[Secure-testing-commits] r48644 - data/CVE
Author: fgeek-guest Date: 2017-02-01 07:15:36 + (Wed, 01 Feb 2017) New Revision: 48644 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2017-02-01 07:15:07 UTC (rev 48643) +++ data/CVE/list 2017-02-01 07:15:36 UTC (rev 48644) @@ -8022,6 +8022,7 @@ RESERVED CVE-2017-2766 RESERVED + NOT-FOR-US: EMC Documentum eRoom CVE-2017-2765 RESERVED CVE-2017-2764 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48643 - data/CVE
Author: fgeek-guest Date: 2017-02-01 07:15:07 + (Wed, 01 Feb 2017) New Revision: 48643 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2017-02-01 07:10:34 UTC (rev 48642) +++ data/CVE/list 2017-02-01 07:15:07 UTC (rev 48643) @@ -42854,23 +42854,24 @@ NOTE: Possibly introduced in http://git.qemu.org/?p=qemu.git;a=commit;h=4917cf44326a1bda2fd7f27303aff7a25ad86518 (v1.6.0-rc0) NOTE: kvmapic introduced after 1.0.50 (http://git.qemu.org/?p=qemu.git;a=commit;h=e5ad936b0fd7dfd7fd7908be6f9f1ca88f63b96b) CVE-2016-0930 (Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before ...) - TODO: check + NOT-FOR-US: Pivotal Cloud Foundry CVE-2016-0929 (The metrics-collection component in RabbitMQ for Pivotal Cloud Foundry ...) - TODO: check + NOT-FOR-US: Pivotal Cloud Foundry CVE-2016-0928 (Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) ...) - TODO: check + NOT-FOR-US: Pivotal Cloud Foundry CVE-2016-0927 (Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry ...) - TODO: check + NOT-FOR-US: Pivotal Cloud Foundry CVE-2016-0926 (Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal ...) - TODO: check + NOT-FOR-US: Pivotal Cloud Foundry CVE-2016-0925 (Cross-site scripting (XSS) vulnerability in the Case Management ...) NOT-FOR-US: EMC RSA Adaptive Authentication CVE-2016-0924 REJECTED + NOT-FOR-US: RSA BSAFE Micro Edition Suite CVE-2016-0923 (The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before ...) - TODO: check + NOT-FOR-US: RSA BSAFE Micro Edition Suite CVE-2016-0922 (EMC ViPR SRM before 3.7.2 does not restrict the number of ...) - TODO: check + NOT-FOR-US: EMC ViPR SRM CVE-2016-0921 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...) NOT-FOR-US: EMC Avamar CVE-2016-0920 (Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48642 - data/CVE
Author: fgeek-guest Date: 2017-02-01 07:10:34 + (Wed, 01 Feb 2017) New Revision: 48642 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2017-02-01 06:46:37 UTC (rev 48641) +++ data/CVE/list 2017-02-01 07:10:34 UTC (rev 48642) @@ -17176,12 +17176,14 @@ RESERVED CVE-2016-8528 RESERVED + NOT-FOR-US: HPE Helion Eucalyptus CVE-2016-8527 RESERVED CVE-2016-8526 RESERVED CVE-2016-8525 RESERVED + NOT-FOR-US: HPE iMC PLAT CVE-2016-8524 RESERVED CVE-2016-8523 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48641 - in data: . DLA
Author: apo Date: 2017-02-01 06:46:37 + (Wed, 01 Feb 2017) New Revision: 48641 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-813-1 for wordpress Modified: data/DLA/list === --- data/DLA/list 2017-02-01 04:54:42 UTC (rev 48640) +++ data/DLA/list 2017-02-01 06:46:37 UTC (rev 48641) @@ -1,3 +1,6 @@ +[01 Feb 2017] DLA-813-1 wordpress - security update + {CVE-2017-5488 CVE-2017-5489 CVE-2017-5490 CVE-2017-5491 CVE-2017-5492 CVE-2017-5493 CVE-2017-5610 CVE-2017-5611 CVE-2017-5612} + [wheezy] - wordpress 3.6.1+dfsg-1~deb7u13 [31 Jan 2017] DLA-812-1 ikiwiki - security update {CVE-2016-9646 CVE-2016-10026 CVE-2017-0356} [wheezy] - ikiwiki 3.20120629.2+deb7u2 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-02-01 04:54:42 UTC (rev 48640) +++ data/dla-needed.txt 2017-02-01 06:46:37 UTC (rev 48641) @@ -96,8 +96,6 @@ -- svgsalamander -- -wordpress (Markus Koschany) --- xen -- xrdp ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48640 - data/CVE
Author: apo Date: 2017-02-01 04:54:42 + (Wed, 01 Feb 2017) New Revision: 48640 Modified: data/CVE/list Log: CVE-2017-5487,wordpress: Mark as not-affected in Wheezy The vulnerable code was introduced later. Modified: data/CVE/list === --- data/CVE/list 2017-02-01 02:29:33 UTC (rev 48639) +++ data/CVE/list 2017-02-01 04:54:42 UTC (rev 48640) @@ -1226,6 +1226,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6 CVE-2017-5487 (wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in ...) - wordpress 4.7.1+dfsg-1 (bug #851310) + [wheezy] - wordpress (vulnerable code not present) NOTE: http://www.openwall.com/lists/oss-security/2017/01/14/1 NOTE: https://wpvulndb.com/vulnerabilities/8715 NOTE: https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48639 - data/CVE
Author: roberto Date: 2017-02-01 02:29:33 + (Wed, 01 Feb 2017) New Revision: 48639 Modified: data/CVE/list Log: Annotate CVE-2016-9138 [Use-after-free vulnerability in the CURLFile implementation] as not affecting wheezy Modified: data/CVE/list === --- data/CVE/list 2017-02-01 02:24:02 UTC (rev 48638) +++ data/CVE/list 2017-02-01 02:29:33 UTC (rev 48639) @@ -16504,6 +16504,7 @@ {DSA-3732-1} - php7.0 7.0.12-1 - php5 + [wheezy] - php5 (Vulnerable code not present in version 5.4.45) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73147 NOTE: http://www.openwall.com/lists/oss-security/2016/11/01/7 CVE-2016-9137 (Use-after-free vulnerability in the CURLFile implementation in ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48638 - data/CVE
Author: roberto Date: 2017-02-01 02:24:02 + (Wed, 01 Feb 2017) New Revision: 48638 Modified: data/CVE/list Log: Annotate CVE-2016-9137 [Use-after-free vulnerability in the CURLFile implementation] as not affecting wheezy Modified: data/CVE/list === --- data/CVE/list 2017-01-31 23:19:41 UTC (rev 48637) +++ data/CVE/list 2017-02-01 02:24:02 UTC (rev 48638) @@ -16510,6 +16510,7 @@ {DSA-3698-1} - php7.0 7.0.12-1 - php5 + [wheezy] - php5 (Vulnerable code not present in version 5.4.45) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73147 NOTE: http://git.php.net/?p=php-src.git;a=commit;h=0e6fe3a4c96be2d3e88389a5776f878021b4c59f NOTE: NOTE: Fixed in 7.0.12, 5.6.27 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48637 - in data: . CVE
Author: rbalint Date: 2017-01-31 23:19:41 + (Tue, 31 Jan 2017) New Revision: 48637 Modified: data/CVE/list data/dla-needed.txt Log: mysql-connector-python in not affected by CVE-2016-5598 in wheezy Modified: data/CVE/list === --- data/CVE/list 2017-01-31 22:25:11 UTC (rev 48636) +++ data/CVE/list 2017-01-31 23:19:41 UTC (rev 48637) @@ -26882,6 +26882,7 @@ NOT-FOR-US: Oracle CVE-2016-5598 (Unspecified vulnerability in the MySQL Connector component 2.1.3 and ...) - mysql-connector-python 2.1.5-1 (bug #841677) + [wheezy] - mysql-connector-python (Only the Python 3 code is affected which is not shipped in binary package) NOTE: https://blog.qualys.com/laws-of-vulnerabilities/2016/10/18/oracle-october-2016-critical-patch-update CVE-2016-5597 (Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and ...) {DSA-3707-1 DLA-704-1} Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 22:25:11 UTC (rev 48636) +++ data/dla-needed.txt 2017-01-31 23:19:41 UTC (rev 48637) @@ -69,9 +69,6 @@ -- mysql-5.5 (Balint Reczey) -- -mysql-connector-python (Balint Reczey) - NOTE: see http://bugs.debian.org/841677 for current discussion --- openjdk-7 (Emilio Pozuelo) -- openssl (Emilio Pozuelo) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48636 - data
Author: rbalint Date: 2017-01-31 22:25:11 + (Tue, 31 Jan 2017) New Revision: 48636 Modified: data/dla-needed.txt Log: Claim mysql-connector-python for DLA Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 22:18:37 UTC (rev 48635) +++ data/dla-needed.txt 2017-01-31 22:25:11 UTC (rev 48636) @@ -69,7 +69,7 @@ -- mysql-5.5 (Balint Reczey) -- -mysql-connector-python +mysql-connector-python (Balint Reczey) NOTE: see http://bugs.debian.org/841677 for current discussion -- openjdk-7 (Emilio Pozuelo) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48635 - data/CVE
Author: jmm Date: 2017-01-31 22:18:37 + (Tue, 31 Jan 2017) New Revision: 48635 Modified: data/CVE/list Log: libav triage Modified: data/CVE/list === --- data/CVE/list 2017-01-31 21:13:45 UTC (rev 48634) +++ data/CVE/list 2017-01-31 22:18:37 UTC (rev 48635) @@ -7610,12 +7610,12 @@ NOTE: https://blogs.gentoo.org/ago/2016/12/01/libming-listswf-heap-based-buffer-overflow-in-_iprintf-outputtxt-c CVE-2016-9826 RESERVED - - libav + - libav (unimportant) NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer NOTE: https://github.com/asarubbo/poc/blob/master/00041-libav-leftshift-ituh263dec_c CVE-2016-9825 RESERVED - - libav + - libav (unimportant) NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer NOTE: https://github.com/asarubbo/poc/blob/master/00040-libav-leftshift-utils_c CVE-2016-9824 @@ -7634,24 +7634,36 @@ - libav NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer NOTE: https://github.com/asarubbo/poc/blob/master/00037-libav-signedintoverflow-mpegvideo_parser + NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981 + NOTE: https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33 (pre 11.9) + NOTE: https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0 (pre 11.9) CVE-2016-9821 RESERVED {DLA-791-1} - libav NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer NOTE: https://github.com/asarubbo/poc/blob/master/00037-libav-signedintoverflow-mpegvideo_parser + NOTE: https://bugzilla.libav.org/show_bug.cgi?id=981 + NOTE: https://git.libav.org/?p=libav.git;a=commit;h=9f0193c778175cea3fb43f17acf9b90b4d862d33 (pre 11.9) + NOTE: https://git.libav.org/?p=libav.git;a=commit;h=15e1af0006354d6bbf0e433c5d1e8ef13c93d6d0 (pre 11.9) CVE-2016-9820 RESERVED {DLA-791-1} - - libav + - libav (unimportant) NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer NOTE: https://github.com/asarubbo/poc/blob/master/00036-libav-leftshift-mpegvideo + NOTE: https://bugzilla.libav.org/show_bug.cgi?id=980 + NOTE: https://git.libav.org/?p=libav.git;a=commit;h=e17bcfbecc268ba00cb55025095d70b1025e6c7d (pre 11.9) + NOTE: https://git.libav.org/?p=libav.git;a=commit;h=f106f74206e69e9056130da8bddffc39f3878ac3 (pre 11.9) CVE-2016-9819 RESERVED {DLA-791-1} - - libav + - libav (unimportant) NOTE: https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer NOTE: https://github.com/asarubbo/poc/blob/master/00036-libav-leftshift-mpegvideo + NOTE: https://bugzilla.libav.org/show_bug.cgi?id=980 + NOTE: https://git.libav.org/?p=libav.git;a=commit;h=e17bcfbecc268ba00cb55025095d70b1025e6c7d (pre 11.9) + NOTE: https://git.libav.org/?p=libav.git;a=commit;h=f106f74206e69e9056130da8bddffc39f3878ac3 (pre 11.9) CVE-2016-9818 RESERVED - xen 4.8.0-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48634 - data
Author: alteholz Date: 2017-01-31 21:13:45 + (Tue, 31 Jan 2017) New Revision: 48634 Modified: data/dla-needed.txt Log: take bitlbee Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 21:10:48 UTC (rev 48633) +++ data/dla-needed.txt 2017-01-31 21:13:45 UTC (rev 48634) @@ -14,7 +14,7 @@ NOTE: update needs testing in https://lists.debian.org/87fukh7hcq@curie.anarc.at NOTE: ready to upload after smoke tests, read the above thread. -- -bitlbee +bitlbee (Thorsten Alteholz) -- calibre NOTE: We will need to investigate the issue much further. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48633 - data
Author: pochu Date: 2017-01-31 21:10:48 + (Tue, 31 Jan 2017) New Revision: 48633 Modified: data/dla-needed.txt Log: dla: claim openssl Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 21:10:13 UTC (rev 48632) +++ data/dla-needed.txt 2017-01-31 21:10:48 UTC (rev 48633) @@ -74,9 +74,7 @@ -- openjdk-7 (Emilio Pozuelo) -- -openssl - NOTE: jessie is marked as the issue is minor enough to wait - NOTE: for the next round of updates (last check: 2017-01-16) +openssl (Emilio Pozuelo) -- php5 (Roberto C. Sánchez) Next upload: ASAP (we're behind jessie) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48632 - data/CVE
Author: sectracker Date: 2017-01-31 21:10:13 + (Tue, 31 Jan 2017) New Revision: 48632 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-01-31 20:46:30 UTC (rev 48631) +++ data/CVE/list 2017-01-31 21:10:13 UTC (rev 48632) @@ -1,8 +1,10 @@ CVE-2017-5666 [invalid free in free_options (options_manager.c)] + RESERVED - mp3splt NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c NOTE: https://sourceforge.net/p/mp3splt/bugs/209/ CVE-2017-5665 [NULL pointer dereference in splt_cue_export_to_file (cue.c)] + RESERVED - mp3splt (unimportant) NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c NOTE: https://sourceforge.net/p/mp3splt/bugs/209/ @@ -110,6 +112,7 @@ CVE-2017-5602 RESERVED CVE-2017-5601 (An error in the lha_read_file_header_1() function ...) + {DLA-810-1} - libarchive 3.2.1-6 (bug #853278) [jessie] - libarchive (Minor issue) NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9 @@ -143,12 +146,14 @@ CVE-2004-2778 RESERVED CVE-2017-5667 [sd: sdhci OOB access during multi block SDMA transfer] + RESERVED - qemu - qemu-kvm NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06191.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417559 NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/2 CVE-2017-5668 [Incomplete fix for "Null pointer dereference with file transfer request from unknown contacts"] + RESERVED - bitlbee (bug #853282) [jessie] - bitlbee (Incomplete fix for CVE-2016-10189 not applied) [wheezy] - bitlbee (Incomplete fix for CVE-2016-10189 not applied) @@ -157,6 +162,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4 NOTE: This CVE exists because of an incomplete fix for CVE-2016-10189 CVE-2016-10189 [Null pointer dereference with file transfer request from unknown contacts] + RESERVED - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1282 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f (3.5) @@ -165,6 +171,7 @@ NOTE: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441 NOTE: to not open CVE-2017-5668 CVE-2016-10188 [bitlbee-libpurple: Use after free when expiring file transfer requests] + RESERVED - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1281 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/ea902752503fc5b356d6513911081ec932d804f2 (3.5) @@ -178,6 +185,7 @@ NOTE: https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863 (0.9.44.6) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/4 CVE-2016-10187 [javascript in books can access files on the computer using XMLHttpRequest] + RESERVED - calibre 2.75.1+dfsg-1 (bug #853004) NOTE: Upstream report: https://launchpad.net/bugs/1651728 NOTE: Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c @@ -245,7 +253,7 @@ RESERVED CVE-2016-10173 [directory traversal vulnerability] RESERVED - {DLA-808-1} + {DSA-3778-1 DLA-808-1} - ruby-minitar 0.5.4-3.1 (bug #853075) - ruby-archive-tar-minitar (bug #853249) NOTE: https://github.com/halostatue/minitar/issues/16 @@ -277,13 +285,14 @@ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10166 [Fix potential unsigned underflow] RESERVED + {DSA-3777-1} - libgd2 2.2.4-1 [wheezy] - libgd2 (Vulnerable code not present) NOTE: https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35 NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1 CVE-2016-10167 [Fix DOS vulnerability in gdImageCreateFromGd2Ctx()] RESERVED - {DLA-804-1} + {DSA-3777-1 DLA-804-1} - php7.1 7.1.1-1 (unimportant) - php7.0 7.0.15-1 (unimportant) - php5 (unimportant) @@ -294,7 +303,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1 CVE-2016-10168 [Fix #354: Signed Integer Overflow gd_io.c] RESERVED - {DLA-804-1} + {DSA-3777-1 DLA-804-1} - php7.1 7.1.1-1 (unimportant) - php7.0 7.0.15-1 (unimportant) - php5 (unimportant) @@ -463,6 +472,7 @@ CVE-2017-5553 (Cross-site scripting (XSS) vulnerability in ...) - b2evolution CVE-2017-5545 (The main function in plistutil.c
[Secure-testing-commits] r48631 - in data: . CVE
Author: rbalint Date: 2017-01-31 20:46:30 + (Tue, 31 Jan 2017) New Revision: 48631 Modified: data/CVE/list data/dla-needed.txt Log: wavpack's issues don't affect wheezy The first part of the upstream patch is not needed since the code is very different and not vulnerable. The second part applies, but does not make any difference when trying the exploits. Tested with valgrind on Wheezy. Modified: data/CVE/list === --- data/CVE/list 2017-01-31 20:10:36 UTC (rev 48630) +++ data/CVE/list 2017-01-31 20:46:30 UTC (rev 48631) @@ -260,16 +260,19 @@ CVE-2016-10171 [heap out of bounds read in unreorder_channels / wvunpack.c] RESERVED - wavpack 5.0.0-2 (bug #853076) + [wheezy] - wavpack (Vulnerable code not present) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561939/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10170 [heap out of bounds read in WriteCaffHeader / caff.c] RESERVED - wavpack 5.0.0-2 (bug #853076) + [wheezy] - wavpack (Vulnerable code not present) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561921/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10169 [global buffer overread in read_code / read_words.c] RESERVED - wavpack 5.0.0-2 (bug #853076) + [wheezy] - wavpack (Vulnerable code not present) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35557889/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10166 [Fix potential unsigned underflow] Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 20:10:36 UTC (rev 48630) +++ data/dla-needed.txt 2017-01-31 20:46:30 UTC (rev 48631) @@ -101,11 +101,6 @@ -- svgsalamander -- -wavpack (Balint Reczey) - NOTE: the provided testcases don't crash but this hunk - NOTE: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc#diff-bc1807cb462afb05056502f77834c6ebR291 - NOTE: is missing in the wheezy version --- wordpress (Markus Koschany) -- xen ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48630 - in data: . DLA
Author: pochu Date: 2017-01-31 20:10:36 + (Tue, 31 Jan 2017) New Revision: 48630 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-812-1 for ikiwiki Modified: data/DLA/list === --- data/DLA/list 2017-01-31 19:58:39 UTC (rev 48629) +++ data/DLA/list 2017-01-31 20:10:36 UTC (rev 48630) @@ -1,3 +1,6 @@ +[31 Jan 2017] DLA-812-1 ikiwiki - security update + {CVE-2016-9646 CVE-2016-10026 CVE-2017-0356} + [wheezy] - ikiwiki 3.20120629.2+deb7u2 [31 Jan 2017] DLA-811-1 libplist - security update {CVE-2017-5209 CVE-2017-5545} [wheezy] - libplist 1.8-1+deb7u1 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 19:58:39 UTC (rev 48629) +++ data/dla-needed.txt 2017-01-31 20:10:36 UTC (rev 48630) @@ -39,11 +39,6 @@ NOTE: maintainer currenlty planx to rename to thunderbird with the next NOTE: upstream version (#851989). Jessie / Wheezy should do the same. -- -ikiwiki (Emilio Pozuelo) - NOTE: CVE-2016-9646, CVE-2016-10026 were minor but CVE-2017-0356 is rather bad - NOTE: maintainer has prepared a backport, LTS team please test/release - NOTE: https://lists.debian.org/debian-lts/2017/01/msg00059.html --- jasper (Thorsten Alteholz) NOTE: no upstream fixes yet -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48629 - data/CVE
Author: nluedtke-guest Date: 2017-01-31 19:58:39 + (Tue, 31 Jan 2017) New Revision: 48629 Modified: data/CVE/list Log: Correct some typo's Modified: data/CVE/list === --- data/CVE/list 2017-01-31 19:57:55 UTC (rev 48628) +++ data/CVE/list 2017-01-31 19:58:39 UTC (rev 48629) @@ -15939,7 +15939,7 @@ NOTE: docker.io not directly affected but will need to be updated to include new runc version NOTE: runc: "ambient capabilities" functionality added upstream with https://github.com/opencontainers/runc/pull/1086 NOTE: and later changes. - NOTE: The acctual fix seem to be to revert the commit witch introduced ambient capabilities + NOTE: The actual fix seem to be to revert the commit which introduced ambient capabilities NOTE: in runc. CVE-2016-8865 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48628 - in data: . DLA
Author: pochu Date: 2017-01-31 19:57:55 + (Tue, 31 Jan 2017) New Revision: 48628 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-811-1 for libplist Modified: data/DLA/list === --- data/DLA/list 2017-01-31 19:52:16 UTC (rev 48627) +++ data/DLA/list 2017-01-31 19:57:55 UTC (rev 48628) @@ -1,3 +1,6 @@ +[31 Jan 2017] DLA-811-1 libplist - security update + {CVE-2017-5209 CVE-2017-5545} + [wheezy] - libplist 1.8-1+deb7u1 [31 Jan 2017] DLA-810-1 libarchive - security update {CVE-2017-5601} [wheezy] - libarchive 3.0.4-3+wheezy5+deb7u1 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 19:52:16 UTC (rev 48627) +++ data/dla-needed.txt 2017-01-31 19:57:55 UTC (rev 48628) @@ -62,8 +62,6 @@ -- libphp-phpmailer -- -libplist (Emilio Pozuelo) --- libxml-twig-perl NOTE: no upstream fix yet (as of 2017-01-20) for expand_external_ents NOTE: but new no_xxe flag in 3.50 that could be backported ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48627 - in data: . DSA
Author: carnil Date: 2017-01-31 19:52:16 + (Tue, 31 Jan 2017) New Revision: 48627 Modified: data/DSA/list data/dsa-needed.txt Log: Reserve DSA number for ruby-archive-tar-minitar Modified: data/DSA/list === --- data/DSA/list 2017-01-31 19:32:08 UTC (rev 48626) +++ data/DSA/list 2017-01-31 19:52:16 UTC (rev 48627) @@ -1,3 +1,6 @@ +[31 Jan 2017] DSA-3778-1 ruby-archive-tar-minitar - security update + {CVE-2016-10173} + [jessie] - ruby-archive-tar-minitar 0.5.2-2+deb8u1 [31 Jan 2017] DSA-3777-1 libgd2 - security update {CVE-2016-6906 CVE-2016-6912 CVE-2016-9317 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168} [jessie] - libgd2 2.1.0-5+deb8u9 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-01-31 19:32:08 UTC (rev 48626) +++ data/dsa-needed.txt 2017-01-31 19:52:16 UTC (rev 48627) @@ -45,10 +45,6 @@ qemu Maintainer asked to prepare updates -- -ruby-archive-tar-minitar (carnil) - NOTE: will wait a bit before fix migrates to testing and to see -if any report is raised --- spip -- wordpress (seb) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48626 - data/CVE
Author: carnil Date: 2017-01-31 19:32:08 + (Tue, 31 Jan 2017) New Revision: 48626 Modified: data/CVE/list Log: Add more information about one firejail issue Modified: data/CVE/list === --- data/CVE/list 2017-01-31 18:37:33 UTC (rev 48625) +++ data/CVE/list 2017-01-31 19:32:08 UTC (rev 48626) @@ -174,6 +174,8 @@ NOTE: Changelog mentions the new fix for CVE-2017-5180 in RELNOTES for 0.9.44.6 NOTE: an needs series of commits after 0.9.44.4 NOTE: https://github.com/netblue30/firejail/blob/0.9.44.6/RELNOTES + NOTE: https://github.com/netblue30/firejail/commit/38d418505e9ee2d326557e5639e8da49c298858f (0.9.44.6) + NOTE: https://github.com/netblue30/firejail/commit/b8a4ff9775318ca5e679183884a6a63f3da8f863 (0.9.44.6) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/4 CVE-2016-10187 [javascript in books can access files on the computer using XMLHttpRequest] - calibre 2.75.1+dfsg-1 (bug #853004) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48625 - data/CVE
Author: alteholz Date: 2017-01-31 18:37:33 + (Tue, 31 Jan 2017) New Revision: 48625 Modified: data/CVE/list Log: mark some Microsoft issues as NOT-FOR-US: Modified: data/CVE/list === --- data/CVE/list 2017-01-31 18:14:40 UTC (rev 48624) +++ data/CVE/list 2017-01-31 18:37:33 UTC (rev 48625) @@ -18720,9 +18720,9 @@ CVE-2017-0004 (The Local Security Authority Subsystem Service (LSASS) in Microsoft ...) TODO: check CVE-2017-0003 (Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-0002 (Microsoft Edge allows remote attackers to bypass the Same Origin ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2017-0001 RESERVED CVE-2016-8200 @@ -20998,11 +20998,11 @@ CVE-2016-7299 RESERVED CVE-2016-7298 (Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7297 (The scripting engines in Microsoft Edge allow remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7296 (The scripting engines in Microsoft Edge allow remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7295 (The Common Log File System (CLFS) driver in Microsoft Windows Vista ...) TODO: check CVE-2016-7294 @@ -21012,45 +21012,45 @@ CVE-2016-7292 (The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 ...) TODO: check CVE-2016-7291 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7290 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7289 (Microsoft Publisher 2010 SP2 allows remote attackers to execute ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7288 (The scripting engines in Microsoft Edge allow remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7287 (The scripting engines in Microsoft Internet Explorer 11 and Microsoft ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7286 (The scripting engines in Microsoft Edge allow remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7285 RESERVED CVE-2016-7284 (Microsoft Internet Explorer 10 and 11 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7283 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7282 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7281 (The Web Workers implementation in Microsoft Internet Explorer 10 and ...) TODO: check CVE-2016-7280 (Cross-site scripting (XSS) vulnerability in Microsoft Edge allows ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7279 (Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7278 (Microsoft Internet Explorer 9 through 11 allows remote attackers to ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7277 (Microsoft Office 2016 allows remote attackers to execute arbitrary ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7276 (Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7275 (Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7274 (Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7273 (The Graphics component in Microsoft Windows 10 Gold, 1511, and 1607 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7272 (The Graphics component in Microsoft Windows Vista SP2, Windows Server ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7271 (The Secure Kernel Mode implementation in Microsoft Windows 10 Gold, ...) TODO: check CVE-2016-7270 (The Data Provider for SQL Server in Microsoft .NET Framework 4.6.2 ...) @@ -21058,19 +21058,19 @@ CVE-2016-7269 RESERVED CVE-2016-7268 (Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7267 (Microsoft Excel 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 misparses ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7266 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...) - TODO: check + NOT-FOR-US: Microsoft CVE-2016-7265 (Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 ...) - TODO: chec
[Secure-testing-commits] r48624 - in data: . DSA
Author: carnil Date: 2017-01-31 18:14:40 + (Tue, 31 Jan 2017) New Revision: 48624 Modified: data/DSA/list data/dsa-needed.txt Log: Reserve DSA number for libgd2 update Modified: data/DSA/list === --- data/DSA/list 2017-01-31 18:10:45 UTC (rev 48623) +++ data/DSA/list 2017-01-31 18:14:40 UTC (rev 48624) @@ -1,3 +1,6 @@ +[31 Jan 2017] DSA-3777-1 libgd2 - security update + {CVE-2016-6906 CVE-2016-6912 CVE-2016-9317 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168} + [jessie] - libgd2 2.1.0-5+deb8u9 [31 Jan 2017] DSA-3776-1 chromium-browser - security update {CVE-2017-5006 CVE-2017-5007 CVE-2017-5008 CVE-2017-5009 CVE-2017-5010 CVE-2017-5011 CVE-2017-5012 CVE-2017-5013 CVE-2017-5014 CVE-2017-5015 CVE-2017-5016 CVE-2017-5017 CVE-2017-5018 CVE-2017-5019 CVE-2017-5020 CVE-2017-5021 CVE-2017-5022 CVE-2017-5023 CVE-2017-5024 CVE-2017-5025 CVE-2017-5026} [jessie] - chromium-browser 56.0.2924.76-1~deb8u1 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-01-31 18:10:45 UTC (rev 48623) +++ data/dsa-needed.txt 2017-01-31 18:14:40 UTC (rev 48624) @@ -27,9 +27,6 @@ -- jasper (jmm) -- -libgd2 (carnil) - Maintainer prepared update --- libical -- libxml2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48623 - data
Author: carnil Date: 2017-01-31 18:10:45 + (Tue, 31 Jan 2017) New Revision: 48623 Modified: data/dsa-needed.txt Log: Take libgd2 from dsa-needed Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-01-31 18:00:46 UTC (rev 48622) +++ data/dsa-needed.txt 2017-01-31 18:10:45 UTC (rev 48623) @@ -27,7 +27,7 @@ -- jasper (jmm) -- -libgd2 +libgd2 (carnil) Maintainer prepared update -- libical ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48622 - data/CVE
Author: jmm Date: 2017-01-31 18:00:46 + (Tue, 31 Jan 2017) New Revision: 48622 Modified: data/CVE/list Log: android NFUs Modified: data/CVE/list === --- data/CVE/list 2017-01-31 17:12:47 UTC (rev 48621) +++ data/CVE/list 2017-01-31 18:00:46 UTC (rev 48622) @@ -12852,9 +12852,9 @@ CVE-2017-0405 RESERVED CVE-2017-0404 (An elevation of privilege vulnerability in the kernel sound subsystem ...) - - linux + - linux (Android-specific sound system) CVE-2017-0403 (An elevation of privilege vulnerability in the kernel performance ...) - - linux + - linux (Android-specific performance subsystem) CVE-2017-0402 (An information disclosure vulnerability in ...) NOT-FOR-US: Android Audioserver CVE-2017-0401 (An information disclosure vulnerability in ...) @@ -12866,7 +12866,7 @@ CVE-2017-0398 (An information disclosure vulnerability in Audioserver could enable a ...) NOT-FOR-US: Android Audioserver CVE-2017-0397 (An information disclosure vulnerability in id3/ID3.cpp in ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2017-0396 (An information disclosure vulnerability in ...) NOT-FOR-US: Android Mediaserver CVE-2017-0395 (An elevation of privilege vulnerability in Contacts could enable a ...) @@ -12874,11 +12874,11 @@ CVE-2017-0394 (A denial of service vulnerability in Telephony could enable a remote ...) NOT-FOR-US: Android Telephony CVE-2017-0393 (A denial of service vulnerability in libvpx in Mediaserver could ...) - TODO: check + TODO: check, potentially libvpx CVE-2017-0392 (A denial of service vulnerability in VBRISeeker.cpp in libstagefright ...) NOT-FOR-US: libstagefright CVE-2017-0391 (A denial of service vulnerability in decoder/ihevcd_decode.c in ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2017-0390 (A denial of service vulnerability in Tremolo/dpen.s in Mediaserver ...) NOT-FOR-US: Android Mediaserver CVE-2017-0389 (A denial of service vulnerability in core networking could enable a ...) @@ -17378,7 +17378,7 @@ CVE-2016-8459 (Possible buffer overflow in storage subsystem. Bad parameters as part ...) NOT-FOR-US: Qualcomm component for Android CVE-2016-8458 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) - - linux + NOT-FOR-US: Synaptics driver for Android CVE-2016-8457 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) NOT-FOR-US: Broadcom Wi-Fi driver for Android CVE-2016-8456 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...) @@ -17392,7 +17392,7 @@ CVE-2016-8452 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-8451 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) - - linux + NOT-FOR-US: Synaptics driver for Android CVE-2016-8450 (An elevation of privilege vulnerability in the Qualcomm sound driver ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-8449 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...) @@ -22701,13 +22701,13 @@ CVE-2016-6768 (A remote code execution vulnerability in the Framesequence library ...) TODO: check CVE-2016-6767 (A denial of service vulnerability in Mediaserver could enable an ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-6766 (A denial of service vulnerability in libmedia and libstagefright in ...) NOT-FOR-US: libstagefright CVE-2016-6765 (A denial of service vulnerability in libstagefright in Mediaserver ...) NOT-FOR-US: libstagefright CVE-2016-6764 (A denial of service vulnerability in Mediaserver could enable an ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-6763 (A denial of service vulnerability in Telephony could enable a local ...) TODO: check CVE-2016-6762 (An elevation of privilege vulnerability in the libziparchive library ...) @@ -22741,17 +22741,17 @@ CVE-2016-6748 (An information disclosure vulnerability in Qualcomm components ...) NOT-FOR-US: Qualcomm driver for Android CVE-2016-6747 (A denial of service vulnerability in Mediaserver in Android before ...) - TODO: check + NOT-FOR-US: Android Mediaserver CVE-2016-6746 (An information disclosure vulnerability in the NVIDIA GPU driver in ...) - TODO: check + NOT-FOR-US: Nvidia driver for Android CVE-2016-6745 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) - TODO: check + NOT-FOR-US: Synaptics driver for Android CVE-2016-6744 (An elevation of privilege vulnerability in the Synaptics touchscreen ...) - TODO: check + NOT-FOR-US: Synaptics driver for Android CVE-2016-6743 (An elevation of privilege vulnerabilit
[Secure-testing-commits] r48620 - data/CVE
Author: jmm Date: 2017-01-31 17:11:25 + (Tue, 31 Jan 2017) New Revision: 48620 Modified: data/CVE/list Log: kf5-messagelib n/a Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:34:35 UTC (rev 48619) +++ data/CVE/list 2017-01-31 17:11:25 UTC (rev 48620) @@ -19273,7 +19273,7 @@ [jessie] - libass (Minor issue) NOTE: https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7d067bded3fc26 CVE-2016-7968 (KMail since version 5.3.0 used a QWebEngine based viewer that had ...) - - kf5-messagelib (bug #853241) + - kf5-messagelib (Doesn't use qtwebengine, see bug #853241) NOTE: https://www.kde.org/info/security/advisory-20161006-3.txt NOTE: Would by fixed by: https://cgit.kde.org/messagelib.git/commit/?id=f601f9ffb706f7d3a5893b04f067a1f75da62c99 NOTE: and building with Qt 5.7.0. @@ -19286,7 +19286,7 @@ NOTE: The issue is mitigated with the fixes applied for CVE-2016-7966, and a NOTE: user protected from this CVE by only viewing plain text mails. CVE-2016-7967 (KMail since version 5.3.0 used a QWebEngine based viewer that had ...) - - kf5-messagelib (bug #853241) + - kf5-messagelib (Doesn't use qtwebengine, see bug #853241) NOTE: https://www.kde.org/info/security/advisory-20161006-2.txt NOTE: Fixed by: https://cgit.kde.org/messagelib.git/commit/?id=dfc6a86f1b25f1da04b8f1df5320fcdd7085bcc1 (16.11.80) NOTE: The issue is mitigated with the fixes applied for CVE-2016-7966, and a ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48621 - data/CVE
Author: jmm Date: 2017-01-31 17:12:47 + (Tue, 31 Jan 2017) New Revision: 48621 Modified: data/CVE/list Log: mp3splt issue unimportant Modified: data/CVE/list === --- data/CVE/list 2017-01-31 17:11:25 UTC (rev 48620) +++ data/CVE/list 2017-01-31 17:12:47 UTC (rev 48621) @@ -3,9 +3,10 @@ NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c NOTE: https://sourceforge.net/p/mp3splt/bugs/209/ CVE-2017-5665 [NULL pointer dereference in splt_cue_export_to_file (cue.c)] - - mp3splt + - mp3splt (unimportant) NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c NOTE: https://sourceforge.net/p/mp3splt/bugs/209/ + NOTE: No security impact, crash in CLI tool CVE-2017-5664 RESERVED CVE-2017-5663 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48618 - data/CVE
Author: carnil Date: 2017-01-31 16:33:26 + (Tue, 31 Jan 2017) New Revision: 48618 Modified: data/CVE/list Log: Add CVE-2017-5666/mp3splt Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:31:28 UTC (rev 48617) +++ data/CVE/list 2017-01-31 16:33:26 UTC (rev 48618) @@ -1,3 +1,7 @@ +CVE-2017-5666 [invalid free in free_options (options_manager.c)] + - mp3splt + NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c + NOTE: https://sourceforge.net/p/mp3splt/bugs/209/ CVE-2017-5664 RESERVED CVE-2017-5663 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48619 - data/CVE
Author: carnil Date: 2017-01-31 16:34:35 + (Tue, 31 Jan 2017) New Revision: 48619 Modified: data/CVE/list Log: Add CVE-2017-5665/mp3splt Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:33:26 UTC (rev 48618) +++ data/CVE/list 2017-01-31 16:34:35 UTC (rev 48619) @@ -2,6 +2,10 @@ - mp3splt NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c NOTE: https://sourceforge.net/p/mp3splt/bugs/209/ +CVE-2017-5665 [NULL pointer dereference in splt_cue_export_to_file (cue.c)] + - mp3splt + NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c + NOTE: https://sourceforge.net/p/mp3splt/bugs/209/ CVE-2017-5664 RESERVED CVE-2017-5663 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48617 - data/CVE
Author: carnil Date: 2017-01-31 16:31:28 + (Tue, 31 Jan 2017) New Revision: 48617 Modified: data/CVE/list Log: Reference full commit id Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:19:12 UTC (rev 48616) +++ data/CVE/list 2017-01-31 16:31:28 UTC (rev 48617) @@ -169,7 +169,7 @@ CVE-2016-10187 [javascript in books can access files on the computer using XMLHttpRequest] - calibre 2.75.1+dfsg-1 (bug #853004) NOTE: Upstream report: https://launchpad.net/bugs/1651728 - NOTE: upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8 + NOTE: Upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8cce0449d1758eee585ed0d0433c NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/8 CVE-2017- [use after free in libmysqlclient.so] - mariadb-10.1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48616 - data/CVE
Author: carnil Date: 2017-01-31 16:19:12 + (Tue, 31 Jan 2017) New Revision: 48616 Modified: data/CVE/list Log: CVE-2017-5668/bitlbee assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:19:02 UTC (rev 48615) +++ data/CVE/list 2017-01-31 16:19:12 UTC (rev 48616) @@ -139,16 +139,22 @@ NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06191.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417559 NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/2 -CVE-2017- [Incomplete fix for "Null pointer dereference with file transfer request from unknown contacts"] +CVE-2017-5668 [Incomplete fix for "Null pointer dereference with file transfer request from unknown contacts"] - bitlbee (bug #853282) + [jessie] - bitlbee (Incomplete fix for CVE-2016-10189 not applied) + [wheezy] - bitlbee (Incomplete fix for CVE-2016-10189 not applied) NOTE: https://bugs.bitlbee.org/ticket/1282 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441 (3.5.1) - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/4 + NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4 + NOTE: This CVE exists because of an incomplete fix for CVE-2016-10189 CVE-2016-10189 [Null pointer dereference with file transfer request from unknown contacts] - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1282 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f (3.5) NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4 + NOTE: When fixing this CVE make sure to apply as well + NOTE: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441 + NOTE: to not open CVE-2017-5668 CVE-2016-10188 [bitlbee-libpurple: Use after free when expiring file transfer requests] - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1281 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48615 - data/CVE
Author: carnil Date: 2017-01-31 16:19:02 + (Tue, 31 Jan 2017) New Revision: 48615 Modified: data/CVE/list Log: CVE-2016-10189/bitlbee assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:16:30 UTC (rev 48614) +++ data/CVE/list 2017-01-31 16:19:02 UTC (rev 48615) @@ -144,11 +144,11 @@ NOTE: https://bugs.bitlbee.org/ticket/1282 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441 (3.5.1) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/4 -CVE-2017- [Null pointer dereference with file transfer request from unknown contacts] +CVE-2016-10189 [Null pointer dereference with file transfer request from unknown contacts] - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1282 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f (3.5) - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/4 + NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4 CVE-2016-10188 [bitlbee-libpurple: Use after free when expiring file transfer requests] - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1281 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48614 - data/CVE
Author: carnil Date: 2017-01-31 16:16:30 + (Tue, 31 Jan 2017) New Revision: 48614 Modified: data/CVE/list Log: CVE-2016-10188/bitlbee assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:13:52 UTC (rev 48613) +++ data/CVE/list 2017-01-31 16:16:30 UTC (rev 48614) @@ -149,11 +149,11 @@ NOTE: https://bugs.bitlbee.org/ticket/1282 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f (3.5) NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/4 -CVE-2017- [bitlbee-libpurple: Use after free when expiring file transfer requests] +CVE-2016-10188 [bitlbee-libpurple: Use after free when expiring file transfer requests] - bitlbee 3.5-1 NOTE: https://bugs.bitlbee.org/ticket/1281 NOTE: Fixed by: https://github.com/bitlbee/bitlbee/commit/ea902752503fc5b356d6513911081ec932d804f2 (3.5) - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/4 + NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/4 CVE-2017- [Incomplete fix for CVE-2017-5180] - firejail 0.9.44.6-1 NOTE: Changelog mentions the new fix for CVE-2017-5180 in RELNOTES for 0.9.44.6 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48613 - data/CVE
Author: carnil Date: 2017-01-31 16:13:52 + (Tue, 31 Jan 2017) New Revision: 48613 Modified: data/CVE/list Log: CVE-2017-5667/qemu assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:13:02 UTC (rev 48612) +++ data/CVE/list 2017-01-31 16:13:52 UTC (rev 48613) @@ -133,12 +133,12 @@ NOT-FOR-US: Netgear CVE-2004-2778 RESERVED -CVE-2017- [sd: sdhci OOB access during multi block SDMA transfer] +CVE-2017-5667 [sd: sdhci OOB access during multi block SDMA transfer] - qemu - qemu-kvm NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06191.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417559 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/30/2 + NOTE: http://www.openwall.com/lists/oss-security/2017/01/30/2 CVE-2017- [Incomplete fix for "Null pointer dereference with file transfer request from unknown contacts"] - bitlbee (bug #853282) NOTE: https://bugs.bitlbee.org/ticket/1282 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48612 - data/CVE
Author: carnil Date: 2017-01-31 16:13:02 + (Tue, 31 Jan 2017) New Revision: 48612 Modified: data/CVE/list Log: Remove annotation for pending CVE request Modified: data/CVE/list === --- data/CVE/list 2017-01-31 15:31:12 UTC (rev 48611) +++ data/CVE/list 2017-01-31 16:13:02 UTC (rev 48612) @@ -164,7 +164,7 @@ - calibre 2.75.1+dfsg-1 (bug #853004) NOTE: Upstream report: https://launchpad.net/bugs/1651728 NOTE: upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/8 + NOTE: http://www.openwall.com/lists/oss-security/2017/01/29/8 CVE-2017- [use after free in libmysqlclient.so] - mariadb-10.1 - mariadb-10.0 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48611 - data/CVE
Author: anarcat Date: 2017-01-31 15:31:12 + (Tue, 31 Jan 2017) New Revision: 48611 Modified: data/CVE/list Log: use issued CVE ID for claibre bug #853004 Modified: data/CVE/list === --- data/CVE/list 2017-01-31 13:10:24 UTC (rev 48610) +++ data/CVE/list 2017-01-31 15:31:12 UTC (rev 48611) @@ -160,7 +160,7 @@ NOTE: an needs series of commits after 0.9.44.4 NOTE: https://github.com/netblue30/firejail/blob/0.9.44.6/RELNOTES NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/4 -CVE-2017- [javascript in books can access files on the computer using XMLHttpRequest] +CVE-2016-10187 [javascript in books can access files on the computer using XMLHttpRequest] - calibre 2.75.1+dfsg-1 (bug #853004) NOTE: Upstream report: https://launchpad.net/bugs/1651728 NOTE: upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48608 - data/CVE
Author: carnil Date: 2017-01-31 13:09:59 + (Tue, 31 Jan 2017) New Revision: 48608 Modified: data/CVE/list Log: Adjust note wich would not be needed Modified: data/CVE/list === --- data/CVE/list 2017-01-31 13:05:49 UTC (rev 48607) +++ data/CVE/list 2017-01-31 13:09:59 UTC (rev 48608) @@ -135905,8 +135905,6 @@ - nova 2012.1~e1-1 NOTE: https://bugs.launchpad.net/nova/+bug/868360 NOTE: the patch for this bug is available at https://review.openstack.org/#/c/794/ - NOTE: and this patch is already applied in the Wheezy version of nova - NOTE: (which is the oldest version nowadays) CVE-2011-4075 (The masort function in lib/functions.php in phpLDAPadmin 1.2.x before ...) {DSA-2333-1} - phpldapadmin 1.2.0.5-2.1 (bug #646754) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48610 - in data: CVE DLA
Author: carnil Date: 2017-01-31 13:10:24 + (Tue, 31 Jan 2017) New Revision: 48610 Modified: data/CVE/list data/DLA/list Log: php5: Add CVE-2016-7125 to DLA-628-1 list since apparently fixed there This quraantees the cross references are built correctly. Otherwise the explicitly added DLA-628-1 will be removed on next autoupdate. Modified: data/CVE/list === --- data/CVE/list 2017-01-31 13:10:09 UTC (rev 48609) +++ data/CVE/list 2017-01-31 13:10:24 UTC (rev 48610) @@ -21597,14 +21597,12 @@ {DSA-3689-1 DLA-628-1} - php7.0 7.0.10-1 - php5 5.6.26+dfsg-1 - [wheezy] - php5 5.4.45-0+deb7u5 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72681 NOTE: Fixed in 7.0.10, 5.6.25 NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1 NOTE: Scope of CVE also includes the "The similar issue also exist in session php_binary NOTE: handler" part of 72681. - NOTE: This was addressed in DLA-628-1 while the CVE ID was still temporary. CVE-2016-7124 (ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before ...) {DSA-3689-1 DLA-749-1} - php7.0 7.0.10-1 Modified: data/DLA/list === --- data/DLA/list 2017-01-31 13:10:09 UTC (rev 48609) +++ data/DLA/list 2017-01-31 13:10:24 UTC (rev 48610) @@ -563,7 +563,7 @@ {CVE-2016-6801} [wheezy] - jackrabbit 2.3.6-1+deb7u2 [18 Sep 2016] DLA-628-1 php5 - security update - {CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297} + {CVE-2016-4473 CVE-2016-4538 CVE-2016-5114 CVE-2016-5399 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 CVE-2016-7125} [wheezy] - php5 5.4.45-0+deb7u5 [18 Sep 2016] DLA-627-1 pdns - security update {CVE-2016-5426 CVE-2016-5427 CVE-2016-6172} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48609 - data/CVE
Author: carnil Date: 2017-01-31 13:10:09 + (Tue, 31 Jan 2017) New Revision: 48609 Modified: data/CVE/list Log: Remove unneded TODO Once MITRE will reject the entry we can clean it up. Until then this is still associated with given refences. It is marked as unimportant already. Modified: data/CVE/list === --- data/CVE/list 2017-01-31 13:09:59 UTC (rev 48608) +++ data/CVE/list 2017-01-31 13:10:09 UTC (rev 48609) @@ -15249,7 +15249,6 @@ NOTE: https://www.exploit-db.com/exploits/39937/ NOTE: Claimed to be not a vulnerability but a superadmin using a feature NOTE: as intended. 1:3.0.6+dfsg-1 improved the API script.execute validation. - TODO: wait for CVE REJECT and remove entry CVE-2016-9139 [An attacker could trick an authenticated agent or customer into opening a malicious attachment which could lead to the execution of JavaScript in OTRS context] RESERVED {DLA-787-1} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48607 - data/CVE
Author: roberto Date: 2017-01-31 13:05:49 + (Tue, 31 Jan 2017) New Revision: 48607 Modified: data/CVE/list Log: Annotate php5 upload that fixed CVE-2016-7125 in wheezy Modified: data/CVE/list === --- data/CVE/list 2017-01-31 12:46:11 UTC (rev 48606) +++ data/CVE/list 2017-01-31 13:05:49 UTC (rev 48607) @@ -21598,6 +21598,7 @@ {DSA-3689-1 DLA-628-1} - php7.0 7.0.10-1 - php5 5.6.26+dfsg-1 + [wheezy] - php5 5.4.45-0+deb7u5 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72681 NOTE: Fixed in 7.0.10, 5.6.25 NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48606 - data/CVE
Author: roberto Date: 2017-01-31 12:46:11 + (Tue, 31 Jan 2017) New Revision: 48606 Modified: data/CVE/list Log: Annotate DLA 628-1 as addressing CVE-2016-7125 Modified: data/CVE/list === --- data/CVE/list 2017-01-31 11:42:16 UTC (rev 48605) +++ data/CVE/list 2017-01-31 12:46:11 UTC (rev 48606) @@ -21595,7 +21595,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2016/09/02/5 NOTE: https://github.com/php/php-src/commit/b6f13a5ef9d6280cf984826a5de012a32c396cd4?w=1 CVE-2016-7125 (ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips ...) - {DSA-3689-1} + {DSA-3689-1 DLA-628-1} - php7.0 7.0.10-1 - php5 5.6.26+dfsg-1 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=72681 @@ -21604,6 +21604,7 @@ NOTE: https://github.com/php/php-src/commit/8763c6090d627d8bb0ee1d030c30e58f406be9ce?w=1 NOTE: Scope of CVE also includes the "The similar issue also exist in session php_binary NOTE: handler" part of 72681. + NOTE: This was addressed in DLA-628-1 while the CVE ID was still temporary. CVE-2016-7124 (ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before ...) {DSA-3689-1 DLA-749-1} - php7.0 7.0.10-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48605 - data/CVE
Author: alteholz Date: 2017-01-31 11:42:16 + (Tue, 31 Jan 2017) New Revision: 48605 Modified: data/CVE/list Log: first version in unstable containing the fix Modified: data/CVE/list === --- data/CVE/list 2017-01-31 11:40:23 UTC (rev 48604) +++ data/CVE/list 2017-01-31 11:42:16 UTC (rev 48605) @@ -135900,7 +135900,7 @@ - linux-2.6 3.0.0-6 CVE-2011-4076 RESERVED - - nova + - nova 2012.1~e1-1 NOTE: https://bugs.launchpad.net/nova/+bug/868360 NOTE: the patch for this bug is available at https://review.openstack.org/#/c/794/ NOTE: and this patch is already applied in the Wheezy version of nova ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48604 - data
Author: rbalint Date: 2017-01-31 11:40:23 + (Tue, 31 Jan 2017) New Revision: 48604 Modified: data/dla-needed.txt Log: Claim wavpack for DLA Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 11:24:18 UTC (rev 48603) +++ data/dla-needed.txt 2017-01-31 11:40:23 UTC (rev 48604) @@ -108,7 +108,7 @@ -- svgsalamander -- -wavpack +wavpack (Balint Reczey) NOTE: the provided testcases don't crash but this hunk NOTE: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc#diff-bc1807cb462afb05056502f77834c6ebR291 NOTE: is missing in the wheezy version ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48603 - data/CVE
Author: alteholz Date: 2017-01-31 11:24:18 + (Tue, 31 Jan 2017) New Revision: 48603 Modified: data/CVE/list Log: TODO for CVE-2011-4076 done Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:49:50 UTC (rev 48602) +++ data/CVE/list 2017-01-31 11:24:18 UTC (rev 48603) @@ -135900,9 +135900,11 @@ - linux-2.6 3.0.0-6 CVE-2011-4076 RESERVED - - nova + - nova NOTE: https://bugs.launchpad.net/nova/+bug/868360 - TODO: check + NOTE: the patch for this bug is available at https://review.openstack.org/#/c/794/ + NOTE: and this patch is already applied in the Wheezy version of nova + NOTE: (which is the oldest version nowadays) CVE-2011-4075 (The masort function in lib/functions.php in phpLDAPadmin 1.2.x before ...) {DSA-2333-1} - phpldapadmin 1.2.0.5-2.1 (bug #646754) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48602 - data/CVE
Author: alteholz Date: 2017-01-31 10:49:50 + (Tue, 31 Jan 2017) New Revision: 48602 Modified: data/CVE/list Log: change check to NOFU Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:48:12 UTC (rev 48601) +++ data/CVE/list 2017-01-31 10:49:50 UTC (rev 48602) @@ -73065,7 +73065,7 @@ CVE-2014-8887 (IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before ...) NOT-FOR-US: IBM Marketing Operations CVE-2014-8886 (AVM FRITZ!OS before 6.30 extracts the contents of firmware updates ...) - TODO: check + NOT-FOR-US: AVM FRITZ!OS CVE-2014-8885 RESERVED CVE-2014-8883 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48601 - data/CVE
Author: alteholz Date: 2017-01-31 10:48:12 + (Tue, 31 Jan 2017) New Revision: 48601 Modified: data/CVE/list Log: change check to NOFU Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:11:31 UTC (rev 48600) +++ data/CVE/list 2017-01-31 10:48:12 UTC (rev 48601) @@ -81560,9 +81560,9 @@ CVE-2014-5416 RESERVED CVE-2014-5415 (Beckhoff Embedded PC images before 2014-10-22 and Automation Device ...) - TODO: check + NOT-FOR-US: Beckhoff Embedded PC image CVE-2014-5414 (Beckhoff Embedded PC images before 2014-10-22 and Automation Device ...) - TODO: check + NOT-FOR-US: Beckhoff Embedded PC image CVE-2014-5413 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 ...) NOT-FOR-US: Schneider Electric CVE-2014-5412 (Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48600 - data/CVE
Author: carnil Date: 2017-01-31 10:11:31 + (Tue, 31 Jan 2017) New Revision: 48600 Modified: data/CVE/list Log: CVE-2017-2592 fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:10:37 UTC (rev 48599) +++ data/CVE/list 2017-01-31 10:11:31 UTC (rev 48600) @@ -8311,7 +8311,7 @@ RESERVED CVE-2017-2592 [CatchErrors leaks sensitive values in oslo.middleware] RESERVED - - python-oslo.middleware (bug #852742) + - python-oslo.middleware 3.19.0-3 (bug #852742) NOTE: https://launchpad.net/bugs/1628031 CVE-2017-2591 [DoS via OOB heap read in "attribute uniqueness" plugin] RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48599 - data/CVE
Author: carnil Date: 2017-01-31 10:10:37 + (Tue, 31 Jan 2017) New Revision: 48599 Modified: data/CVE/list Log: CVE-2017-5601/libarchive fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2017-01-31 08:13:55 UTC (rev 48598) +++ data/CVE/list 2017-01-31 10:10:37 UTC (rev 48599) @@ -101,7 +101,7 @@ CVE-2017-5602 RESERVED CVE-2017-5601 (An error in the lha_read_file_header_1() function ...) - - libarchive (bug #853278) + - libarchive 3.2.1-6 (bug #853278) [jessie] - libarchive (Minor issue) NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9 NOTE: https://secunia.com/secunia_research/2017-3/ ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48598 - data/CVE
Author: carnil Date: 2017-01-31 08:13:55 + (Tue, 31 Jan 2017) New Revision: 48598 Modified: data/CVE/list Log: Mark libarchive issue as no-dsa, since crash only, can be fixed along in later DSA Modified: data/CVE/list === --- data/CVE/list 2017-01-31 08:02:11 UTC (rev 48597) +++ data/CVE/list 2017-01-31 08:13:55 UTC (rev 48598) @@ -102,6 +102,7 @@ RESERVED CVE-2017-5601 (An error in the lha_read_file_header_1() function ...) - libarchive (bug #853278) + [jessie] - libarchive (Minor issue) NOTE: Fixed by: https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9 NOTE: https://secunia.com/secunia_research/2017-3/ CVE-2016-10186 (An issue was discovered on the D-Link DWR-932B router. ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48597 - data/CVE
Author: carnil Date: 2017-01-31 08:02:11 + (Tue, 31 Jan 2017) New Revision: 48597 Modified: data/CVE/list Log: Add CVE-2017-2596 Modified: data/CVE/list === --- data/CVE/list 2017-01-31 07:46:57 UTC (rev 48596) +++ data/CVE/list 2017-01-31 08:02:11 UTC (rev 48597) @@ -8296,8 +8296,11 @@ RESERVED CVE-2017-2597 RESERVED -CVE-2017-2596 +CVE-2017-2596 [kvm: page reference leakage in handle_vmon] RESERVED + - linux + NOTE: https://www.spinics.net/lists/kvm/msg144319.html + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1417812 CVE-2017-2595 RESERVED CVE-2017-2594 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits