[Secure-testing-commits] r39401 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 20:42:06 + (Mon, 01 Feb 2016)
New Revision: 39401

Modified:
   data/CVE/list
Log:
Add CVE-2016-2048/python-django

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 18:47:44 UTC (rev 39400)
+++ data/CVE/list   2016-02-01 20:42:06 UTC (rev 39401)
@@ -181,6 +181,11 @@
TODO: check
 CVE-2016-2048
RESERVED
+   - python-django 
+   [jessie] - python-django  (Only affects 1.9)
+   [wheezy] - python-django  (Only affects 1.9)
+   [squeeze] - python-django  (Only affects 1.9)
+   NOTE: 
https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/
 CVE-2016-2046
RESERVED
 CVE-2016-2045


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39402 - bin

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 21:30:59 + (Mon, 01 Feb 2016)
New Revision: 39402

Modified:
   bin/tracker_service.py
Log:
Revert "temporarly disable data/json"

This reverts commit 8610b300608199e8be73ccda726f539fa217471b.

We tentatively reenable the json export after Seb's changes. Let's see
how it goes.

Modified: bin/tracker_service.py
===
--- bin/tracker_service.py  2016-02-01 20:42:06 UTC (rev 39401)
+++ bin/tracker_service.py  2016-02-01 21:30:59 UTC (rev 39402)
@@ -160,9 +160,7 @@
 self.register('data/funny-versions', self.page_data_funny_versions)
 self.register('data/fake-names', self.page_data_fake_names)
 self.register('data/pts/1', self.page_data_pts)
-# temorarly disabled on 2016-01-30 due to load on security-tracker
-# self.register('data/json', self.page_json)
-# --carnil
+self.register('data/json', self.page_json)
 self.register('debsecan/**', self.page_debsecan)
 self.register('data/report', self.page_report)
 self.register('style.css', self.page_style_css)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39403 - bin

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 21:47:10 + (Mon, 01 Feb 2016)
New Revision: 39403

Modified:
   bin/tracker_service.py
Log:
... and disable again

Modified: bin/tracker_service.py
===
--- bin/tracker_service.py  2016-02-01 21:30:59 UTC (rev 39402)
+++ bin/tracker_service.py  2016-02-01 21:47:10 UTC (rev 39403)
@@ -160,7 +160,8 @@
 self.register('data/funny-versions', self.page_data_funny_versions)
 self.register('data/fake-names', self.page_data_fake_names)
 self.register('data/pts/1', self.page_data_pts)
-self.register('data/json', self.page_json)
+# temorarly disabled on 2016-02-01 due to load on security-tracker
+#self.register('data/json', self.page_json)
 self.register('debsecan/**', self.page_debsecan)
 self.register('data/report', self.page_report)
 self.register('style.css', self.page_style_css)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39405 - data/CVE

2016-02-01 Thread Antoine Beaupré 
Author: anarcat
Date: 2016-02-01 22:20:54 + (Mon, 01 Feb 2016)
New Revision: 39405

Modified:
   data/CVE/list
Log:
fixup: add link to openssh thread to explain better

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 22:19:32 UTC (rev 39404)
+++ data/CVE/list   2016-02-01 22:20:54 UTC (rev 39405)
@@ -1106,6 +1106,7 @@
NOTE: 
https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034684.html
NOTE: Red Hat Bugzilla entry: 
https://bugzilla.redhat.com/show_bug.cgi?id=1298741
NOTE: vulnerability is partly due to 
/etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 
1:7.6+9 (wheezy and up)
+   NOTE: https://lists.debian.org/debian-lts/2016/01/msg00029.html
 CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH 
before 7.1p2 ...)
- openssh 1:7.1p2-1
[jessie] - openssh  (Vulnerable code not present; 
Introduced in OpenSSH 6.8)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39406 - bin

2016-02-01 Thread Sebastien Delafond 
Author: seb
Date: 2016-02-01 22:33:23 + (Mon, 01 Feb 2016)
New Revision: 39406

Modified:
   bin/tracker_service.py
Log:
[tracker_service] Crude caching mechanism for JSON API

  * once computed, keep the JSON data cached in memory for 5
minutes (default value) before regenerating it

  * at the very minimum we'll need to send along a Last-Modified header
exposing when the data was last generated

Modified: bin/tracker_service.py
===
--- bin/tracker_service.py  2016-02-01 22:20:54 UTC (rev 39405)
+++ bin/tracker_service.py  2016-02-01 22:33:23 UTC (rev 39406)
@@ -7,6 +7,7 @@
 import security_db
 from web_support import *
 import json
+from datetime import datetime
 
 if __name__ == "__main__":
 if len(sys.argv) not in (3, 5):
@@ -123,9 +124,13 @@
 determining the values of these factors, but the rating itself comes
 from a fully automated formula.''')
 
+json_generation_interval = 5 * 60 # in seconds
+
 def __init__(self, socket_name, db_name):
 webservice_base_class.__init__(self, socket_name)
 self.db = security_db.DB(db_name)
+self.json_data = None # the JSON dump itself
+self.json_timestamp = None # timestamp of JSON generation
 self.register('', self.page_home)
 self.register('*', self.page_object)
 self.register('redirect/*', self.page_redirect)
@@ -161,7 +166,7 @@
 self.register('data/fake-names', self.page_data_fake_names)
 self.register('data/pts/1', self.page_data_pts)
 # temorarly disabled on 2016-02-01 due to load on security-tracker
-#self.register('data/json', self.page_json)
+self.register('data/json', self.page_json)
 self.register('debsecan/**', self.page_debsecan)
 self.register('data/report', self.page_report)
 self.register('style.css', self.page_style_css)
@@ -1256,8 +1261,19 @@
 data.append('\n')
 return BinaryResult(''.join(data),'application/octet-stream')
 
-def page_json(self, path, params, url):
+def _get_json(self):
+"""Helper method handling basic caching of the JSON data, to avoid
+   overloading security-tracker.d.o. It'll return the cached
+   version of this data unless it's been generated more than
+   self.json_generation_interval seconds ago """
 
+if self.json_timestamp: # we've generated the JSON at least once
+delta = datetime.now() - self.json_timestamp
+if delta.total_seconds() <= self.json_generation_interval:
+# not expired yet, serve the cached data
+return self.json_data
+
+# if we reached here, the data has expired; let's regenerate it
 from collections import defaultdict
 packages = []
 issues = defaultdict(list)
@@ -1392,9 +1408,18 @@
 
 data[pkg][issue]=pkg_issue
 
-json_data = json.dumps(data, separators=(',', ':'))
-return BinaryResult(json_data,'application/octet-stream')
+# store the JSON dump in memory, and update the generation
+# timestamp before returning
+self.json_data = json.dumps(data, separators=(',', ':'))
+self.json_timestamp = datetime.now()
+return self.json_data
 
+def page_json(self, path, params, url):
+# FIXME: we want to send along a Last-Modified header, whose
+# value will be:
+#   self.json_timestamp.strftime("%a, %d %b %Y %H:%M:%S ") + TZ
+return BinaryResult(self._get_json(),'application/octet-stream')
+
 def page_debsecan(self, path, params, url):
 obj = '/'.join(path)
 data = self.db.getDebsecan(obj)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39404 - in data: . CVE

2016-02-01 Thread Antoine Beaupré 
Author: anarcat
Date: 2016-02-01 22:19:32 + (Mon, 01 Feb 2016)
New Revision: 39404

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
mark the openssh issue as solved, as with wheezy and jessie

it is not worth trying to reproduce it in squeeze if we disable untrusted 
connexions by default anyways

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 21:47:10 UTC (rev 39403)
+++ data/CVE/list   2016-02-01 22:19:32 UTC (rev 39404)
@@ -1099,13 +1099,13 @@
- openssh 
[jessie] - openssh  (Minor issue)
[wheezy] - openssh  (Minor issue)
+   [squeeze] - openssh  (Minor issue)
NOTE: Upstream commit: 
https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
NOTE: which needs to be applied after: 
https://anongit.mindrot.org/openssh.git/commit/?id=f98a09cacff7baad8748c9aa217afd155a4d493f
NOTE: Background information on X11 SECURITY extension and SSH: 
https://thejh.net/written-stuff/openssh-6.8-xsecurity
NOTE: 
https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034684.html
NOTE: Red Hat Bugzilla entry: 
https://bugzilla.redhat.com/show_bug.cgi?id=1298741
NOTE: vulnerability is partly due to 
/etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 
1:7.6+9 (wheezy and up)
-   TODO: check if squeeze is vulnerable
 CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH 
before 7.1p2 ...)
- openssh 1:7.1p2-1
[jessie] - openssh  (Vulnerable code not present; 
Introduced in OpenSSH 6.8)

Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-02-01 21:47:10 UTC (rev 39403)
+++ data/dla-needed.txt 2016-02-01 22:19:32 UTC (rev 39404)
@@ -65,8 +65,6 @@
 --
 openjdk-6 (Markus Koschany)
 --
-openssh (Guido Günther)
---
 php5 (Thorsten Alteholz)
   NOTE: next upload end of December
 --


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39389 - data/CVE

2016-02-01 Thread security tracker role 
Author: sectracker
Date: 2016-02-01 09:10:15 + (Mon, 01 Feb 2016)
New Revision: 39389

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===
--- data/CVE/list   2016-01-31 21:30:33 UTC (rev 39388)
+++ data/CVE/list   2016-02-01 09:10:15 UTC (rev 39389)
@@ -4569,7 +4569,7 @@
 CVE-2016-0617
RESERVED
 CVE-2016-0616 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier 
and ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6  (Only affects MySQL 5.5)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
@@ -4593,13 +4593,13 @@
[jessie] - mariadb-10.0 10.0.22-0+deb8u1
NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0609 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 
5.6.27 ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0608 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 
5.6.27 ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
@@ -4609,7 +4609,7 @@
- mysql-5.5  (Only affects MySQL 5.6)
NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0606 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 
5.6.27 ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
@@ -4630,7 +4630,7 @@
- mysql-5.5  (Only affects MySQL 5.7)
NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0600 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 
5.6.27 ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
@@ -4640,19 +4640,19 @@
- mysql-5.5  (Only affects MySQL 5.7)
NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0598 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 
5.6.27 ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0597 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 
5.6.27 ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixMSQL
 CVE-2016-0596 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier 
and ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
@@ -4763,7 +4763,7 @@
 CVE-2016-0547 (Unspecified vulnerability in the Oracle E-Business Intelligence 
...)
TODO: check
 CVE-2016-0546 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 
5.6.27 ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1
@@ -4849,7 +4849,7 @@
 CVE-2016-0506 (Unspecified vulnerability in the Oracle Retail Order Management 
System ...)
TODO: check
 CVE-2016-0505 (Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 
5.6.27 ...)
-   {DSA-3459-1 DSA-3453-1}
+   {DSA-3459-1 DSA-3453-1 DLA-409-1}
- mysql-5.6 5.6.28-1 (bug #811443)
- mysql-5.5  (bug #811428)
- mariadb-10.0 10.0.23-1


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39408 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-02 07:59:13 + (Tue, 02 Feb 2016)
New Revision: 39408

Modified:
   data/CVE/list
Log:
Add bug reference for CVE-2016-2048/python-django

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-02 06:01:32 UTC (rev 39407)
+++ data/CVE/list   2016-02-02 07:59:13 UTC (rev 39408)
@@ -181,7 +181,7 @@
TODO: check
 CVE-2016-2048
RESERVED
-   - python-django 
+   - python-django  (bug #813448)
[jessie] - python-django  (Only affects 1.9)
[wheezy] - python-django  (Only affects 1.9)
[squeeze] - python-django  (Only affects 1.9)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39397 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 18:45:44 + (Mon, 01 Feb 2016)
New Revision: 39397

Modified:
   data/CVE/list
Log:
Add another php5 issue

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 18:11:07 UTC (rev 39396)
+++ data/CVE/list   2016-02-01 18:45:44 UTC (rev 39397)
@@ -4,6 +4,11 @@
 CVE-2016- [Socat security advisory 7 - Created new 2048bit DH modulus]
- socat 
NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/01/4
+CVE-2015- [Type Confusion Vulnerability in PHP_to_XMLRPC_worker()]
+   - php5 5.6.17+dfsg-1
+   [jessie] - 5.6.17+dfsg-0+deb8u1
+   NOTE: 
http://git.php.net/?p=php-src.git;a=commit;h=f3c1863aa2721343245b63ac7bd68cfdc3dd41f3
+   NOTE: https://bugs.php.net/bug.php?id=70728
 CVE-2015- [Session WDDX Packet Deserialization Type Confusion 
Vulnerability]
- php5 5.6.17+dfsg-1
[jessie] - 5.6.17+dfsg-0+deb8u1


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39398 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 18:46:43 + (Mon, 01 Feb 2016)
New Revision: 39398

Modified:
   data/CVE/list
Log:
Remove TODO item from one CVE entry

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 18:45:44 UTC (rev 39397)
+++ data/CVE/list   2016-02-01 18:46:43 UTC (rev 39398)
@@ -707,7 +707,6 @@
- php5.6 5.6.17+dfsg-1
- php7.0 7.0.2-1
NOTE: https://bugs.php.net/bug.php?id=70976
-   TODO: check
 CVE-2016-1901 (Integer overflow in the authenticate_post function in CGit 
before 0.12 ...)
- cgit  (bug #812411)
NOTE: 
http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763 
(v0.12)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39399 - data

2016-02-01 Thread Sebastien Delafond 
Author: seb
Date: 2016-02-01 18:47:19 + (Mon, 01 Feb 2016)
New Revision: 39399

Modified:
   data/dsa-needed.txt
Log:
[dsa-needed] Update on CVE-2015-5291 (polarssl) status

Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2016-02-01 18:46:43 UTC (rev 39398)
+++ data/dsa-needed.txt 2016-02-01 18:47:19 UTC (rev 39399)
@@ -62,7 +62,9 @@
 pdns/oldstable
 --
 polarssl (seb)
-  Guido Günther prepared an update for CVE-2015-5291
+  Guido Günther prepared an update for CVE-2015-5291 for wheezy. He
+  and I will look into also fixing jessie by the end of this week
+  (2016-02-05)
 --
 qemu (seb)
   mjt prepared updates for wheezy- and jessie-security


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39400 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 18:47:44 + (Mon, 01 Feb 2016)
New Revision: 39400

Modified:
   data/CVE/list
Log:
Add commit reference for one php5 issue

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 18:47:19 UTC (rev 39399)
+++ data/CVE/list   2016-02-01 18:47:44 UTC (rev 39400)
@@ -707,6 +707,7 @@
- php5.6 5.6.17+dfsg-1
- php7.0 7.0.2-1
NOTE: https://bugs.php.net/bug.php?id=70976
+   NOTE: 
https://git.php.net/?p=php-src.git;a=commit;h=4b8394dd78571826ac66a69dc240c623f31d78f8
 CVE-2016-1901 (Integer overflow in the authenticate_post function in CGit 
before 0.12 ...)
- cgit  (bug #812411)
NOTE: 
http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763 
(v0.12)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39391 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 15:51:26 + (Mon, 01 Feb 2016)
New Revision: 39391

Modified:
   data/CVE/list
Log:
Add CVE-2015-8789/libebml

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 15:48:44 UTC (rev 39390)
+++ data/CVE/list   2016-02-01 15:51:26 UTC (rev 39391)
@@ -37,6 +37,10 @@
RESERVED
 CVE-2016-2086
RESERVED
+CVE-2015-8789 [Use-after-free vulnerability in the EbmlMaster::Read function]
+   - libebml 1.3.3-1
+   NOTE: 
http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
+   NOTE: 
https://github.com/Matroska-Org/libebml/commit/88409e2a94dd3b40ff81d08bf6d92f486d036b24
 CVE-2015-8788
RESERVED
 CVE-2016-2091 [an out of bound read is found in libdwarf]


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39392 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 15:53:30 + (Mon, 01 Feb 2016)
New Revision: 39392

Modified:
   data/CVE/list
Log:
Add CVE-2015-8792/libmatroska

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 15:51:26 UTC (rev 39391)
+++ data/CVE/list   2016-02-01 15:53:30 UTC (rev 39392)
@@ -37,6 +37,10 @@
RESERVED
 CVE-2016-2086
RESERVED
+CVE-2015-8792 [Out-of-bounds heap read in KaxInternalBlock::ReadData()]
+   - libmatroska 1.4.4-1
+   NOTE: 
http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html
+   NOTE: 
https://github.com/Matroska-Org/libmatroska/commit/0a2d3e3644a7453b6513db2f9bc270f77943573f
 CVE-2015-8789 [Use-after-free vulnerability in the EbmlMaster::Read function]
- libebml 1.3.3-1
NOTE: 
http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39390 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 15:48:44 + (Mon, 01 Feb 2016)
New Revision: 39390

Modified:
   data/CVE/list
Log:
Add two socat issues

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 09:10:15 UTC (rev 39389)
+++ data/CVE/list   2016-02-01 15:48:44 UTC (rev 39390)
@@ -1,3 +1,9 @@
+CVE-2016- [Socat security advisory 8 - Stack overflow in parser]
+   - socat 
+   NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/01/5
+CVE-2016- [Socat security advisory 7 - Created new 2048bit DH modulus]
+   - socat 
+   NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/01/4
 CVE-2015- [php5: fpm_log.c memory leak and buffer overflow]
- php5 5.6.17+dfsg-1
[jessie] - 5.6.17+dfsg-0+deb8u1


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39393 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 15:56:54 + (Mon, 01 Feb 2016)
New Revision: 39393

Modified:
   data/CVE/list
Log:
Add use-after-free issue in php5

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 15:53:30 UTC (rev 39392)
+++ data/CVE/list   2016-02-01 15:56:54 UTC (rev 39393)
@@ -4,6 +4,11 @@
 CVE-2016- [Socat security advisory 7 - Created new 2048bit DH modulus]
- socat 
NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/01/4
+CVE-2015- [Use-after-free in WDDX Packet Deserialization]
+   - php5 5.6.17+dfsg-1
+   [jessie] - 5.6.17+dfsg-0+deb8u1
+   NOTE: 
https://git.php.net/?p=php-src.git;a=commit;h=366f9505a4aae98ef2f4ca39a838f628a324b746
+   NOTE: https://bugs.php.net/bug.php?id=70661
 CVE-2015- [php5: fpm_log.c memory leak and buffer overflow]
- php5 5.6.17+dfsg-1
[jessie] - 5.6.17+dfsg-0+deb8u1


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39394 - data/CVE

2016-02-01 Thread Salvatore Bonaccorso 
Author: carnil
Date: 2016-02-01 15:58:26 + (Mon, 01 Feb 2016)
New Revision: 39394

Modified:
   data/CVE/list
Log:
Add another issue in php5, fixed in 5.6.17 already

Modified: data/CVE/list
===
--- data/CVE/list   2016-02-01 15:56:54 UTC (rev 39393)
+++ data/CVE/list   2016-02-01 15:58:26 UTC (rev 39394)
@@ -4,6 +4,11 @@
 CVE-2016- [Socat security advisory 7 - Created new 2048bit DH modulus]
- socat 
NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/02/01/4
+CVE-2015- [Session WDDX Packet Deserialization Type Confusion 
Vulnerability]
+   - php5 5.6.17+dfsg-1
+   [jessie] - 5.6.17+dfsg-0+deb8u1
+   NOTE: 
https://git.php.net/?p=php-src.git;a=commit;h=1785d2b805f64eaaacf98c14c9e13107bf085ab1
+   NOTE: https://bugs.php.net/bug.php?id=70741
 CVE-2015- [Use-after-free in WDDX Packet Deserialization]
- php5 5.6.17+dfsg-1
[jessie] - 5.6.17+dfsg-0+deb8u1


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39395 - org

2016-02-01 Thread Markus Koschany 
Author: apo-guest
Date: 2016-02-01 18:05:20 + (Mon, 01 Feb 2016)
New Revision: 39395

Modified:
   org/lts-frontdesk.2016.txt
Log:
Add myself to lts frontdesk in April 2016.


Modified: org/lts-frontdesk.2016.txt
===
--- org/lts-frontdesk.2016.txt  2016-02-01 15:58:26 UTC (rev 39394)
+++ org/lts-frontdesk.2016.txt  2016-02-01 18:05:20 UTC (rev 39395)
@@ -25,7 +25,7 @@
 From 21-03 to 27-03:Antoine Beaupré 
 From 28-03 to 03-04:Santiago Ruano Rincón 
 From 04-04 to 10-04:
-From 11-04 to 17-04:
+From 11-04 to 17-04:Markus Koschany 
 From 18-04 to 24-04:
 From 25-04 to 01-05:
 From 02-05 to 08-05:


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39396 - data

2016-02-01 Thread Markus Koschany 
Author: apo-guest
Date: 2016-02-01 18:11:07 + (Mon, 01 Feb 2016)
New Revision: 39396

Modified:
   data/dla-needed.txt
Log:
Claim openjdk-6 in dla-needed.txt

Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-02-01 18:05:20 UTC (rev 39395)
+++ data/dla-needed.txt 2016-02-01 18:11:07 UTC (rev 39396)
@@ -63,7 +63,7 @@
 ntp
   NOTE: maybe maintainer wants to upload package (as done before)
 --
-openjdk-6
+openjdk-6 (Markus Koschany)
 --
 openssh (Guido Günther)
 --


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits