[Secure-testing-commits] r43237 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-16 05:34:02 + (Sat, 16 Jul 2016)
New Revision: 43237

Modified:
   data/CVE/list
Log:
Add upstream tag information for CVE-2015-8934

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-16 05:30:32 UTC (rev 43236)
+++ data/CVE/list   2016-07-16 05:34:02 UTC (rev 43237)
@@ -2502,11 +2502,11 @@
NOTE: https://bugs.php.net/bug.php?id=68978
NOTE: 
https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b
NOTE: Fixed in 5.6.6, 5.5.22 and 5.4.38
-CVE-2015-8934
+CVE-2015-8934 [out of bounds heap read in RAR parser]
RESERVED
- libarchive 3.2.1-1
NOTE: https://github.com/libarchive/libarchive/issues/521
-   NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/603454ec03040c29bd051fcc749e3c1433c11a8e
+   NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/603454ec03040c29bd051fcc749e3c1433c11a8e
 (v3.2.1)
 CVE-2015-8933 [undefined behaviour / signed integer overflow in 
archive_read_format_tar_skip()]
RESERVED
- libarchive 3.2.0-2


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43236 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-16 05:30:32 + (Sat, 16 Jul 2016)
New Revision: 43236

Modified:
   data/CVE/list
Log:
Expand note for CVE-2016-4300

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-16 05:19:17 UTC (rev 43235)
+++ data/CVE/list   2016-07-16 05:30:32 UTC (rev 43236)
@@ -5931,7 +5931,12 @@
NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
NOTE: http://www.talosintel.com/reports/TALOS-2016-0152/
NOTE: https://github.com/libarchive/libarchive/issues/718
-   NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573
 (notice introduction of UMAX_ENTRY)
+   NOTE: Requirement: 
https://github.com/libarchive/libarchive/commit/3d469df8eaace8297a27ce62befa295c0fdc5a3a
+   NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/e79ef306afe332faf22e9b442a2c6b59cb175573
 (v3.2.1)
+   NOTE: Notice introduction of UMAX_ENTRY with 
3d469df8eaace8297a27ce62befa295c0fdc5a3a
+   NOTE: Libarchive 3.1.2 and lower has a much smaller "UMAX_ENTRY", which 
is hardcoded
+   NOTE: in various places before 3d469df8eaace8297a27ce62befa295c0fdc5a3a 
and has value
+   NOTE: 100, making exploitation more difficult but not impossible.
 CVE-2016-4299
RESERVED
 CVE-2016-4298


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43234 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-16 05:19:00 + (Sat, 16 Jul 2016)
New Revision: 43234

Modified:
   data/CVE/list
Log:
Update information fir CVE-2016-4809

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-16 05:18:34 UTC (rev 43233)
+++ data/CVE/list   2016-07-16 05:19:00 UTC (rev 43234)
@@ -4366,11 +4366,11 @@
[jessie] - keystone  (affects only 9.0.0)
[wheezy] - keystone  (affects only 9.0.0)
NOTE: https://launchpad.net/bugs/1577558
-CVE-2016-4809
+CVE-2016-4809 [Memory allocate error with symbolic links in cpio archives]
RESERVED
- libarchive 3.2.1-1
NOTE: https://github.com/libarchive/libarchive/issues/705
-   NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/fd7e0c02
+   NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/fd7e0c02e272913a0a8b6d492c7260dfca0b1408
 (v3.2.1)
 CVE-2016-4808
RESERVED
 CVE-2016-4807


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43233 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-16 05:18:34 + (Sat, 16 Jul 2016)
New Revision: 43233

Modified:
   data/CVE/list
Log:
Update comments for CVE-2016-5844

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-16 03:44:55 UTC (rev 43232)
+++ data/CVE/list   2016-07-16 05:18:34 UTC (rev 43233)
@@ -1261,11 +1261,11 @@
RESERVED
 CVE-2014-9863
RESERVED
-CVE-2016-5844
+CVE-2016-5844 [undefined behaviour (integer overflow) in iso parser]
RESERVED
- libarchive 3.2.1-1
-   NOTE: 
https://github.com/libarchive/libarchive/issues/717#event-697151157
-   NOTE: 
https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22
+   NOTE: Upstream ticket: 
https://github.com/libarchive/libarchive/issues/717
+   NOTE: Upstream fix: 
https://github.com/libarchive/libarchive/commit/3ad08e01b4d253c66ae56414886089684155af22
 (v3.2.1)
 CVE-2016-5842
RESERVED
- imagemagick  (bug #831034)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43235 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-16 05:19:17 + (Sat, 16 Jul 2016)
New Revision: 43235

