[Secure-testing-commits] r42283 - data/CVE
Author: carnil Date: 2016-06-03 05:28:57 + (Fri, 03 Jun 2016) New Revision: 42283 Modified: data/CVE/list Log: Remove not needed todo for CVE-2016-2318 Modified: data/CVE/list === --- data/CVE/list 2016-06-03 05:28:21 UTC (rev 42282) +++ data/CVE/list 2016-06-03 05:28:57 UTC (rev 42283) @@ -8500,7 +8500,6 @@ {DLA-484-1} - graphicsmagick 1.3.24-1 (bug #814732) NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/e797bb0aec31 - TODO: check other versions (newest 1.3.23 is vulnerable according to reporter) CVE-2016-2317 RESERVED {DLA-484-1} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42282 - data/CVE
Author: carnil Date: 2016-06-03 05:28:21 + (Fri, 03 Jun 2016) New Revision: 42282 Modified: data/CVE/list Log: Add fixed version for CVE-2016-2318 Modified: data/CVE/list === --- data/CVE/list 2016-06-03 05:17:11 UTC (rev 42281) +++ data/CVE/list 2016-06-03 05:28:21 UTC (rev 42282) @@ -8498,7 +8498,7 @@ CVE-2016-2318 RESERVED {DLA-484-1} - - graphicsmagick (bug #814732) + - graphicsmagick 1.3.24-1 (bug #814732) NOTE: FIX http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/e797bb0aec31 TODO: check other versions (newest 1.3.23 is vulnerable according to reporter) CVE-2016-2317 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42281 - data/CVE
Author: carnil Date: 2016-06-03 05:17:11 + (Fri, 03 Jun 2016) New Revision: 42281 Modified: data/CVE/list Log: Add two more CVEs for graphicsmagick Modified: data/CVE/list === --- data/CVE/list 2016-06-03 04:41:07 UTC (rev 42280) +++ data/CVE/list 2016-06-03 05:17:11 UTC (rev 42281) @@ -1,3 +1,9 @@ +CVE-2016-5241 + - graphicsmagick 1.3.24-1 + NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/8d175c4edfe7 +CVE-2016-5240 + - graphicsmagick 1.3.24-1 + NOTE: Fixed by: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ddc999ec896c CVE-2016-5237 RESERVED CVE-2016-5236 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42280 - data/CVE
Author: carnil Date: 2016-06-03 04:41:07 + (Fri, 03 Jun 2016) New Revision: 42280 Modified: data/CVE/list Log: Add new chromium-browser issues Modified: data/CVE/list === --- data/CVE/list 2016-06-03 04:38:31 UTC (rev 42279) +++ data/CVE/list 2016-06-03 04:41:07 UTC (rev 42280) @@ -10722,18 +10722,32 @@ RESERVED CVE-2016-1702 RESERVED + - chromium-browser 51.0.2704.79-1 + [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2016-1701 RESERVED + - chromium-browser 51.0.2704.79-1 + [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2016-1700 RESERVED + - chromium-browser 51.0.2704.79-1 + [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2016-1699 RESERVED + - chromium-browser 51.0.2704.79-1 + [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2016-1698 RESERVED + - chromium-browser 51.0.2704.79-1 + [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2016-1697 RESERVED + - chromium-browser 51.0.2704.79-1 + [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2016-1696 RESERVED + - chromium-browser 51.0.2704.79-1 + [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2016-1695 RESERVED {DSA-3590-1} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42279 - data/CVE
Author: carnil Date: 2016-06-03 04:38:31 + (Fri, 03 Jun 2016) New Revision: 42279 Modified: data/CVE/list Log: CVE-2014-2656 is rejected Modified: data/CVE/list === --- data/CVE/list 2016-06-02 22:01:32 UTC (rev 42278) +++ data/CVE/list 2016-06-03 04:38:31 UTC (rev 42279) @@ -59805,9 +59805,8 @@ [squeeze] - mediawiki NOTE: https://bugzilla.wikimedia.org/show_bug.cgi?id=62497 NOTE: http://lists.wikimedia.org/pipermail/mediawiki-announce/2014-March/000145.html -CVE-2014-2656 [arbitrary insertions of malicious data within cube parameter] +CVE-2014-2656 REJECTED - NOT-FOR-US: Hypercube CVE-2014-2655 (SQL injection vulnerability in the gen_show_status function in ...) {DSA-2889-1} - postfixadmin 2.3.5-3 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42278 - data
Author: opal Date: 2016-06-02 22:01:32 + (Thu, 02 Jun 2016) New Revision: 42278 Modified: data/dla-needed.txt Log: Claim nss. Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-02 21:10:08 UTC (rev 42277) +++ data/dla-needed.txt 2016-06-02 22:01:32 UTC (rev 42278) @@ -54,7 +54,7 @@ -- mxml -- -nss +nss (Ola Lundqvist) -- ntp (Santiago R.R.) NOTE: maintainer would like help working on the updates but will handle the updates himself @@ -86,7 +86,6 @@ NOTE: regression update required for #821811, patches available -- squid - Q: Should we give security support when there is a squid3 package in wheezy? -- tardiff fw asked maintainer for preparing debdiffs for wheezy- and jessie-security ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42277 - data/CVE
Author: sectracker Date: 2016-06-02 21:10:08 + (Thu, 02 Jun 2016) New Revision: 42277 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2016-06-02 20:58:37 UTC (rev 42276) +++ data/CVE/list 2016-06-02 21:10:08 UTC (rev 42277) @@ -1,3 +1,11 @@ +CVE-2016-5237 + RESERVED +CVE-2016-5236 + RESERVED +CVE-2016-5235 + RESERVED +CVE-2014-9803 + RESERVED CVE-2014-9804 [Avoid a DOS in vision.c due to an infinite loop] - imagemagick 8:6.8.9.9-4 (bug #773834) CVE-2014-9805 [Avoid a SEGV due to a corrupted pnm file] @@ -345,6 +353,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231 TODO: check versions CVE-2015-8896 [integer truncation issue] + {DLA-353-1} - imagemagick 8:6.8.9.9-7 (bug #806441) [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 @@ -353,6 +362,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2 NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4 CVE-2015-8895 [pict/icon processing issues: Integer and Buffer overflow in coders/icon.c] + {DLA-353-1} - imagemagick 8:6.8.9.9-7 (bug #806441) [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 @@ -475,8 +485,7 @@ RESERVED CVE-2015-8881 RESERVED -CVE-2016-5126 [block: iscsi: buffer overflow in iscsi_aio_ioctl] - RESERVED +CVE-2016-5126 (Heap-based buffer overflow in the iscsi_aio_ioctl function in ...) - qemu (bug #826151) [wheezy] - qemu (Vulnerable code not present) - qemu-kvm @@ -1033,8 +1042,7 @@ RESERVED CVE-2016-4946 RESERVED -CVE-2016-4945 - RESERVED +CVE-2016-4945 (Cross-site scripting (XSS) vulnerability in ...) NOT-FOR-US: Citrix NetScaler Gateway CVE-2015-8880 (Double free vulnerability in the format printer in PHP 7.x before ...) - php7.0 7.0.1-1 @@ -1358,8 +1366,7 @@ RESERVED CVE-2016-4811 RESERVED -CVE-2016-4810 - RESERVED +CVE-2016-4810 (Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR ...) NOT-FOR-US: Citrix CVE-2016-4913 (The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux ...) - linux 4.5.4-1 @@ -2095,8 +2102,8 @@ NOT-FOR-US: Environmental Systems Corporation CVE-2016-4501 (Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and ...) NOT-FOR-US: Environmental Systems Corporation -CVE-2016-4500 - RESERVED +CVE-2016-4500 (Moxa UC-7408 LX-Plus devices allow remote authenticated users to write ...) + TODO: check CVE-2016-4499 (Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x ...) NOT-FOR-US: Panasonic FPWIN Pro CVE-2016-4498 (Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an ...) @@ -2351,8 +2358,7 @@ CVE-2016-4455 RESERVED NOT-FOR-US: Red Hat Subscription Manager -CVE-2016-4454 [display: vmsvga: out-of-bounds read in vmsvga_fifo_read_raw() routine] - RESERVED +CVE-2016-4454 (The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU ...) - qemu [jessie] - qemu (Minor issue) [wheezy] - qemu (Minor issue) @@ -2360,8 +2366,7 @@ [wheezy] - qemu-kvm (Minor issue) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1336429 -CVE-2016-4453 [display: vmsvga: infinite loop in vmsvga_fifo_run()] - RESERVED +CVE-2016-4453 (The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows ...) - qemu [jessie] - qemu (Minor issue) [wheezy] - qemu (Minor issue) @@ -2381,6 +2386,7 @@ [wheezy] - nginx (Introduced in 1.3.9) CVE-2016-4449 RESERVED + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=761430 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5 (v2.9.4) @@ -2395,6 +2401,7 @@ TODO: check versions, applying the two commits quite intrusive CVE-2016-4447 RESERVED + {DSA-3593-1} - libxml2 2.9.3+dfsg1-1.1 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759573 NOTE: https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83 (v2.9.4) @@ -2446,8 +2453,7 @@ [jessie] - tika (Minor issue, no standard alone package, just a reverse dependency of jmeter) CVE-2016-4433 RESERVED -CVE-2016-4432 - RESERVED +CVE-2016-4432 (The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid ...) NOT-FOR-US: Apache Qpid Java Broker CVE-2016-4431 RESERVED @@ -2471,8 +2477,7 @@
[Secure-testing-commits] r42276 - data
Author: apo Date: 2016-06-02 20:58:37 + (Thu, 02 Jun 2016) New Revision: 42276 Modified: data/dla-needed.txt Log: Take libxstream-java in dla-needed.txt as requested. Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-02 20:27:47 UTC (rev 42275) +++ data/dla-needed.txt 2016-06-02 20:58:37 UTC (rev 42276) @@ -45,9 +45,10 @@ -- libxslt (Emilio Pozuelo) -- -libxstream-java (jmm) +libxstream-java (Markus Koschany) Emmanuel Bourg proposed debdiff for both wheezy- and jessie-security waiting an additional to solicit regression feedback from change in sid + NOTE: https://lists.debian.org/debian-lts/2016/06/msg00020.html -- linux -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42275 - data
Author: carnil Date: 2016-06-02 20:27:47 + (Thu, 02 Jun 2016) New Revision: 42275 Modified: data/dla-needed.txt Log: Add note for libxml2 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-02 20:19:57 UTC (rev 42274) +++ data/dla-needed.txt 2016-06-02 20:27:47 UTC (rev 42275) @@ -39,9 +39,9 @@ content-disposition stuff might be. -- libxml2 - NOTE: 20160226, no fix available yet NOTE: carnil is looking in partially triaging the libxml2 issues as well for wheezy NOTE: and publish preliminary work on https://people.debian.org/~carnil/tmp/libxml2/wheezy + NOTE: Waiting for user feedback, before DLA release -- libxslt (Emilio Pozuelo) -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42274 - data/CVE
Author: carnil Date: 2016-06-02 20:19:57 + (Thu, 02 Jun 2016) New Revision: 42274 Modified: data/CVE/list Log: Remove no-dsa tags for one CVE which will be included in DSA/DLA Modified: data/CVE/list === --- data/CVE/list 2016-06-02 20:02:12 UTC (rev 42273) +++ data/CVE/list 2016-06-02 20:19:57 UTC (rev 42274) @@ -2502,8 +2502,7 @@ CVE-2016-4483 RESERVED - libxml2 2.9.3+dfsg1-1.1 (bug #823405) - [jessie] - libxml2 (Minor issue, only when using libxml2 using recovery mode) - [wheezy] - libxml2 (Minor issue, only when using libxml2 using recovery mode) + NOTE: Minor issue, only when using libxml2 using recovery mode NOTE: https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd (v2.9.4) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=766414 CVE-2016-4477 (wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42273 - in data: . DSA
Author: carnil Date: 2016-06-02 20:02:12 + (Thu, 02 Jun 2016) New Revision: 42273 Modified: data/DSA/list data/dsa-needed.txt Log: Reserve DSA number for libxml2 update for jessie Modified: data/DSA/list === --- data/DSA/list 2016-06-02 19:56:01 UTC (rev 42272) +++ data/DSA/list 2016-06-02 20:02:12 UTC (rev 42273) @@ -1,3 +1,6 @@ +[02 Jun 2016] DSA-3593-1 libxml2 - security update + {CVE-2015-8806 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2073 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4449 CVE-2016-4483} + [jessie] - libxml2 2.9.1+dfsg1-5+deb8u2 [01 Jun 2016] DSA-3592-1 nginx - security update {CVE-2016-4450} [jessie] - nginx 1.6.2-5+deb8u2 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2016-06-02 19:56:01 UTC (rev 42272) +++ data/dsa-needed.txt 2016-06-02 20:02:12 UTC (rev 42273) @@ -22,9 +22,6 @@ Maintainer proposed debdiff, but first wait a bit for the upload in unstable to be tested/exposed for possible regressions. -- -libxml2 (carnil) - NOTE: https://people.debian.org/~carnil/tmp/libxml2/jessie/ --- linux -- mariadb-10.0 (carnil) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42272 - data/CVE
Author: carnil Date: 2016-06-02 19:56:01 + (Thu, 02 Jun 2016) New Revision: 42272 Modified: data/CVE/list Log: Update information for CVE-2015-889{7,8} Modified: data/CVE/list === --- data/CVE/list 2016-06-02 19:49:33 UTC (rev 42271) +++ data/CVE/list 2016-06-02 19:56:01 UTC (rev 42272) @@ -331,12 +331,16 @@ CVE-2016-5127 RESERVED CVE-2015-8898 [Prevent null pointer access in magick/constitute.c] - - imagemagick + - imagemagick 8:6.8.9.9-7 + [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 + [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 NOTE: https://github.com/ImageMagick/ImageMagick/pull/34 NOTE: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44 TODO: check versions CVE-2015-8897 [Out of bounds error in SpliceImage] - imagemagick 8:6.8.9.9-7 + [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 + [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3=28466 NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231 TODO: check versions ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42271 - data/CVE
Author: carnil Date: 2016-06-02 19:49:33 + (Thu, 02 Jun 2016) New Revision: 42271 Modified: data/CVE/list Log: Add fixed version for CVE-2015-8897 Modified: data/CVE/list === --- data/CVE/list 2016-06-02 19:43:33 UTC (rev 42270) +++ data/CVE/list 2016-06-02 19:49:33 UTC (rev 42271) @@ -336,7 +336,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44 TODO: check versions CVE-2015-8897 [Out of bounds error in SpliceImage] - - imagemagick + - imagemagick 8:6.8.9.9-7 NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3=28466 NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231 TODO: check versions ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42269 - data/CVE
Author: carnil Date: 2016-06-02 19:24:26 + (Thu, 02 Jun 2016) New Revision: 42269 Modified: data/CVE/list Log: Add CVE-2015-889{7,8}/imagemagick Modified: data/CVE/list === --- data/CVE/list 2016-06-02 19:22:06 UTC (rev 42268) +++ data/CVE/list 2016-06-02 19:24:26 UTC (rev 42269) @@ -330,6 +330,16 @@ RESERVED CVE-2016-5127 RESERVED +CVE-2015-8898 [Prevent null pointer access in magick/constitute.c] + - imagemagick + NOTE: https://github.com/ImageMagick/ImageMagick/pull/34 + NOTE: https://github.com/ImageMagick/ImageMagick/commit/5b4bebaa91849c592a8448bc353ab25a54ff8c44 + TODO: check versions +CVE-2015-8897 [Out of bounds error in SpliceImage] + - imagemagick + NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3=28466 + NOTE: https://github.com/ImageMagick/ImageMagick/commit/7b1cf5784b5bcd85aa9293ecf56769f68c037231 + TODO: check versions CVE-2015-8896 [integer truncation issue] - imagemagick 8:6.8.9.9-7 (bug #806441) [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42268 - data/CVE
Author: carnil Date: 2016-06-02 19:22:06 + (Thu, 02 Jun 2016) New Revision: 42268 Modified: data/CVE/list Log: Fix typo in note Modified: data/CVE/list === --- data/CVE/list 2016-06-02 19:21:55 UTC (rev 42267) +++ data/CVE/list 2016-06-02 19:22:06 UTC (rev 42268) @@ -4372,7 +4372,7 @@ NOTE: Original upstream applied patches are incomplete and still to be finished NOTE: https://imagetragick.com/ NOTE: notice how the workaround differs between the three refs above - NOTE: PLT formmat removed with: https://github.com/ImageMagick/ImageMagick/commit/e87116ab2bd070c47943d4118a18c8f3a47461e2 + NOTE: PLT format removed with: https://github.com/ImageMagick/ImageMagick/commit/e87116ab2bd070c47943d4118a18c8f3a47461e2 - graphicsmagick 1.3.24-1 NOTE: https://sourceforge.net/p/graphicsmagick/mailman/message/35072963/ NOTE: https://sourceforge.net/p/graphicsmagick/code/ci/45998a25992d1142df201d8cf024b6c948b40748/ ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42267 - in data: CVE DLA DSA
Author: carnil Date: 2016-06-02 19:21:55 + (Thu, 02 Jun 2016) New Revision: 42267 Modified: data/CVE/list data/DLA/list data/DSA/list Log: Add CVE-2016-5239 Modified: data/CVE/list === --- data/CVE/list 2016-06-02 19:09:07 UTC (rev 42266) +++ data/CVE/list 2016-06-02 19:21:55 UTC (rev 42267) @@ -104,6 +104,11 @@ - mat (bug #826101) NOTE: https://labs.riseup.net/code/issues/11067 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/06/02/5 +CVE-2016-5239 [mageMagick,GraphicsMagick: Gnuplot delegate vulnerability allowing command injection] + {DSA-3580-1 DLA-486-1 DLA-484-1} + - graphicsmagick 1.3.24-1 + - imagemagick + NOTE: http://git.imagemagick.org/repos/ImageMagick/commit/70a2cf326ed32bedee144b961005c63846541a16 CVE-2016-5238 [scsi: esp: OOB write when using non-DMA mode in get_cmd] - qemu (bug #826152) - qemu-kvm Modified: data/DLA/list === --- data/DLA/list 2016-06-02 19:09:07 UTC (rev 42266) +++ data/DLA/list 2016-06-02 19:21:55 UTC (rev 42267) @@ -46,13 +46,13 @@ [25 May 2016] DLA-487-1 debian-security-support - Long term security support update [wheezy] - debian-security-support 2016.05.24~deb7u1 [23 May 2016] DLA-486-1 imagemagick - security update - {CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718} + {CVE-2016-5239 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718} [wheezy] - imagemagick 8:6.7.7.10-5+deb7u5 [22 May 2016] DLA-485-1 extplorer - security update {CVE-2015-5660} [wheezy] - extplorer 2.1.0b6+dfsg.3-4+deb7u3 [21 May 2016] DLA-484-1 graphicsmagick - security update - {CVE-2015-8808 CVE-2016-2317 CVE-2016-2318 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718} + {CVE-2016-5239 CVE-2015-8808 CVE-2016-2317 CVE-2016-2318 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718} [wheezy] - graphicsmagick 1.3.16-1.1+deb7u1 [19 May 2016] DLA-483-1 expat - security update {CVE-2016-0718} Modified: data/DSA/list === --- data/DSA/list 2016-06-02 19:09:07 UTC (rev 42266) +++ data/DSA/list 2016-06-02 19:21:55 UTC (rev 42267) @@ -35,7 +35,7 @@ {CVE-2016-3698} [jessie] - libndp 1.4-2+deb8u1 [16 May 2016] DSA-3580-1 imagemagick - security update - {CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718} + {CVE-2016-5239 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718} [jessie] - imagemagick 8:6.8.9.9-5+deb8u2 [16 May 2016] DSA-3579-1 xerces-c - security update {CVE-2016-2099} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42266 - in data: CVE DLA
Author: carnil Date: 2016-06-02 19:09:07 + (Thu, 02 Jun 2016) New Revision: 42266 Modified: data/CVE/list data/DLA/list Log: Add CVEs for cross reference for DLA-353-1 Modified: data/CVE/list === --- data/CVE/list 2016-06-02 19:07:25 UTC (rev 42265) +++ data/CVE/list 2016-06-02 19:09:07 UTC (rev 42266) @@ -329,8 +329,6 @@ - imagemagick 8:6.8.9.9-7 (bug #806441) [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 - [squeeze] - imagemagick 8:6.6.0.4-3+squeeze7 - NOTE: workaround entry for DLA-353-1 until/if CVE assigned NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803 NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2 @@ -339,8 +337,6 @@ - imagemagick 8:6.8.9.9-7 (bug #806441) [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 - [squeeze] - imagemagick 8:6.6.0.4-3+squeeze7 - NOTE: workaround entry for DLA-353-1 until/if CVE assigned NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747 NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2 Modified: data/DLA/list === --- data/DLA/list 2016-06-02 19:07:25 UTC (rev 42265) +++ data/DLA/list 2016-06-02 19:09:07 UTC (rev 42266) @@ -451,6 +451,7 @@ {CVE-2015-7181 CVE-2015-7182} [squeeze] - nss 3.12.8-1+squeeze13 [27 Nov 2015] DLA-353-1 imagemagick - security update + {CVE-2015-8896 CVE-2015-8895} [squeeze] - imagemagick 8:6.6.0.4-3+squeeze7 [26 Nov 2015] DLA-352-1 libcommons-collections3-java - security update [squeeze] - libcommons-collections3-java 3.2.1-4+deb6u1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42265 - data/CVE
Author: carnil Date: 2016-06-02 19:07:25 + (Thu, 02 Jun 2016) New Revision: 42265 Modified: data/CVE/list Log: CVE-2015-889{4,5,6} assigned Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:55:14 UTC (rev 42264) +++ data/CVE/list 2016-06-02 19:07:25 UTC (rev 42265) @@ -325,6 +325,37 @@ RESERVED CVE-2016-5127 RESERVED +CVE-2015-8896 [integer truncation issue] + - imagemagick 8:6.8.9.9-7 (bug #806441) + [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 + [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 + [squeeze] - imagemagick 8:6.6.0.4-3+squeeze7 + NOTE: workaround entry for DLA-353-1 until/if CVE assigned + NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803 + NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 + NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2 + NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4 +CVE-2015-8895 [pict/icon processing issues: Integer and Buffer overflow in coders/icon.c] + - imagemagick 8:6.8.9.9-7 (bug #806441) + [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 + [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 + [squeeze] - imagemagick 8:6.6.0.4-3+squeeze7 + NOTE: workaround entry for DLA-353-1 until/if CVE assigned + NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747 + NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 + NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2 + NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4 + NOTE: The issue is only exploitable on 32 bit architectures. +CVE-2015-8894 [tga processing issue: double free in coders/tga.c:221] + - imagemagick 8:6.8.9.9-6 (bug #806442; bug #799524) + [jessie] - imagemagick (Can't reproduce crash with file) + [wheezy] - imagemagick (Can't reproduce crash with file) + [squeeze] - imagemagick (Can't reproduce crash with file) + NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362 + NOTE: https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8 + NOTE: http://www.openwall.com/lists/oss-security/2015/10/07/2 + NOTE: http://www.openwall.com/lists/oss-security/2016/02/22/4 + NOTE: The problem can only be triggered with recent versions of ImageMagick (8:6.9.1.2-1 in experimental is vulnerable, 8:6.8.9.9-6 in sid is not vulnerable, older versions are not vulnerable) CVE-2015-8893 RESERVED CVE-2015-8892 @@ -18591,37 +18622,6 @@ RESERVED CVE-2014-9752 (Unrestricted file upload vulnerability in ...) TODO: check -CVE-2015- [Double free in coders/pict.c:2000] - - imagemagick 8:6.8.9.9-7 (bug #806441) - [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 - [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 - [squeeze] - imagemagick 8:6.6.0.4-3+squeeze7 - NOTE: workaround entry for DLA-353-1 until/if CVE assigned - NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1448803 - NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/07/2 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/22/4 -CVE-2015- [Double free in coders/tga.c:221] - - imagemagick 8:6.8.9.9-6 (bug #806442; bug #799524) - [jessie] - imagemagick (Can't reproduce crash with file) - [wheezy] - imagemagick (Can't reproduce crash with file) - [squeeze] - imagemagick (Can't reproduce crash with file) - NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1490362 - NOTE: https://github.com/ImageMagick/ImageMagick/commit/4f68e9661518463fca523c9726bb5d940a2aa6d8 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/10/07/2 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/02/22/4 - NOTE: The problem can only be triggered with recent versions of ImageMagick (8:6.9.1.2-1 in experimental is vulnerable, 8:6.8.9.9-6 in sid is not vulnerable, older versions are not vulnerable) -CVE-2015- [Integer and Buffer overflow in coders/icon.c] - - imagemagick 8:6.8.9.9-7 (bug #806441) - [jessie] - imagemagick 8:6.8.9.9-5+deb8u1 - [wheezy] - imagemagick 8:6.7.7.10-5+deb7u4 - [squeeze] - imagemagick 8:6.6.0.4-3+squeeze7 - NOTE: workaround entry for DLA-353-1 until/if CVE assigned - NOTE: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1459747 - NOTE: https://github.com/ImageMagick/ImageMagick/commit/0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 - NOTE: CVE Request:
[Secure-testing-commits] r42264 - data/CVE
Author: carnil Date: 2016-06-02 18:55:14 + (Thu, 02 Jun 2016) New Revision: 42264 Modified: data/CVE/list Log: Add bug reference for CVE-2016-5238, #826152 Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:54:22 UTC (rev 42263) +++ data/CVE/list 2016-06-02 18:55:14 UTC (rev 42264) @@ -105,7 +105,7 @@ NOTE: https://labs.riseup.net/code/issues/11067 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/06/02/5 CVE-2016-5238 [scsi: esp: OOB write when using non-DMA mode in get_cmd] - - qemu + - qemu (bug #826152) - qemu-kvm NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1341931 NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg00150.html ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42263 - data/CVE
Author: carnil Date: 2016-06-02 18:54:22 + (Thu, 02 Jun 2016) New Revision: 42263 Modified: data/CVE/list Log: Add bug reference for CVE-2016-5126/qemu, #826151 Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:53:05 UTC (rev 42262) +++ data/CVE/list 2016-06-02 18:54:22 UTC (rev 42263) @@ -431,7 +431,7 @@ RESERVED CVE-2016-5126 [block: iscsi: buffer overflow in iscsi_aio_ioctl] RESERVED - - qemu + - qemu (bug #826151) [wheezy] - qemu (Vulnerable code not present) - qemu-kvm [wheezy] - qemu-kvm (Vulnerable code not present) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42262 - data/CVE
Author: carnil Date: 2016-06-02 18:53:05 + (Thu, 02 Jun 2016) New Revision: 42262 Modified: data/CVE/list Log: Remove todo item for CVE-2016-5238 Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:52:56 UTC (rev 42261) +++ data/CVE/list 2016-06-02 18:53:05 UTC (rev 42262) @@ -109,7 +109,6 @@ - qemu-kvm NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1341931 NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg00150.html - TODO: check versions CVE-2016-5234 RESERVED CVE-2016-5233 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42261 - data/CVE
Author: carnil Date: 2016-06-02 18:52:56 + (Thu, 02 Jun 2016) New Revision: 42261 Modified: data/CVE/list Log: Update information for CVE-2016-5126/qemu Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:46:02 UTC (rev 42260) +++ data/CVE/list 2016-06-02 18:52:56 UTC (rev 42261) @@ -437,9 +437,9 @@ - qemu-kvm [wheezy] - qemu-kvm (Vulnerable code not present) NOTE: https://lists.gnu.org/archive/html/qemu-block/2016-05/msg00779.html + NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a6b3167fa0e825aebb5a7cd8b437b6d41584a196 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1340924 NOTE: http://www.openwall.com/lists/oss-security/2016/05/30/6 - TODO: check versions CVE-2016- [CSRF protection for POST requests] - postfixadmin (bug #825151) [jessie] - postfixadmin (Minor issue) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42260 - data/CVE
Author: jmm Date: 2016-06-02 18:46:02 + (Thu, 02 Jun 2016) New Revision: 42260 Modified: data/CVE/list Log: second batch of 2014 CVE IDs for imagemagick Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:40:08 UTC (rev 42259) +++ data/CVE/list 2016-06-02 18:46:02 UTC (rev 42260) @@ -64,6 +64,42 @@ - imagemagick 8:6.8.9.9-4 (bug #773834) CVE-2014-9836 [DOS in xpm files] - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9837 [Add additional PNM sanity checks] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9838 [Avoid a crash to out of memory in magick/cache.c] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9839 [Fix a theoretical out of bound access in magick/colormap-private.h] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9840 [Fix an out of bound access in palm file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9841 [Fixed throwing of exceptions in psd handling] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9842 [memory leak in psd handling] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9843 [Fixed boundary checks in DecodePSDPixels] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9844 [Fix another out of bound problem in rle file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9845 [Fix crash due to corrupted dib file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9846 [Added checks to prevent overflow in rle file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9847 [Don't try to handle a "previous" image in the JNG decoder] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9848 [Avoid a memory leak in quantum management] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9849 [Avoid a crash in png coder] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9850 [incorrect handling of thread limit 0] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9851 [In psd file handling fixed parsing resource block and avoid a crash] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9852 [In cache fix usage of object after it has been destroyed] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9853 [Avoid a memory leak in rle file handling] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9854 [DoS in image identification] + - imagemagick 8:6.8.9.9-4 (bug #773834) CVE-2016- [doesn't remove metadata in embedded images in PDFs] - mat (bug #826101) NOTE: https://labs.riseup.net/code/issues/11067 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42259 - data/CVE
Author: jmm Date: 2016-06-02 18:40:08 + (Thu, 02 Jun 2016) New Revision: 42259 Modified: data/CVE/list Log: first batch of 2014 imagemagick CVE IDs Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:21:31 UTC (rev 42258) +++ data/CVE/list 2016-06-02 18:40:08 UTC (rev 42259) @@ -1,3 +1,69 @@ +CVE-2014-9804 [Avoid a DOS in vision.c due to an infinite loop] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9805 [Avoid a SEGV due to a corrupted pnm file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9806 [Do not leak fd due to corrupted file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9807 [Fix a double free in pdb coder] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9808 [Fix a SEGV due to corrupted dpc images] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9809 [Fix a SEGV due to corrupted xwd images] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9810 [Fix a SEGV in dpx file handler] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9811 [Fix a SEGV in malformed xwd file handler] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9812 [Avoid a NULL pointer dereference in ps file handling] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9813 [Fix a crash with corrupted viff file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9814 [Fix a NULL pointer dereference in wpg file handling] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9815 [Do not continue on corrupted wpg file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9816 [Avoid an out of bound access in viff image] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9817 [Avoid a heap buffer overflow in pdb file handling] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9818 [Avoid an out of bound access on malformed sun file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9819 [Avoid heap overflow in palm files] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9820 [Avoid heap overflow in pnm files] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9821 [Avoid heap overflow in xpm files] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9822 [Fix heap overflow in quantum file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9823 [Fix heap overflow in palm file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9824 [Fix heap overflow in psd file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9825 [Fix handling of corrupted of psd file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9826 [Fix handling of corrupted of sun file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9827 [Fix handling of corrupted of xpm file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9828 [Fix corrupted (too many colors) psd file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9829 [Fix an out of bound access in sun file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9830 [Fix handling of corrupted sun file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9831 [Fix handling of corrupted wpg file] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9832 [Fix heap overflow in pcx files] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9833 [Fix heap overflow in psd files] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9834 [Fix heap overflow in pict files] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9835 [Fix heap overflow in wpf files] + - imagemagick 8:6.8.9.9-4 (bug #773834) +CVE-2014-9836 [DOS in xpm files] + - imagemagick 8:6.8.9.9-4 (bug #773834) CVE-2016- [doesn't remove metadata in embedded images in PDFs] - mat (bug #826101) NOTE: https://labs.riseup.net/code/issues/11067 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42258 - data/CVE
Author: carnil Date: 2016-06-02 18:21:31 + (Thu, 02 Jun 2016) New Revision: 42258 Modified: data/CVE/list Log: Remove one TODO item Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:19:33 UTC (rev 42257) +++ data/CVE/list 2016-06-02 18:21:31 UTC (rev 42258) @@ -19320,12 +19320,11 @@ CVE-2015-7496 (GNOME Display Manager (gdm) before 3.18.2 allows physically proximate ...) - gdm3 3.18.2-1 [jessie] - gdm3 (Vulnerable code not present, unreproducible) - [squeeze] - gdm3 (Vulnerable code not present) [wheezy] - gdm3 (Vulnerable code not present, unreproducible) + [squeeze] - gdm3 (Vulnerable code not present) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758032 NOTE: https://git.gnome.org/browse/gdm/commit/?id=5ac2246 NOTE: https://git.gnome.org/browse/gdm/commit/?id=05e5fc2 - TODO: Check whether applies to wheezy/jessie CVE-2015-7495 RESERVED CVE-2015-7494 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42257 - data/CVE
Author: carnil Date: 2016-06-02 18:19:33 + (Thu, 02 Jun 2016) New Revision: 42257 Modified: data/CVE/list Log: Remove annotation/prefix for CVE request URL Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:19:09 UTC (rev 42256) +++ data/CVE/list 2016-06-02 18:19:33 UTC (rev 42257) @@ -11380,7 +11380,7 @@ [wheezy] - dhcpcd5 (Vulnerable code not present) - dhcpcd (Vulnerable code not present) NOTE: http://roy.marples.name/projects/dhcpcd/info/76a1609352263bd9def1300d7ba990679571fa30 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/07/3 + NOTE: http://www.openwall.com/lists/oss-security/2016/01/07/3 NOTE: dhcpcd 3.2.3- in squeeze and wheezy differ very much from dhcpcd5 in later Debian versions. CVE-2016-1504 [invalid read/crash via malformed dhcp responses] RESERVED @@ -11389,7 +11389,7 @@ - dhcpcd (Vulnerable code not present) [squeeze] - dhcpcd (Vulnerable code not present) NOTE: http://roy.marples.name/projects/dhcpcd/info/595883e2a431f65d8fabf33059aa4689cca17403 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/01/07/3 + NOTE: http://www.openwall.com/lists/oss-security/2016/01/07/3 NOTE: dhcpcd 3.2.3- in squeeze and wheezy differ very much from dhcpcd5 in later Debian versions. CVE-2016- [Missing normalization] - ruby-rack-attack 4.3.1-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42255 - data/CVE
Author: jmm Date: 2016-06-02 18:16:38 + (Thu, 02 Jun 2016) New Revision: 42255 Modified: data/CVE/list Log: xen no-dsa gdm3 n/a drop old linux issue, turned out to be a non-issue old unimportant apt issues fixed old grub issue n/a (RH-specific) mark alpine as n/a instead of unimportant Modified: data/CVE/list === --- data/CVE/list 2016-06-02 18:15:14 UTC (rev 42254) +++ data/CVE/list 2016-06-02 18:16:38 UTC (rev 42255) @@ -822,6 +822,7 @@ CVE-2016-4963 [Unsanitised driver domain input in libxl device handling] RESERVED - xen + [jessie] - xen (Minor issue, too intrusive to backport) NOTE: http://xenbits.xen.org/xsa/advisory-178.html CVE-2016-4962 [Unsanitised guest input in libxl device handling code] RESERVED @@ -19318,6 +19319,7 @@ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=756528 (upstream bug not yet open) CVE-2015-7496 (GNOME Display Manager (gdm) before 3.18.2 allows physically proximate ...) - gdm3 3.18.2-1 + [jessie] - gdm3 (Vulnerable code not present, unreproducible) [squeeze] - gdm3 (Vulnerable code not present) [wheezy] - gdm3 (Vulnerable code not present, unreproducible) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=758032 @@ -25270,8 +25272,7 @@ RESERVED - foreman (bug #663101) CVE-2015-5281 (The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) ...) - - grub2 - TODO: check, possibly Red Hat specific + - grub2 (SecureBoot not yet supported) CVE-2015-5280 REJECTED CVE-2015-5279 (Heap-based buffer overflow in the ne2000_receive function in ...) @@ -36391,8 +36392,7 @@ - efl (Only used when building on Windows, see #778414) - ptlib (unimportant; bug #778404) NOTE: ptlib uses the regex code from glibc, local fallback code not used - - alpine (unimportant; bug #778413) - NOTE: alpine uses the regex code from glibc, local fallback code not used + - alpine (alpine uses the regex code from glibc, local fallback code not used, bug #778413) - vigor 0.016-24 (unimportant; bug #778409) [wheezy] - vigor 0.016-19+deb7u1 - nvi (unimportant; bug #778412) @@ -94428,7 +94428,7 @@ CVE-2012-3588 (Directory traversal vulnerability in preview.php in the Plugin ...) NOT-FOR-US: Wordpress plugin CVE-2012-3587 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the ...) - - apt (unimportant) + - apt 0.7.25 (unimportant) NOTE: net-update is disabled by default on Debian CVE-2012-3586 RESERVED @@ -101125,7 +101125,7 @@ CVE-2012-0955 RESERVED CVE-2012-0954 (APT 0.7.x before 0.7.25 and 0.8.x before 0.8.16, when using the ...) - - apt (unimportant) + - apt 0.7.25 (unimportant) NOTE: net-update is not enabled by default in Debian CVE-2012-0953 RESERVED @@ -155704,8 +155704,6 @@ NOT-FOR-US: Skype CVE-2008-2544 RESERVED - - linux - TODO: check CVE-2008-2543 (The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and ...) - asterisk-addons 1.4.7-1 (bug #484796) CVE-2008-2542 (Stack-based buffer overflow in the getline function in Ppm/ppm.C in ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42254 - data/CVE
Author: carnil Date: 2016-06-02 18:15:14 + (Thu, 02 Jun 2016) New Revision: 42254 Modified: data/CVE/list Log: CVE-2014-7912/dhcpcd5 fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2016-06-02 17:53:46 UTC (rev 42253) +++ data/CVE/list 2016-06-02 18:15:14 UTC (rev 42254) @@ -46409,7 +46409,7 @@ NOTE: Fixed for Android in https://android.googlesource.com/platform/external/dhcpcd/+/73c09dd8067250734511d955d8f792b41c7213f0%5E!/ NOTE: Fixed on upstream trunk in http://roy.marples.name/projects/dhcpcd/ci/528541c4c619520e?sbs=0 CVE-2014-7912 (The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in ...) - - dhcpcd5 + - dhcpcd5 6.9.1-1 NOTE: Fixed for Android in https://android.googlesource.com/platform/external/dhcpcd/+/73c09dd8067250734511d955d8f792b41c7213f0%5E!/ NOTE: Fixed on upstream trunk in http://roy.marples.name/projects/dhcpcd/ci/d71cfd8aa203bffe?sbs=0 CVE-2014-7911 (luni/src/main/java/java/io/ObjectInputStream.java in the ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42253 - data/CVE
Author: carnil Date: 2016-06-02 17:53:46 + (Thu, 02 Jun 2016) New Revision: 42253 Modified: data/CVE/list Log: CVE-2016-5104/libimobiledevice fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2016-06-02 17:44:08 UTC (rev 42252) +++ data/CVE/list 2016-06-02 17:53:46 UTC (rev 42253) @@ -651,7 +651,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1339583 CVE-2016-5104 RESERVED - - libimobiledevice (bug #825553) + - libimobiledevice 1.2.0+dfsg-3 (bug #825553) [jessie] - libimobiledevice (Minor issue) [wheezy] - libimobiledevice (Vulnerable code not present) NOTE: https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42252 - data/CVE
Author: carnil Date: 2016-06-02 17:44:08 + (Thu, 02 Jun 2016) New Revision: 42252 Modified: data/CVE/list Log: CVE-2016-5238/qemu assigned Modified: data/CVE/list === --- data/CVE/list 2016-06-02 15:59:25 UTC (rev 42251) +++ data/CVE/list 2016-06-02 17:44:08 UTC (rev 42252) @@ -2,6 +2,12 @@ - mat (bug #826101) NOTE: https://labs.riseup.net/code/issues/11067 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/06/02/5 +CVE-2016-5238 [scsi: esp: OOB write when using non-DMA mode in get_cmd] + - qemu + - qemu-kvm + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1341931 + NOTE: https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg00150.html + TODO: check versions CVE-2016-5234 RESERVED CVE-2016-5233 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42251 - data/CVE
Author: carnil Date: 2016-06-02 15:59:25 + (Thu, 02 Jun 2016) New Revision: 42251 Modified: data/CVE/list Log: Add new CVEs for ntp Modified: data/CVE/list === --- data/CVE/list 2016-06-02 13:28:27 UTC (rev 42250) +++ data/CVE/list 2016-06-02 15:59:25 UTC (rev 42251) @@ -831,14 +831,29 @@ RESERVED CVE-2016-4957 RESERVED + - ntp + NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi + NOTE: http://support.ntp.org/bin/view/Main/NtpBug3046 CVE-2016-4956 RESERVED + - ntp + NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi + NOTE: http://support.ntp.org/bin/view/Main/NtpBug3042 CVE-2016-4955 RESERVED + - ntp + NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi + NOTE: http://support.ntp.org/bin/view/Main/NtpBug3043 CVE-2016-4954 RESERVED + - ntp + NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi + NOTE: http://support.ntp.org/bin/view/Main/NtpBug3044 CVE-2016-4953 RESERVED + - ntp + NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi + NOTE: http://support.ntp.org/bin/view/Main/NtpBug3045 CVE-2016-5117 [OpenNTPD not verifying CN during HTTPS constraints request] RESERVED - openntpd (bug #825856) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42250 - data/CVE
Author: carnil Date: 2016-06-02 13:28:27 + (Thu, 02 Jun 2016) New Revision: 42250 Modified: data/CVE/list Log: Add CVE-2016-4962/xen Modified: data/CVE/list === --- data/CVE/list 2016-06-02 13:26:43 UTC (rev 42249) +++ data/CVE/list 2016-06-02 13:28:27 UTC (rev 42250) @@ -817,8 +817,10 @@ RESERVED - xen NOTE: http://xenbits.xen.org/xsa/advisory-178.html -CVE-2016-4962 +CVE-2016-4962 [Unsanitised guest input in libxl device handling code] RESERVED + - xen + NOTE: http://xenbits.xen.org/xsa/advisory-175.html CVE-2016-4961 RESERVED CVE-2016-4960 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42249 - data/CVE
Author: carnil Date: 2016-06-02 13:26:43 + (Thu, 02 Jun 2016) New Revision: 42249 Modified: data/CVE/list Log: Add CVE-2016-4963/xen Modified: data/CVE/list === --- data/CVE/list 2016-06-02 12:43:28 UTC (rev 42248) +++ data/CVE/list 2016-06-02 13:26:43 UTC (rev 42249) @@ -813,8 +813,10 @@ - onionshare 0.8.1-2 (unimportant) [jessie] - onionshare (Vulnerable code not present) NOTE: Neutralised by kernel hardening (also contrib and non-free not supported) -CVE-2016-4963 +CVE-2016-4963 [Unsanitised driver domain input in libxl device handling] RESERVED + - xen + NOTE: http://xenbits.xen.org/xsa/advisory-178.html CVE-2016-4962 RESERVED CVE-2016-4961 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42248 - data/CVE
Author: carnil Date: 2016-06-02 12:43:28 + (Thu, 02 Jun 2016) New Revision: 42248 Modified: data/CVE/list Log: Add mat issue, #826101, CVE is requested Modified: data/CVE/list === --- data/CVE/list 2016-06-02 12:40:40 UTC (rev 42247) +++ data/CVE/list 2016-06-02 12:43:28 UTC (rev 42248) @@ -1,3 +1,7 @@ +CVE-2016- [doesn't remove metadata in embedded images in PDFs] + - mat (bug #826101) + NOTE: https://labs.riseup.net/code/issues/11067 + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2016/06/02/5 CVE-2016-5234 RESERVED CVE-2016-5233 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42247 - data/CVE
Author: carnil Date: 2016-06-02 12:40:40 + (Thu, 02 Jun 2016) New Revision: 42247 Modified: data/CVE/list Log: Mark phantomjs as unfixed instead of removed since re-entered the archive Modified: data/CVE/list === --- data/CVE/list 2016-06-02 09:26:24 UTC (rev 42246) +++ data/CVE/list 2016-06-02 12:40:40 UTC (rev 42247) @@ -73653,7 +73653,7 @@ - qt4-x11 4:4.8.5+git192-g085f851+dfsg-1 (low; bug #750141) [wheezy] - qt4-x11 (Minor issue) [squeeze] - qt4-x11 (Minor issue) - - phantomjs + - phantomjs NOTE: https://codereview.qt-project.org/#change,70708 CVE-2013-4548 (The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH ...) - openssh 1:6.4p1-1 (bug #729029) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42246 - data
Author: apo Date: 2016-06-02 09:26:24 + (Thu, 02 Jun 2016) New Revision: 42246 Modified: data/dla-needed.txt Log: Claim libpdfbox-java in dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-02 09:10:09 UTC (rev 42245) +++ data/dla-needed.txt 2016-06-02 09:26:24 UTC (rev 42246) @@ -32,7 +32,7 @@ -- libjackson-json-java -- -libpdfbox-java +libpdfbox-java (Markus Koschany) -- libspring-java The JSON/JaF doesn't appear to be present in wheezy but the ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42245 - data/CVE
Author: sectracker Date: 2016-06-02 09:10:09 + (Thu, 02 Jun 2016) New Revision: 42245 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2016-06-02 08:19:18 UTC (rev 42244) +++ data/CVE/list 2016-06-02 09:10:09 UTC (rev 42245) @@ -337,7 +337,7 @@ NOTE: Fixed by: https://sourceforge.net/p/postfixadmin/code/1842 CVE-2016-5118 [popen() shell vulnerability via filename] RESERVED - {DSA-3591-1 DLA-500-1} + {DSA-3591-1 DLA-502-1 DLA-500-1} - imagemagick 8:6.8.9.9-7.1 (bug #825799) - graphicsmagick 1.3.24-1 (bug #825800) NOTE: fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ae3928faa858 @@ -7924,6 +7924,7 @@ CVE-2016-2386 (SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE ...) NOT-FOR-US: SAP CVE-2015-8857 [incorrect handling of non-boolean comparisons during minification] + RESERVED - uglifyjs (unimportant) NOTE: fixed in 2.4.24 NOTE: https://zyan.scripts.mit.edu/blog/backdooring-js/ @@ -19040,7 +19041,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1288934 NOTE: Related to an incomplete RHEL backport of https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ac2bde2a4a05c38e2bd733bea94507cb1461e06 CVE-2015-7552 (Heap-based buffer overflow in the gdk_pixbuf_flip function in ...) - {DSA-3589-1 DLA-450-1} + {DSA-3589-1 DLA-501-1} - gdk-pixbuf 2.32.0-1 NOTE: https://bugzilla.suse.com/show_bug.cgi?id=958963 NOTE: This was fixed by one of the commits between 2.31.6 and 2.32.0. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42244 - data/CVE
Author: apo Date: 2016-06-02 08:19:18 + (Thu, 02 Jun 2016) New Revision: 42244 Modified: data/CVE/list Log: CVE-2016-5118: Add link to upstream's reproducer and patch Modified: data/CVE/list === --- data/CVE/list 2016-06-02 08:14:15 UTC (rev 42243) +++ data/CVE/list 2016-06-02 08:19:18 UTC (rev 42244) @@ -341,6 +341,7 @@ - imagemagick 8:6.8.9.9-7.1 (bug #825799) - graphicsmagick 1.3.24-1 (bug #825800) NOTE: fixed by http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/ae3928faa858 + NOTE: patch available at http://www.openwall.com/lists/oss-security/2016/05/29/7 CVE-2016-5116 [xbm: avoid stack overflow (read) with large names] RESERVED - libgd2 2.2.1-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42243 - in data: . DLA
Author: apo Date: 2016-06-02 08:14:15 + (Thu, 02 Jun 2016) New Revision: 42243 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-502-1 for graphicsmagick Modified: data/DLA/list === --- data/DLA/list 2016-06-02 07:33:15 UTC (rev 42242) +++ data/DLA/list 2016-06-02 08:14:15 UTC (rev 42243) @@ -1,3 +1,6 @@ +[02 Jun 2016] DLA-502-1 graphicsmagick - security update + {CVE-2016-5118} + [wheezy] - graphicsmagick 1.3.16-1.1+deb7u2 [02 Jun 2016] DLA-501-1 gdk-pixbuf - security update {CVE-2015-7552} [wheezy] - gdk-pixbuf 2.26.1-1+deb7u5 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-02 07:33:15 UTC (rev 42242) +++ data/dla-needed.txt 2016-06-02 08:14:15 UTC (rev 42243) @@ -27,8 +27,6 @@ NOTE: .debdiff sent to the Security Team, waiting for feedback NOTE: asked about jessie status (seb) -- -graphicsmagick (Markus Koschany) --- icu (Roberto C. Sánchez) NOTE: check comments on CVE-2016-0494 as well -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42242 - data
Author: bam Date: 2016-06-02 07:33:15 + (Thu, 02 Jun 2016) New Revision: 42242 Modified: data/dla-needed.txt Log: Claim p7zip Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-02 07:29:05 UTC (rev 42241) +++ data/dla-needed.txt 2016-06-02 07:33:15 UTC (rev 42242) @@ -61,7 +61,7 @@ NOTE: maintainer would like help working on the updates but will handle the updates himself NOTE: 20160518175636.ga29...@roeckx.be -- -p7zip +p7zip (Brian May) NOTE: CPP/7zip/Archive/Udf/UdfIn.cpp line 261? -- php5 (Thorsten Alteholz) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42241 - data/CVE
Author: bam Date: 2016-06-02 07:29:05 + (Thu, 02 Jun 2016) New Revision: 42241 Modified: data/CVE/list Log: Clarify wheezy is broken Modified: data/CVE/list === --- data/CVE/list 2016-06-02 07:27:38 UTC (rev 42240) +++ data/CVE/list 2016-06-02 07:29:05 UTC (rev 42241) @@ -364,6 +364,7 @@ - tiff3 (unimportant) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2552 NOTE: confirmed this still crashes with latest CVS, version v4.0.6 + NOTE: also confirmed this crashes v4.0.2 in wheezy CVE-2016-5101 RESERVED CVE-2016-5100 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42240 - data/CVE
Author: bam Date: 2016-06-02 07:27:38 + (Thu, 02 Jun 2016) New Revision: 42240 Modified: data/CVE/list Log: No upstream fix for this Modified: data/CVE/list === --- data/CVE/list 2016-06-02 06:21:58 UTC (rev 42239) +++ data/CVE/list 2016-06-02 07:27:38 UTC (rev 42240) @@ -363,6 +363,7 @@ [jessie] - tiff (Minor issue) - tiff3 (unimportant) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2552 + NOTE: confirmed this still crashes with latest CVS, version v4.0.6 CVE-2016-5101 RESERVED CVE-2016-5100 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42239 - data/DLA
Author: apo Date: 2016-06-02 06:21:58 + (Thu, 02 Jun 2016) New Revision: 42239 Modified: data/DLA/list Log: Mark CVE-2015-7552 as not fixed in DLA-450-1 Modified: data/DLA/list === --- data/DLA/list 2016-06-02 06:18:19 UTC (rev 42238) +++ data/DLA/list 2016-06-02 06:21:58 UTC (rev 42239) @@ -153,7 +153,7 @@ {CVE-2016-0636 CVE-2016-0686 CVE-2016-0687 CVE-2016-0695 CVE-2016-3425 CVE-2016-3426 CVE-2016-3427} [wheezy] - openjdk-7 7u101-2.6.6-2~deb7u1 [30 Apr 2016] DLA-450-1 gdk-pixbuf - security update - {CVE-2015-7552 CVE-2015-8875 CVE-2015-7674} + {CVE-2015-8875 CVE-2015-7674} [wheezy] - gdk-pixbuf 2.26.1-1+deb7u4 [30 Apr 2016] DLA-449-1 botan1.10 - security update {CVE-2014-9742 CVE-2015-5726 CVE-2015-5727 CVE-2015-7827 CVE-2016-2194 CVE-2016-2195 CVE-2016-2849} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42238 - data/CVE
Author: carnil Date: 2016-06-02 06:18:19 + (Thu, 02 Jun 2016) New Revision: 42238 Modified: data/CVE/list Log: Add CVE-2016-3093 Modified: data/CVE/list === --- data/CVE/list 2016-06-02 06:16:53 UTC (rev 42237) +++ data/CVE/list 2016-06-02 06:18:19 UTC (rev 42238) @@ -5667,6 +5667,8 @@ NOT-FOR-US: Apache Qpid Java Broker CVE-2016-3093 RESERVED + - libstruts1.2-java (Only affects Struts 2.x) + NOTE: https://struts.apache.org/docs/s2-034.html CVE-2016-3092 RESERVED CVE-2016-3091 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42237 - data/CVE
Author: carnil Date: 2016-06-02 06:16:53 + (Thu, 02 Jun 2016) New Revision: 42237 Modified: data/CVE/list Log: Add CVE-2016-3087 Modified: data/CVE/list === --- data/CVE/list 2016-06-02 06:13:35 UTC (rev 42236) +++ data/CVE/list 2016-06-02 06:16:53 UTC (rev 42237) @@ -5683,6 +5683,8 @@ NOTE: http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt CVE-2016-3087 RESERVED + - libstruts1.2-java (Only affects Struts 2.x) + NOTE: https://struts.apache.org/docs/s2-033.html CVE-2016-3086 RESERVED CVE-2016-3085 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42236 - data/CVE
Author: carnil Date: 2016-06-02 06:13:35 + (Thu, 02 Jun 2016) New Revision: 42236 Modified: data/CVE/list Log: CVE-2015-8857 assigned for uglifyjs Modified: data/CVE/list === --- data/CVE/list 2016-06-02 06:12:17 UTC (rev 42235) +++ data/CVE/list 2016-06-02 06:13:35 UTC (rev 42236) @@ -3171,8 +3171,6 @@ RESERVED - uglifyjs (unimportant) NOTE: libv8 is not covered by security support -CVE-2015-8857 - RESERVED CVE-2015-8854 [marked: regular expression denial of service] RESERVED - node-marked (unimportant) @@ -7918,7 +7916,7 @@ NOT-FOR-US: SAP CVE-2016-2386 (SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE ...) NOT-FOR-US: SAP -CVE-2015- [incorrect handling of non-boolean comparisons during minification] +CVE-2015-8857 [incorrect handling of non-boolean comparisons during minification] - uglifyjs (unimportant) NOTE: fixed in 2.4.24 NOTE: https://zyan.scripts.mit.edu/blog/backdooring-js/ ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r42235 - data/CVE
Author: fgeek-guest Date: 2016-06-02 06:12:17 + (Thu, 02 Jun 2016) New Revision: 42235 Modified: data/CVE/list Log: CVE-2016-5102 assigned for gif2tiff buffer overflow in readgifimage() issue Modified: data/CVE/list === --- data/CVE/list 2016-06-02 05:59:33 UTC (rev 42234) +++ data/CVE/list 2016-06-02 06:12:17 UTC (rev 42235) @@ -328,11 +328,6 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1340924 NOTE: http://www.openwall.com/lists/oss-security/2016/05/30/6 TODO: check versions -CVE-2016- [gif2tiff: buffer overflow in readgifimage()] - - tiff - [jessie] - tiff (Minor issue) - - tiff3 (unimportant) - NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2552 CVE-2016- [CSRF protection for POST requests] - postfixadmin (bug #825151) [jessie] - postfixadmin (Minor issue) @@ -362,8 +357,12 @@ - mplayer NOTE: https://trac.mplayerhq.hu/ticket/2298 TODO: probably not affected since orig.tar.gz of src:mplayer does not include libavcodec, ffmpeg/libav affected? -CVE-2016-5102 +CVE-2016-5102 [gif2tiff: buffer overflow in readgifimage()] RESERVED + - tiff + [jessie] - tiff (Minor issue) + - tiff3 (unimportant) + NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2552 CVE-2016-5101 RESERVED CVE-2016-5100 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits