[Secure-testing-commits] r57592 - data/CVE
Author: jmm Date: 2017-11-13 07:27:15 + (Mon, 13 Nov 2017) New Revision: 57592 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2017-11-13 06:09:42 UTC (rev 57591) +++ data/CVE/list 2017-11-13 07:27:15 UTC (rev 57592) @@ -11409,7 +11409,7 @@ CVE-2017-12802 (The EBML_IntegerValue function in ebmlnumber.c in libebml2 through ...) NOT-FOR-US: libembl2 (different codebase than src:libebml) CVE-2017-12801 (The UpdateDataSize function in ebmlmaster.c in libebml2 through ...) - TODO: check + NOT-FOR-US: libembl2 (different codebase than src:libebml) CVE-2017-12800 (The EBML_FindNextElement function in ebmlmain.c in libebml2 through ...) TODO: check CVE-2016-10405 (Session fixation vulnerability in D-Link DIR-600L routers (rev. Ax) ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57591 - data/CVE
Author: carnil Date: 2017-11-13 06:09:42 + (Mon, 13 Nov 2017) New Revision: 57591 Modified: data/CVE/list Log: Process CVE-2017-15113, NFU (ovirt-engine) Modified: data/CVE/list === --- data/CVE/list 2017-11-12 22:13:40 UTC (rev 57590) +++ data/CVE/list 2017-11-13 06:09:42 UTC (rev 57591) @@ -4395,6 +4395,7 @@ RESERVED CVE-2017-15113 RESERVED + NOT-FOR-US: ovirt-engine CVE-2017-15112 RESERVED CVE-2017-15111 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57590 - data/CVE
Author: jmm Date: 2017-11-12 22:13:40 + (Sun, 12 Nov 2017) New Revision: 57590 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2017-11-12 21:57:43 UTC (rev 57589) +++ data/CVE/list 2017-11-12 22:13:40 UTC (rev 57590) @@ -37,7 +37,7 @@ CVE-2017-16783 (In CMS Made Simple 2.1.6, there is Server-Side Template Injection via ...) NOT-FOR-US: CMS Made Simple CVE-2017-16782 (In Home Assistant before 0.57, it is possible to inject JavaScript code ...) - TODO: check + NOT-FOR-US: Home Assistant CVE-2017-16781 (The installer in MyBB before 1.8.13 has XSS. ...) NOT-FOR-US: MyBB CVE-2017-16780 (The installer in MyBB before 1.8.13 allows remote attackers to execute ...) @@ -1295,7 +1295,7 @@ CVE-2017-16250 RESERVED CVE-2017-16249 (The Debut embedded http server 1.20 contains a remotely exploitable ...) - TODO: check + NOT-FOR-US: Debut embedded http server CVE-2017-16247 RESERVED CVE-2017-16246 @@ -11404,9 +11404,9 @@ CVE-2017-12804 RESERVED CVE-2017-12803 (The Node_ValidatePtr function in corec/corec/node/node.c in mkclean ...) - TODO: check + NOT-FOR-US: mkclean CVE-2017-12802 (The EBML_IntegerValue function in ebmlnumber.c in libebml2 through ...) - TODO: check + NOT-FOR-US: libembl2 (different codebase than src:libebml) CVE-2017-12801 (The UpdateDataSize function in ebmlmaster.c in libebml2 through ...) TODO: check CVE-2017-12800 (The EBML_FindNextElement function in ebmlmain.c in libebml2 through ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57589 - doc
Author: jmm Date: 2017-11-12 21:57:43 + (Sun, 12 Nov 2017) New Revision: 57589 Modified: doc/DSA.template Log: remove testing/sid from DSA template - if a DSA is for more than one vulnerability, we end up writing unfixed, while that's partly untrue, security tracker is more precise - the DSA mail is a single point in time, if it gets fixed after DSA release time, it still reads unfixed in the advisory, security tracker is always up-to-date. - if we notice a fix for unstable was incorrect/incomplete, the advisory never gets updated, security tracker is always up-to-date => people should consult the Debian Security Tracker as the canonical source of information for the fix status in testing/unstable. Modified: doc/DSA.template === --- doc/DSA.template2017-11-12 21:40:13 UTC (rev 57588) +++ doc/DSA.template2017-11-12 21:57:43 UTC (rev 57589) @@ -20,12 +20,6 @@ For the stable distribution ($STABLE), this problem has been fixed in version $$STABLE_VERSION. -For the testing distribution ($TESTING), this problem has been fixed -in version $$TESTING_VERSION. - -For the unstable distribution (sid), this problem has been fixed in -version $UNSTABLE_VERSION. - We recommend that you upgrade your $PACKAGE packages. Further information about Debian Security Advisories, how to apply ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57588 - data/CVE
Author: carnil Date: 2017-11-12 21:40:13 + (Sun, 12 Nov 2017) New Revision: 57588 Modified: data/CVE/list Log: Add bug references for CVE-2017-8923, #881538, #881539 Modified: data/CVE/list === --- data/CVE/list 2017-11-12 21:13:39 UTC (rev 57587) +++ data/CVE/list 2017-11-12 21:40:13 UTC (rev 57588) @@ -22752,8 +22752,8 @@ - linux 4.9.16-1 (low) NOTE: Fixed by: https://git.kernel.org/linus/654b404f2a222f918af9b0cd18ad469d0c941a8e CVE-2017-8923 (The zend_string_extend function in Zend/zend_string.h in PHP through ...) - - php7.1 - - php7.0 + - php7.1 (bug #881539) + - php7.0 (bug #881538) NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74577 NOTE: (Duplicate of) PHP Bug: https://bugs.php.net/bug.php?id=73122 CVE-2017-8922 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57587 - data/CVE
Author: carnil Date: 2017-11-12 21:13:39 + (Sun, 12 Nov 2017) New Revision: 57587 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-11-12 21:13:28 UTC (rev 57586) +++ data/CVE/list 2017-11-12 21:13:39 UTC (rev 57587) @@ -1,9 +1,9 @@ CVE-2017-16800 RESERVED CVE-2017-16799 (In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, ...) - TODO: check + NOT-FOR-US: CMS Made Simple CVE-2017-16798 (In CMS Made Simple 2.2.3.1, the is_file_acceptable function in ...) - TODO: check + NOT-FOR-US: CMS Made Simple CVE-2017-16797 (In SWFTools 0.9.2, the png_load function in lib/png.c does not properly ...) - swftools NOTE: https://github.com/matthiaskramm/swftools/issues/51 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57586 - data/CVE
Author: carnil Date: 2017-11-12 21:13:28 + (Sun, 12 Nov 2017) New Revision: 57586 Modified: data/CVE/list Log: Add two more swftools issues Modified: data/CVE/list === --- data/CVE/list 2017-11-12 21:10:13 UTC (rev 57585) +++ data/CVE/list 2017-11-12 21:13:28 UTC (rev 57586) @@ -5,9 +5,11 @@ CVE-2017-16798 (In CMS Made Simple 2.2.3.1, the is_file_acceptable function in ...) TODO: check CVE-2017-16797 (In SWFTools 0.9.2, the png_load function in lib/png.c does not properly ...) - TODO: check + - swftools + NOTE: https://github.com/matthiaskramm/swftools/issues/51 CVE-2017-16796 (In SWFTools 0.9.2, the png_load function in lib/png.c does not check ...) - TODO: check + - swftools + NOTE: https://github.com/matthiaskramm/swftools/issues/51 CVE-2017-16795 RESERVED CVE-2017-16794 (The png_load function in lib/png.c in SWFTools 0.9.2 does not properly ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57585 - data/CVE
Author: sectracker
Date: 2017-11-12 21:10:13 + (Sun, 12 Nov 2017)
New Revision: 57585
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-12 20:47:07 UTC (rev 57584)
+++ data/CVE/list 2017-11-12 21:10:13 UTC (rev 57585)
@@ -1,3 +1,15 @@
+CVE-2017-16800
+ RESERVED
+CVE-2017-16799 (In CMS Made Simple 2.2.3.1, in
modules/New/action.addcategory.php, ...)
+ TODO: check
+CVE-2017-16798 (In CMS Made Simple 2.2.3.1, the is_file_acceptable function in
...)
+ TODO: check
+CVE-2017-16797 (In SWFTools 0.9.2, the png_load function in lib/png.c does not
properly ...)
+ TODO: check
+CVE-2017-16796 (In SWFTools 0.9.2, the png_load function in lib/png.c does not
check ...)
+ TODO: check
+CVE-2017-16795
+ RESERVED
CVE-2017-16794 (The png_load function in lib/png.c in SWFTools 0.9.2 does not
properly ...)
- swftools
NOTE: https://github.com/matthiaskramm/swftools/issues/50
@@ -3947,7 +3959,7 @@
CVE-2017-15278 (Cross-Site Scripting (XSS) was discovered in TeamPass before
2.1.27.9. ...)
NOT-FOR-US: TeamPass
CVE-2017-15277 (ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and
GraphicsMagick ...)
- {DLA-1140-1 DLA-1139-1}
+ {DSA-4032-1 DLA-1140-1 DLA-1139-1}
- imagemagick (bug #878578)
- graphicsmagick 1.3.26-14
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/9fd10cf630832b36a588c1545d8736539b2f1fb5
@@ -4869,7 +4881,7 @@
NOTE: https://core.trac.wordpress.org/ticket/38474
NOTE: Wordpress in Wheezy requires a database upgrade and backports of
new functions
CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in
...)
- {DLA-1131-1}
+ {DSA-4032-1 DLA-1131-1}
- imagemagick (bug #878562)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/781
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/97740ccc177ee264e79091fa573d994eb6b05628
@@ -5752,7 +5764,7 @@
CVE-2017-14683 (geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as
demonstrated by ...)
NOT-FOR-US: geminabox
CVE-2017-14682 (GetNextToken in MagickCore/token.c in ImageMagick 7.0.6 allows
remote ...)
- {DLA-1131-1}
+ {DSA-4032-1 DLA-1131-1}
- imagemagick (bug #876488)
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32726
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/3bee958ee63eb6ec62834d0c7b28b4b6835e6a00
@@ -5987,7 +5999,7 @@
NOTE:
https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21
NOTE: https://github.com/LibRaw/LibRaw/issues/101
CVE-2017-14607 (In ImageMagick 7.0.7-4 Q16, an out of bounds read flaw related
to ...)
- {DLA-1131-1}
+ {DSA-4032-1 DLA-1131-1}
- imagemagick (low; bug #878527)
NOTE: IM6 patch:
https://github.com/ImageMagick/ImageMagick/commit/cd665c3d05b46d1579c738a72214175ff50aec74
NOTE: https://github.com/ImageMagick/ImageMagick/issues/765
@@ -7082,7 +7094,7 @@
- libav
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/837cb4325b712ff1aab531bf41668933f61d75d2
CVE-2017-14224 (A heap-based buffer overflow in WritePCXImage in coders/pcx.c
in ...)
- {DLA-1131-1}
+ {DSA-4032-1 DLA-1131-1}
- imagemagick (bug #876097)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/733
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/7f2d6fe34d695d3445e2d50937db5541a1b76bde
@@ -8296,7 +8308,7 @@
CVE-2017-13770
RESERVED
CVE-2017-13769 (The WriteTHUMBNAILImage function in coders/thumbnail.c in
ImageMagick ...)
- {DLA-1131-1}
+ {DSA-4032-1 DLA-1131-1}
- imagemagick (low; bug #878507)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/705
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/45d342155b5e9b83904c695411d20f33cf9b524c
@@ -8346,7 +8358,7 @@
CVE-2017-13759
RESERVED
CVE-2017-13758 (In ImageMagick 7.0.6-10, there is a heap-based buffer overflow
in the ...)
- {DLA-1131-1}
+ {DSA-4032-1 DLA-1131-1}
- imagemagick (bug #878508)
NOTE:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32583
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/ef6cee1bcf144b7c9285787920361a53296e7907
@@ -9840,7 +9852,7 @@
CVE-2017-13135
RESERVED
CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based
buffer ...)
- {DLA-1081-1}
+ {DSA-4032-1 DLA-1081-1}
- imagemagick (bug #873099)
- graphicsmagick 1.3.26-19 (bug #881524)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/670
@@ -10278,7 +10290,7 @@
CVE-2017-12984 (PHPMyWind 5.3 has XSS in shoppingcart.php, related to
message.php, ...)
NOT-FOR-US: PHPMyWin
[Secure-testing-commits] r57584 - data/DLA
Author: carnil
Date: 2017-11-12 20:47:07 + (Sun, 12 Nov 2017)
New Revision: 57584
Modified:
data/DLA/list
Log:
Remove CVE-2017-14990 for DLA-1151-1
Modified: data/DLA/list
===
--- data/DLA/list 2017-11-12 20:43:55 UTC (rev 57583)
+++ data/DLA/list 2017-11-12 20:47:07 UTC (rev 57584)
@@ -55,7 +55,7 @@
{CVE-2017-16227}
[wheezy] - quagga 0.99.22.4-1+wheezy3+deb7u2
[31 Oct 2017] DLA-1151-1 wordpress - security update
- {CVE-2016-9263 CVE-2017-14718 CVE-2017-14719 CVE-2017-14720
CVE-2017-14721 CVE-2017-14722 CVE-2017-14723 CVE-2017-14725 CVE-2017-14990}
+ {CVE-2016-9263 CVE-2017-14718 CVE-2017-14719 CVE-2017-14720
CVE-2017-14721 CVE-2017-14722 CVE-2017-14723 CVE-2017-14725}
[wheezy] - wordpress 3.6.1+dfsg-1~deb7u17
[31 Oct 2017] DLA-1150-1 wpa - security update
{CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088}
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57583 - data/CVE
Author: apo
Date: 2017-11-12 20:43:55 + (Sun, 12 Nov 2017)
New Revision: 57583
Modified:
data/CVE/list
Log:
CVE-2017-14990,wordpress: Not fixed in Wheezy
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-12 20:41:09 UTC (rev 57582)
+++ data/CVE/list 2017-11-12 20:43:55 UTC (rev 57583)
@@ -4864,9 +4864,10 @@
CVE-2017-14758 (OpenText Document Sciences xPression (formerly EMC Document
Sciences ...)
NOT-FOR-US: EMC
CVE-2017-14990 (WordPress 4.8.2 stores cleartext wp_signups.activation_key
values (but ...)
- {DSA-3997-1 DLA-1151-1}
+ {DSA-3997-1}
- wordpress 4.8.2+dfsg-2 (bug #877629)
NOTE: https://core.trac.wordpress.org/ticket/38474
+ NOTE: Wordpress in Wheezy requires a database upgrade and backports of
new functions
CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in
...)
{DLA-1131-1}
- imagemagick (bug #878562)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57581 - in data: . DLA
Author: apo
Date: 2017-11-12 20:40:40 + (Sun, 12 Nov 2017)
New Revision: 57581
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1151-2 for wordpress
Modified: data/DLA/list
===
--- data/DLA/list 2017-11-12 20:01:35 UTC (rev 57580)
+++ data/DLA/list 2017-11-12 20:40:40 UTC (rev 57581)
@@ -1,3 +1,5 @@
+[12 Nov 2017] DLA-1151-2 wordpress - regression update
+ [wheezy] - wordpress 3.6.1+dfsg-1~deb7u19
[11 Nov 2017] DLA-1169-1 postgresql-common - security update
{CVE-2017-8806}
[wheezy] - postgresql-common 134wheezy6
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-12 20:01:35 UTC (rev 57580)
+++ data/dla-needed.txt 2017-11-12 20:40:40 UTC (rev 57581)
@@ -128,8 +128,6 @@
NOTE: 2017-08-28: Contacted maintainer since most NOTE: issues affect
Jessie/Stretch as well
--
-wordpress
---
xen
--
xorg-server (Emilio Pozuelo)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57582 - data
Author: apo Date: 2017-11-12 20:41:09 + (Sun, 12 Nov 2017) New Revision: 57582 Modified: data/dla-needed.txt Log: Readd wordpress to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-12 20:40:40 UTC (rev 57581) +++ data/dla-needed.txt 2017-11-12 20:41:09 UTC (rev 57582) @@ -128,6 +128,8 @@ NOTE: 2017-08-28: Contacted maintainer since most NOTE: issues affect Jessie/Stretch as well -- +wordpress +-- xen -- xorg-server (Emilio Pozuelo) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57580 - data/CVE
Author: carnil Date: 2017-11-12 20:01:35 + (Sun, 12 Nov 2017) New Revision: 57580 Modified: data/CVE/list Log: openvswitch version uploaded to unstable Although not needed since we basically only track the fix via unstable decided to keep the experimental entry with the exact version which fixed the respective CVE still recorded. Modified: data/CVE/list === --- data/CVE/list 2017-11-12 18:52:44 UTC (rev 57579) +++ data/CVE/list 2017-11-12 20:01:35 UTC (rev 57580) @@ -4929,7 +4929,7 @@ NOT-FOR-US: InFocus Mondopad CVE-2017-14970 (In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are ...) [experimental] - openvswitch 2.8.1+dfsg1-1 - - openvswitch (unimportant; bug #877543) + - openvswitch 2.8.1+dfsg1-2 (unimportant; bug #877543) NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339085.html NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-September/339086.html NOTE: Not considered a security issue by upstream, see #877543 @@ -21594,21 +21594,21 @@ RESERVED CVE-2017-9265 (In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing ...) [experimental] - openvswitch 2.8.1+dfsg1-1 - - openvswitch (unimportant; bug #863662) + - openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863662) [jessie] - openvswitch (Vulnerable code not present) [wheezy] - openvswitch (Vulnerable code not present) NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332965.html NOTE: OpenFlow 1.5 support still incomplete CVE-2017-9264 (In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) ...) [experimental] - openvswitch 2.8.1+dfsg1-1 - - openvswitch (unimportant; bug #863661) + - openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863661) [jessie] - openvswitch (Vulnerable code not present; connection tracking support introduced in 2.6.0) [wheezy] - openvswitch (Vulnerable code not present; connection tracking support introduced in 2.6.0) NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-March/329323.html NOTE: Userspace data path not enabled in Debian packaging CVE-2017-9263 (In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status ...) [experimental] - openvswitch 2.8.1+dfsg1-1 - - openvswitch (unimportant; bug #863655) + - openvswitch 2.8.1+dfsg1-2 (unimportant; bug #863655) [jessie] - openvswitch (No controllers implemented, cf. #863655) [wheezy] - openvswitch (No controllers implemented, cf. #863655) NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332966.html @@ -21830,7 +21830,7 @@ RESERVED CVE-2017-9214 (In Open vSwitch (OvS) 2.7.0, while parsing an ...) [experimental] - openvswitch 2.8.1+dfsg1-1 - - openvswitch (bug #863228) + - openvswitch 2.8.1+dfsg1-2 (bug #863228) [stretch] - openvswitch (Minor issue) [jessie] - openvswitch (Vulnerable code not present) [wheezy] - openvswitch (Vulnerable code not present) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57579 - data/CVE
Author: gcs
Date: 2017-11-12 18:52:44 + (Sun, 12 Nov 2017)
New Revision: 57579
Modified:
data/CVE/list
Log:
Add CVE-2017-1{3134,6669}/graphicsmagick fixed version in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-12 18:22:17 UTC (rev 57578)
+++ data/CVE/list 2017-11-12 18:52:44 UTC (rev 57579)
@@ -264,7 +264,7 @@
RESERVED
CVE-2017-16669 (coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers
to cause ...)
{DLA-1168-1}
- - graphicsmagick (bug #881391)
+ - graphicsmagick 1.3.26-19 (bug #881391)
NOTE: https://sourceforge.net/p/graphicsmagick/bugs/450/
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/135bdcb88b8d
NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/1b9e64a8901e
@@ -9841,7 +9841,7 @@
CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based
buffer ...)
{DLA-1081-1}
- imagemagick (bug #873099)
- - graphicsmagick
+ - graphicsmagick 1.3.26-19 (bug #881524)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/670
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/5304ae14655a67b9a3db00563fe44d9abd6de4f0
NOTE: ImageMagick-6:
https://github.com/ImageMagick/ImageMagick/commit/1b234b4fe2ec864b2d5af898a31c06c9736da904
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57578 - data/CVE
Author: carnil Date: 2017-11-12 18:22:17 + (Sun, 12 Nov 2017) New Revision: 57578 Modified: data/CVE/list Log: Sync some CVE stati with kernel-sec Modified: data/CVE/list === --- data/CVE/list 2017-11-12 15:44:00 UTC (rev 57577) +++ data/CVE/list 2017-11-12 18:22:17 UTC (rev 57578) @@ -318,18 +318,29 @@ NOTE: https://github.com/roundcube/roundcubemail/issues/6026 CVE-2017-16650 (The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux ...) - linux + [wheezy] - linux (Vulnerable code not present) CVE-2017-16649 (The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in ...) - linux CVE-2017-16648 (The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c ...) - linux + [stretch] - linux (Vulnerable code not present) + [jessie] - linux (Vulnerable code not present) + [wheezy] - linux (Vulnerable code not present) CVE-2017-16647 (drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 ...) - linux + [jessie] - linux (Vulnerable code not present) + [wheezy] - linux (Vulnerable code not present) CVE-2017-16646 (drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through ...) - linux + [jessie] - linux (Vulnerable code not present) + [wheezy] - linux (Vulnerable code not present) CVE-2017-16645 (The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c ...) - linux + [wheezy] - linux (Vulnerable code not present) CVE-2017-16644 (The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the ...) - linux + [jessie] - linux (Vulnerable code not present) + [wheezy] - linux (Vulnerable code not present) CVE-2017-16643 (The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c ...) - linux CVE-2017-16642 (In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57577 - data/CVE
Author: carnil Date: 2017-11-12 15:44:00 + (Sun, 12 Nov 2017) New Revision: 57577 Modified: data/CVE/list Log: Update status for CVE-2017-16672 in jessie res_pjsip_session does not exist in jessie's version. Adapt status for wheezy in same run. Modified: data/CVE/list === --- data/CVE/list 2017-11-12 14:58:27 UTC (rev 57576) +++ data/CVE/list 2017-11-12 15:44:00 UTC (rev 57577) @@ -249,7 +249,8 @@ NOT-FOR-US: Datto Backup Agent CVE-2017-16672 (An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 ...) - asterisk 1:13.18.1~dfsg-1 (bug #881256) - [wheezy] - asterisk (Minor issue) + [jessie] - asterisk (Vulnerable code not present) + [wheezy] - asterisk (Vulnerable code not present) NOTE: http://downloads.digium.com/pub/security/AST-2017-011.html NOTE: http://downloads.asterisk.org/pub/security/AST-2017-011-13.diff NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27345 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57576 - data/CVE
Author: mattia
Date: 2017-11-12 14:58:27 + (Sun, 12 Nov 2017)
New Revision: 57576
Modified:
data/CVE/list
Log:
update libpodofo CVE info
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-12 13:23:45 UTC (rev 57575)
+++ data/CVE/list 2017-11-12 14:58:27 UTC (rev 57576)
@@ -23140,12 +23140,12 @@
CVE-2017-8788 (An issue was discovered on Accellion FTA devices before
FTA_9_12_180. ...)
NOT-FOR-US: Accellion FTA devices
CVE-2017-8787 (The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry
function in ...)
- - libpodofo (bug #861738)
+ - libpodofo 0.9.5-7 (bug #861738)
[stretch] - libpodofo (Minor issue)
[jessie] - libpodofo (Minor issue)
[wheezy] - libpodofo (Minor issue)
NOTE: Possible unspecified impact. Needs further analysis.
- NOTE: Proposed patch (for wheezy) attached to bug #861738.
+ NOTE: Upstream commit: https://sourceforge.net/p/podofo/code/1851
CVE-2017-8786 (pcre2test.c in PCRE2 10.23 allows remote attackers to cause a
denial of ...)
- pcre2 (unimportant; bug #861873)
NOTE: https://bugs.exim.org/show_bug.cgi?id=2079
@@ -25129,7 +25129,7 @@
- xen 4.3.0-1
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1033948
CVE-2017-7994 (The function TextExtractor::ExtractText in TextExtractor.cpp:77
in ...)
- - libpodofo (bug #860930)
+ - libpodofo 0.9.5-7 (bug #860930)
[stretch] - libpodofo (Minor issue)
[jessie] - libpodofo (Minor issue)
[wheezy] - libpodofo (Minor issue)
@@ -32883,7 +32883,7 @@
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1840/
CVE-2017-5852 (The PoDoFo::PdfPage::GetInheritedKeyFromObject function in ...)
{DLA-929-1}
- - libpodofo (low; bug #854600)
+ - libpodofo 0.9.5-7 (low; bug #854600)
[stretch] - libpodofo (Minor issue)
[jessie] - libpodofo (Minor issue)
NOTE:
https://blogs.gentoo.org/ago/2017/02/01/podofo-infinite-loop-in-podofopdfpagegetinheritedkeyfromobject-pdfpage-cpp
@@ -32891,6 +32891,7 @@
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1835
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1838
NOTE: upstream commit: https://sourceforge.net/p/podofo/code/1841
+ NOTE: further patch for ABI compatibility:
https://sourceforge.net/p/podofo/mailman/message/36084628/
CVE-2017-5849 (tiffttopnm in netpbm 10.47.63 does not properly use the libtiff
...)
- netpbm-free (vulnerable code not present)
NOTE: http://www.openwall.com/lists/oss-security/2017/02/02/2
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57575 - data/CVE
Author: carnil
Date: 2017-11-12 13:23:45 + (Sun, 12 Nov 2017)
New Revision: 57575
Modified:
data/CVE/list
Log:
quagga fixed in unstable with new upstream version
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-12 13:01:27 UTC (rev 57574)
+++ data/CVE/list 2017-11-12 13:23:45 UTC (rev 57575)
@@ -1339,7 +1339,7 @@
NOTE: But needs a separate CVE since different codebasis.
CVE-2017-16227 (The aspath_put function in bgpd/bgp_aspath.c in Quagga before
1.2.2 ...)
{DSA-4011-1 DLA-1152-1}
- - quagga (bug #879474)
+ - quagga 1.2.2-1 (bug #879474)
NOTE:
https://lists.quagga.net/pipermail/quagga-dev/2017-September/033284.html
NOTE:
http://git.savannah.gnu.org/cgit/quagga.git/commit/?id=7a42b78be9a4108d98833069a88e6fddb9285008
CVE-2017-16226
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57574 - data/CVE
Author: carnil Date: 2017-11-12 13:01:27 + (Sun, 12 Nov 2017) New Revision: 57574 Modified: data/CVE/list Log: Add two swftools issues Modified: data/CVE/list === --- data/CVE/list 2017-11-12 10:44:08 UTC (rev 57573) +++ data/CVE/list 2017-11-12 13:01:27 UTC (rev 57574) @@ -1,7 +1,9 @@ CVE-2017-16794 (The png_load function in lib/png.c in SWFTools 0.9.2 does not properly ...) - TODO: check + - swftools + NOTE: https://github.com/matthiaskramm/swftools/issues/50 CVE-2017-16793 (The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not ...) - TODO: check + - swftools + NOTE: https://github.com/matthiaskramm/swftools/issues/47 CVE-2017-16792 RESERVED CVE-2017-16791 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57573 - data
Author: jmm Date: 2017-11-12 10:44:08 + (Sun, 12 Nov 2017) New Revision: 57573 Modified: data/dsa-needed.txt Log: add imagemagick/jessie Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-11-12 10:42:22 UTC (rev 57572) +++ data/dsa-needed.txt 2017-11-12 10:44:08 UTC (rev 57573) @@ -16,6 +16,8 @@ -- graphicsmagick -- +imagemagick/oldstable (jmm) +-- jackson-databind (seb) For CVE-2017-15095 (see notes for missing commits) -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57572 - data/DSA
Author: jmm
Date: 2017-11-12 10:42:22 + (Sun, 12 Nov 2017)
New Revision: 57572
Modified:
data/DSA/list
Log:
imagemagick DSA
Modified: data/DSA/list
===
--- data/DSA/list 2017-11-12 09:10:15 UTC (rev 57571)
+++ data/DSA/list 2017-11-12 10:42:22 UTC (rev 57572)
@@ -1,3 +1,6 @@
+[12 Nov 2017] DSA-4032-1 imagemagick - security update
+ {CVE-2017-12983 CVE-2017-13134 CVE-2017-13758 CVE-2017-13769
CVE-2017-14224 CVE-2017-14607 CVE-2017-14682 CVE-2017-14989 CVE-2017-15277}
+ [stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u3
[11 Nov 2017] DSA-4031-1 ruby2.3 - security update
{CVE-2017-0898 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033}
[stretch] - ruby2.3 2.3.3-1+deb9u2
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57571 - data/CVE
Author: sectracker
Date: 2017-11-12 09:10:15 + (Sun, 12 Nov 2017)
New Revision: 57571
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-12 08:18:43 UTC (rev 57570)
+++ data/CVE/list 2017-11-12 09:10:15 UTC (rev 57571)
@@ -1,3 +1,11 @@
+CVE-2017-16794 (The png_load function in lib/png.c in SWFTools 0.9.2 does not
properly ...)
+ TODO: check
+CVE-2017-16793 (The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2
does not ...)
+ TODO: check
+CVE-2017-16792
+ RESERVED
+CVE-2017-16791
+ RESERVED
CVE-2017-16790
RESERVED
CVE-2017-16789
@@ -9816,7 +9824,7 @@
RESERVED
CVE-2017-13135
RESERVED
-CVE-2017-13134 (In ImageMagick 7.0.6-6, a heap-based buffer over-read was
found in the ...)
+CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based
buffer ...)
{DLA-1081-1}
- imagemagick (bug #873099)
- graphicsmagick
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57570 - data/CVE
Author: carnil Date: 2017-11-12 08:18:43 + (Sun, 12 Nov 2017) New Revision: 57570 Modified: data/CVE/list Log: CVE-2017-16642 adressed in 7.1.11 and 7.0.25 upstream Modified: data/CVE/list === --- data/CVE/list 2017-11-11 21:54:00 UTC (rev 57569) +++ data/CVE/list 2017-11-12 08:18:43 UTC (rev 57570) @@ -322,8 +322,8 @@ CVE-2017-16643 (The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c ...) - linux CVE-2017-16642 (In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an ...) - - php7.1 - - php7.0 + - php7.1 7.1.11-1 + - php7.0 7.0.25-1 - php5 NOTE: Fixed in: 5.6.32, 7.0.25, 7.1.11 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75055 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
