[Secure-testing-commits] r51138 - data/CVE
Author: carnil Date: 2017-04-28 08:49:37 + (Fri, 28 Apr 2017) New Revision: 51138 Modified: data/CVE/list Log: kedpm removed from the archive Modified: data/CVE/list === --- data/CVE/list 2017-04-28 06:34:33 UTC (rev 51137) +++ data/CVE/list 2017-04-28 08:49:37 UTC (rev 51138) @@ -19,8 +19,8 @@ CVE-2017-8297 (A path traversal vulnerability exists in simple-file-manager before ...) NOT-FOR-US: simple-file-manager CVE-2017-8296 (kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is ...) - - kedpm (bug #860817) - NOTE: patch gives workaround, will be removed from sid + - kedpm (bug #860817) + NOTE: patch in BTS gives workaround to always prompt for password and do not save to database NOTE: http://www.openwall.com/lists/oss-security/2017/04/25/9 CVE-2017-8295 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51139 - data/CVE
Author: carnil
Date: 2017-04-28 08:57:54 + (Fri, 28 Apr 2017)
New Revision: 51139
Modified:
data/CVE/list
Log:
Remove some no-dsa items which will be queued up as well in the DSA
Modified: data/CVE/list
===
--- data/CVE/list 2017-04-28 08:49:37 UTC (rev 51138)
+++ data/CVE/list 2017-04-28 08:57:54 UTC (rev 51139)
@@ -3242,7 +3242,6 @@
NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=522d850e68ec4b77d3477b3c8f55b1ba00a9d69a
CVE-2017-7207 (The mem_get_bits_rectangle function in Artifex Software, Inc.
...)
- ghostscript 9.20~dfsg-3 (bug #858350)
- [jessie] - ghostscript (Minor issue)
[wheezy] - ghostscript (Minor issue)
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=309eca4e0a31ea70dcc844812691439312dad091
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697676
@@ -6594,7 +6593,6 @@
CVE-2017-5951 (The mem_get_bits_rectangle function in base/gdevmem.c in
Artifex ...)
{DLA-905-1}
- ghostscript (bug #859696)
- [jessie] - ghostscript (Minor issue)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697548
NOTE: Fixed by:
http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8
CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka
LibYaml-C++) ...)
@@ -6633,13 +6631,11 @@
CVE-2016-10220 (The gs_makewordimagedevice function in base/gsdevmem.c in
Artifex ...)
{DLA-905-1}
- ghostscript (bug #859694)
- [jessie] - ghostscript (Minor issue)
NOTE:
http://www.ghostscript.com/cgi-bin/findgit.cgi?daf85701dab05f17e924a48a81edc9195b4a04e8
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697450
CVE-2016-10219 (The intersect function in base/gxfill.c in Artifex Software,
Inc. ...)
{DLA-905-1}
- ghostscript (bug #859666)
- [jessie] - ghostscript (Minor issue)
NOTE:
http://www.ghostscript.com/cgi-bin/findgit.cgi?4bef1a1d32e29b68855616020dbff574b9cda08f
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697453
CVE-2016-10218 (The pdf14_pop_transparency_group function in base/gdevp14.c in
the PDF ...)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51140 - data/CVE
Author: sectracker
Date: 2017-04-28 09:10:13 + (Fri, 28 Apr 2017)
New Revision: 51140
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-04-28 08:57:54 UTC (rev 51139)
+++ data/CVE/list 2017-04-28 09:10:13 UTC (rev 51140)
@@ -38,8 +38,7 @@
NOT-FOR-US: RIOS OS
CVE-2017-8288 (gnome-shell 3.22 through 3.24.1 mishandles extensions that fail
to ...)
- gnome-shell
-CVE-2017-8305 [Buffer overflow in own strlcpy implementation]
- RESERVED
+CVE-2017-8305 (The UDFclient (before 0.8.8) custom strlcpy implementation has
a buffer ...)
- udfclient (bug #861347)
CVE-2017-8301 (LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if
...)
- libressl (bug #754513)
@@ -177,7 +176,7 @@
RESERVED
CVE-2017-8226
RESERVED
-CVE-2017-8283 (dpkg-source in dpkg through 1.8.23 is able to use a non-GNU
patch ...)
+CVE-2017-8283 (dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a
non-GNU ...)
- dpkg (unimportant)
NOTE: http://www.openwall.com/lists/oss-security/2017/04/20/2
CVE-2017-8225 (On Wireless IP Camera (P2P) WIFICAM devices, access to .ini
files ...)
@@ -973,8 +972,8 @@
[wheezy] - mantis (Unsupported in Wheezy LTS)
CVE-2017-7896 (Trend Micro InterScan Messaging Security Virtual Appliance
(IMSVA) 9.1 ...)
NOT-FOR-US: Trend Micro
-CVE-2017-7895
- RESERVED
+CVE-2017-7895 (The NFSv2 and NFSv3 server implementations in the Linux kernel
through ...)
+ TODO: check
CVE-2016-10345 (In Phusion Passenger before 5.1.0, a known /tmp filename was
used ...)
- passenger (unimportant)
NOTE:
https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441
@@ -1796,10 +1795,12 @@
CVE-2017-7620
RESERVED
CVE-2017-7618 (crypto/ahash.c in the Linux kernel through 4.10.9 allows
attackers to ...)
+ {DLA-922-1}
- linux
[jessie] - linux (Will be fixed in point release)
NOTE: http://marc.info/?l=linux-crypto-vger&m=149181655623850&w=2
CVE-2017-7616 (Incorrect error handling in the set_mempolicy and mbind compat
syscalls ...)
+ {DLA-922-1}
- linux
[jessie] - linux (Will be fixed in point release)
NOTE: Fixed by:
https://git.kernel.org/linus/cf01fb9985e8deb25ccf0ea54d916b8871ae0e62 (4.11-rc6)
@@ -2232,6 +2233,7 @@
NOTE: but needs confirmation.
CVE-2017-7472 [keyctl_set_reqkey_keyring() leaks thread keyrings]
RESERVED
+ {DLA-922-1}
- linux
NOTE: https://lkml.org/lkml/2017/4/1/235
NOTE: https://lkml.org/lkml/2017/4/3/724
@@ -2726,6 +2728,7 @@
CVE-2016-10304 (The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5
allows ...)
NOT-FOR-US: SAP
CVE-2017-7308 (The packet_set_ring function in net/packet/af_packet.c in the
Linux ...)
+ {DLA-922-1}
- linux 4.9.18-1
[jessie] - linux (Will be fixed in point release)
NOTE: Fixed by:
https://git.kernel.org/linus/2b6867c2ce76c596676bec7d2d525af525fdc6e2
@@ -2746,6 +2749,7 @@
CVE-2017-7293 (The Dolby DAX2 and DAX3 API services are vulnerable to a
privilege ...)
NOT-FOR-US: Dolby
CVE-2017-7294 (The vmw_surface_define_ioctl function in ...)
+ {DLA-922-1}
- linux 4.9.18-1
[jessie] - linux (Will be fixed in point release)
NOTE: Fixed by:
https://git.kernel.org/linus/e7e11f99564222d82f0ce84bd521e57d78a6b678
@@ -2932,6 +2936,7 @@
CVE-2017-7270
RESERVED
CVE-2017-7273 (The cp_report_fixup function in drivers/hid/hid-cypress.c in
the Linux ...)
+ {DLA-922-1}
- linux 4.9.6-1
[jessie] - linux (Will be fixed in point release)
NOTE: Fixed by:
https://git.kernel.org/linus/1ebb71143758f45dc0fa76e2f48429e13b16d110
@@ -2973,6 +2978,7 @@
CVE-2017-7262 (The AMD Ryzen processor with AGESA microcode through 2017-01-27
allows ...)
NOT-FOR-US: Hardware bug in AMD Ryzen CPUs, cannot be fixed via micro
code updates, but only BIOS updates
CVE-2017-7261 (The vmw_surface_define_ioctl function in ...)
+ {DLA-922-1}
- linux 4.9.18-1
[jessie] - linux (Will be fixed in point release)
NOTE: Fixed by:
https://git.kernel.org/linus/36274ab8c596f1240c606bb514da329add2a1bcd
@@ -3316,6 +3322,7 @@
[wheezy] - erlang (Vulnerable code not present)
NOTE: https://github.com/erlang/otp/pull/1108
CVE-2017-7184 (The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in
the ...)
+ {DLA-922-1}
- linux 4.9.18-1 (low)
[jessie] - linux (Will be fixed in point release)
NOTE: Unprivileged user namespaces are disabled in Debian, this only
affects
@@ -3827,6 +3834,7 @@
CVE-2017-
REJECTED
CVE-2017-6951 (The keyring_search_aux function in security/keys/keyring.c in
the Linux ...)
+ {DLA-922-1}
- linux 4.0.2-
[Secure-testing-commits] r51141 - data/CVE
Author: carnil Date: 2017-04-28 09:12:15 + (Fri, 28 Apr 2017) New Revision: 51141 Modified: data/CVE/list Log: One new linux issue Modified: data/CVE/list === --- data/CVE/list 2017-04-28 09:10:13 UTC (rev 51140) +++ data/CVE/list 2017-04-28 09:12:15 UTC (rev 51141) @@ -973,7 +973,8 @@ CVE-2017-7896 (Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 ...) NOT-FOR-US: Trend Micro CVE-2017-7895 (The NFSv2 and NFSv3 server implementations in the Linux kernel through ...) - TODO: check + - linux + NOTE: Fixed by: https://git.kernel.org/linus/13bf9fbff0e5e099e2b6f003a0ab8ae145436309 CVE-2016-10345 (In Phusion Passenger before 5.1.0, a known /tmp filename was used ...) - passenger (unimportant) NOTE: https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51142 - data/CVE
Author: jmm Date: 2017-04-28 09:14:27 + (Fri, 28 Apr 2017) New Revision: 51142 Modified: data/CVE/list Log: grpc fixed Modified: data/CVE/list === --- data/CVE/list 2017-04-28 09:12:15 UTC (rev 51141) +++ data/CVE/list 2017-04-28 09:14:27 UTC (rev 51142) @@ -1206,9 +1206,9 @@ - libav NOTE: Fixed by: https://github.com/FFmpeg/FFmpeg/commit/8c2ea3030af7b40a3c4275696fb5c76cdb80950a CVE-2017-7861 (Google gRPC before 2017-02-22 has an out-of-bounds write related to the ...) - - grpc (bug #860316) + - grpc 1.2.5-1+nmu0 (bug #860316) CVE-2017-7860 (Google gRPC before 2017-02-22 has an out-of-bounds write caused by a ...) - - grpc (bug #860316) + - grpc 1.2.5-1+nmu0 (bug #860316) CVE-2017-7859 (FFmpeg before 2017-03-05 has an out-of-bounds write caused by a ...) - ffmpeg NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1034183 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51143 - data/CVE
Author: carnil Date: 2017-04-28 09:20:45 + (Fri, 28 Apr 2017) New Revision: 51143 Modified: data/CVE/list Log: Record fixing commit for CVE-2017-7645 Modified: data/CVE/list === --- data/CVE/list 2017-04-28 09:14:27 UTC (rev 51142) +++ data/CVE/list 2017-04-28 09:20:45 UTC (rev 51143) @@ -1745,6 +1745,7 @@ NOT-FOR-US: SolarWinds CVE-2017-7645 (The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel ...) - linux + NOTE: Fixed by: https://git.kernel.org/linus/e6838a29ecb484c97e4efef9429643b9851fba6e CVE-2017-7644 RESERVED CVE-2017-7643 (Proxifier for Mac before 2.19 allows local users to gain privileges ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51144 - data/CVE
Author: carnil
Date: 2017-04-28 09:20:55 + (Fri, 28 Apr 2017)
New Revision: 51144
Modified:
data/CVE/list
Log:
Add fixed version for ghostscript upload to unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-04-28 09:20:45 UTC (rev 51143)
+++ data/CVE/list 2017-04-28 09:20:55 UTC (rev 51144)
@@ -44,7 +44,7 @@
- libressl (bug #754513)
NOTE: http://www.openwall.com/lists/oss-security/2017/04/27/11
CVE-2017-8291 (Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass
and ...)
- - ghostscript (bug #861295)
+ - ghostscript 9.20~dfsg-3.1 (bug #861295)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate of
697799)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697799 (made private)
NOTE: Full report viewable at:
https://bugzilla.suse.com/show_bug.cgi?id=1036453
@@ -6603,7 +6603,7 @@
RESERVED
CVE-2017-5951 (The mem_get_bits_rectangle function in base/gdevmem.c in
Artifex ...)
{DLA-905-1}
- - ghostscript (bug #859696)
+ - ghostscript 9.20~dfsg-3.1 (bug #859696)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697548
NOTE: Fixed by:
http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8
CVE-2017-5950 (The SingleDocParser::HandleNode function in yaml-cpp (aka
LibYaml-C++) ...)
@@ -6641,12 +6641,12 @@
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697400
CVE-2016-10220 (The gs_makewordimagedevice function in base/gsdevmem.c in
Artifex ...)
{DLA-905-1}
- - ghostscript (bug #859694)
+ - ghostscript 9.20~dfsg-3.1 (bug #859694)
NOTE:
http://www.ghostscript.com/cgi-bin/findgit.cgi?daf85701dab05f17e924a48a81edc9195b4a04e8
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697450
CVE-2016-10219 (The intersect function in base/gxfill.c in Artifex Software,
Inc. ...)
{DLA-905-1}
- - ghostscript (bug #859666)
+ - ghostscript 9.20~dfsg-3.1 (bug #859666)
NOTE:
http://www.ghostscript.com/cgi-bin/findgit.cgi?4bef1a1d32e29b68855616020dbff574b9cda08f
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697453
CVE-2016-10218 (The pdf14_pop_transparency_group function in base/gdevp14.c in
the PDF ...)
@@ -6655,7 +6655,7 @@
NOTE: Introduced by:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=47294ff5b168d25bfc7db64f51572d64b8ebde91
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697444
CVE-2016-10217 (The pdf14_open function in base/gdevp14.c in Artifex Software,
Inc. ...)
- - ghostscript (bug #859662)
+ - ghostscript 9.20~dfsg-3.1 (bug #859662)
[jessie] - ghostscript
(pdf14_cleanup_parent_color_profiles not yet present)
[wheezy] - ghostscript
(pdf14_cleanup_parent_color_profiles not yet present)
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=90fd0c7ca3efc1ddff64a86f4104b13b3ac969eb
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51145 - data/CVE
Author: carnil Date: 2017-04-28 10:22:38 + (Fri, 28 Apr 2017) New Revision: 51145 Modified: data/CVE/list Log: Add new roundcube issue, CVE-2017-8114 Modified: data/CVE/list === --- data/CVE/list 2017-04-28 09:20:55 UTC (rev 51144) +++ data/CVE/list 2017-04-28 10:22:38 UTC (rev 51145) @@ -401,8 +401,15 @@ RESERVED CVE-2017-8115 (Directory traversal in setup/processors/url_search.php (aka the search ...) NOT-FOR-US: MODX -CVE-2017-8114 +CVE-2017-8114 [Fix security issue in virtualmin and sasl drivers] RESERVED + - roundcube + NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5 + NOTE: https://github.com/roundcube/roundcubemail/commit/6e054a37d13dc3772d0aa454a32d5dc3bdcc7003 (1.2.x) + NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.1.9 + NOTE: https://github.com/roundcube/roundcubemail/commit/10b227d70a03e336820138e84f9256f3cd50 (1.1.x) + NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.0.11 + NOTE: https://github.com/roundcube/roundcubemail/commit/271426429bfbb5b63e6dec91b1e4780e8ef1c67e (1.0.x) CVE-2017-8113 RESERVED CVE-2017-8112 [vmw_pvscsi: infinite loop in pvscsi_log2] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51146 - data/CVE
Author: carnil Date: 2017-04-28 10:49:33 + (Fri, 28 Apr 2017) New Revision: 51146 Modified: data/CVE/list Log: Add bug reference CVE-2017-8114/roundcube Modified: data/CVE/list === --- data/CVE/list 2017-04-28 10:22:38 UTC (rev 51145) +++ data/CVE/list 2017-04-28 10:49:33 UTC (rev 51146) @@ -403,7 +403,7 @@ NOT-FOR-US: MODX CVE-2017-8114 [Fix security issue in virtualmin and sasl drivers] RESERVED - - roundcube + - roundcube (bug #861388) NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.2.5 NOTE: https://github.com/roundcube/roundcubemail/commit/6e054a37d13dc3772d0aa454a32d5dc3bdcc7003 (1.2.x) NOTE: https://github.com/roundcube/roundcubemail/releases/tag/1.1.9 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51147 - in data: . DSA
Author: carnil
Date: 2017-04-28 11:30:27 + (Fri, 28 Apr 2017)
New Revision: 51147
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
Reserve DSA for ghostscript update
Modified: data/DSA/list
===
--- data/DSA/list 2017-04-28 10:49:33 UTC (rev 51146)
+++ data/DSA/list 2017-04-28 11:30:27 UTC (rev 51147)
@@ -1,3 +1,6 @@
+[28 Apr 2017] DSA-3838-1 ghostscript - security update
+ {CVE-2016-10219 CVE-2016-10220 CVE-2017-5951 CVE-2017-7207
CVE-2017-8291}
+ [jessie] - ghostscript 9.06~dfsg-2+deb8u5
[27 Apr 2017] DSA-3837-1 libreoffice - security update
{CVE-2017-7870}
[jessie] - libreoffice 1:4.3.3-2+deb8u7
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-04-28 10:49:33 UTC (rev 51146)
+++ data/dsa-needed.txt 2017-04-28 11:30:27 UTC (rev 51147)
@@ -21,9 +21,6 @@
--
freetype (carnil, joint work with jmm for previous prepared update)
--
-ghostscript (carnil)
- carnil> tentatively taking it, will check back with the team if ressources
scarce
---
graphicsmagick
--
libytnef (seb)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51149 - data/CVE
Author: agx Date: 2017-04-28 12:33:17 + (Fri, 28 Apr 2017) New Revision: 51149 Modified: data/CVE/list Log: CVE-2017-7471 introced by CVE-2016-9602 Modified: data/CVE/list === --- data/CVE/list 2017-04-28 12:33:07 UTC (rev 51148) +++ data/CVE/list 2017-04-28 12:33:17 UTC (rev 51149) @@ -2254,6 +2254,7 @@ NOTE: Fixed by: http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=9c6b899f7a46893ab3b671e341a2234e9c0c060e NOTE: Fixed by (stable-2.8): http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=96bae145e27d4df62671b4eebd6c735f412016cf (v2.8.1.1) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1443401 + NOTE: introduced by CVE-2016-9602 CVE-2017-7470 RESERVED CVE-2017-7469 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51148 - data/CVE
Author: agx Date: 2017-04-28 12:33:07 + (Fri, 28 Apr 2017) New Revision: 51148 Modified: data/CVE/list Log: lts: Wheezy not affected by CVE-2017-8113 code was introduced past 1.4 Modified: data/CVE/list === --- data/CVE/list 2017-04-28 11:30:27 UTC (rev 51147) +++ data/CVE/list 2017-04-28 12:33:07 UTC (rev 51148) @@ -415,7 +415,8 @@ CVE-2017-8112 [vmw_pvscsi: infinite loop in pvscsi_log2] RESERVED - qemu (bug #861351) - - qemu-kvm + [wheezy] - qemu (Vulnerable code not present) + - qemu-kvm (Vulnerable code not present) NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1445621 CVE-2017-8111 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51150 - data/CVE
Author: agx Date: 2017-04-28 13:06:06 + (Fri, 28 Apr 2017) New Revision: 51150 Modified: data/CVE/list Log: One more patch needed for CVE-2017-7980 Modified: data/CVE/list === --- data/CVE/list 2017-04-28 12:33:17 UTC (rev 51149) +++ data/CVE/list 2017-04-28 13:06:06 UTC (rev 51150) @@ -774,6 +774,7 @@ - qemu-kvm NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=026aeffcb4752054830ba203020ed6eb05bcaba8 NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=ffaf857778286ca54e3804432a2369a279e73aa7 + NOTE: Fixed by: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=f019722cbbb45aea153294fc8921fcc96a4d3fa2 CVE-2017-7978 (Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software ...) NOT-FOR-US: Samsung CVE-2017-7979 (The cookie feature in the packet action API implementation in ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51151 - data
Author: agx Date: 2017-04-28 13:37:06 + (Fri, 28 Apr 2017) New Revision: 51151 Modified: data/dla-needed.txt Log: lts: Update status Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-04-28 13:06:06 UTC (rev 51150) +++ data/dla-needed.txt 2017-04-28 13:37:06 UTC (rev 51151) @@ -93,7 +93,7 @@ NOTE: putty maintainer for help/advice, but no response yet. -- Jonas Meurer -- qemu (Guido Günther) - NOTE: Investigating CVE-2017-2633 and CVE-2016-9602 + NOTE: Investigating CVE-2017-2633 and CVE-2016-9602 (and related CVEs) and cirrus issues -- qemu-kvm (Guido Günther) -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51152 - data/CVE
Author: mattia Date: 2017-04-28 15:49:50 + (Fri, 28 Apr 2017) New Revision: 51152 Modified: data/CVE/list Log: link libpodofo fixing commits Modified: data/CVE/list === --- data/CVE/list 2017-04-28 13:37:06 UTC (rev 51151) +++ data/CVE/list 2017-04-28 15:49:50 UTC (rev 51152) @@ -5213,6 +5213,7 @@ - libpodofo (bug #856592) NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/5 NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-global-buffer-overflow-in-podofopdfparserreadxrefsubsection-pdfparser-cpp + NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/ CVE-2017-6843 (Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad ...) - libpodofo (bug #856592) NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/4 @@ -7492,13 +7493,14 @@ NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-signed-integer-overflow-in-pdfparser-cpp NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936 NOTE: Proposed fix: https://sourceforge.net/p/podofo/mailman/message/35692197/ + NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/ CVE-2017-5852 (The PoDoFo::PdfPage::GetInheritedKeyFromObject function in ...) - libpodofo (bug #854600) [jessie] - libpodofo (Minor issue) [wheezy] - libpodofo (Minor issue) NOTE: https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp NOTE: https://sourceforge.net/p/podofo/mailman/podofo-users/thread/12497325.VLNgGImML2%40blackgate/#msg35640936 - NOTE: upstream commits: https://sourceforge.net/p/podofo/code/1835 - https://sourceforge.net/p/podofo/code/1838 + NOTE: upstream commits: https://sourceforge.net/p/podofo/code/1835 - https://sourceforge.net/p/podofo/code/1838 - https://sourceforge.net/p/podofo/code/1841/ CVE-2017-5849 (tiffttopnm in netpbm 10.47.63 does not properly use the libtiff ...) - netpbm-free (vulnerable code not present) NOTE: http://www.openwall.com/lists/oss-security/2017/02/02/2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51153 - data/CVE
Author: mattia Date: 2017-04-28 17:36:31 + (Fri, 28 Apr 2017) New Revision: 51153 Modified: data/CVE/list Log: fix reproducer link of CVE-2017-6846 Modified: data/CVE/list === --- data/CVE/list 2017-04-28 15:49:50 UTC (rev 51152) +++ data/CVE/list 2017-04-28 17:36:31 UTC (rev 51153) @@ -5204,7 +5204,7 @@ CVE-2017-6846 (The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace ...) - libpodofo (bug #856592) NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/7 - NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-podofopdfcoloroperator-pdfcolor-cpp + NOTE: https://blogs.gentoo.org/ago/2017/03/02/podofo-null-pointer-dereference-in-graphicsstacktgraphicsstackelementsetnonstrokingcolorspace-graphicsstack-h/ CVE-2017-6845 (The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo ...) - libpodofo (bug #856592) NOTE: http://www.openwall.com/lists/oss-security/2017/03/02/6 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51154 - in data: . CVE
Author: jmm Date: 2017-04-28 17:38:23 + (Fri, 28 Apr 2017) New Revision: 51154 Modified: data/CVE/list data/next-point-update.txt Log: activemq spu Modified: data/CVE/list === --- data/CVE/list 2017-04-28 17:36:31 UTC (rev 51153) +++ data/CVE/list 2017-04-28 17:38:23 UTC (rev 51154) @@ -63225,11 +63225,12 @@ CVE-2015-5180 [DNS resolver NULL pointer dereference with crafted record type] RESERVED - glibc 2.24-9 (low; bug #796106) - [jessie] - glibc (Minor issue) + [jessie] - glibc (Minor issue, too intrusive to backport) - eglibc (low) [wheezy] - eglibc (Minor issue) [squeeze] - eglibc (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18784 + NOTE: Originally proposed for jessie 8.8, but breaks the NSS ABI so was retracted CVE-2015-5179 [non-printable characters aren't check in every case of user data] RESERVED - freeipa (bug #795399) Modified: data/next-point-update.txt === --- data/next-point-update.txt 2017-04-28 17:36:31 UTC (rev 51153) +++ data/next-point-update.txt 2017-04-28 17:38:23 UTC (rev 51154) @@ -164,3 +164,5 @@ [jessie] - spip 3.0.17-2+deb8u3 CVE-2016-9998 [jessie] - spip 3.0.17-2+deb8u3 +CVE-2015-7559 + [jessie] - activemq 5.6.0+dfsg1-4+deb8u3 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51155 - data
Author: alteholz Date: 2017-04-28 17:39:08 + (Fri, 28 Apr 2017) New Revision: 51155 Modified: data/dla-needed.txt Log: add nss Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-04-28 17:38:23 UTC (rev 51154) +++ data/dla-needed.txt 2017-04-28 17:39:08 UTC (rev 51155) @@ -74,6 +74,8 @@ NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c/ NOTE: -- Jonas Meurer -- +nss +-- ntp NOTE: The maintainer will handle this security update. -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51156 - data
Author: alteholz Date: 2017-04-28 17:53:47 + (Fri, 28 Apr 2017) New Revision: 51156 Modified: data/dla-needed.txt Log: add jbig2dec Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-04-28 17:39:08 UTC (rev 51155) +++ data/dla-needed.txt 2017-04-28 17:53:47 UTC (rev 51156) @@ -41,6 +41,8 @@ -- jasper (Thorsten Alteholz) -- +jbig2dec +-- kedpm (Antoine Beaupré) NOTE: no further triage done from ta, please decide on your own -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51157 - data/CVE
Author: mattia Date: 2017-04-28 17:54:19 + (Fri, 28 Apr 2017) New Revision: 51157 Modified: data/CVE/list Log: another libpodofo commit Modified: data/CVE/list === --- data/CVE/list 2017-04-28 17:53:47 UTC (rev 51156) +++ data/CVE/list 2017-04-28 17:54:19 UTC (rev 51157) @@ -2532,6 +2532,7 @@ CVE-2017-7379 (The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in ...) - libpodofo (bug #859331) NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/2 + NOTE: upstream fix: https://sourceforge.net/p/podofo/code/1842/ CVE-2017-7378 (The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo ...) - libpodofo (bug #859330) NOTE: http://www.openwall.com/lists/oss-security/2017/04/01/1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51158 - data
Author: alteholz Date: 2017-04-28 17:59:20 + (Fri, 28 Apr 2017) New Revision: 51158 Modified: data/dla-needed.txt Log: add mysql-connector-java Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-04-28 17:54:19 UTC (rev 51157) +++ data/dla-needed.txt 2017-04-28 17:59:20 UTC (rev 51158) @@ -42,6 +42,7 @@ jasper (Thorsten Alteholz) -- jbig2dec + NOTE: maintainer contacted 20170428 -- kedpm (Antoine Beaupré) NOTE: no further triage done from ta, please decide on your own @@ -76,6 +77,9 @@ NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c/ NOTE: -- Jonas Meurer -- +mysql-connector-java + NOTE: maintainer contacted 20170428 +-- nss -- ntp ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51159 - data
Author: alteholz Date: 2017-04-28 18:01:02 + (Fri, 28 Apr 2017) New Revision: 51159 Modified: data/dla-needed.txt Log: add mysql-connector-python Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-04-28 17:59:20 UTC (rev 51158) +++ data/dla-needed.txt 2017-04-28 18:01:02 UTC (rev 51159) @@ -80,6 +80,9 @@ mysql-connector-java NOTE: maintainer contacted 20170428 -- +mysql-connector-python + NOTE: Brian May is one of the maintainers +-- nss -- ntp ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51160 - data/CVE
Author: carnil Date: 2017-04-28 18:59:24 + (Fri, 28 Apr 2017) New Revision: 51160 Modified: data/CVE/list Log: Remove a spourious/additional space in description Modified: data/CVE/list === --- data/CVE/list 2017-04-28 18:01:02 UTC (rev 51159) +++ data/CVE/list 2017-04-28 18:59:24 UTC (rev 51160) @@ -2248,7 +2248,7 @@ - linux NOTE: https://lkml.org/lkml/2017/4/1/235 NOTE: https://lkml.org/lkml/2017/4/3/724 -CVE-2017-7471 [9p: virtfs allows guest to change filesystem attributes on host] +CVE-2017-7471 [9p: virtfs allows guest to change filesystem attributes on host] RESERVED - qemu (bug #860785) - qemu-kvm ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51161 - in data: . DSA
Author: carnil
Date: 2017-04-28 18:59:29 + (Fri, 28 Apr 2017)
New Revision: 51161
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
Reserve DSA number for freetype update
Modified: data/DSA/list
===
--- data/DSA/list 2017-04-28 18:59:24 UTC (rev 51160)
+++ data/DSA/list 2017-04-28 18:59:29 UTC (rev 51161)
@@ -1,3 +1,6 @@
+[28 Apr 2017] DSA-3839-1 freetype - security update
+ {CVE-2016-10244 CVE-2017-8105 CVE-2017-8287}
+ [jessie] - freetype 2.5.2-3+deb8u2
[28 Apr 2017] DSA-3838-1 ghostscript - security update
{CVE-2016-10219 CVE-2016-10220 CVE-2017-5951 CVE-2017-7207
CVE-2017-8291}
[jessie] - ghostscript 9.06~dfsg-2+deb8u5
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-04-28 18:59:24 UTC (rev 51160)
+++ data/dsa-needed.txt 2017-04-28 18:59:29 UTC (rev 51161)
@@ -19,8 +19,6 @@
--
chromium-browser
--
-freetype (carnil, joint work with jmm for previous prepared update)
---
graphicsmagick
--
libytnef (seb)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51162 - in data: . DLA
Author: hle
Date: 2017-04-28 20:04:24 + (Fri, 28 Apr 2017)
New Revision: 51162
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-923-1 for partclone
Modified: data/DLA/list
===
--- data/DLA/list 2017-04-28 18:59:29 UTC (rev 51161)
+++ data/DLA/list 2017-04-28 20:04:24 UTC (rev 51162)
@@ -1,3 +1,6 @@
+[28 Apr 2017] DLA-923-1 partclone - security update
+ {CVE-2017-6596}
+ [wheezy] - partclone 0.2.48-1+deb7u1
[28 Apr 2017] DLA-922-1 linux - security update
{CVE-2016-2188 CVE-2016-9604 CVE-2016-10200 CVE-2017-2647 CVE-2017-2671
CVE-2017-5967 CVE-2017-5970 CVE-2017-6951 CVE-2017-7184 CVE-2017-7261
CVE-2017-7273 CVE-2017-7294 CVE-2017-7308 CVE-2017-7472 CVE-2017-7616
CVE-2017-7618}
[wheezy] - linux 3.2.88-1
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-04-28 18:59:29 UTC (rev 51161)
+++ data/dla-needed.txt 2017-04-28 20:04:24 UTC (rev 51162)
@@ -90,9 +90,6 @@
--
openjdk-7 (Emilio Pozuelo)
--
-partclone (Hugo Lefeuvre)
- NOTE: CVE-2017-6596 successfully reproduced on Debian Wheezy, but upstream
patch doesn't fix the issue.
---
potrace
NOTE: Upstream is not going to fix CVE-2016-8686 since it believes it is not
NOTE: a bug (see #843861).
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51163 - in data: . DLA
Author: apo
Date: 2017-04-28 21:05:51 + (Fri, 28 Apr 2017)
New Revision: 51163
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-924-1 for tomcat7
Modified: data/DLA/list
===
--- data/DLA/list 2017-04-28 20:04:24 UTC (rev 51162)
+++ data/DLA/list 2017-04-28 21:05:51 UTC (rev 51163)
@@ -1,3 +1,6 @@
+[28 Apr 2017] DLA-924-1 tomcat7 - security update
+ {CVE-2017-5647 CVE-2017-5648}
+ [wheezy] - tomcat7 7.0.28-4+deb7u12
[28 Apr 2017] DLA-923-1 partclone - security update
{CVE-2017-6596}
[wheezy] - partclone 0.2.48-1+deb7u1
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-04-28 20:04:24 UTC (rev 51162)
+++ data/dla-needed.txt 2017-04-28 21:05:51 UTC (rev 51163)
@@ -116,9 +116,6 @@
NOTE: maintainer contacted 2017-04-26
NOTE: reproducer doesn't crash server in a test VM - ?
--anarcat
--
-tomcat7 (Markus Koschany)
- NOTE: https://lists.debian.org/debian-lts/2017/04/msg00044.html
---
wireshark
NOTE: maintainer *may* take care of this, as previously
--
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51164 - data
Author: apo Date: 2017-04-28 21:06:47 + (Fri, 28 Apr 2017) New Revision: 51164 Modified: data/dla-needed.txt Log: mysql-connector-java: Java Team / Me will take care of the issue Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-04-28 21:05:51 UTC (rev 51163) +++ data/dla-needed.txt 2017-04-28 21:06:47 UTC (rev 51164) @@ -77,8 +77,7 @@ NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c/ NOTE: -- Jonas Meurer -- -mysql-connector-java - NOTE: maintainer contacted 20170428 +mysql-connector-java (Markus Koschany) -- mysql-connector-python NOTE: Brian May is one of the maintainers ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51165 - data/CVE
Author: sectracker
Date: 2017-04-28 21:10:11 + (Fri, 28 Apr 2017)
New Revision: 51165
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-04-28 21:06:47 UTC (rev 51164)
+++ data/CVE/list 2017-04-28 21:10:11 UTC (rev 51165)
@@ -1,3 +1,35 @@
+CVE-2017-8324
+ RESERVED
+CVE-2017-8323
+ RESERVED
+CVE-2017-8322
+ RESERVED
+CVE-2017-8321
+ RESERVED
+CVE-2017-8320
+ RESERVED
+CVE-2017-8319
+ RESERVED
+CVE-2017-8318
+ RESERVED
+CVE-2017-8317
+ RESERVED
+CVE-2017-8316
+ RESERVED
+CVE-2017-8315
+ RESERVED
+CVE-2017-8314
+ RESERVED
+CVE-2017-8313
+ RESERVED
+CVE-2017-8312
+ RESERVED
+CVE-2017-8311
+ RESERVED
+CVE-2017-8310
+ RESERVED
+CVE-2017-8309
+ RESERVED
CVE-2017-8308 (In Avast Antivirus before v17, an unprivileged user (and thus
malware ...)
NOT-FOR-US: Avast Antivirus
CVE-2017-8307 (In Avast Antivirus before v17, using the LPC interface API
exposed by ...)
@@ -44,6 +76,7 @@
- libressl (bug #754513)
NOTE: http://www.openwall.com/lists/oss-security/2017/04/27/11
CVE-2017-8291 (Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass
and ...)
+ {DSA-3838-1}
- ghostscript 9.20~dfsg-3.1 (bug #861295)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate of
697799)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697799 (made private)
@@ -51,6 +84,7 @@
NOTE: Fixed by:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=04b37bbce174eed24edec7ad5b920eb93db4d47d
NOTE: Fixed by:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3
CVE-2017-8287 (FreeType 2 before 2017-03-26 has an out-of-bounds write caused
by a ...)
+ {DSA-3839-1}
- freetype (bug #861308)
NOTE: Fixed by:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0
CVE-2017-8286
@@ -438,7 +472,7 @@
NOTE: Introduced by:
https://git.kernel.org/linus/bfd0a56b90005f8c8a004baf407ad90045c2b11e (3.12-rc1)
NOTE: Fixed by:
https://git.kernel.org/linus/4b855078601fc422dbac3059f2215e776f49780f (3.16-rc4)
CVE-2017-8105 (FreeType 2 before 2017-03-24 has an out-of-bounds write caused
by a ...)
- {DLA-918-1}
+ {DSA-3839-1 DLA-918-1}
- freetype (bug #861220)
NOTE: Fixed by:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
@@ -3260,6 +3294,7 @@
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1000
NOTE:
https://git.libav.org/?p=libav.git;a=commit;h=522d850e68ec4b77d3477b3c8f55b1ba00a9d69a
CVE-2017-7207 (The mem_get_bits_rectangle function in Artifex Software, Inc.
...)
+ {DSA-3838-1}
- ghostscript 9.20~dfsg-3 (bug #858350)
[wheezy] - ghostscript (Minor issue)
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=309eca4e0a31ea70dcc844812691439312dad091
@@ -4642,6 +4677,7 @@
CVE-2017-6597 (A vulnerability in the local-mgmt CLI command of the Cisco
Unified ...)
NOT-FOR-US: Cisco
CVE-2017-6596 (partclone.chkimg in partclone 0.2.89 is prone to a heap-based
buffer ...)
+ {DLA-923-1}
[experimental] - partclone 0.2.90-1
- partclone 0.2.89-3 (bug #857966)
[jessie] - partclone (Minor issue)
@@ -4975,7 +5011,7 @@
CVE-2017-6478 (paintballrefjosh/MaNGOSWebV4 before 4.0.8 is vulnerable to a
reflected ...)
NOT-FOR-US: MaNGOSWebV4
CVE-2016-10244 (The parse_charstrings function in type1/t1load.c in FreeType 2
before ...)
- {DLA-848-1}
+ {DSA-3839-1 DLA-848-1}
[experimental] - freetype 2.7.1-0.1
- freetype 2.6.3-3.1 (bug #856971)
NOTE: Fixed in 2.7:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7
@@ -6614,7 +6650,7 @@
CVE-2017-5952
RESERVED
CVE-2017-5951 (The mem_get_bits_rectangle function in base/gdevmem.c in
Artifex ...)
- {DLA-905-1}
+ {DSA-3838-1 DLA-905-1}
- ghostscript 9.20~dfsg-3.1 (bug #859696)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697548
NOTE: Fixed by:
http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8
@@ -6652,12 +6688,12 @@
- mupdf (Vulnerable code not yet present)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697400
CVE-2016-10220 (The gs_makewordimagedevice function in base/gsdevmem.c in
Artifex ...)
- {DLA-905-1}
+ {DSA-3838-1 DLA-905-1}
- ghostscript 9.20~dfsg-3.1 (bug #859694)
NOTE:
http://www.ghostscript.com/cgi-bin/findgit.cgi?daf85701dab05f17e924a48a81edc9195b4a04e8
NOTE: https://bugs.ghost
[Secure-testing-commits] r51166 - data/CVE
Author: carnil Date: 2017-04-29 05:30:32 + (Sat, 29 Apr 2017) New Revision: 51166 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-04-28 21:10:11 UTC (rev 51165) +++ data/CVE/list 2017-04-29 05:30:32 UTC (rev 51166) @@ -17477,19 +17477,19 @@ CVE-2017-2157 RESERVED CVE-2017-2156 (Untrusted search path vulnerability in Vivaldi installer for Windows ...) - TODO: check + NOT-FOR-US: Vivaldi installer Windows CVE-2017-2155 (Buffer overflow in Hoozin Viewer 2, 3, 4.1.5.15 and earlier, 5.1.2.13 ...) - TODO: check + NOT-FOR-US: Hoozin Viewer CVE-2017-2154 (Cross-site scripting vulnerability in Booking Calendar version 7.1 and ...) - TODO: check + NOT-FOR-US: Booking Calendar CVE-2017-2153 (SEIL/x86 Fuji 1.70 to 5.62, SEIL/BPV4 5.00 to 5.62, SEIL/X1 1.30 to ...) - TODO: check + NOT-FOR-US: SEIL CVE-2017-2152 (WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to ...) - TODO: check + NOT-FOR-US: WNC01WH firmware CVE-2017-2151 (Cross-site scripting vulnerability in Booking Calendar version 7.1 and ...) - TODO: check + NOT-FOR-US: Booking Calendar CVE-2017-2150 (Directory traversal vulnerability in Booking Calendar version 7.0 and ...) - TODO: check + NOT-FOR-US: Booking Calendar CVE-2017-2149 (Untrusted search path vulnerability in installers of the software for ...) TODO: check CVE-2017-2148 (Cross-site scripting vulnerability in WN-AC1167GR firmware version ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r51167 - data/CVE
Author: carnil Date: 2017-04-29 05:37:58 + (Sat, 29 Apr 2017) New Revision: 51167 Modified: data/CVE/list Log: More NFUs Modified: data/CVE/list === --- data/CVE/list 2017-04-29 05:30:32 UTC (rev 51166) +++ data/CVE/list 2017-04-29 05:37:58 UTC (rev 51167) @@ -17491,11 +17491,11 @@ CVE-2017-2150 (Directory traversal vulnerability in Booking Calendar version 7.0 and ...) NOT-FOR-US: Booking Calendar CVE-2017-2149 (Untrusted search path vulnerability in installers of the software for ...) - TODO: check + NOT-FOR-US: installers of the software for SDHC/SDXC Memory Cards CVE-2017-2148 (Cross-site scripting vulnerability in WN-AC1167GR firmware version ...) - TODO: check + NOT-FOR-US: WN-AC1167GR firmware CVE-2017-2147 (Cross-site scripting vulnerability in WP Statistics version 12.0.4 and ...) - TODO: check + NOT-FOR-US: WP Statistics CVE-2017-2146 RESERVED CVE-2017-2145 @@ -17503,25 +17503,25 @@ CVE-2017-2144 RESERVED CVE-2017-2143 (CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor ...) - TODO: check + NOT-FOR-US: CS-Cart CVE-2017-2142 (Buffer overflow in WN-G300R3 firmware Ver.1.03 and earlier allows ...) - TODO: check + NOT-FOR-US: WN-G300R3 firmware CVE-2017-2141 (WN-G300R3 firmware 1.03 and earlier allows attackers with ...) - TODO: check + NOT-FOR-US: WN-G300R3 firmware CVE-2017-2140 (Tablacus Explorer 17.3.30 and earlier allows arbitrary scripts to be ...) - TODO: check + NOT-FOR-US: Tablacus Explorer CVE-2017-2139 (CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), ...) - TODO: check + NOT-FOR-US: CS-Cart CVE-2017-2138 RESERVED CVE-2017-2137 (ProSAFE Plus Configuration Utility prior to 2.3.29 allows remote ...) - TODO: check + NOT-FOR-US: ProSAFE Plus Configuration Utility CVE-2017-2136 (Cross-site scripting vulnerability in WP Statistics version 12.0.4 and ...) - TODO: check + NOT-FOR-US: WP Statistics CVE-2017-2135 (Cross-site scripting vulnerability in WP Statistics version 12.0.1 and ...) - TODO: check + NOT-FOR-US: WP Statistics CVE-2017-2134 (Cross-site scripting vulnerability in ASSETBASE 8.0 and earlier allows ...) - TODO: check + NOT-FOR-US: ASSETBASE CVE-2017-2133 RESERVED CVE-2017-2132 @@ -17529,39 +17529,39 @@ CVE-2017-2131 RESERVED CVE-2017-2130 (Untrusted search path vulnerability in the installer of PhishWall ...) - TODO: check + NOT-FOR-US: installer of PhishWall Client Internet Explorer CVE-2017-2129 RESERVED CVE-2017-2128 (Security guide for website operators allows remote attackers to ...) TODO: check CVE-2017-2127 (Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 ...) - TODO: check + NOT-FOR-US: YOP Poll CVE-2017-2126 RESERVED CVE-2017-2125 (Privilege escalation vulnerability in CentreCOM AR260S V2 remote ...) - TODO: check + NOT-FOR-US: CentreCOM AR260S CVE-2017-2124 (Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door ...) - TODO: check + NOT-FOR-US: OneThird CMS CVE-2017-2123 (Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door ...) - TODO: check + NOT-FOR-US: OneThird CMS CVE-2017-2122 RESERVED CVE-2017-2121 RESERVED CVE-2017-2120 (SQL injection vulnerability in the WBCE CMS 1.1.10 and earlier allows ...) - TODO: check + NOT-FOR-US: WBCE CMS CVE-2017-2119 (Directory traversal vulnerability in WBCE CMS 1.1.10 and earlier ...) - TODO: check + NOT-FOR-US: WBCE CMS CVE-2017-2118 (Cross-site scripting vulnerability in WBCE CMS 1.1.10 and earlier ...) - TODO: check + NOT-FOR-US: WBCE CMS CVE-2017-2117 (Directory traversal vulnerability in CubeCart versions prior to 6.1.5 ...) - TODO: check + NOT-FOR-US: CubeCart CVE-2017-2116 (Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2017-2115 (Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2017-2114 (Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2017-2113 (Buffer overflow in TS-WPTCAM firmware version 1.18 and earlier, ...) TODO: check CVE-2017-2112 (TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware ...) @@ -17569,11 +17569,11 @@ CVE-2017-2111 (HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 ...) TODO: check CVE-2017-2110 (The Access CX App for Android prior to 2.0.0.1 and for iOS prior to ...) - TODO: check + NOT-FOR-US: CX App for Android CVE-2017-2109 (Cybozu KUNA