Modified:
   data/CVE/list
Log:
Add upstream tag information for CVE-2016-4302

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-16 05:19:00 UTC (rev 43234)
+++ data/CVE/list   2016-07-16 05:19:17 UTC (rev 43235)
@@ -5915,7 +5915,7 @@
NOTE: http://blog.talosintel.com/2016/06/the-poisoned-archives.html
NOTE: http://www.talosintel.com/reports/TALOS-2016-0154/
NOTE: https://github.com/libarchive/libarchive/issues/719
-   NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700
+   NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700
 (v3.2.1)
 CVE-2016-4301 [mtree parse_device Stack Based Buffer Overflow]
RESERVED
- libarchive 3.2.1-1


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43232 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-16 03:44:55 + (Sat, 16 Jul 2016)
New Revision: 43232

Modified:
   data/CVE/list
Log:
Add CVE Request reference for zendframework issue

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 22:22:14 UTC (rev 43231)
+++ data/CVE/list   2016-07-16 03:44:55 UTC (rev 43232)
@@ -3,6 +3,7 @@
 [jessie] - zendframework  (introduced after 1.12.9)
 NOTE: http://framework.zend.com/security/advisory/ZF2016-02
 NOTE: 
https://github.com/zendframework/zf1/commit/bf3f40605be3d8f136a07ae991079a7dcb34d967
+   NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/07/16/1
 CVE-2016-6217
RESERVED
 CVE-2016-6216


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43231 - data/CVE

[David Prévot]

Author: taffit
Date: 2016-07-15 22:22:14 + (Fri, 15 Jul 2016)
New Revision: 43231

Modified:
   data/CVE/list
Log:
Add ZF2016-02/zendframework

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 21:10:12 UTC (rev 43230)
+++ data/CVE/list   2016-07-15 22:22:14 UTC (rev 43231)
@@ -1,3 +1,8 @@
+CVE-2016- [ZF2016-02: Potential SQL injection in ORDER and GROUP 
statements of Zend_Db_Select]
+- zendframework 1.12.19+dfsg-1
+[jessie] - zendframework  (introduced after 1.12.9)
+NOTE: http://framework.zend.com/security/advisory/ZF2016-02
+NOTE: 
https://github.com/zendframework/zf1/commit/bf3f40605be3d8f136a07ae991079a7dcb34d967
 CVE-2016-6217
RESERVED
 CVE-2016-6216


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43230 - data/CVE

[security tracker role]

Author: sectracker
Date: 2016-07-15 21:10:12 + (Fri, 15 Jul 2016)
New Revision: 43230

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 20:49:56 UTC (rev 43229)
+++ data/CVE/list   2016-07-15 21:10:12 UTC (rev 43230)
@@ -115,6 +115,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/2
 CVE-2016-6214 [read out-of-bounds issue]
RESERVED
+   {DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1
NOTE: https://github.com/libgd/libgd/issues/247#issuecomment-232084241
NOTE: 
https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7
@@ -283,6 +284,7 @@
- linux  (Vulnerable code introduced in 4.7-rc1)
 CVE-2016-6161
RESERVED
+   {DSA-3619-1}
- libgd2 2.2.1-1
NOTE: https://github.com/libgd/libgd/issues/209
NOTE: 
https://github.com/libgd/libgd/commit/82b80dcb70a7ca8986125ff412bceddafc896842 
(gd-2.2.0)
@@ -871,6 +873,7 @@
RESERVED
 CVE-2016-6132 [read out-of-bands was found in the parsing of TGA files]
RESERVED
+   {DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1 (bug #829694)
NOTE: https://github.com/libgd/libgd/issues/247
NOTE: 
https://github.com/libgd/libgd/commit/ead349e99868303b37f5e6e9d9d680c9dc71ff8d
@@ -901,6 +904,7 @@
NOTE: Fixed by: 
https://git.kernel.org/linus/532c34b5fbf1687df63b3fcd5b2846312ac943c6
 CVE-2016-6128 [Invalid color index is not properly handled leading to denial 
of service]
RESERVED
+   {DSA-3619-1}
- libgd2 2.2.2-29-g3c2b605-1 (bug #829062)
[wheezy] - libgd2  (Vulnerable code not present)
NOTE: 
https://github.com/libgd/libgd/compare/3fe0a7128bac5000fdcfab888bd2a75ec0c9447d...fd623025505e87bba7ec8555eeb72dae4fb0afd
@@ -1391,7 +1395,7 @@
NOTE: Fixed by: 
https://github.com/libgd/libgd/commit/cfee163a5e848fc3e3fb1d05a30d7557cdd36457 
(GD_2_0_34RC1)
 CVE-2016-5766 [Integer Overflow in _gd2GetHeader() resulting in heap overflow]
RESERVED
-   {DLA-534-1}
+   {DSA-3619-1 DLA-534-1}
- php7.0 7.0.8-1 (unimportant)
- php5 5.6.23+dfsg-1 (unimportant)
[jessie] - php5 5.6.23+dfsg-0+deb8u1
@@ -3412,6 +3416,7 @@
NOTE: patch available at 
http://www.openwall.com/lists/oss-security/2016/05/29/7
 CVE-2016-5116 [xbm: avoid stack overflow (read) with large names]
RESERVED
+   {DSA-3619-1}
- libgd2 2.2.1-1
[wheezy] - libgd2  (Vulnerable code not present)
NOTE: Fixed by: 
https://github.com/libgd/libgd/commit/4dc1a2d7931017d3625f2d7cff70a17ce58b53b4 
(gd-2.2.0)
@@ -5848,7 +5853,7 @@
NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0126/
 CVE-2016-4323 [MXIT Splash Image Arbitrary File Overwrite Vulnerability]
RESERVED
-   {DLA-542-1}
+   {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0128/
NOTE: http://www.pidgin.im/news/security/?id=97
@@ -11410,7 +11415,7 @@
NOTE: 
http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076
 CVE-2016-2380 [MXIT mxit_convert_markup_tx Information Leak Vulnerability]
RESERVED
-   {DLA-542-1}
+   {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0123/
NOTE: http://www.pidgin.im/news/security/?id=96
@@ -11420,49 +11425,49 @@
NOTE: Mentioned at http://www.pidgin.im/news/security/?id=96 without 
further details
 CVE-2016-2378 [MXIT get_utf8_string Code Execution Vulnerability]
RESERVED
-   {DLA-542-1}
+   {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0120/
NOTE: http://www.pidgin.im/news/security/?id=94
NOTE: https://bitbucket.org/pidgin/main/commits/06278419c703
 CVE-2016-2377 [MXIT HTTP Content-Length Buffer Overflow Vulnerability]
RESERVED
-   {DLA-542-1}
+   {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0119/
NOTE: http://www.pidgin.im/news/security/?id=93
NOTE: https://bitbucket.org/pidgin/main/commits/0f94ef13ab37
 CVE-2016-2376 [MXIT read stage 0x3 Code Execution Vulnerability]
RESERVED
-   {DLA-542-1}
+   {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0118/
NOTE: http://www.pidgin.im/news/security/?id=92
NOTE: https://bitbucket.org/pidgin/main/commits/19f89eda8587
 CVE-2016-2375 [MXIT Suggested Contacts Memory Disclosure Vulnerability]
RESERVED
-   {DLA-542-1}
+   {DSA-3620-1 DLA-542-1}
- pidgin 2.11.0-1
NOTE: http://www.talosintel.com/reports/TALOS-2016-0143/
NOTE: http://www.pidgin.im/news/security/?id=108
NOTE:

[Secure-testing-commits] r43229 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 20:49:56 + (Fri, 15 Jul 2016)
New Revision: 43229

Modified:
   data/CVE/list
Log:
Update two more ancient entries for icedove

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 20:43:10 UTC (rev 43228)
+++ data/CVE/list   2016-07-15 20:49:56 UTC (rev 43229)
@@ -102174,6 +102174,7 @@
{DSA-2556-1 DSA-2554-1 DSA-2553-1}
- iceweasel 10.0.7esr-1
- iceape 2.7.7-1
+   - icedove 10.0.7-1
 CVE-2012-1969 (The get_attachment_link function in Template.pm in Bugzilla 2.x 
and ...)
- bugzilla  (low)
- bugzilla4  (bug #669643)
@@ -102284,6 +102285,7 @@
 CVE-2012-1950 (The drag-and-drop implementation in Mozilla Firefox 4.x through 
13.0 ...)
{DSA-2528-1 DSA-2514-1}
- iceweasel 10.0.6esr-1
+   - icedove 10.0.6-1
 CVE-2012-1949 (Multiple unspecified vulnerabilities in the browser engine in 
Mozilla ...)
- iceweasel  (Only affects Firefox 13)
 CVE-2012-1948 (Multiple unspecified vulnerabilities in the browser engine in 
Mozilla ...)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43228 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 20:43:10 + (Fri, 15 Jul 2016)
New Revision: 43228

Modified:
   data/CVE/list
Log:
Add icedove fix for CVE-2015-4000 which was relesed with DSA-3324-1

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 20:25:00 UTC (rev 43227)
+++ data/CVE/list   2016-07-15 20:43:10 UTC (rev 43228)
@@ -32462,6 +32462,7 @@
- openjdk-6 
- openjdk-7 7u79-2.5.6-1
- openjdk-8 8u66-b01-1
+   - icedove 38.1.0-1
NOTE: CVE assigned specific to vulnerability in the TLS protocol that 
was
NOTE: disclosed in section 3.2 of the
NOTE: https://weakdh.org/imperfect-forward-secrecy.pdf paper.


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43227 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 20:25:00 + (Fri, 15 Jul 2016)
New Revision: 43227

Modified:
   data/CVE/list
Log:
Workaround some ffmpeg entries to cleanup ffmpeg from "Latently vulnerable 
packages in unstable"-view

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 18:47:13 UTC (rev 43226)
+++ data/CVE/list   2016-07-15 20:25:00 UTC (rev 43227)
@@ -99948,13 +99948,11 @@
- ffmpeg 7:2.4.1-1
[squeeze] - ffmpeg 4:0.5.10-1 (bug #688849)
 CVE-2012-2800 (Unspecified vulnerability in the ff_ivi_process_empty_tile 
function in ...)
-   [squeeze] - ffmpeg  (bug #688849)
- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2799 (Unspecified vulnerability in libavcodec/wmalosslessdec.c in 
FFmpeg ...)
- libav  (Vulnerable code not present in 0.8 version from 
unstable, fixed in 0.9 version in experimental)
- ffmpeg  (Vulnerable code not present)
 CVE-2012-2798 (Unspecified vulnerability in the decode_dds1 function in ...)
-   [squeeze] - ffmpeg  (bug #688849)
- libav 6:0.8.4-1 (bug #688847)
 CVE-2012-2797 (Unspecified vulnerability in the decode_frame_mp3on4 function 
in ...)
- ffmpeg 7:2.4.1-1
@@ -99977,7 +99975,6 @@
- libav  (Vulnerable code not present in 0.8 version from 
unstable, fixed in 0.9 version in experimental)
- ffmpeg  (Vulnerable code not present)
 CVE-2012-2791 (Multiple unspecified vulnerabilities in the (1) decode_band_hdr 
...)
-   [squeeze] - ffmpeg  (bug #688849)
- libav 6:0.8.5-1 (bug #688847)
 CVE-2012-2790 (Unspecified vulnerability in the read_var_block_data function 
in ...)
- ffmpeg  (bug #688849)
@@ -104869,6 +104866,7 @@
 CVE-2012-0858 (The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x 
before ...)
{DSA-2624-1}
- libav 4:0.8.1-1
+   - ffmpeg 7:2.2.1-1
[squeeze] - ffmpeg 4:0.5.9-1
 CVE-2012-0857 (Multiple buffer overflows in the get_qcx function in the J2K 
decoder ...)
- libav  (Vulnerable code not present)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43226 - in data: . DSA

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 18:47:13 + (Fri, 15 Jul 2016)
New Revision: 43226

Modified:
   data/DSA/list
   data/dsa-needed.txt
Log:
Reserve DSA number for pidgin update

Modified: data/DSA/list
===
--- data/DSA/list   2016-07-15 18:16:51 UTC (rev 43225)
+++ data/DSA/list   2016-07-15 18:47:13 UTC (rev 43226)
@@ -1,3 +1,6 @@
+[15 Jul 2016] DSA-3620-1 pidgin - security update
+   {CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368 CVE-2016-2369 
CVE-2016-2370 CVE-2016-2371 CVE-2016-2372 CVE-2016-2373 CVE-2016-2374 
CVE-2016-2375 CVE-2016-2376 CVE-2016-2377 CVE-2016-2378 CVE-2016-2380 
CVE-2016-4323}
+   [jessie] - pidgin 2.11.0-0+deb8u1
 [15 Jul 2016] DSA-3619-1 libgd2 - security update
{CVE-2016-5116 CVE-2016-5766 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161 
CVE-2016-6214}
[jessie] - libgd2 2.1.0-5+deb8u4

Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2016-07-15 18:16:51 UTC (rev 43225)
+++ data/dsa-needed.txt 2016-07-15 18:47:13 UTC (rev 43226)
@@ -46,9 +46,6 @@
 --
 phpmyadmin (thijs)
 --
-pidgin
-  NOTE: Test packages: https://people.debian.org/~carnil/tmp/pidgin/
---
 quagga
   Waiting for upstream-blessed patch before going forward
   Triggering circumstances not common


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43225 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 18:16:51 + (Fri, 15 Jul 2016)
New Revision: 43225

Modified:
   data/CVE/list
Log:
Add CVE-2016-4467/qpid-proton

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 15:22:42 UTC (rev 43224)
+++ data/CVE/list   2016-07-15 18:16:51 UTC (rev 43225)
@@ -5438,8 +5438,9 @@
NOT-FOR-US: Apache Archiva
 CVE-2016-4468
RESERVED
-CVE-2016-4467
+CVE-2016-4467 [Failure to verify that the server host name matches the 
certificate host name on Windows]
RESERVED
+   - qpid-proton  (Windows-specific)
 CVE-2016-4466
RESERVED
 CVE-2016-4465 (The URLValidator class in Apache Struts 2 2.3.20 through 
2.3.28.1 and ...)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43224 - in data: . CVE DSA

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 15:22:42 + (Fri, 15 Jul 2016)
New Revision: 43224

Modified:
   data/CVE/list
   data/DSA/list
   data/dsa-needed.txt
Log:
Reserve DSA number for libgd2 update

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 15:06:37 UTC (rev 43223)
+++ data/CVE/list   2016-07-15 15:22:42 UTC (rev 43224)
@@ -92,6 +92,8 @@
RESERVED
 CVE-2016- [Out-Of-Bounds Read in function read_image_tga of gd_tga.c]
- libgd2 2.2.2-29-g3c2b605-1
+   [jessie] - libgd2 2.1.0-5+deb8u4
+   NOTE: Workaround entry for DSA-3619-1 until/if CVE is assigned
NOTE: https://github.com/libgd/libgd/issues/248
NOTE: https://github.com/libgd/libgd/pull/251
NOTE: 
https://github.com/libgd/libgd/commit/5a3f19e962b507560c9206965087db4dc0ad107f

Modified: data/DSA/list
===
--- data/DSA/list   2016-07-15 15:06:37 UTC (rev 43223)
+++ data/DSA/list   2016-07-15 15:22:42 UTC (rev 43224)
@@ -1,3 +1,6 @@
+[15 Jul 2016] DSA-3619-1 libgd2 - security update
+   {CVE-2016-5116 CVE-2016-5766 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161 
CVE-2016-6214}
+   [jessie] - libgd2 2.1.0-5+deb8u4
 [14 Jul 2016] DSA-3618-1 php5 - security update
{CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 
CVE-2016-5773}
[jessie] - php5 5.6.23+dfsg-0+deb8u1

Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2016-07-15 15:06:37 UTC (rev 43223)
+++ data/dsa-needed.txt 2016-07-15 15:22:42 UTC (rev 43224)
@@ -25,9 +25,6 @@
   http://anonscm.debian.org/cgit/collab-maint/libarchive.git/log/?h=debian-jessie 
> 
   Some more CVEs needs to be triaged to conclude Petter's work.
 --
-libgd2
-  NOTE: maintainer prepared debdiff, needs review and ack
---
 libical
 --
 linux


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43223 - bin

[Paul Wise]

Author: pabs
Date: 2016-07-15 15:06:37 + (Fri, 15 Jul 2016)
New Revision: 43223

Modified:
   bin/tracker_service.py
Log:
testing.pl is gone, update links to it to qa.d.o/excuses.php

Modified: bin/tracker_service.py
===
--- bin/tracker_service.py  2016-07-15 15:06:19 UTC (rev 43222)
+++ bin/tracker_service.py  2016-07-15 15:06:37 UTC (rev 43223)
@@ -1536,7 +1536,7 @@
 def url_pts(self, url, package):
 return url.absolute("https://tracker.debian.org/pkg/%s"; % package)
 def url_testing_status(self, url, package):
-return url.absolute("https://release.debian.org/migration/testing.pl";,
+return url.absolute("https://qa.debian.org/excuses.php";,
 package=package)
 def url_source_package(self, url, package, full=False):
 if full:


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43222 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 15:06:19 + (Fri, 15 Jul 2016)
New Revision: 43222

Modified:
   data/CVE/list
Log:
Reference fix for CVE-2016-6214

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 14:56:09 UTC (rev 43221)
+++ data/CVE/list   2016-07-15 15:06:19 UTC (rev 43222)
@@ -115,6 +115,7 @@
RESERVED
- libgd2 2.2.2-29-g3c2b605-1
NOTE: https://github.com/libgd/libgd/issues/247#issuecomment-232084241
+   NOTE: 
https://github.com/libgd/libgd/commit/10ef1dca63d62433fda13309b4a228782db823f7
NOTE: Different issue than CVE-2016-6132
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/5
 CVE-2016-6223 [tiff: information leak in libtiff/tif_read.c]


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43221 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 14:56:09 + (Fri, 15 Jul 2016)
New Revision: 43221

Modified:
   data/CVE/list
Log:
Remove no-dsa entry for one libgd2 issue, will be included in next DSA

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 14:53:39 UTC (rev 43220)
+++ data/CVE/list   2016-07-15 14:56:09 UTC (rev 43221)
@@ -3410,7 +3410,6 @@
 CVE-2016-5116 [xbm: avoid stack overflow (read) with large names]
RESERVED
- libgd2 2.2.1-1
-   [jessie] - libgd2  (Minor issue, can be included in a future 
DSA)
[wheezy] - libgd2  (Vulnerable code not present)
NOTE: Fixed by: 
https://github.com/libgd/libgd/commit/4dc1a2d7931017d3625f2d7cff70a17ce58b53b4 
(gd-2.2.0)
NOTE: Introduced by: 
https://github.com/libgd/libgd/commit/decf4407d41230fc54dea8058bf887a2696fd4c2 
(gd-2.1.0-alpha1)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43220 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 14:53:39 + (Fri, 15 Jul 2016)
New Revision: 43220

Modified:
   data/CVE/list
Log:
Adjust the fix used for libgd2

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 09:10:13 UTC (rev 43219)
+++ data/CVE/list   2016-07-15 14:53:39 UTC (rev 43220)
@@ -94,7 +94,7 @@
- libgd2 2.2.2-29-g3c2b605-1
NOTE: https://github.com/libgd/libgd/issues/248
NOTE: https://github.com/libgd/libgd/pull/251
-   NOTE: 
https://github.com/libgd/libgd/commit/981060efd6415ed9a08a6aa343e6e195bf65fb47
+   NOTE: 
https://github.com/libgd/libgd/commit/5a3f19e962b507560c9206965087db4dc0ad107f
NOTE: CVE Request: 
http://www.openwall.com/lists/oss-security/2016/07/12/4
 CVE-2016- [Write out-of-bounds]
- gdk-pixbuf 


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43219 - data/CVE

[security tracker role]

Author: sectracker
Date: 2016-07-15 09:10:13 + (Fri, 15 Jul 2016)
New Revision: 43219

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 08:32:29 UTC (rev 43218)
+++ data/CVE/list   2016-07-15 09:10:13 UTC (rev 43219)
@@ -2068,7 +2068,7 @@
TODO: check
 CVE-2016-6211 [SA-CORE-2016-002 -- User module -- Saving user accounts can 
sometimes grant the user all roles]
RESERVED
-   {DSA-3604-1}
+   {DSA-3604-1 DLA-550-1}
- drupal7 7.44-1
NOTE: https://www.drupal.org/SA-CORE-2016-002
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/4


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43218 - data

[Emilio Pozuelo Monfort]

Author: pochu
Date: 2016-07-15 08:32:29 + (Fri, 15 Jul 2016)
New Revision: 43218

Modified:
   data/dla-needed.txt
Log:
claim gdk-pixbuf in dla-needed.txt

Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-07-15 07:42:49 UTC (rev 43217)
+++ data/dla-needed.txt 2016-07-15 08:32:29 UTC (rev 43218)
@@ -32,7 +32,7 @@
 --
 gdb
 --
-gdk-pixbuf
+gdk-pixbuf (Emilio Pozuelo)
 --
 gosa (Mike Gabriel)
   NOTE: .debdiff sent to the Security Team, waiting for feedback


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43217 - in data: . DLA

[Chris Lamb]

Author: lamby
Date: 2016-07-15 07:42:49 + (Fri, 15 Jul 2016)
New Revision: 43217

Modified:
   data/DLA/list
   data/dla-needed.txt
Log:
Reserve DLA-550-1 for drupal7

Modified: data/DLA/list
===
--- data/DLA/list   2016-07-15 07:33:26 UTC (rev 43216)
+++ data/DLA/list   2016-07-15 07:42:49 UTC (rev 43217)
@@ -1,3 +1,6 @@
+[15 Jul 2016] DLA-550-1 drupal7 - security update
+   {CVE-2016-6211}
+   [wheezy] - drupal7 7.14-2+deb7u14
 [13 Jul 2016] DLA-549-1 ruby-eventmachine - security update
[wheezy] - ruby-eventmachine 0.12.10-3+deb7u1
 [11 Jul 2016] DLA-548-1 drupal7 - security update

Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-07-15 07:33:26 UTC (rev 43216)
+++ data/dla-needed.txt 2016-07-15 07:42:49 UTC (rev 43217)
@@ -24,8 +24,6 @@
 cakephp
   NOTE: CVE-2015-8379 No official solution is currently available, 20160425
 --
-drupal7 (Chris Lamb)
---
 extplorer
   NOTE: 20160529, no fix yet
   NOTE: 20160618, still no fix


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43215 - data/CVE

[Chris Lamb]

Author: lamby
Date: 2016-07-15 07:33:15 + (Fri, 15 Jul 2016)
New Revision: 43215

Modified:
   data/CVE/list
Log:
Add a filtered diff for CVE-2016-6211 (drupal7)

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 07:32:12 UTC (rev 43214)
+++ data/CVE/list   2016-07-15 07:33:15 UTC (rev 43215)
@@ -2073,6 +2073,7 @@
NOTE: https://www.drupal.org/SA-CORE-2016-002
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/4
NOTE: https://gist.github.com/lamby/4697fea399f3f01ca6de3ce9ed79fce7 
tarball diff
+   NOTE: https://gist.github.com/lamby/dbeda4d49f48a32aa0dd4b3ed7f06a13 
filtered diff
 CVE-2016-5636 [heap overflow in Python zipimport module]
RESERVED
{DLA-522-1}


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43216 - data

[Chris Lamb]

Author: lamby
Date: 2016-07-15 07:33:26 + (Fri, 15 Jul 2016)
New Revision: 43216

Modified:
   data/dla-needed.txt
Log:
Claim drupal7 in data/dla-needed.txt

Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-07-15 07:33:15 UTC (rev 43215)
+++ data/dla-needed.txt 2016-07-15 07:33:26 UTC (rev 43216)
@@ -24,7 +24,7 @@
 cakephp
   NOTE: CVE-2015-8379 No official solution is currently available, 20160425
 --
-drupal7
+drupal7 (Chris Lamb)
 --
 extplorer
   NOTE: 20160529, no fix yet


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43214 - data/CVE

[Chris Lamb]

Author: lamby
Date: 2016-07-15 07:32:12 + (Fri, 15 Jul 2016)
New Revision: 43214

Modified:
   data/CVE/list
Log:
Add release tarball diff for CVE-2016-6211 (drupal7)

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 07:29:46 UTC (rev 43213)
+++ data/CVE/list   2016-07-15 07:32:12 UTC (rev 43214)
@@ -2072,6 +2072,7 @@
- drupal7 7.44-1
NOTE: https://www.drupal.org/SA-CORE-2016-002
NOTE: http://www.openwall.com/lists/oss-security/2016/07/13/4
+   NOTE: https://gist.github.com/lamby/4697fea399f3f01ca6de3ce9ed79fce7 
tarball diff
 CVE-2016-5636 [heap overflow in Python zipimport module]
RESERVED
{DLA-522-1}


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43213 - in data: CVE DLA

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 07:29:46 + (Fri, 15 Jul 2016)
New Revision: 43213

Modified:
   data/CVE/list
   data/DLA/list
Log:
Cleanup CVE-2013-1571 reference

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 07:28:03 UTC (rev 43212)
+++ data/CVE/list   2016-07-15 07:29:46 UTC (rev 43213)
@@ -85898,7 +85898,7 @@
NOTE: Upstream bug: 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7871
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=45646
 CVE-2013-1571 (Unspecified vulnerability in the Javadoc component in Oracle 
Java SE 7 ...)
-   {DSA-2727-1 DSA-2722-1 DLA-91-1}
+   {DSA-2727-1 DSA-2722-1}
- openjdk-6 6b27-1.12.6-1
- openjdk-7 7u25-2.3.10-1
 CVE-2013-1570 (Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier 
allows ...)

Modified: data/DLA/list
===
--- data/DLA/list   2016-07-15 07:28:03 UTC (rev 43212)
+++ data/DLA/list   2016-07-15 07:29:46 UTC (rev 43213)
@@ -1384,7 +1384,7 @@
 [24 Nov 2014] DLA-92-1 tomcat-native - security update
[squeeze] - tomcat-native 1.1.31-1~deb6u1
 [23 Nov 2014] DLA-91-1 tomcat6 - security update
-   {CVE-2013-1571 CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033}
+   {CVE-2013-4286 CVE-2013-4322 CVE-2013-4590 CVE-2014-0033}
[squeeze] - tomcat6 6.0.41-2+squeeze5
 [22 Nov 2014] DLA-90-1 imagemagick - security update
{CVE-2014-8716}


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43212 - in data: CVE DLA

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 07:28:03 + (Fri, 15 Jul 2016)
New Revision: 43212

Modified:
   data/CVE/list
   data/DLA/list
Log:
Remove CVE-2015-0851 reference

opensaml2 is not affected by the CVE, but it needed a rebuild against a
fixed version of xmltooling. Thus keep the DLA entry but do not
reference the CVE as affecting the source package.

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 07:10:16 UTC (rev 43211)
+++ data/CVE/list   2016-07-15 07:28:03 UTC (rev 43212)
@@ -42775,7 +42775,7 @@
NOTE: 
http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.17&r2=1.18&pathrev=MAIN
NOTE: 
http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.18&r2=1.19&pathrev=MAIN
 CVE-2015-0851 (XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth 
...)
-   {DSA-3321-1 DLA-290-2 DLA-290-1}
+   {DSA-3321-1 DLA-290-1}
- xmltooling 1.5.6-1 (bug #793855)
NOTE: http://shibboleth.net/community/advisories/secadv_20150721.txt
NOTE: Patch: 
https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commitdiff;h=2d795c731e6729309044607154978696a87fd900

Modified: data/DLA/list
===
--- data/DLA/list   2016-07-15 07:10:16 UTC (rev 43211)
+++ data/DLA/list   2016-07-15 07:28:03 UTC (rev 43212)
@@ -775,7 +775,6 @@
 [12 Aug 2015] DLA-291-1 libidn - security update
[squeeze] - libidn 1.15-2+deb6u2
 [10 Aug 2015] DLA-290-2 opensaml2 - security update
-   {CVE-2015-0851}
[squeeze] - opensaml2 2.3-2+squeeze2
 [09 Aug 2015] DLA-290-1 xmltooling - security update
{CVE-2015-0851}


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r43211 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-15 07:10:16 + (Fri, 15 Jul 2016)
New Revision: 43211

Modified:
   data/CVE/list
Log:
CVE-2016-4346 only affects PHP7.x

Modified: data/CVE/list
===
--- data/CVE/list   2016-07-15 06:53:39 UTC (rev 43210)
+++ data/CVE/list   2016-07-15 07:10:16 UTC (rev 43211)
@@ -11662,10 +11662,10 @@
REJECTED
 CVE-2016-4346 (Integer overflow in the str_pad function in 
ext/standard/string.c in ...)
- php7.0 7.0.4-1
-   - php5 
+   - php5  (Only affects PHP7.x)
NOTE: https://bugs.php.net/bug.php?id=71637
NOTE: 
https://git.php.net/?p=php-src.git;a=commit;h=57b997ebf99e0eb9a073e0dafd2ab100bd4a112d
-   NOTE: Issue unfixed in 5.6.23, second reproducer script in upstream 
bugreport
+   NOTE: Reproducer: second test script 2.php in upstream bugreport
 CVE-2016-4345 (Integer overflow in the php_filter_encode_url function in ...)
- php7.0 7.0.4-1
- php5  (Only affects PHP7.x)


___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits