[Secure-testing-commits] r57811 - data
Author: roberto Date: 2017-11-19 04:42:54 + (Sun, 19 Nov 2017) New Revision: 57811 Modified: data/dla-needed.txt Log: Claim ldns in dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-19 04:23:12 UTC (rev 57810) +++ data/dla-needed.txt 2017-11-19 04:42:54 UTC (rev 57811) @@ -27,7 +27,7 @@ NOTE: (since Stretch isn't affected by these issues they are probably not going to accept NOTE: a backport to Stretch, which will therefore make a backport to Jessie/Wheezy impossible). -- -ldns +ldns (Roberto C. Sánchez) NOTE: 20178: Fix for CVE-2017-1000231 will need some adjustment for wheezy (lamby) -- libav (Hugo Lefeuvre) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57810 - data
Author: roberto Date: 2017-11-19 04:23:12 + (Sun, 19 Nov 2017) New Revision: 57810 Modified: data/dla-needed.txt Log: Remove tcpdump, as the sole remaining outstanding issue is postponed Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-19 04:20:53 UTC (rev 57809) +++ data/dla-needed.txt 2017-11-19 04:23:12 UTC (rev 57810) @@ -118,9 +118,6 @@ swftools NOTE: 20171118: At least CVE-2017-16797 is present. (lamby) -- -tcpdump - NOTE: 20171118: PoC (https://github.com/the-tcpdump-group/tcpdump/issues/645) does not appear to be be vulnerable. --- tiff (Brian May) NOTE: CVE-2017-9935: no upstream fix -- Brian May 2017-11-06 NOTE: CVE-2017-11613: no upstream fix, "not a bug" according to RH -- anarcat 2017-10-24 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57809 - data/CVE
Author: roberto Date: 2017-11-19 04:20:53 + (Sun, 19 Nov 2017) New Revision: 57809 Modified: data/CVE/list Log: Postpone CVE-2017-16808 for tcpdump in wheezy, as was done for jessie and stretch Modified: data/CVE/list === --- data/CVE/list 2017-11-19 03:56:47 UTC (rev 57808) +++ data/CVE/list 2017-11-19 04:20:53 UTC (rev 57809) @@ -551,6 +551,7 @@ - tcpdump (low) [stretch] - tcpdump (Can be fixed along in a future update) [jessie] - tcpdump (Can be fixed along in a future update) + [wheezy] - tcpdump (Can be fixed along in a future update) NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/645 CVE-2017-16807 (A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, ...) NOT-FOR-US: Kirby Panel ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57807 - data/CVE
Author: roberto Date: 2017-11-19 03:56:43 + (Sun, 19 Nov 2017) New Revision: 57807 Modified: data/CVE/list Log: Note that CVE-2017-14107 also affects php5 and mark no-DSA in wheezy, not sure about jessie Modified: data/CVE/list === --- data/CVE/list 2017-11-19 03:55:53 UTC (rev 57806) +++ data/CVE/list 2017-11-19 03:56:43 UTC (rev 57807) @@ -8124,8 +8124,11 @@ [stretch] - libzip (Minor issue) [jessie] - libzip (Minor issue) [wheezy] - libzip (Minor issue) + - php5 + [wheezy] - php5 (Minor issue) NOTE: https://blogs.gentoo.org/ago/2017/09/01/libzip-memory-allocation-failure-in-_zip_cdir_grow-zip_dirent-c/ NOTE: https://github.com/nih-at/libzip/commit/9b46957ec98d85a572e9ef98301247f39338a3b5 + NOTE: https://github.com/php/php-src/commit/f6e8ce812174343b5c9fd1860f9e2e2864428567 CVE-2017-14105 (HiveManager Classic through 8.1r1 allows arbitrary JSP code execution ...) NOT-FOR-US: HiveManager CVE-2017-14104 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57808 - data
Author: roberto Date: 2017-11-19 03:56:47 + (Sun, 19 Nov 2017) New Revision: 57808 Modified: data/dla-needed.txt Log: Add notes regarding python2.6/python2.7 wheezy status Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-19 03:56:43 UTC (rev 57807) +++ data/dla-needed.txt 2017-11-19 03:56:47 UTC (rev 57808) @@ -83,8 +83,10 @@ python-werkzeug (Thorsten Alteholz) -- python2.6 (Roberto C. Sánchez) + NOTE: 20171118: Update is prepared, call for testing has been sent, will upload and release DLA 20171125 -- python2.7 (Roberto C. Sánchez) + NOTE: 20171118: Update is prepared, call for testing has been sent, will upload and release DLA 20171125 -- qemu NOTE: 20171012 Can wait for more issues to pile up ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57806 - data/CVE
Author: lamby Date: 2017-11-19 03:55:53 + (Sun, 19 Nov 2017) New Revision: 57806 Modified: data/CVE/list Log: Add note re CVE-2017-1000126/exiv2 in wheezy Modified: data/CVE/list === --- data/CVE/list 2017-11-19 03:55:14 UTC (rev 57805) +++ data/CVE/list 2017-11-19 03:55:53 UTC (rev 57806) @@ -34,6 +34,7 @@ - exiv2 NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1 NOTE: http://dev.exiv2.org/issues/1248 + NOTE: Can't seem to reproduce this in wheezy. CVE-2017-16879 RESERVED CVE-2017-16878 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57805 - data/CVE
Author: lamby Date: 2017-11-19 03:55:14 + (Sun, 19 Nov 2017) New Revision: 57805 Modified: data/CVE/list Log: Add upstream URL for CVE-2017-1000126/exiv2 Modified: data/CVE/list === --- data/CVE/list 2017-11-18 22:38:25 UTC (rev 57804) +++ data/CVE/list 2017-11-19 03:55:14 UTC (rev 57805) @@ -33,6 +33,7 @@ CVE-2017-1000126 (exiv2 0.26 contains a Stack out of bounds read in webp parser ...) - exiv2 NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1 + NOTE: http://dev.exiv2.org/issues/1248 CVE-2017-16879 RESERVED CVE-2017-16878 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57804 - data/CVE
Author: carnil Date: 2017-11-18 22:38:25 + (Sat, 18 Nov 2017) New Revision: 57804 Modified: data/CVE/list Log: Mark CVE-2017-16881 as NFU Modified: data/CVE/list === --- data/CVE/list 2017-11-18 22:37:15 UTC (rev 57803) +++ data/CVE/list 2017-11-18 22:38:25 UTC (rev 57804) @@ -8,7 +8,7 @@ NOTE: But Debian does not install the binaries nor configuration files as NOTE: respective icinga user. CVE-2017-16881 (b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON ...) - TODO: check + NOT-FOR-US: b3log Symphony CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before ...) NOT-FOR-US: filp whoops CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the ItemCount field ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57803 - data/CVE
Author: carnil Date: 2017-11-18 22:37:15 + (Sat, 18 Nov 2017) New Revision: 57803 Modified: data/CVE/list Log: Add CVE-2017-16882/icinga Modified: data/CVE/list === --- data/CVE/list 2017-11-18 22:09:46 UTC (rev 57802) +++ data/CVE/list 2017-11-18 22:37:15 UTC (rev 57803) @@ -2,7 +2,11 @@ - ming NOTE: https://github.com/libming/libming/issues/77 CVE-2017-16882 (Icinga Core through 1.14.0 initially executes bin/icinga as root but ...) - TODO: check + - icinga (Doesn't affect Icinga 1.x as packaged in Debian) + NOTE: https://github.com/Icinga/icinga-core/issues/1601 + NOTE: State is not fully correct, since "affected" source would be there, + NOTE: But Debian does not install the binaries nor configuration files as + NOTE: respective icinga user. CVE-2017-16881 (b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON ...) TODO: check CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57802 - data/CVE
Author: roberto Date: 2017-11-18 22:09:46 + (Sat, 18 Nov 2017) New Revision: 57802 Modified: data/CVE/list Log: Additional URLs for roundcube CVE-2017-16651 Modified: data/CVE/list === --- data/CVE/list 2017-11-18 22:06:24 UTC (rev 57801) +++ data/CVE/list 2017-11-18 22:09:46 UTC (rev 57802) @@ -907,6 +907,8 @@ NOTE: master: https://github.com/roundcube/roundcubemail/commit/2a32f51c91d5e9c7b1a9d931846dd44c008ff36d NOTE: release-1.3: https://github.com/roundcube/roundcubemail/commit/c90ad5a97784fb32683b8e3c21d6c95baab6d806 NOTE: release-1.2: https://github.com/roundcube/roundcubemail/commit/9be2224c779d7abc7b29eea2b83a8a3671c543e0 + NOTE: release-1.1: https://github.com/roundcube/roundcubemail/commit/e757cc410145d043c30889d28fa0b5f67a5cf2fd + NOTE: release-1.0: https://github.com/roundcube/roundcubemail/commit/8d87bb34f3c6103ab81e5342d8b3d297832d178a NOTE: https://github.com/roundcube/roundcubemail/issues/6026 CVE-2017-16650 (The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux ...) - linux 4.13.13-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57801 - data
Author: roberto Date: 2017-11-18 22:06:24 + (Sat, 18 Nov 2017) New Revision: 57801 Modified: data/dla-needed.txt Log: Update roundcube LTS status Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-18 22:04:16 UTC (rev 57800) +++ data/dla-needed.txt 2017-11-18 22:06:24 UTC (rev 57801) @@ -93,6 +93,7 @@ NOTE: 20171012 Can wait for more issues to pile up -- roundcube (Roberto C. Sánchez) + NOTE: 2017118: Patch is ready; because of code differences, waiting on upstream to review or provide information on how to reproduce the exploit -- rsync (Thorsten Alteholz) -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57800 - data/CVE
Author: hle Date: 2017-11-18 22:04:16 + (Sat, 18 Nov 2017) New Revision: 57800 Modified: data/CVE/list Log: ming (removed, only in wheezy) is affected by new CVE-2017-16883 (more infos on upstreams bug tracker) Modified: data/CVE/list === --- data/CVE/list 2017-11-18 21:10:12 UTC (rev 57799) +++ data/CVE/list 2017-11-18 22:04:16 UTC (rev 57800) @@ -1,5 +1,6 @@ CVE-2017-16883 (The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= ...) - TODO: check + - ming + NOTE: https://github.com/libming/libming/issues/77 CVE-2017-16882 (Icinga Core through 1.14.0 initially executes bin/icinga as root but ...) TODO: check CVE-2017-16881 (b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57799 - data/CVE
Author: sectracker Date: 2017-11-18 21:10:12 + (Sat, 18 Nov 2017) New Revision: 57799 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-11-18 20:26:51 UTC (rev 57798) +++ data/CVE/list 2017-11-18 21:10:12 UTC (rev 57799) @@ -1,3 +1,9 @@ +CVE-2017-16883 (The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= ...) + TODO: check +CVE-2017-16882 (Icinga Core through 1.14.0 initially executes bin/icinga as root but ...) + TODO: check +CVE-2017-16881 (b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON ...) + TODO: check CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before ...) NOT-FOR-US: filp whoops CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the ItemCount field ...) @@ -440,12 +446,12 @@ CVE-2017-16833 (Stored cross-site scripting (XSS) vulnerability in Gemirro before ...) NOT-FOR-US: Gemirro CVE-2017-16853 (The DynamicMetadataProvider class in ...) - {DSA-4039-1} + {DSA-4039-1 DLA-1178-1} - opensaml2 (bug #881856) NOTE: https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=6182b0acf2df670e75423c2ed7afe6950ef11c9d NOTE: https://shibboleth.net/community/advisories/secadv_20171115.txt CVE-2017-16852 (shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic ...) - {DSA-4038-1} + {DSA-4038-1 DLA-1179-1} - shibboleth-sp2 (bug #881857) NOTE: https://git.shibboleth.net/view/?p=cpp-sp.git;a=commit;h=b66cceb0e992c351ad5e2c665229ede82f261b16 NOTE: https://shibboleth.net/community/advisories/secadv_20171115.txt @@ -3768,6 +3774,7 @@ NOTE: https://bugs.schedmd.com/show_bug.cgi?id=4228 (not public) NOTE: Fixed by: https://github.com/SchedMD/slurm/commit/b30e9e9ee2ade6951bfaf28e15ef77325a206971 CVE-2017-15565 (In Poppler 0.59.0, a NULL Pointer Dereference exists in the ...) + {DLA-1177-1} - poppler (bug #879066) NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103016 NOTE: Fixed by: https://cgit.freedesktop.org/poppler/poppler/commit/?id=19ebd40547186a8ea6da08c8d8e2a6d6b7e84f5d @@ -5508,16 +5515,19 @@ CVE-2017-14978 RESERVED CVE-2017-14977 (The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler ...) + {DLA-1177-1} - poppler (low; bug #877952) [stretch] - poppler (Minor issue) [jessie] - poppler (Minor issue) NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=103045 NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=19eedc6fb693a62f305e13079501e3105f869f3c CVE-2017-14976 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler ...) + {DLA-1177-1} - poppler (low; bug #877954) NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102724 NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf CVE-2017-14975 (The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler ...) + {DLA-1177-1} - poppler (low; bug #877957) [stretch] - poppler (Minor issue) [jessie] - poppler (Minor issue) @@ -14767,6 +14777,7 @@ - ming NOTE: https://github.com/libming/libming/issues/83 CVE-2017-11733 (A null pointer dereference vulnerability was found in the function ...) + {DLA-1176-1} - ming NOTE: https://github.com/libming/libming/issues/78 CVE-2017-11732 (A heap-based buffer overflow vulnerability was found in the function ...) @@ -18296,9 +18307,11 @@ - libav (Vulnerable code not present) NOTE: https://github.com/FFmpeg/FFmpeg/commit/cb243972b121b1ae6b60a78ff55a0506c69f3879 CVE-2017-9989 (util/outputtxt.c in libming 0.4.8 mishandles memory allocation. A ...) + {DLA-1176-1} - ming NOTE: https://github.com/libming/libming/issues/86 CVE-2017-9988 (The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles ...) + {DLA-1176-1} - ming NOTE: https://github.com/libming/libming/issues/85 CVE-2017-9987 (There is a heap-based buffer overflow in the function hpel_motion in ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57798 - data
Author: carnil Date: 2017-11-18 20:26:51 + (Sat, 18 Nov 2017) New Revision: 57798 Modified: data/dsa-needed.txt Log: Remove old notes for php5 and php7.0 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-11-18 20:26:48 UTC (rev 57797) +++ data/dsa-needed.txt 2017-11-18 20:26:51 UTC (rev 57798) @@ -31,10 +31,8 @@ php-horde-image -- php5 - maintainer proposed update; review + ack needed -- php7.0 - maintainer proposed update; review + ack needed -- phpmyadmin/oldstable -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57797 - data
Author: carnil Date: 2017-11-18 20:26:48 + (Sat, 18 Nov 2017) New Revision: 57797 Modified: data/dsa-needed.txt Log: Add note for procmail Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-11-18 20:24:30 UTC (rev 57796) +++ data/dsa-needed.txt 2017-11-18 20:26:48 UTC (rev 57797) @@ -40,7 +40,8 @@ -- poppler -- -procmail +procmail (carnil) + Maintainer proposed update, will upload -- qemu/oldstable -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57796 - data/CVE
Author: carnil Date: 2017-11-18 20:24:30 + (Sat, 18 Nov 2017) New Revision: 57796 Modified: data/CVE/list Log: ruby-ox fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2017-11-18 20:07:26 UTC (rev 57795) +++ data/CVE/list 2017-11-18 20:24:30 UTC (rev 57796) @@ -2981,7 +2981,7 @@ CVE-2017-15929 RESERVED CVE-2017-15928 (In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation ...) - - ruby-ox (bug #881445) + - ruby-ox 2.8.2-1 (bug #881445) [stretch] - ruby-ox (Minor issue) [jessie] - ruby-ox (Minor issue) NOTE: https://github.com/ohler55/ox/issues/194 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57795 - data
Author: apo Date: 2017-11-18 20:07:26 + (Sat, 18 Nov 2017) New Revision: 57795 Modified: data/dla-needed.txt Log: Claim libspring-ldap-java in dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-18 20:03:47 UTC (rev 57794) +++ data/dla-needed.txt 2017-11-18 20:07:26 UTC (rev 57795) @@ -48,7 +48,7 @@ NOTE: https://lists.debian.org/debian-lts/2017/05/msg00012.html NOTE: there are some new CVEs now as well -- -libspring-ldap-java +libspring-ldap-java (Markus Koschany) -- libvorbis (Guido Günther) NOTE: 20170829: no fix available yet ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57794 - data/DLA
Author: apo Date: 2017-11-18 20:03:47 + (Sat, 18 Nov 2017) New Revision: 57794 Modified: data/DLA/list Log: It was the other way around Modified: data/DLA/list === --- data/DLA/list 2017-11-18 20:01:28 UTC (rev 57793) +++ data/DLA/list 2017-11-18 20:03:47 UTC (rev 57794) @@ -1,8 +1,8 @@ [18 Nov 2017] DLA-1179-1 shibboleth-sp2 - security update - {CVE-2017-16853} + {CVE-2017-16852} [wheezy] - shibboleth-sp2 2.4.3+dfsg-5+deb7u2 [18 Nov 2017] DLA-1178-1 opensaml2 - security update - {CVE-2017-16852} + {CVE-2017-16853} [wheezy] - opensaml2 2.4.3-4+deb7u2 [18 Nov 2017] DLA-1177-1 poppler - security update {CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57793 - data/DLA
Author: apo Date: 2017-11-18 20:01:28 + (Sat, 18 Nov 2017) New Revision: 57793 Modified: data/DLA/list Log: Fix CVE id for opensaml2 in data/DLA/list. Modified: data/DLA/list === --- data/DLA/list 2017-11-18 19:56:24 UTC (rev 57792) +++ data/DLA/list 2017-11-18 20:01:28 UTC (rev 57793) @@ -2,7 +2,7 @@ {CVE-2017-16853} [wheezy] - shibboleth-sp2 2.4.3+dfsg-5+deb7u2 [18 Nov 2017] DLA-1178-1 opensaml2 - security update - {CVE-2017-16853} + {CVE-2017-16852} [wheezy] - opensaml2 2.4.3-4+deb7u2 [18 Nov 2017] DLA-1177-1 poppler - security update {CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57792 - data
Author: apo Date: 2017-11-18 19:56:24 + (Sat, 18 Nov 2017) New Revision: 57792 Modified: data/dla-needed.txt Log: optipng: Add a comment to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-18 19:15:54 UTC (rev 57791) +++ data/dla-needed.txt 2017-11-18 19:56:24 UTC (rev 57792) @@ -78,6 +78,7 @@ openjdk-7 (Emilio Pozuelo) -- optipng + NOTE: 20171118: pinged upstream (Markus Koschany) -- python-werkzeug (Thorsten Alteholz) -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57791 - in data: . DLA
Author: apo Date: 2017-11-18 19:15:54 + (Sat, 18 Nov 2017) New Revision: 57791 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-1179-1 for shibboleth-sp2 Modified: data/DLA/list === --- data/DLA/list 2017-11-18 19:14:56 UTC (rev 57790) +++ data/DLA/list 2017-11-18 19:15:54 UTC (rev 57791) @@ -1,3 +1,6 @@ +[18 Nov 2017] DLA-1179-1 shibboleth-sp2 - security update + {CVE-2017-16853} + [wheezy] - shibboleth-sp2 2.4.3+dfsg-5+deb7u2 [18 Nov 2017] DLA-1178-1 opensaml2 - security update {CVE-2017-16853} [wheezy] - opensaml2 2.4.3-4+deb7u2 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-18 19:14:56 UTC (rev 57790) +++ data/dla-needed.txt 2017-11-18 19:15:54 UTC (rev 57791) @@ -98,9 +98,6 @@ rtpproxy NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog -- -shibboleth-sp2 (Markus Koschany) - NOTE: 20171118: Same as opensaml2 --- simplesamlphp NOTE: 2017-09-04: Maintainer will handle this. NOTE: https://lists.debian.org/debian-lts/2017/09/msg00010.html ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57790 - in data: . DLA
Author: apo Date: 2017-11-18 19:14:56 + (Sat, 18 Nov 2017) New Revision: 57790 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-1178-1 for opensaml2 Modified: data/DLA/list === --- data/DLA/list 2017-11-18 18:22:40 UTC (rev 57789) +++ data/DLA/list 2017-11-18 19:14:56 UTC (rev 57790) @@ -1,3 +1,6 @@ +[18 Nov 2017] DLA-1178-1 opensaml2 - security update + {CVE-2017-16853} + [wheezy] - opensaml2 2.4.3-4+deb7u2 [18 Nov 2017] DLA-1177-1 poppler - security update {CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565} [wheezy] - poppler 0.18.4-6+deb7u4 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-18 18:22:40 UTC (rev 57789) +++ data/dla-needed.txt 2017-11-18 19:14:56 UTC (rev 57790) @@ -77,9 +77,6 @@ -- openjdk-7 (Emilio Pozuelo) -- -opensaml2 (Markus Koschany) - NOTE: 20171118: Same as shibboleth-sp2 --- optipng -- python-werkzeug (Thorsten Alteholz) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57789 - data/CVE
Author: carnil Date: 2017-11-18 18:22:40 + (Sat, 18 Nov 2017) New Revision: 57789 Modified: data/CVE/list Log: Add fixing (pending) versions for CVE-2017-5969 and CVE-2017-5130 Modified: data/CVE/list === --- data/CVE/list 2017-11-18 18:04:18 UTC (rev 57788) +++ data/CVE/list 2017-11-18 18:22:40 UTC (rev 57789) @@ -32626,7 +32626,7 @@ NOTE: Fixed by: https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644 (v4.10-rc8) NOTE: Introduced by: https://github.com/torvalds/linux/commit/f84af32cbca70a3c6d30463dc08c7984af11c277 (v2.6.35-rc1) CVE-2017-5969 (** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote ...) - - libxml2 (bug #855001) + - libxml2 2.9.4+dfsg1-5.1 (bug #855001) [stretch] - libxml2 (Minor issue, only a denial-of-service when using recover mode) [jessie] - libxml2 (Minor issue, only a denial-of-service when using recover mode) [wheezy] - libxml2 (Minor issue, only a denial-of-service when using recover mode) @@ -35819,7 +35819,7 @@ [wheezy] - chromium-browser (Not supported in Wheezy) CVE-2017-5130 RESERVED - - libxml2 (bug #88) + - libxml2 2.9.4+dfsg1-5.1 (bug #88) - chromium-browser 62.0.3202.75-1 (unimportant) NOTE: chromium-browser uses system libxml2. NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=722079 (not public) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57788 - data
Author: apo Date: 2017-11-18 18:04:18 + (Sat, 18 Nov 2017) New Revision: 57788 Modified: data/dla-needed.txt Log: Claim opensaml2 and shibboleth-sp2 in dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-18 17:57:47 UTC (rev 57787) +++ data/dla-needed.txt 2017-11-18 18:04:18 UTC (rev 57788) @@ -77,7 +77,7 @@ -- openjdk-7 (Emilio Pozuelo) -- -opensaml2 +opensaml2 (Markus Koschany) NOTE: 20171118: Same as shibboleth-sp2 -- optipng @@ -101,7 +101,7 @@ rtpproxy NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog -- -shibboleth-sp2 +shibboleth-sp2 (Markus Koschany) NOTE: 20171118: Same as opensaml2 -- simplesamlphp ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57787 - doc
Author: geissert Date: 2017-11-18 17:57:47 + (Sat, 18 Nov 2017) New Revision: 57787 Modified: doc/DSA.template Log: Add a link to the security tracker to the DSA template Modified: doc/DSA.template === --- doc/DSA.template2017-11-18 17:52:46 UTC (rev 57786) +++ doc/DSA.template2017-11-18 17:57:47 UTC (rev 57787) @@ -22,6 +22,10 @@ We recommend that you upgrade your $PACKAGE packages. +For the detailed security status of $PACKAGE please refer to +its security tracker page at: +https://security-tracker.debian.org/tracker/$PACKAGE + Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57786 - data/CVE
Author: apo Date: 2017-11-18 17:52:46 + (Sat, 18 Nov 2017) New Revision: 57786 Modified: data/CVE/list Log: CVE-2017-14929,poppler: Mark as ignored for Wheezy The vulnerability (infinite loop) is not reproducible with the provided POC in Wheezy. The code looks similar although it differs in function names (drawform -> doform1) and function parameters. The fix requires an API change. It is not clear to me whether the package in Wheezy is still affected but following upstream's fix would require a rebuild of all reverse-dependencies. I'm going to mark this issue as ignored because it is not clear if the fix is needed and the current solution is probably too intrusive to backport. Modified: data/CVE/list === --- data/CVE/list 2017-11-18 17:14:24 UTC (rev 57785) +++ data/CVE/list 2017-11-18 17:52:46 UTC (rev 57786) @@ -5682,6 +5682,7 @@ NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a26a013f22a19e2c16729e64f40ef8a7dfcc086e CVE-2017-14929 (In Poppler 0.59.0, memory corruption occurs in a call to ...) - poppler (bug #877222) + [wheezy] - poppler (unreproducible, requires API change which appears to be too intrusive in this case.) NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102969 NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=2c92c7b6a828c9db8a38f079ea7a3d51c12a481d CVE-2017-14928 (In Poppler 0.59.0, a NULL Pointer Dereference exists in ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57785 - in data: . DLA
Author: apo Date: 2017-11-18 17:14:24 + (Sat, 18 Nov 2017) New Revision: 57785 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-1177-1 for poppler Modified: data/DLA/list === --- data/DLA/list 2017-11-18 16:40:38 UTC (rev 57784) +++ data/DLA/list 2017-11-18 17:14:24 UTC (rev 57785) @@ -1,3 +1,6 @@ +[18 Nov 2017] DLA-1177-1 poppler - security update + {CVE-2017-14975 CVE-2017-14976 CVE-2017-14977 CVE-2017-15565} + [wheezy] - poppler 0.18.4-6+deb7u4 [18 Nov 2017] DLA-1176-1 ming - security update {CVE-2017-9988 CVE-2017-9989 CVE-2017-11733} [wheezy] - ming 1:0.4.4-1.1+deb7u5 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-18 16:40:38 UTC (rev 57784) +++ data/dla-needed.txt 2017-11-18 17:14:24 UTC (rev 57785) @@ -82,11 +82,6 @@ -- optipng -- -poppler (Markus Koschany) - NOTE: not fixed in sid yet so did not ping maintainer - NOTE: drawForm is doForm1 in wheezy - NOTE: exploit does not loop but code looks affected --- python-werkzeug (Thorsten Alteholz) -- python2.6 (Roberto C. Sánchez) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57784 - data/CVE
Author: carnil Date: 2017-11-18 16:40:38 + (Sat, 18 Nov 2017) New Revision: 57784 Modified: data/CVE/list Log: Record experimental version for CVE-2017-14107/libzip Modified: data/CVE/list === --- data/CVE/list 2017-11-18 15:26:51 UTC (rev 57783) +++ data/CVE/list 2017-11-18 16:40:38 UTC (rev 57784) @@ -8099,6 +8099,7 @@ - gedit (unimportant; bug #875311) NOTE: negligible security impact CVE-2017-14107 (The _zip_read_eocd64 function in zip_open.c in libzip before 1.3.0 ...) + [experimental] - libzip 1.3.0+dfsg.1-1 - libzip (low; bug #874010) [stretch] - libzip (Minor issue) [jessie] - libzip (Minor issue) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57783 - data/CVE
Author: carnil Date: 2017-11-18 15:26:51 + (Sat, 18 Nov 2017) New Revision: 57783 Modified: data/CVE/list Log: Remove todo for CVE-2017-5130 Modified: data/CVE/list === --- data/CVE/list 2017-11-18 14:44:38 UTC (rev 57782) +++ data/CVE/list 2017-11-18 15:26:51 UTC (rev 57783) @@ -35824,7 +35824,6 @@ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=783026 (not public) NOTE: Fixed by: https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed NOTE: Needs follow up: https://git.gnome.org/browse/libxml2/commit/?id=ed48d65b4d6c5cec7be035ad5eebeba873b4b955 - TODO: waiting for upstream confirmation that mapping is correct, and initially triaged by gcs CVE-2017-5129 RESERVED {DSA-4020-1} ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57782 - data/CVE
Author: carnil Date: 2017-11-18 14:44:38 + (Sat, 18 Nov 2017) New Revision: 57782 Modified: data/CVE/list Log: Add mariadb-10.1 issues and mark as postponed for stretch There is no urgency to have a seprate DSA release for this update since the CVE are fairly minor (at least from the available information). Modified: data/CVE/list === --- data/CVE/list 2017-11-18 13:06:09 UTC (rev 57781) +++ data/CVE/list 2017-11-18 14:44:38 UTC (rev 57782) @@ -19340,12 +19340,15 @@ NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL CVE-2017-10378 (Vulnerability in the MySQL Server component of Oracle MySQL ...) {DSA-4002-1 DLA-1141-1} + - mariadb-10.1 10.1.29-1 + [stretch] - mariadb-10.1 (Minor issue) - mariadb-10.0 [jessie] - mariadb-10.0 (Minor issue) - mysql-5.7 (Fixed before initial release to Debian, upstream 5.7.12) - mysql-5.5 (bug #878402) NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL NOTE: https://jira.mariadb.org/browse/MDEV-13819 + NOTE: https://github.com/MariaDB/server/commit/b000e169562697aa072600695d4f0c0412f94f4f CVE-2017-10377 RESERVED CVE-2017-10376 @@ -19657,6 +19660,8 @@ NOT-FOR-US: Oracle CVE-2017-10268 (Vulnerability in the MySQL Server component of Oracle MySQL ...) {DSA-4002-1 DLA-1141-1} + - mariadb-10.1 10.1.29-1 + [stretch] - mariadb-10.1 (Minor issue) - mariadb-10.0 [jessie] - mariadb-10.0 (Minor issue) - mysql-5.7 (bug #878398) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57781 - data/CVE
Author: carnil Date: 2017-11-18 13:06:09 + (Sat, 18 Nov 2017) New Revision: 57781 Modified: data/CVE/list Log: Add CVE-2017-100012{6,7,8}/exiv2 Modified: data/CVE/list === --- data/CVE/list 2017-11-18 13:05:57 UTC (rev 57780) +++ data/CVE/list 2017-11-18 13:06:09 UTC (rev 57781) @@ -14,11 +14,14 @@ CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through ...) TODO: check CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser ...) - TODO: check + - exiv2 + NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1 CVE-2017-1000127 (Exiv2 0.26 contains a heap buffer overflow in tiff parser ...) - TODO: check + - exiv2 + NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1 CVE-2017-1000126 (exiv2 0.26 contains a Stack out of bounds read in webp parser ...) - TODO: check + - exiv2 + NOTE: http://www.openwall.com/lists/oss-security/2017/06/30/1 CVE-2017-16879 RESERVED CVE-2017-16878 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57780 - data/CVE
Author: carnil Date: 2017-11-18 13:05:57 + (Sat, 18 Nov 2017) New Revision: 57780 Modified: data/CVE/list Log: Add CVE-2017-1000190/simple-xml Modified: data/CVE/list === --- data/CVE/list 2017-11-18 13:05:45 UTC (rev 57779) +++ data/CVE/list 2017-11-18 13:05:57 UTC (rev 57780) @@ -9,7 +9,8 @@ CVE-2017-1000217 (Opencast 2.3.2 and older versions are vulnerable to script injections ...) TODO: check CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability ...) - TODO: check + - simple-xml + NOTE: https://github.com/ngallagher/simplexml/issues/18 CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through ...) TODO: check CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57779 - data/CVE
Author: carnil Date: 2017-11-18 13:05:45 + (Sat, 18 Nov 2017) New Revision: 57779 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-11-18 12:35:47 UTC (rev 57778) +++ data/CVE/list 2017-11-18 13:05:45 UTC (rev 57779) @@ -1,7 +1,7 @@ CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before ...) - TODO: check + NOT-FOR-US: filp whoops CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the ItemCount field ...) - TODO: check + NOT-FOR-US: Snap7 Server CVE-2017-1000227 (Stored XSS in Salutation Responsive WordPress + BuddyPress Theme ...) TODO: check CVE-2017-1000221 (In Opencast 2.2.3 and older if user names overlap, the Opencast search ...) @@ -1103,7 +1103,7 @@ CVE-2017-16567 (Cross-site scripting (XSS) vulnerability in Logitech Media Server ...) NOT-FOR-US: Logitech Media Server CVE-2017-16566 (On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not ...) - TODO: check + NOT-FOR-US: Jooan IP Camera A5 2.3.36 devices CVE-2017-16565 (Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage ...) NOT-FOR-US: Vonage CVE-2017-16564 (Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on ...) @@ -8185,7 +8185,7 @@ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27013 NOTE: Fix: https://gerrit.asterisk.org/#/q/topic:ASTERISK-27013 CVE-2017-14077 (HTML Injection in Securimage 3.6.4 and earlier allows remote attackers ...) - TODO: check + NOT-FOR-US: Securimage CVE-2017-14076 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the id ...) NOT-FOR-US: NexusPHP CVE-2017-14075 (This vulnerability allows local attackers to escalate privileges on ...) @@ -17546,7 +17546,7 @@ CVE-2017-10890 (Session management issue in RX-V200 firmware versions prior to ...) NOT-FOR-US: RX-V200 firmware CVE-2017-10889 (TablePress prior to version 1.8.1 allows an attacker to conduct XML ...) - TODO: check + NOT-FOR-US: TablePress CVE-2017-10888 (BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac ...) NOT-FOR-US: BOOK WALKER CVE-2017-10887 (Untrusted search path vulnerability in BOOK WALKER for Windows ...) @@ -36665,7 +36665,7 @@ CVE-2017-4940 RESERVED CVE-2017-4939 (VMware Workstation (12.x before 12.5.8) installer contains a DLL ...) - TODO: check + NOT-FOR-US: VMware CVE-2017-4938 (VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) ...) NOT-FOR-US: VMware CVE-2017-4937 (VMware Workstation (12.x before 12.5.8) and Horizon View Client for ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57778 - data/DLA
Author: hle Date: 2017-11-18 12:35:47 + (Sat, 18 Nov 2017) New Revision: 57778 Modified: data/DLA/list Log: Claim DLA-1176-1 for ming Modified: data/DLA/list === --- data/DLA/list 2017-11-18 11:22:31 UTC (rev 5) +++ data/DLA/list 2017-11-18 12:35:47 UTC (rev 57778) @@ -1,3 +1,6 @@ +[18 Nov 2017] DLA-1176-1 ming - security update + {CVE-2017-9988 CVE-2017-9989 CVE-2017-11733} + [wheezy] - ming 1:0.4.4-1.1+deb7u5 [18 Nov 2017] DLA-1175-1 lynx-cur - security update {CVE-2017-1000211} [wheezy] - lynx-cur 2.8.8dev.12-2+deb7u2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57777 - data/CVE
Author: aurel32 Date: 2017-11-18 11:22:31 + (Sat, 18 Nov 2017) New Revision: 5 Modified: data/CVE/list Log: CVE-2017-12132 is now fixed in sid Modified: data/CVE/list === --- data/CVE/list 2017-11-18 09:10:15 UTC (rev 57776) +++ data/CVE/list 2017-11-18 11:22:31 UTC (rev 5) @@ -13871,7 +13871,7 @@ NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d42eed4a044e5e10dfb885cf9891c2518a72a491 CVE-2017-12132 (The DNS stub resolver in the GNU C Library (aka glibc or libc6) before ...) [experimental] - glibc 2.25-0experimental1 - - glibc (bug #870650) + - glibc 2.25-1 (bug #870650) [stretch] - glibc (Minor issue) [jessie] - glibc (Minor issue) - eglibc ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r57776 - data/CVE
Author: sectracker Date: 2017-11-18 09:10:15 + (Sat, 18 Nov 2017) New Revision: 57776 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-11-18 08:08:53 UTC (rev 57775) +++ data/CVE/list 2017-11-18 09:10:15 UTC (rev 57776) @@ -1,3 +1,23 @@ +CVE-2017-16880 (The dump function in Util/TemplateHelper.php in filp whoops before ...) + TODO: check +CVE-2017-1000230 (The Snap7 Server version 1.4.1 can be crashed when the ItemCount field ...) + TODO: check +CVE-2017-1000227 (Stored XSS in Salutation Responsive WordPress + BuddyPress Theme ...) + TODO: check +CVE-2017-1000221 (In Opencast 2.2.3 and older if user names overlap, the Opencast search ...) + TODO: check +CVE-2017-1000217 (Opencast 2.3.2 and older versions are vulnerable to script injections ...) + TODO: check +CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability ...) + TODO: check +CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through ...) + TODO: check +CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser ...) + TODO: check +CVE-2017-1000127 (Exiv2 0.26 contains a heap buffer overflow in tiff parser ...) + TODO: check +CVE-2017-1000126 (exiv2 0.26 contains a Stack out of bounds read in webp parser ...) + TODO: check CVE-2017-16879 RESERVED CVE-2017-16878 @@ -23,6 +43,7 @@ CVE-2017-1000212 (Elixir's vim plugin, alchemist.vim is vulnerable to remote code ...) NOT-FOR-US: Elixir's vim plugin CVE-2017-1000211 (Lynx version 2.8.8 and older is vulnerable to a use after free in the ...) + {DLA-1175-1} - lynx 2.8.9dev16-1 - lynx-cur NOTE: https://github.com/ThomasDickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9 @@ -53,7 +74,7 @@ NOT-FOR-US: UpdraftPlus plugin for WordPress CVE-2017-16870 (The UpdraftPlus plugin through 1.13.12 for WordPress has SSRF in the ...) NOT-FOR-US: UpdraftPlus plugin for WordPress -CVE-2017-16869 (p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of ...) +CVE-2017-16869 (** DISPUTED ** p_mach.cpp in UPX 3.94 allows remote attackers to cause ...) - upx-ucl (bug #882041; unimportant) NOTE: https://github.com/upx/upx/issues/146 NOTE: crash in CLI tool, no security impact @@ -386,6 +407,7 @@ - qemu-kvm NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html CVE-2017-16844 (Heap-based buffer overflow in the loadbuf function in formisc.c in ...) + {DLA-1173-1} - procmail 3.22-26 (bug #876511) CVE-2017-16843 (Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the ...) NOT-FOR-US: Vonage VDV-23 @@ -1080,8 +1102,8 @@ NOT-FOR-US: Logitech Media Server CVE-2017-16567 (Cross-site scripting (XSS) vulnerability in Logitech Media Server ...) NOT-FOR-US: Logitech Media Server -CVE-2017-16566 - RESERVED +CVE-2017-16566 (On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not ...) + TODO: check CVE-2017-16565 (Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage ...) NOT-FOR-US: Vonage CVE-2017-16564 (Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on ...) @@ -1126,6 +1148,7 @@ NOTE: http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc NOTE: https://sourceforge.net/p/graphicsmagick/bugs/517/ CVE-2017-16546 (The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does ...) + {DSA-4040-1} - imagemagick (bug #881392) [wheezy] - imagemagick (Vulnerable code not present; PoC from GitHub issue results in memory allocation exception thrown at coders/wpg.c:1109 and valgrind does not report any issues) NOTE: https://github.com/ImageMagick/ImageMagick/commit/2130bf6f89ded32ef0c88a11694f107c52566c53 @@ -2966,7 +2989,7 @@ CVE-2017-15925 RESERVED CVE-2017-15923 (Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote ...) - {DSA-4033-1} + {DSA-4033-1 DLA-1174-1} - konversation 1.7.3-1 (bug #881586) NOTE: https://cgit.kde.org/konversation.git/commit/?h=1.7&id=6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0 CVE-2017-15922 (In GNU Libextractor 1.4, there is an out-of-bounds read in the ...) @@ -4524,7 +4547,7 @@ CVE-2017-15278 (Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. ...) NOT-FOR-US: TeamPass CVE-2017-15277 (ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick ...) - {DSA-4032-1 DLA-1140-1 DLA-1139-1} + {DSA-4040-1 DSA-4032-1 DLA-1140-1 DLA-1139-1} - imagemagick (bug #878578) - graphicsmagick 1.3.26-14 NOTE: IM6: https://github.com/ImageMagick/ImageMagick/commit/10aae21bf9dac47e
[Secure-testing-commits] r57775 - data/CVE
Author: carnil Date: 2017-11-18 08:08:53 + (Sat, 18 Nov 2017) New Revision: 57775 Modified: data/CVE/list Log: Update status for jessie for CVE-2017-16239/nova Modified: data/CVE/list === --- data/CVE/list 2017-11-18 07:46:51 UTC (rev 57774) +++ data/CVE/list 2017-11-18 08:08:53 UTC (rev 57775) @@ -1880,7 +1880,8 @@ RESERVED CVE-2017-16239 (In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through ...) - nova 2:16.0.3-1 (bug #882009) - [wheezy] - nova (Not supported in wheezy LTS) + [jessie] - nova (Vulnerble code introduced later) + [wheezy] - nova (Vulnerble code introduced later) NOTE: https://launchpad.net/bugs/1664931 NOTE: https://security.openstack.org/ossa/OSSA-2017-005.html TODO: check / verify affected versions ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits