (Sun, 31 May 2015) New Revision: 34615 Modified: data/CVE/list Log: Add two NFU items Modified: data/CVE/list === --- data/CVE/list 2015-05-31 18:08:43 UTC (rev 34614) +++ data/CVE/list 2015-05-31 18:12:16 UTC (rev 34615) @@ -7,9 +7,9 @@ NOTE: https://bugs.exim.org/show_bug.cgi?id=1515 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/31/4 CVE-2015-4135 (Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 ...) - TODO: check + NOT-FOR-US: PHPWind CVE-2015-4134 (Open redirect vulnerability in goto.php in phpwind 8.7 allows remote ...) - TODO: check + NOT-FOR-US: PHPWind CVE-2015-4133 (Unrestricted file upload vulnerability in ...) TODO: check CVE-2015-4132 (Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34614 - data
Author: carnil Date: 2015-05-31 18:08:43 + (Sun, 31 May 2015) New Revision: 34614 Modified: data/dsa-needed.txt Log: Expand note for mariadb-10.0 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2015-05-31 16:34:03 UTC (rev 34613) +++ data/dsa-needed.txt 2015-05-31 18:08:43 UTC (rev 34614) @@ -40,6 +40,8 @@ -- mariadb-10.0 (carnil) Maintainer prepared update which needs to be reviewed and sponsored + carnil did an initial review and asked to get an explict ack from the stable + carnil release managers for the changes not related to the 10.0.19 import -- mediawiki -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34621 - data/CVE
Author: carnil Date: 2015-05-31 20:28:35 + (Sun, 31 May 2015) New Revision: 34621 Modified: data/CVE/list Log: Add back lost reference to original CVE request Modified: data/CVE/list === --- data/CVE/list 2015-05-31 20:18:25 UTC (rev 34620) +++ data/CVE/list 2015-05-31 20:28:35 UTC (rev 34621) @@ -1210,6 +1210,7 @@ NOTE: http://w1.fi/security/2015-4/ NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt NOTE: http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch + NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5 CVE-2015-4145 [EAP-pwd missing payload length validation] - wpa unfixed - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) @@ -1218,6 +1219,7 @@ NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch + NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5 CVE-2015-4144 [EAP-pwd missing payload length validation] - wpa unfixed - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) @@ -1226,6 +1228,7 @@ NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch + NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5 CVE-2015-4143 [EAP-pwd missing payload length validation] - wpa unfixed - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) @@ -1234,6 +1237,7 @@ NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt NOTE: http://w1.fi/security/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch NOTE: http://w1.fi/security/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch + NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5 CVE-2015-4142 [Integer underflow in AP mode WMM Action frame processing] - wpa unfixed - wpasupplicant removed ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34613 - data/CVE
Author: carnil Date: 2015-05-31 16:34:03 + (Sun, 31 May 2015) New Revision: 34613 Modified: data/CVE/list Log: Add two pcre3 issues Modified: data/CVE/list === --- data/CVE/list 2015-05-31 14:49:51 UTC (rev 34612) +++ data/CVE/list 2015-05-31 16:34:03 UTC (rev 34613) @@ -1,3 +1,11 @@ +CVE-2015- [PCRE Library Stack Overflow Vulnerability] + - pcre3 unfixed + NOTE: https://bugs.exim.org/show_bug.cgi?id=1503 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/31/5 +CVE-2015- [PCRE Call Stack Overflow Vulnerability] + - pcre3 unfixed + NOTE: https://bugs.exim.org/show_bug.cgi?id=1515 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/31/4 CVE-2015-4135 (Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 ...) TODO: check CVE-2015-4134 (Open redirect vulnerability in goto.php in phpwind 8.7 allows remote ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34626 - data/CVE
Author: carnil Date: 2015-06-01 05:16:05 + (Mon, 01 Jun 2015) New Revision: 34626 Modified: data/CVE/list Log: Add note for CVE-2015-4021 and CVE-2015-4022 in php5 Modified: data/CVE/list === --- data/CVE/list 2015-06-01 04:30:49 UTC (rev 34625) +++ data/CVE/list 2015-06-01 05:16:05 UTC (rev 34626) @@ -418,12 +418,14 @@ - php5 5.6.9+dfsg-1 NOTE: https://bugs.php.net/bug.php?id=69545 NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/2 + NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9 CVE-2015-4021 [Memory Corruption in phar_parse_tarfile when entry filename starts with null] RESERVED - php5 5.6.9+dfsg-1 NOTE: https://bugs.php.net/bug.php?id=69453 NOTE: http://git.php.net/?p=php-src.git;a=commit;h=c27f012b7a447e59d4a704688971cbfa7dddaa74 NOTE: http://www.openwall.com/lists/oss-security/2015/05/17/2 and http://www.openwall.com/lists/oss-security/2015/05/18/2 + NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9 CVE-2015-3987 (Multiple unquoted Windows search path vulnerabilities in the (1) ...) NOT-FOR-US: McAfee CVE-2015-3986 (Cross-site request forgery (CSRF) vulnerability in the TheCartPress ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34627 - data/CVE
Author: carnil Date: 2015-06-01 05:17:25 + (Mon, 01 Jun 2015) New Revision: 34627 Modified: data/CVE/list Log: Add notes as well for CVE-2015-402{4,5,6}/php5 (all fixed as well in 5.4.41 upstream) Modified: data/CVE/list === --- data/CVE/list 2015-06-01 05:16:05 UTC (rev 34626) +++ data/CVE/list 2015-06-01 05:17:25 UTC (rev 34627) @@ -404,15 +404,18 @@ RESERVED - php5 5.6.9+dfsg-1 NOTE: https://bugs.php.net/bug.php?id=68598 + NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9 CVE-2015-4025 [CVE-2006-7243 fix regressions in 5.4+] RESERVED - php5 5.6.9+dfsg-1 NOTE: https://bugs.php.net/bug.php?id=69418 + NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9 CVE-2015-4024 [DoS possibility due to ineffective parsing of form data] RESERVED - php5 5.6.9+dfsg-1 NOTE: https://bugs.php.net/bug.php?id=69364 NOTE: http://www.openwall.com/lists/oss-security/2015/05/18/2 + NOTE: Fixed upstream in 5.4.41, 5.5.25, 5.6.9 CVE-2015-4022 [integer overflow on reading FTP server data leading to heap overflow] RESERVED - php5 5.6.9+dfsg-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34628 - data
Author: carnil Date: 2015-06-01 05:19:02 + (Mon, 01 Jun 2015) New Revision: 34628 Modified: data/dsa-needed.txt Log: Add wireshark to dsa-needed list Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2015-06-01 05:17:25 UTC (rev 34627) +++ data/dsa-needed.txt 2015-06-01 05:19:02 UTC (rev 34628) @@ -78,6 +78,9 @@ -- typo3-src -- +wireshark + Maintainer proposed to update for wheezy-security and jessie-security +-- wordpress/stable (ghedo) -- xen ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34620 - data/CVE
Author: carnil Date: 2015-05-31 20:18:25 + (Sun, 31 May 2015) New Revision: 34620 Modified: data/CVE/list Log: Add links for advisory text Modified: data/CVE/list === --- data/CVE/list 2015-05-31 20:17:12 UTC (rev 34619) +++ data/CVE/list 2015-05-31 20:18:25 UTC (rev 34620) @@ -1208,12 +1208,14 @@ - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) NOTE: http://w1.fi/security/2015-4/ + NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt NOTE: http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch CVE-2015-4145 [EAP-pwd missing payload length validation] - wpa unfixed - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) NOTE: http://w1.fi/security/2015-4/ + NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch CVE-2015-4144 [EAP-pwd missing payload length validation] @@ -1221,6 +1223,7 @@ - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) NOTE: http://w1.fi/security/2015-4/ + NOTE: http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt NOTE: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch CVE-2015-4143 [EAP-pwd missing payload length validation] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34623 - data/CVE
Author: carnil Date: 2015-05-31 20:44:07 + (Sun, 31 May 2015) New Revision: 34623 Modified: data/CVE/list Log: Add two more bug references for wpa, #787372 and #787373 Modified: data/CVE/list === --- data/CVE/list 2015-05-31 20:42:24 UTC (rev 34622) +++ data/CVE/list 2015-05-31 20:44:07 UTC (rev 34623) @@ -1239,7 +1239,7 @@ NOTE: http://w1.fi/security/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5 CVE-2015-4142 [Integer underflow in AP mode WMM Action frame processing] - - wpa unfixed + - wpa unfixed (bug #787373) - wpasupplicant removed [squeeze] - wpasupplicant not-affected (0.7.0-v2.4 with with specific configurations) - hostapd removed @@ -1247,7 +1247,7 @@ NOTE: http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt NOTE: http://www.openwall.com/lists/oss-security/2015/05/09/5 CVE-2015-4141 [WPS UPnP vulnerability with HTTP chunked transfer encoding] - - wpa unfixed + - wpa unfixed (bug #787372) - wpasupplicant removed (unimportant) [squeeze] - wpasupplicant not-affected (Affects v0.7.0-v2.4 with CONFIG_WPS_ER=y in the build configuration) - hostapd removed ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34622 - data/CVE
Author: carnil Date: 2015-05-31 20:42:24 + (Sun, 31 May 2015) New Revision: 34622 Modified: data/CVE/list Log: Add bug reference for one wpa issue set, #787371 Modified: data/CVE/list === --- data/CVE/list 2015-05-31 20:28:35 UTC (rev 34621) +++ data/CVE/list 2015-05-31 20:42:24 UTC (rev 34622) @@ -1204,7 +1204,7 @@ NOTE: https://bitbucket.org/jwilk/didjvu/issue/8 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/09/7 CVE-2015-4146 [EAP-pwd missing payload length validation] - - wpa unfixed + - wpa unfixed (bug #787371) - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) NOTE: http://w1.fi/security/2015-4/ @@ -1212,7 +1212,7 @@ NOTE: http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5 CVE-2015-4145 [EAP-pwd missing payload length validation] - - wpa unfixed + - wpa unfixed (bug #787371) - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) NOTE: http://w1.fi/security/2015-4/ @@ -1221,7 +1221,7 @@ NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5 CVE-2015-4144 [EAP-pwd missing payload length validation] - - wpa unfixed + - wpa unfixed (bug #787371) - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) NOTE: http://w1.fi/security/2015-4/ @@ -1230,7 +1230,7 @@ NOTE: http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch NOTE: http://www.openwall.com/lists/oss-security/2015/05/07/5 CVE-2015-4143 [EAP-pwd missing payload length validation] - - wpa unfixed + - wpa unfixed (bug #787371) - wpasupplicant not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) - hostapd not-affected (v1.0-v2.4 with CONFIG_EAP_PWD=y) NOTE: http://w1.fi/security/2015-4/ ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34625 - data/CVE
Author: carnil Date: 2015-06-01 04:30:49 + (Mon, 01 Jun 2015) New Revision: 34625 Modified: data/CVE/list Log: Two CVEs fixed for libav upload in unstable Modified: data/CVE/list === --- data/CVE/list 2015-05-31 21:10:14 UTC (rev 34624) +++ data/CVE/list 2015-06-01 04:30:49 UTC (rev 34625) @@ -1915,7 +1915,7 @@ CVE-2015-3417 (Use-after-free vulnerability in the ff_h264_free_tables function in ...) - ffmpeg 7:2.6.1-1 [squeeze] - ffmpeg not-affected (Vulnerable code not present) - - libav unfixed + - libav 6:11.4-1 [wheezy] - libav not-affected (Vulnerable code not present) [squeeze] - libav not-affected (Vulnerable code not present) NOTE: https://github.com/FFmpeg/FFmpeg/commit/e8714f6f93d1a32f4e4655209960afcf4c185214 @@ -1939,7 +1939,7 @@ RESERVED - ffmpeg 7:2.6.2-1 [squeeze] - ffmpeg end-of-life (Not supported in Squeeze LTS) - - libav unfixed + - libav 6:11.4-1 - chromium-browser not-affected NOTE: Patch: https://github.com/FFmpeg/FFmpeg/commit/f7e1367f58263593e6cee3c282f7277d7ee9d553 NOTE: http://ffmpeg.org/security.html ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34629 - data/CVE
Author: carnil Date: 2015-06-01 05:33:19 + (Mon, 01 Jun 2015) New Revision: 34629 Modified: data/CVE/list Log: Add CVE-2015-3935/dolibarr Modified: data/CVE/list === --- data/CVE/list 2015-06-01 05:19:02 UTC (rev 34628) +++ data/CVE/list 2015-06-01 05:33:19 UTC (rev 34629) @@ -535,8 +535,12 @@ RESERVED CVE-2015-3936 RESERVED -CVE-2015-3935 +CVE-2015-3935 [HTML Injection] RESERVED + - dolibarr unfixed + NOTE: https://github.com/Dolibarr/dolibarr/issues/2857 + NOTE: https://github.com/GPCsolutions/dolibarr/commit/a7f6bbd316e9b96216e9b2c7a065c9251c9a8907 + TODO: check CVE-2015-3934 RESERVED CVE-2015-3933 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34605 - data/CVE
Author: alteholz Date: 2015-05-31 10:00:26 + (Sun, 31 May 2015) New Revision: 34605 Modified: data/CVE/list Log: libinfinity in Squeeze is not affected by CVE-2015-3886 Modified: data/CVE/list === --- data/CVE/list 2015-05-31 09:10:18 UTC (rev 34604) +++ data/CVE/list 2015-05-31 10:00:26 UTC (rev 34605) @@ -778,6 +778,7 @@ - libinfinity 0.6.6-1 (bug #783601) [jessie] - libinfinity no-dsa (Will be fixed through a point release update, cf. #786720) [wheezy] - libinfinity no-dsa (Can be fixed thorugh a point release update) + [squeeze] - libinfinity not-affected (vulnerable code not present) NOTE: https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706 NOTE: https://github.com/gobby/gobby/issues/61 NOTE: http://www.openwall.com/lists/oss-security/2015/05/12/1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34603 - in data: . CVE DSA
Author: jmm Date: 2015-05-31 08:52:57 + (Sun, 31 May 2015) New Revision: 34603 Modified: data/CVE/list data/DSA/list data/dsa-needed.txt Log: symfony DSA one linux no-dsa Modified: data/CVE/list === --- data/CVE/list 2015-05-31 08:39:51 UTC (rev 34602) +++ data/CVE/list 2015-05-31 08:52:57 UTC (rev 34603) @@ -2088,6 +2088,7 @@ CVE-2014-9717 [USERNS allows circumventing MNT_LOCKED] RESERVED - linux 4.0.2-1 + [jessie] - linux no-dsa (Too intrusive to backport) [wheezy] - linux not-affected (user namespaces known broken before 3.5, see kernel-sec info) - linux-2.6 not-affected (user namespaces known broken before 3.5, see kernel-sec info) NOTE: https://groups.google.com/forum/#!topic/linux.kernel/HnegnbXk0Vs Modified: data/DSA/list === --- data/DSA/list 2015-05-31 08:39:51 UTC (rev 34602) +++ data/DSA/list 2015-05-31 08:52:57 UTC (rev 34603) @@ -1,3 +1,6 @@ +[31 May 2015] DSA-3276-1 symfony - security update + {CVE-2015-4050} + [jessie] - symfony 2.3.21+dfsg-4+deb8u1 [31 May 2015] DSA-3269-2 postgresql-9.1 - regression update [wheezy] - postgresql-9.1 9.1.16-0+deb7u2 [30 May 2015] DSA-3275-1 fusionforge - security update Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2015-05-31 08:39:51 UTC (rev 34602) +++ data/dsa-needed.txt 2015-05-31 08:52:57 UTC (rev 34603) @@ -68,9 +68,6 @@ sqlite3/oldstable NOTE: for the issues in DSA-3252-1 (if backports are possible, need to be checked) -- -symfony (jmm) - taffit prepared a debdiff/upload --- tiff3 -- tomcat6 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34606 - data
Author: apo-guest Date: 2015-05-31 11:38:06 + (Sun, 31 May 2015) New Revision: 34606 Modified: data/embedded-code-copies Log: embedded-code-copies: Spring does not embed oscpack anymore Modified: data/embedded-code-copies === --- data/embedded-code-copies 2015-05-31 10:00:26 UTC (rev 34605) +++ data/embedded-code-copies 2015-05-31 11:38:06 UTC (rev 34606) @@ -2041,9 +2041,6 @@ - fceux unfixed (embed) NOTE: didn't check whether it's used -oscpack - - spring unfixed (embed) - hpiutil2 - spring unfixed (embed) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34610 - data
Author: carnil Date: 2015-05-31 13:22:56 + (Sun, 31 May 2015) New Revision: 34610 Modified: data/next-point-update.txt Log: Add CVE-2015-3420 for next jessie proposed update Modified: data/next-point-update.txt === --- data/next-point-update.txt 2015-05-31 13:21:43 UTC (rev 34609) +++ data/next-point-update.txt 2015-05-31 13:22:56 UTC (rev 34610) @@ -62,3 +62,5 @@ CVE-2015- [XSS in group administration] [jessie] - php-horde 5.2.1+debian0-2+deb8u1 NOTE: for #785364 +CVE-2015-3420 + [jessie] - dovecot 1:2.2.13-12~deb8u1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34609 - data/CVE
Author: carnil Date: 2015-05-31 13:21:43 + (Sun, 31 May 2015) New Revision: 34609 Modified: data/CVE/list Log: Mark CVE-2015-3420 as no-dsa Modified: data/CVE/list === --- data/CVE/list 2015-05-31 13:12:12 UTC (rev 34608) +++ data/CVE/list 2015-05-31 13:21:43 UTC (rev 34609) @@ -1820,6 +1820,8 @@ CVE-2015-3420 [SSL/TLS handshake failures leading to a crash of the login process] RESERVED - dovecot 1:2.2.13-12 (bug #783649) + [jessie] - dovecot no-dsa (Minor issue, can be fixed through a pu although introduced via security update) + [wheezy] - dovecot no-dsa (Minor issue, can be fixed through a pu although introduced via security update) NOTE: http://www.openwall.com/lists/oss-security/2015/04/26/3 NOTE: Patch: http://hg.dovecot.org/dovecot-2.2/rev/86f535375750 NOTE: Segfault reproducible if using openssl/1.0.2a-1 from sid. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34611 - data/CVE
Author: carnil Date: 2015-05-31 13:39:59 + (Sun, 31 May 2015) New Revision: 34611 Modified: data/CVE/list Log: CVE-2015-4082/attic assigned Modified: data/CVE/list === --- data/CVE/list 2015-05-31 13:22:56 UTC (rev 34610) +++ data/CVE/list 2015-05-31 13:39:59 UTC (rev 34611) @@ -114,8 +114,6 @@ TODO: check CVE-2015-4083 RESERVED -CVE-2015-4082 - RESERVED CVE-2015-4081 RESERVED CVE-2015-4080 @@ -171,11 +169,11 @@ - ruby-omniauth unfixed NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/26/11 TODO: check -CVE-2015- [encrypted backups attack] +CVE-2015-4082 [encrypted backups attack] - attic unfixed NOTE: https://github.com/jborg/attic/issues/271 NOTE: https://github.com/jborg/attic/commit/78f9ad1faba7193ca7f0acccbc13b1ff6ebf9072 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/05/25/3 + NOTE: http://www.openwall.com/lists/oss-security/2015/05/25/3 CVE-2015- [vulnerability in the kernel tty subsystem] - linux 3.13.4-1 - linux-2.6 removed ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r34608 - data/CVE
Author: carnil Date: 2015-05-31 13:12:12 + (Sun, 31 May 2015) New Revision: 34608 Modified: data/CVE/list Log: Add bug reference for jackrabbit, #787316 Modified: data/CVE/list === --- data/CVE/list 2015-05-31 13:11:09 UTC (rev 34607) +++ data/CVE/list 2015-05-31 13:12:12 UTC (rev 34608) @@ -6207,7 +6207,7 @@ RESERVED CVE-2015-1833 [Jackrabbit WebDAV bundle susceptible to XXE/XEE attack] RESERVED - - jackrabbit unfixed + - jackrabbit unfixed (bug #787316) NOTE: https://issues.apache.org/jira/browse/JCR-3883 CVE-2015-1832 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits