[Secure-testing-commits] r58029 - data/CVE
Author: carnil Date: 2017-11-26 07:27:09 + (Sun, 26 Nov 2017) New Revision: 58029 Modified: data/CVE/list Log: Reference fix for CVE-2017-14634 Modified: data/CVE/list === --- data/CVE/list 2017-11-26 04:06:22 UTC (rev 58028) +++ data/CVE/list 2017-11-26 07:27:09 UTC (rev 58029) @@ -6834,6 +6834,7 @@ [jessie] - libsndfile (Minor issue) [wheezy] - libsndfile (Minor issue) NOTE: https://github.com/erikd/libsndfile/issues/318 + NOTE: Fixed by: https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788 CVE-2017-14633 (In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability ...) - libvorbis (bug #876778) NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2329 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58028 - data/CVE
Author: luciano Date: 2017-11-26 04:06:22 + (Sun, 26 Nov 2017) New Revision: 58028 Modified: data/CVE/list Log: CVE-2017-16942: libsndfile Modified: data/CVE/list === --- data/CVE/list 2017-11-25 23:36:41 UTC (rev 58027) +++ data/CVE/list 2017-11-26 04:06:22 UTC (rev 58028) @@ -3,7 +3,10 @@ CVE-2017-16945 RESERVED CVE-2017-16942 (In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists ...) - TODO: check + - libsndfile 1.0.27-1 + [jessie] - libsndfile (Minor issue) + [wheezy] - libsndfile (Minor issue) + NOTE: https://github.com/erikd/libsndfile/issues/341 CVE-2017-16944 (The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 ...) - exim4 (bug #882671) [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58027 - data/CVE
Author: luciano Date: 2017-11-25 23:36:41 + (Sat, 25 Nov 2017) New Revision: 58027 Modified: data/CVE/list Log: CVE-2017-16946: NFU Modified: data/CVE/list === --- data/CVE/list 2017-11-25 21:10:15 UTC (rev 58026) +++ data/CVE/list 2017-11-25 23:36:41 UTC (rev 58027) @@ -1,5 +1,5 @@ CVE-2017-16946 (The admin_edit function in app/Controller/UsersController.php in MISP ...) - TODO: check + NOT-FOR-US: MISP CVE-2017-16945 RESERVED CVE-2017-16942 (In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58026 - data/CVE
Author: sectracker Date: 2017-11-25 21:10:15 + (Sat, 25 Nov 2017) New Revision: 58026 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-11-25 18:17:17 UTC (rev 58025) +++ data/CVE/list 2017-11-25 21:10:15 UTC (rev 58026) @@ -1,11 +1,17 @@ -CVE-2017-16944 [Exim handles BDAT data incorrectly and leads to crash] +CVE-2017-16946 (The admin_edit function in app/Controller/UsersController.php in MISP ...) + TODO: check +CVE-2017-16945 + RESERVED +CVE-2017-16942 (In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists ...) + TODO: check +CVE-2017-16944 (The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 ...) - exim4 (bug #882671) [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) [wheezy] - exim4 (ESMTP CHUNKING extension introduced in 4.88) NOTE: https://bugs.exim.org/show_bug.cgi?id=2201 NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html NOTE: 4.89-10 adds a workaround which disables the affected code by default -CVE-2017-16943 [Exim use-after-free vulnerability while reading mail header] +CVE-2017-16943 (The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 ...) - exim4 (bug #882648) [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) [wheezy] - exim4 (ESMTP CHUNKING extension introduced in 4.88) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58025 - data/CVE
Author: carnil
Date: 2017-11-25 18:17:17 + (Sat, 25 Nov 2017)
New Revision: 58025
Modified:
data/CVE/list
Log:
CVE-2017-1694{3,4} assigned, add upstream commit
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-25 16:36:14 UTC (rev 58024)
+++ data/CVE/list 2017-11-25 18:17:17 UTC (rev 58025)
@@ -1,15 +1,16 @@
-CVE-2017- [Exim handles BDAT data incorrectly and leads to crash]
+CVE-2017-16944 [Exim handles BDAT data incorrectly and leads to crash]
- exim4 (bug #882671)
[jessie] - exim4 (ESMTP CHUNKING extension introduced in
4.88)
[wheezy] - exim4 (ESMTP CHUNKING extension introduced in
4.88)
NOTE: https://bugs.exim.org/show_bug.cgi?id=2201
NOTE:
https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
NOTE: 4.89-10 adds a workaround which disables the affected code by
default
-CVE-2017- [Exim use-after-free vulnerability while reading mail header]
+CVE-2017-16943 [Exim use-after-free vulnerability while reading mail header]
- exim4 (bug #882648)
[jessie] - exim4 (ESMTP CHUNKING extension introduced in
4.88)
[wheezy] - exim4 (ESMTP CHUNKING extension introduced in
4.88)
NOTE: https://bugs.exim.org/show_bug.cgi?id=2199
+ NOTE:
https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4
NOTE:
https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html
NOTE: https://twitter.com/philpennock/status/934270613811875840
NOTE: 4.89-10 adds a workaround which disables the affected code by
default
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58024 - data/CVE
Author: carnil Date: 2017-11-25 16:36:14 + (Sat, 25 Nov 2017) New Revision: 58024 Modified: data/CVE/list Log: CVE-2017-16932, mark as no-dsa Modified: data/CVE/list === --- data/CVE/list 2017-11-25 16:18:28 UTC (rev 58023) +++ data/CVE/list 2017-11-25 16:36:14 UTC (rev 58024) @@ -43,6 +43,8 @@ NOTE: Fix for the incomplete fix for CVE-2016-2313 CVE-2017-16932 (parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in ...) - libxml2 (bug #882613) + [stretch] - libxml2 (Minor issue) + [jessie] - libxml2 (Minor issue) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=759579 NOTE: https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961 CVE-2017-16931 (parser.c in libxml2 before 2.9.5 mishandles parameter-entity references ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58023 - data/CVE
Author: jmm Date: 2017-11-25 16:18:28 + (Sat, 25 Nov 2017) New Revision: 58023 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2017-11-25 14:16:53 UTC (rev 58022) +++ data/CVE/list 2017-11-25 16:18:28 UTC (rev 58023) @@ -2190,7 +2190,6 @@ [wheezy] - nova (Vulnerble code introduced later) NOTE: https://launchpad.net/bugs/1664931 NOTE: https://security.openstack.org/ossa/OSSA-2017-005.html - TODO: check / verify affected versions CVE-2017-16238 RESERVED CVE-2017-16237 (In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file ...) @@ -9607,7 +9606,7 @@ CVE-2017-13702 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...) NOT-FOR-US: Moxa CVE-2017-13701 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...) - TODO: check + NOT-FOR-US: Moxa CVE-2017-13700 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...) NOT-FOR-US: Moxa CVE-2017-13699 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...) @@ -10775,7 +10774,7 @@ CVE-2017-13137 (The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the ...) NOT-FOR-US: Wordpress plugin CVE-2017-13136 (The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer ...) - TODO: check + NOT-FOR-US: libbpg CVE-2017-13135 (A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg ...) TODO: check CVE-2017-13134 (In ImageMagick 7.0.6-6 and GraphicsMagick 1.3.26, a heap-based buffer ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58022 - data/CVE
Author: carnil Date: 2017-11-25 14:16:53 + (Sat, 25 Nov 2017) New Revision: 58022 Modified: data/CVE/list Log: Add bug reference for second exim4 issue, #882671 Modified: data/CVE/list === --- data/CVE/list 2017-11-25 14:05:05 UTC (rev 58021) +++ data/CVE/list 2017-11-25 14:16:53 UTC (rev 58022) @@ -1,5 +1,5 @@ CVE-2017- [Exim handles BDAT data incorrectly and leads to crash] - - exim4 + - exim4 (bug #882671) [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) [wheezy] - exim4 (ESMTP CHUNKING extension introduced in 4.88) NOTE: https://bugs.exim.org/show_bug.cgi?id=2201 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58021 - data
Author: hertzog Date: 2017-11-25 14:05:05 + (Sat, 25 Nov 2017) New Revision: 58021 Modified: data/dla-needed.txt Log: Add optipng to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-11-25 14:05:00 UTC (rev 58020) +++ data/dla-needed.txt 2017-11-25 14:05:05 UTC (rev 58021) @@ -77,6 +77,8 @@ openexr (Guido Günther) NOTE: 20170902: CVE-2017-12596: bug reported upstream but no response yet (lamby) -- +optipng +-- otrs2 (Emilio Pozuelo) -- roundcube (Roberto C. Sánchez) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58020 - data/CVE
Author: hertzog Date: 2017-11-25 14:05:00 + (Sat, 25 Nov 2017) New Revision: 58020 Modified: data/CVE/list Log: Mark CVE-2017-16879 as ignored on wheezy Modified: data/CVE/list === --- data/CVE/list 2017-11-25 14:03:18 UTC (rev 58019) +++ data/CVE/list 2017-11-25 14:05:00 UTC (rev 58020) @@ -248,6 +248,7 @@ - ncurses (bug #882620) [stretch] - ncurses (Minor issue) [jessie] - ncurses (Minor issue) + [wheezy] - ncurses (Minor issue) NOTE: PoC https://packetstormsecurity.com/files/download/145045/tic-overflow.tgz CVE-2017-16878 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58019 - data/CVE
Author: carnil Date: 2017-11-25 14:03:18 + (Sat, 25 Nov 2017) New Revision: 58019 Modified: data/CVE/list Log: Add fixed version for CVE-2017-15372 and CVE-2017-15642 in sox I'm specifically not adding CVE-2017-11333 since the CVE is specific to libvorbis, though sox patches the included vorbis lib. Modified: data/CVE/list === --- data/CVE/list 2017-11-25 13:59:20 UTC (rev 58018) +++ data/CVE/list 2017-11-25 14:03:18 UTC (rev 58019) @@ -3930,7 +3930,7 @@ [jessie] - musl (Minor issue) NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=45ca5d3fcb6f874bf5ba55d0e9651cef68515395 CVE-2017-15642 (In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there is ...) - - sox (bug #882144) + - sox 4.4.2-2 (bug #882144) [stretch] - sox (Minor issue) [jessie] - sox (Minor issue) NOTE: https://sourceforge.net/p/sox/bugs/298/ @@ -4593,7 +4593,7 @@ CVE-2017-15373 (E-Sic 1.0 allows SQL injection via the q parameter to ...) NOT-FOR-US: E-Sic CVE-2017-15372 (There is a stack-based buffer overflow in the ...) - - sox (bug #878808) + - sox 4.4.2-2 (bug #878808) [stretch] - sox (Minor issue) [jessie] - sox (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500553 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58018 - data/CVE
Author: carnil Date: 2017-11-25 13:59:20 + (Sat, 25 Nov 2017) New Revision: 58018 Modified: data/CVE/list Log: Sox uploaded to unstable, fixes included from experimental Modified: data/CVE/list === --- data/CVE/list 2017-11-25 13:45:06 UTC (rev 58017) +++ data/CVE/list 2017-11-25 13:59:20 UTC (rev 58018) @@ -4598,14 +4598,12 @@ [jessie] - sox (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500553 CVE-2017-15371 (There is a reachable assertion abort in the function ...) - [experimental] - sox 14.4.2-1 - - sox (bug #878809) + - sox 14.4.2-2 (bug #878809) [stretch] - sox (Minor issue) [jessie] - sox (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500570 CVE-2017-15370 (There is a heap-based buffer overflow in the ImaExpandS function of ...) - [experimental] - sox 14.4.2-1 - - sox (bug #878810) + - sox 14.4.2-2 (bug #878810) [stretch] - sox (Minor issue) [jessie] - sox (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500554 @@ -16364,15 +16362,13 @@ NOTE: https://github.com/ImageMagick/ImageMagick/issues/518 NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/224bc946b24824a77e8e8c52ee07e9bc65796e30 CVE-2017-11359 (The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...) - [experimental] - sox 14.4.2-1 - - sox (bug #870328) + - sox 14.4.2-2 (bug #870328) [stretch] - sox (Minor issue) [jessie] - sox (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Jul/81 NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/ CVE-2017-11358 (The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 ...) - [experimental] - sox 14.4.2-1 - - sox (bug #870328) + - sox 14.4.2-2 (bug #870328) [stretch] - sox (Minor issue) [jessie] - sox (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Jul/81 @@ -16504,8 +16500,7 @@ NOTE: http://seclists.org/fulldisclosure/2017/Jul/82 NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2332 CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows ...) - [experimental] - sox 14.4.2-1 - - sox (bug #870328) + - sox 14.4.2-2 (bug #870328) [stretch] - sox (Minor issue) [jessie] - sox (Minor issue) NOTE: http://seclists.org/fulldisclosure/2017/Jul/81 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58017 - data/CVE
Author: carnil Date: 2017-11-25 13:45:06 + (Sat, 25 Nov 2017) New Revision: 58017 Modified: data/CVE/list Log: mark one NFU Modified: data/CVE/list === --- data/CVE/list 2017-11-25 11:44:02 UTC (rev 58016) +++ data/CVE/list 2017-11-25 13:45:06 UTC (rev 58017) @@ -14,7 +14,7 @@ NOTE: https://twitter.com/philpennock/status/934270613811875840 NOTE: 4.89-10 adds a workaround which disables the affected code by default CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent use of ...) - TODO: check + NOT-FOR-US: October CMS CVE-2017-16940 RESERVED CVE-2017-16939 (The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58016 - data/CVE
Author: jmm Date: 2017-11-25 11:44:02 + (Sat, 25 Nov 2017) New Revision: 58016 Modified: data/CVE/list Log: add note for exim Modified: data/CVE/list === --- data/CVE/list 2017-11-25 10:42:39 UTC (rev 58015) +++ data/CVE/list 2017-11-25 11:44:02 UTC (rev 58016) @@ -3,7 +3,8 @@ [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) [wheezy] - exim4 (ESMTP CHUNKING extension introduced in 4.88) NOTE: https://bugs.exim.org/show_bug.cgi?id=2201 - NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.htm + NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html + NOTE: 4.89-10 adds a workaround which disables the affected code by default CVE-2017- [Exim use-after-free vulnerability while reading mail header] - exim4 (bug #882648) [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) @@ -11,6 +12,7 @@ NOTE: https://bugs.exim.org/show_bug.cgi?id=2199 NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html NOTE: https://twitter.com/philpennock/status/934270613811875840 + NOTE: 4.89-10 adds a workaround which disables the affected code by default CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent use of ...) TODO: check CVE-2017-16940 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58015 - data/CVE
Author: carnil Date: 2017-11-25 10:42:39 + (Sat, 25 Nov 2017) New Revision: 58015 Modified: data/CVE/list Log: Add missing not-affected entries for second exim4 issue (forgot when duplicating) Modified: data/CVE/list === --- data/CVE/list 2017-11-25 09:38:26 UTC (rev 58014) +++ data/CVE/list 2017-11-25 10:42:39 UTC (rev 58015) @@ -1,5 +1,7 @@ CVE-2017- [Exim handles BDAT data incorrectly and leads to crash] - exim4 + [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) + [wheezy] - exim4 (ESMTP CHUNKING extension introduced in 4.88) NOTE: https://bugs.exim.org/show_bug.cgi?id=2201 NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.htm CVE-2017- [Exim use-after-free vulnerability while reading mail header] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58014 - data/CVE
Author: carnil Date: 2017-11-25 09:38:26 + (Sat, 25 Nov 2017) New Revision: 58014 Modified: data/CVE/list Log: Split up exim4 entry to two, since upstream requested two CVEs and are two different bugs Modified: data/CVE/list === --- data/CVE/list 2017-11-25 09:35:40 UTC (rev 58013) +++ data/CVE/list 2017-11-25 09:38:26 UTC (rev 58014) @@ -1,9 +1,14 @@ -CVE-2017- [exim4: remote code execution in chunking] +CVE-2017- [Exim handles BDAT data incorrectly and leads to crash] + - exim4 + NOTE: https://bugs.exim.org/show_bug.cgi?id=2201 + NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.htm +CVE-2017- [Exim use-after-free vulnerability while reading mail header] - exim4 (bug #882648) [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) [wheezy] - exim4 (ESMTP CHUNKING extension introduced in 4.88) + NOTE: https://bugs.exim.org/show_bug.cgi?id=2199 NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html - NOTE: https://twitter.com/philpennock/status/934270613811875840 + NOTE: https://twitter.com/philpennock/status/934270613811875840 CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent use of ...) TODO: check CVE-2017-16940 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58013 - data/CVE
Author: carnil Date: 2017-11-25 09:35:40 + (Sat, 25 Nov 2017) New Revision: 58013 Modified: data/CVE/list Log: Mark CVE-2017-16879/ncurses as no-dsa Modified: data/CVE/list === --- data/CVE/list 2017-11-25 09:33:08 UTC (rev 58012) +++ data/CVE/list 2017-11-25 09:35:40 UTC (rev 58013) @@ -237,6 +237,8 @@ NOTE: Can't seem to reproduce this in wheezy. CVE-2017-16879 (Stack-based buffer overflow in the _nc_write_entry function in ...) - ncurses (bug #882620) + [stretch] - ncurses (Minor issue) + [jessie] - ncurses (Minor issue) NOTE: PoC https://packetstormsecurity.com/files/download/145045/tic-overflow.tgz CVE-2017-16878 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58012 - data/CVE
Author: carnil Date: 2017-11-25 09:33:08 + (Sat, 25 Nov 2017) New Revision: 58012 Modified: data/CVE/list Log: Add exim4 issue Modified: data/CVE/list === --- data/CVE/list 2017-11-25 09:22:56 UTC (rev 58011) +++ data/CVE/list 2017-11-25 09:33:08 UTC (rev 58012) @@ -1,3 +1,9 @@ +CVE-2017- [exim4: remote code execution in chunking] + - exim4 (bug #882648) + [jessie] - exim4 (ESMTP CHUNKING extension introduced in 4.88) + [wheezy] - exim4 (ESMTP CHUNKING extension introduced in 4.88) + NOTE: https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html + NOTE: https://twitter.com/philpennock/status/934270613811875840 CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent use of ...) TODO: check CVE-2017-16940 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58011 - data/CVE
Author: carnil Date: 2017-11-25 09:22:56 + (Sat, 25 Nov 2017) New Revision: 58011 Modified: data/CVE/list Log: Mark CVE-2017-16548 as no-dsa, minor issue Modified: data/CVE/list === --- data/CVE/list 2017-11-25 09:10:29 UTC (rev 58010) +++ data/CVE/list 2017-11-25 09:22:56 UTC (rev 58011) @@ -1386,6 +1386,8 @@ RESERVED CVE-2017-16548 (The receive_xattr function in xattrs.c in rsync 3.1.2 and ...) - rsync (bug #880954) + [stretch] - rsync (Minor issue) + [jessie] - rsync (Minor issue) NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13112 NOTE: https://git.samba.org/rsync.git/?p=rsync.git;a=commit;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 CVE-2017-16547 (The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58010 - data/CVE
Author: sectracker
Date: 2017-11-25 09:10:29 + (Sat, 25 Nov 2017)
New Revision: 58010
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-25 08:27:24 UTC (rev 58009)
+++ data/CVE/list 2017-11-25 09:10:29 UTC (rev 58010)
@@ -1,3 +1,7 @@
+CVE-2017-16941 (** DISPUTED ** October CMS through 1.0.428 does not prevent
use of ...)
+ TODO: check
+CVE-2017-16940
+ RESERVED
CVE-2017-16939 (The XFRM dump policy implementation in net/xfrm/xfrm_user.c in
the ...)
- linux 4.13.13-1
NOTE: Fixed by:
https://git.kernel.org/linus/1137b5e2529a8f5ca8ee709288ecba3e68044df2
@@ -3528,6 +3532,7 @@
CVE-2017-15806 (The send function in the ezcMailMtaTransport class in Zeta
Components ...)
NOT-FOR-US: Zeta Components Mail
CVE-2016-10516 (Cross-site scripting (XSS) vulnerability in the render_full
function in ...)
+ {DLA-1191-1}
- python-werkzeug 0.11.11+dfsg1-1
NOTE:
http://blog.neargle.com/2016/09/21/flask-src-review-get-a-xss-from-debuger/
NOTE: https://github.com/pallets/werkzeug/pull/1001
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58009 - data/CVE
Author: carnil Date: 2017-11-25 08:27:24 + (Sat, 25 Nov 2017) New Revision: 58009 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-11-24 22:44:39 UTC (rev 58008) +++ data/CVE/list 2017-11-25 08:27:24 UTC (rev 58009) @@ -9588,9 +9588,9 @@ CVE-2017-13700 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...) NOT-FOR-US: Moxa CVE-2017-13699 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...) - TODO: check + NOT-FOR-US: MOXA CVE-2017-13698 (An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. ...) - TODO: check + NOT-FOR-US: MOXA CVE-2017-13697 (controllers/member/api.php in dayrui FineCms 5.0.11 has XSS related to ...) NOT-FOR-US: FineCMS CVE-2017-13696 @@ -10927,7 +10927,7 @@ CVE-2017-13072 RESERVED CVE-2017-13071 (QNAP has already patched this vulnerability. This security concern ...) - TODO: check + NOT-FOR-US: QNAP CVE-2017-13070 RESERVED CVE-2017-13069 (QNAP discovered a number of command injection vulnerabilities found in ...) @@ -17394,7 +17394,7 @@ CVE-2017-11059 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) NOT-FOR-US: Qualcomm components for Android CVE-2017-11058 (In android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) - TODO: check + NOT-FOR-US: Qualcomm components for Android CVE-2017-11057 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) NOT-FOR-US: Qualcomm components for Android CVE-2017-11056 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android ...) @@ -32164,9 +32164,9 @@ CVE-2017-6276 RESERVED CVE-2017-6275 (An information disclosure vulnerability exists in the Thermal Driver, ...) - TODO: check + NOT-FOR-US: NVIDIA components for Android CVE-2017-6274 (An elevation of Privilege vulnerability exists in the Thermal Driver, ...) - TODO: check + NOT-FOR-US: NVIDIA components for Android CVE-2017-6273 (NVIDIA ADSP Firmware contains a vulnerability in the ADSP Loader ...) NOT-FOR-US: NVIDIA ADSP Firmware CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...) @@ -47205,7 +47205,7 @@ CVE-2017-0867 RESERVED CVE-2017-0866 (An elevation of privilege vulnerability in the Direct rendering ...) - TODO: check + NOT-FOR-US: NVIDIA components for Android CVE-2017-0865 (An elevation of privilege vulnerability in the MediaTek soc driver. ...) TODO: check CVE-2017-0864 (An elevation of privilege vulnerability in the MediaTek ioctl ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
