[Secure-testing-commits] r58857 - data/CVE
Author: carnil Date: 2017-12-23 07:33:21 + (Sat, 23 Dec 2017) New Revision: 58857 Modified: data/CVE/list Log: Add linux issues Modified: data/CVE/list === --- data/CVE/list 2017-12-23 07:01:28 UTC (rev 58856) +++ data/CVE/list 2017-12-23 07:33:21 UTC (rev 58857) @@ -1,3 +1,39 @@ +CVE-2017-17857 [bpf: fix missing error return in check_stack_boundary()] + - linux 4.14.7-1 + [stretch] - linux (Vulnerable code introdued later) + [jessie] - linux (Vulnerable code introdued later) + [wheezy] - linux (Vulnerable code introdued later) + NOTE: Fixed by: https://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469 +CVE-2017-17856 [bpf: force strict alignment checks for stack pointers] + - linux 4.14.7-1 + [stretch] - linux (Vulnerable code introdued later) + [jessie] - linux (Vulnerable code introdued later) + [wheezy] - linux (Vulnerable code introdued later) + NOTE: Fixed by: https://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f +CVE-2017-17855 [bpf: don't prune branches when a scalar is replaced with a pointer] + - linux 4.14.7-1 + [stretch] - linux (Vulnerable code introdued later) + [jessie] - linux (Vulnerable code introdued later) + [wheezy] - linux (Vulnerable code introdued later) + NOTE: Fixed by: https://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14 +CVE-2017-17854 [bpf: fix integer overflows] + - linux 4.14.7-1 + [stretch] - linux (Vulnerable code introdued later) + [jessie] - linux (Vulnerable code introdued later) + [wheezy] - linux (Vulnerable code introdued later) + NOTE: Fixed by: https://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03 +CVE-2017-17853 [bpf/verifier: fix bounds calculation on BPF_RSH] + - linux 4.14.7-1 + [stretch] - linux (Vulnerable code introdued later) + [jessie] - linux (Vulnerable code introdued later) + [wheezy] - linux (Vulnerable code introdued later) + NOTE: Fixed by: https://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941 +CVE-2017-17852 [bpf: fix 32-bit ALU op verification] + - linux 4.14.7-1 + [stretch] - linux (Vulnerable code introdued later) + [jessie] - linux (Vulnerable code introdued later) + [wheezy] - linux (Vulnerable code introdued later) + NOTE: Fixed by: https://git.kernel.org/linus/468f6eafa6c44cb2c5d8aad35e12f06c240a812a CVE-2017-17842 RESERVED CVE-2017-17841 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58856 - data/CVE
Author: carnil Date: 2017-12-23 07:01:28 + (Sat, 23 Dec 2017) New Revision: 58856 Modified: data/CVE/list Log: Add CVE-2017-17485 Modified: data/CVE/list === --- data/CVE/list 2017-12-22 23:09:22 UTC (rev 58855) +++ data/CVE/list 2017-12-23 07:01:28 UTC (rev 58856) @@ -5479,6 +5479,8 @@ RESERVED CVE-2017-17485 RESERVED + - jackson-databind (Specific incomplete fixes for some Red Hat packages) + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1528565#c0 CVE-2017-17484 (The ucnv_UTF8FromUTF8 function in ucnv_u8.cpp in International ...) [experimental] - icu 60.2-1 - icu ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58855 - in data: . DLA
Author: alteholz
Date: 2017-12-22 23:09:22 + (Fri, 22 Dec 2017)
New Revision: 58855
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1218-1 for rsync
Modified: data/DLA/list
===
--- data/DLA/list 2017-12-22 22:43:17 UTC (rev 58854)
+++ data/DLA/list 2017-12-22 23:09:22 UTC (rev 58855)
@@ -1,3 +1,6 @@
+[23 Dec 2017] DLA-1218-1 rsync - security update
+ {CVE-2017-16548 CVE-2017-17433 CVE-2017-17434}
+ [wheezy] - rsync 3.0.9-4+deb7u1
[21 Dec 2017] DLA-1217-1 irssi - security update
{CVE-2017-5193 CVE-2017-5194 CVE-2017-5356 CVE-2017-15227
CVE-2017-15228 CVE-2017-15721 CVE-2017-15722}
[wheezy] - irssi 0.8.15-5+deb7u4
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-12-22 22:43:17 UTC (rev 58854)
+++ data/dla-needed.txt 2017-12-22 23:09:22 UTC (rev 58855)
@@ -67,8 +67,6 @@
python3.2 (Emilio Pozuelo)
NOTE: webbrowser.py as binary is hard to exploit, but when using it as an
import then it may be possible to trigger something. Should be fixed to be on
the safe side even though it is not an urgent problem.
--
-rsync (Thorsten Alteholz)
---
rtpproxy
NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog
--
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58853 - data/CVE
Author: carnil Date: 2017-12-22 22:43:13 + (Fri, 22 Dec 2017) New Revision: 58853 Modified: data/CVE/list Log: Add bug reference for CVE-2017-17840 Modified: data/CVE/list === --- data/CVE/list 2017-12-22 22:33:44 UTC (rev 58852) +++ data/CVE/list 2017-12-22 22:43:13 UTC (rev 58853) @@ -3,7 +3,7 @@ CVE-2017-17841 RESERVED CVE-2017-17840 (An issue was discovered in Open-iSCSI through 2.0.875. A local attacker ...) - - open-iscsi + - open-iscsi (bug #885021) [stretch] - open-iscsi (Minor issue) [jessie] - open-iscsi (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2017/12/13/2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58854 - data
Author: carnil Date: 2017-12-22 22:43:17 + (Fri, 22 Dec 2017) New Revision: 58854 Modified: data/dsa-needed.txt Log: Take linux from dsa-needed list Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-12-22 22:43:13 UTC (rev 58853) +++ data/dsa-needed.txt 2017-12-22 22:43:17 UTC (rev 58854) @@ -29,7 +29,7 @@ -- libxml2 (carnil) -- -linux +linux (benh, carnil) Wait until more issues have piled up -- openjpeg2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58852 - data/CVE
Author: carnil Date: 2017-12-22 22:33:44 + (Fri, 22 Dec 2017) New Revision: 58852 Modified: data/CVE/list Log: Update information for CVE-2017-17840/open-iscsi Modified: data/CVE/list === --- data/CVE/list 2017-12-22 22:25:18 UTC (rev 58851) +++ data/CVE/list 2017-12-22 22:33:44 UTC (rev 58852) @@ -4,8 +4,13 @@ RESERVED CVE-2017-17840 (An issue was discovered in Open-iSCSI through 2.0.875. A local attacker ...) - open-iscsi + [stretch] - open-iscsi (Minor issue) + [jessie] - open-iscsi (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2017/12/13/2 NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1072312 + NOTE: Specfic CVE fixed by https://github.com/open-iscsi/open-iscsi/pull/72/commits/b9c33683bdc0aed28ffe31c3f3d50bf5cdf519ea + NOTE: But all of the commits in https://github.com/open-iscsi/open-iscsi/pull/72 + NOTE: should be applied. CVE-2017-17839 RESERVED CVE-2017-17838 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58851 - data/CVE
Author: carnil Date: 2017-12-22 22:25:18 + (Fri, 22 Dec 2017) New Revision: 58851 Modified: data/CVE/list Log: Add CVE-2017-17840/open-iscsi Modified: data/CVE/list === --- data/CVE/list 2017-12-22 21:10:13 UTC (rev 58850) +++ data/CVE/list 2017-12-22 22:25:18 UTC (rev 58851) @@ -3,7 +3,9 @@ CVE-2017-17841 RESERVED CVE-2017-17840 (An issue was discovered in Open-iSCSI through 2.0.875. A local attacker ...) - TODO: check + - open-iscsi + NOTE: http://www.openwall.com/lists/oss-security/2017/12/13/2 + NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1072312 CVE-2017-17839 RESERVED CVE-2017-17838 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58850 - data/CVE
Author: sectracker Date: 2017-12-22 21:10:13 + (Fri, 22 Dec 2017) New Revision: 58850 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-12-22 20:17:24 UTC (rev 58849) +++ data/CVE/list 2017-12-22 21:10:13 UTC (rev 58850) @@ -1,5 +1,25 @@ -CVE-2017-17832 +CVE-2017-17842 RESERVED +CVE-2017-17841 + RESERVED +CVE-2017-17840 (An issue was discovered in Open-iSCSI through 2.0.875. A local attacker ...) + TODO: check +CVE-2017-17839 + RESERVED +CVE-2017-17838 + RESERVED +CVE-2017-17837 + RESERVED +CVE-2017-17836 + RESERVED +CVE-2017-17835 + RESERVED +CVE-2017-17834 + RESERVED +CVE-2017-17833 + RESERVED +CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a ...) + TODO: check CVE-2017- [Multiple Enigmail issues] - enigmail 2:1.9.9-1 [stretch] - enigmail 2:1.9.9-1~deb9u1 @@ -8325,8 +8345,8 @@ RESERVED CVE-2017-17011 RESERVED -CVE-2017-17010 - RESERVED +CVE-2017-17010 (Untrusted search path vulnerability in Content Manager Assistant for ...) + TODO: check CVE-2017-17009 RESERVED CVE-2017-17008 @@ -8359,15 +8379,13 @@ [wheezy] - eglibc (Minor issue) NOTE: Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=22625 NOTE: Proposed patch: https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html -CVE-2017-16996 - RESERVED +CVE-2017-16996 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local ...) - linux 4.14.7-1 [stretch] - linux (Vulnerable code introduced later) [jessie] - linux (Vulnerable code introduced later) [wheezy] - linux (Vulnerable code introduced later) NOTE: https://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958 -CVE-2017-16995 - RESERVED +CVE-2017-16995 (The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel ...) - linux 4.14.7-1 [jessie] - linux (Vulnerable code introduced later) [wheezy] - linux (Vulnerable code introduced later) @@ -10307,8 +10325,8 @@ RESERVED CVE-2017-16767 RESERVED -CVE-2017-16766 - RESERVED +CVE-2017-16766 (An improper access control vulnerability in synodsmnotify in Synology ...) + TODO: check CVE-2017-16765 (XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi. ...) NOT-FOR-US: D-Link CVE-2017-16764 (An exploitable vulnerability exists in the YAML parsing functionality ...) @@ -14306,50 +14324,50 @@ RESERVED CVE-2017-15329 RESERVED -CVE-2017-15328 - RESERVED +CVE-2017-15328 (Huawei HG8245H version earlier than V300R018C00SPC110 has an ...) + TODO: check CVE-2017-15327 RESERVED CVE-2017-15326 RESERVED CVE-2017-15325 RESERVED -CVE-2017-15324 - RESERVED +CVE-2017-15324 (Huawei S12700 V200R006C00, V200R007C00, V200R007C01, V200R007C20, ...) + TODO: check CVE-2017-15323 RESERVED -CVE-2017-15322 - RESERVED -CVE-2017-15321 - RESERVED -CVE-2017-15320 - RESERVED -CVE-2017-15319 - RESERVED -CVE-2017-15318 - RESERVED -CVE-2017-15317 - RESERVED -CVE-2017-15316 - RESERVED +CVE-2017-15322 (Some Huawei smartphones with software of BGO-L03C158B003CUSTC158D001 ...) + TODO: check +CVE-2017-15321 (Huawei FusionSphere OpenStack V100R006C000SPC102 (NFV) has an ...) + TODO: check +CVE-2017-15320 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, ...) + TODO: check +CVE-2017-15319 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, ...) + TODO: check +CVE-2017-15318 (RP200 V500R002C00, V600R006C00; TE30 V100R001C10, V500R002C00, ...) + TODO: check +CVE-2017-15317 (AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 ...) + TODO: check +CVE-2017-15316 (The GPU driver of Mate 9 Huawei smart phones with software before ...) + TODO: check CVE-2017-15315 RESERVED CVE-2017-15314 RESERVED -CVE-2017-15313 - RESERVED -CVE-2017-15312 - RESERVED -CVE-2017-15311 - RESERVED -CVE-2017-15310 - RESERVED -CVE-2017-15309 - RESERVED -CVE-2017-15308 - RESERVED -CVE-2017-15307 - RESERVED +CVE-2017-15313 (Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An ...) + TODO: check +CVE-2017-15312 (Huawei SmartCare V200R003C10 has a stored XSS (cross-site scripting) ...) + TODO: check +CVE-2017-15311 (The baseband modules of Mate 10, Mate 10 Pro, Mate 9, Mate 9 Pro ...) + TODO: check +CVE-2017-15310 (Huawei iReader app before 8.0.2.301 has an arbitrary file deletion ...) + TODO: check +CVE-2017-15309 (Huawei iReader app before 8.0.2.301 has a path traversal vulnerability ...) + TODO: check +CVE-2017-15308 (Huawei iR
[Secure-testing-commits] r58849 - data/CVE
Author: carnil
Date: 2017-12-22 20:17:24 + (Fri, 22 Dec 2017)
New Revision: 58849
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2017-17511
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-22 19:50:23 UTC (rev 58848)
+++ data/CVE/list 2017-12-22 20:17:24 UTC (rev 58849)
@@ -5361,7 +5361,7 @@
NOTE:
https://anonscm.debian.org/git/collab-maint/sensible-utils.git/commit/?id=e16c937c43126df7f08d355277f99dd94cc21ce5
CVE-2017-17511 (KildClient 3.1.0 does not validate strings before launching
the program ...)
{DLA-1210-1}
- - kildclient
+ - kildclient (bug #885007)
[stretch] - kildclient (Minor issue)
[jessie] - kildclient (Minor issue)
NOTE:
https://sources.debian.org/src/kildclient/3.1.0-1/src/worldgui.c/?hl=1159#L1159
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58848 - data/CVE
Author: carnil
Date: 2017-12-22 19:50:23 + (Fri, 22 Dec 2017)
New Revision: 58848
Modified:
data/CVE/list
Log:
Various linux CVEs fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-22 17:32:05 UTC (rev 58847)
+++ data/CVE/list 2017-12-22 19:50:23 UTC (rev 58848)
@@ -158,13 +158,13 @@
CVE-2018-3560
RESERVED
CVE-2017-17807 (The KEYS subsystem in the Linux kernel before 4.14.6 omitted
an ...)
- - linux
+ - linux 4.14.7-1
NOTE: Fixed by:
https://git.kernel.org/linus/4dca6ea1d9432052afb06baf2e3ae78188a4410b
(v4.15-rc3)
CVE-2017-17806 (The HMAC implementation (crypto/hmac.c) in the Linux kernel
before ...)
- - linux
+ - linux 4.14.7-1
NOTE: Fixed by:
https://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1
(v4.15-rc4)
CVE-2017-17805 (The Salsa20 encryption algorithm in the Linux kernel before
4.14.8 does ...)
- - linux
+ - linux 4.14.7-1
NOTE: Fixed by:
https://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e (4.15-rc4)
CVE-2017-17804 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS)
allows ...)
NOT-FOR-US: IKARUS anti.virus
@@ -340,7 +340,7 @@
CVE-2017-17742
RESERVED
CVE-2017-17741 (The KVM implementation in the Linux kernel through 4.14.7
allows ...)
- - linux
+ - linux 4.14.7-1
NOTE: https://www.spinics.net/lists/kvm/msg160796.html
CVE-2017-17740 (contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45,
when both ...)
- openldap (unimportant)
@@ -408,7 +408,7 @@
CVE-2017-17713 (Trape before 2017-11-05 has SQL injection via the /nr red
parameter, ...)
NOT-FOR-US: Trape
CVE-2017-17712 (The raw_sendmsg() function in net/ipv4/raw.c in the Linux
kernel ...)
- - linux
+ - linux 4.14.7-1
[jessie] - linux (Vulnerable code not present)
[wheezy] - linux (Vulnerable code not present)
NOTE: Fixed by:
https://git.kernel.org/linus/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483
@@ -5147,7 +5147,7 @@
- xen
NOTE: https://xenbits.xen.org/xsa/advisory-248.html
CVE-2017-17558 (The usb_destroy_configuration function in
drivers/usb/core/config.c in ...)
- - linux
+ - linux 4.14.7-1
NOTE: https://www.spinics.net/lists/linux-usb/msg163644.html
NOTE: Fixed by:
https://git.kernel.org/linus/48a4ff1c7bb5a32d2e396b03132d20d552c0eca7
CVE-2017-17557
@@ -5671,15 +5671,15 @@
CVE-2017-17451 (The WP Mailster plugin before 1.5.5 for WordPress has XSS in
the ...)
NOT-FOR-US: Wordpress plugin
CVE-2017-17450 (net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does
not ...)
- - linux
+ - linux 4.14.7-1
[wheezy] - linux (User namespaces not supported)
NOTE: https://lkml.org/lkml/2017/12/5/982
CVE-2017-17449 (The __netlink_deliver_tap_skb function in
net/netlink/af_netlink.c in ...)
- - linux
+ - linux 4.14.7-1
[wheezy] - linux (Vulnerable code not present)
NOTE: https://lkml.org/lkml/2017/12/5/950
CVE-2017-17448 (net/netfilter/nfnetlink_cthelper.c in the Linux kernel through
4.14.4 ...)
- - linux
+ - linux 4.14.7-1
[wheezy] - linux (User namespaces not supported)
NOTE: https://patchwork.kernel.org/patch/10089373/
CVE-2018-1280
@@ -5956,7 +5956,7 @@
NOTE: Fixed by:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=34697694e8a93b325b18f25f7dcded55d6baeaf6
NOTE: The upload of 2.26-0experimental2 to experimental fixed the issue
(cf. #883729).
CVE-2017-1000410 (The Linux kernel version 3.3-rc1 and later is affected by a
...)
- - linux
+ - linux 4.14.7-1
[wheezy] - linux (Vulnerable code introduced in 3.3)
NOTE: http://www.openwall.com/lists/oss-security/2017/12/06/3
CVE-2017-1000409 [buffer overflow]
@@ -8361,14 +8361,14 @@
NOTE: Proposed patch:
https://sourceware.org/ml/libc-alpha/2017-12/msg00528.html
CVE-2017-16996
RESERVED
- - linux
+ - linux 4.14.7-1
[stretch] - linux (Vulnerable code introduced later)
[jessie] - linux (Vulnerable code introduced later)
[wheezy] - linux (Vulnerable code introduced later)
NOTE:
https://git.kernel.org/linus/0c17d1d2c61936401f4702e1846e2c19b200f958
CVE-2017-16995
RESERVED
- - linux
+ - linux 4.14.7-1
[jessie] - linux (Vulnerable code introduced later)
[wheezy] - linux (Vulnerable code introduced later)
NOTE:
https://git.kernel.org/linus/95a762e2c8c942780948091f8f2a4f32fce1ac6f
@@ -9503,7 +9503,7 @@
RESERVED
CVE-2017-1000407 (The Linux Kernel 2.6.32 and later are affected by a denial
of service, ...)
{DLA-1200-1}
- - linux
+ - linux 4.14.7-1
NOTE: https://www.spinics.net/lists/kvm/msg159809.html
CVE-2017-1000406 (OpenDaylight Kara
[Secure-testing-commits] r58847 - data
Author: pochu Date: 2017-12-22 17:32:05 + (Fri, 22 Dec 2017) New Revision: 58847 Modified: data/dla-needed.txt Log: dla: claim enigmail Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-22 16:11:11 UTC (rev 58846) +++ data/dla-needed.txt 2017-12-22 17:32:05 UTC (rev 58847) @@ -19,7 +19,7 @@ couchdb NOTE: Only in wheezy, we are on our own. -- -enigmail +enigmail (Emilio Pozuelo) NOTE: we should backport 2:1.9.9-1 just like in jessie/stretch. -- gimp (Emilio Pozuelo) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58846 - data/CVE
Author: carnil Date: 2017-12-22 16:11:11 + (Fri, 22 Dec 2017) New Revision: 58846 Modified: data/CVE/list Log: Fix for CVE-2017-17405 for ruby2.3 is inclueed in new upstream version 2.3.6 Modified: data/CVE/list === --- data/CVE/list 2017-12-22 13:53:30 UTC (rev 58845) +++ data/CVE/list 2017-12-22 16:11:11 UTC (rev 58846) @@ -6101,7 +6101,7 @@ RESERVED CVE-2017-17405 (Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, ...) - ruby2.5 (bug #884437) - - ruby2.3 (bug #884438) + - ruby2.3 2.3.6-1 (bug #884438) [stretch] - ruby2.3 (Minor issue, can be fixed along in a future update) - ruby2.1 - ruby1.9.1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58845 - data/CVE
Author: carnil Date: 2017-12-22 13:53:30 + (Fri, 22 Dec 2017) New Revision: 58845 Modified: data/CVE/list Log: Add fixes for CVE-2017-17785/gimp Modified: data/CVE/list === --- data/CVE/list 2017-12-22 12:27:38 UTC (rev 58844) +++ data/CVE/list 2017-12-22 13:53:30 UTC (rev 58845) @@ -266,6 +266,8 @@ CVE-2017-17785 (In GIMP 2.8.22, there is a heap-based buffer overflow in the ...) - gimp (bug #884836) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739133 + NOTE: https://git.gnome.org/browse/gimp/commit/?id=edb251a7ef1602d20a5afcbf23f24afb163de63b (master) + NOTE: https://git.gnome.org/browse/gimp/commit/?id=1882bac996a20ab5c15c42b0c5e8f49033a1af54 (gimp-2-8) NOTE: Can be reproduced (at least in wheezy) with "valgrind --trace-children=yes gimp " CVE-2017-17786 (In GIMP 2.8.22, there is a heap-based buffer over-read in ReadImage in ...) - gimp (unimportant; bug #884862) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58844 - data/CVE
Author: carnil Date: 2017-12-22 12:27:38 + (Fri, 22 Dec 2017) New Revision: 58844 Modified: data/CVE/list Log: Add tag information for CVE-2017-17819 Modified: data/CVE/list === --- data/CVE/list 2017-12-22 12:26:36 UTC (rev 58843) +++ data/CVE/list 2017-12-22 12:27:38 UTC (rev 58844) @@ -36,8 +36,7 @@ CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...) - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435 - NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af - TODO: check + NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3) CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392428 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58843 - data/CVE
Author: carnil Date: 2017-12-22 12:26:36 + (Fri, 22 Dec 2017) New Revision: 58843 Modified: data/CVE/list Log: Add tag information for CVE-2017-17815 Modified: data/CVE/list === --- data/CVE/list 2017-12-22 12:25:34 UTC (rev 58842) +++ data/CVE/list 2017-12-22 12:26:36 UTC (rev 58843) @@ -52,9 +52,8 @@ TODO: check CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...) - nasm 2.13.02-0.1 - NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 + NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436 - TODO: check CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...) - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392430 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58842 - data/CVE
Author: carnil Date: 2017-12-22 12:25:34 + (Fri, 22 Dec 2017) New Revision: 58842 Modified: data/CVE/list Log: CVE-2017-17812: update tag information Modified: data/CVE/list === --- data/CVE/list 2017-12-22 12:24:19 UTC (rev 58841) +++ data/CVE/list 2017-12-22 12:25:34 UTC (rev 58842) @@ -65,9 +65,8 @@ TODO: check CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - nasm 2.13.02-0.1 - NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 + NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424 - TODO: check CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392432 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58841 - data/CVE
Author: carnil Date: 2017-12-22 12:24:19 + (Fri, 22 Dec 2017) New Revision: 58841 Modified: data/CVE/list Log: CVE-2017-17810 checked Modified: data/CVE/list === --- data/CVE/list 2017-12-22 12:02:23 UTC (rev 58840) +++ data/CVE/list 2017-12-22 12:24:19 UTC (rev 58841) @@ -74,9 +74,8 @@ TODO: check CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown ...) - nasm 2.13.02-0.1 - NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 + NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431 - TODO: check CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice ...) NOT-FOR-US: Golden Frog VyprVPN CVE-2017-17808 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58840 - data/CVE
Author: hertzog Date: 2017-12-22 12:02:23 + (Fri, 22 Dec 2017) New Revision: 58840 Modified: data/CVE/list Log: All nasm issues are fixed in the last upstream release The 2.14rc0 release tested by the researcher is a tag roughly matching the state of 2.13, lacking fixes made later in the nasm-2.13.xx branch but including a few changes from the "elf" branch that have been merged in the master branch too. There's a slight chance that the commits from the elf branch are responsible for some of the issues reported and closed with ?\194?\171 No longer triggers with upcoming 2.13.02 (will be released soon) ?\194?\187, thus I mailed Cyrill Gorcunov to double check this with him. Modified: data/CVE/list === --- data/CVE/list 2017-12-22 11:51:50 UTC (rev 58839) +++ data/CVE/list 2017-12-22 12:02:23 UTC (rev 58840) @@ -30,50 +30,50 @@ CVE-2017-17821 (WTF/wtf/FastBitVector.h in WebKit, as distributed in Safari Technology ...) TODO: check CVE-2017-17820 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...) - - nasm + - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392433 TODO: check CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...) - - nasm + - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435 NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af TODO: check CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - - nasm + - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392428 TODO: check CVE-2017-17817 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...) - - nasm + - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392427 TODO: check CVE-2017-17816 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...) - - nasm + - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392426 TODO: check CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...) - - nasm + - nasm 2.13.02-0.1 NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436 TODO: check CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...) - - nasm + - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392430 TODO: check CVE-2017-17813 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the ...) - - nasm + - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392429 TODO: check CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - - nasm + - nasm 2.13.02-0.1 NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424 TODO: check CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - - nasm + - nasm 2.13.02-0.1 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392432 TODO: check CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a "SEGV on unknown ...) - - nasm + - nasm 2.13.02-0.1 NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431 TODO: check ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58839 - in data: . DLA
Author: pochu
Date: 2017-12-22 11:51:50 + (Fri, 22 Dec 2017)
New Revision: 58839
Modified:
data/DLA/list
data/dla-needed.txt
Log:
irssi wheezy update fixed CVE-2017-5356, not CVE-2017-5196 which is 0.8.18+
Modified: data/DLA/list
===
--- data/DLA/list 2017-12-22 11:06:00 UTC (rev 58838)
+++ data/DLA/list 2017-12-22 11:51:50 UTC (rev 58839)
@@ -1,5 +1,5 @@
[21 Dec 2017] DLA-1217-1 irssi - security update
- {CVE-2017-5193 CVE-2017-5194 CVE-2017-5196 CVE-2017-15227
CVE-2017-15228 CVE-2017-15721 CVE-2017-15722}
+ {CVE-2017-5193 CVE-2017-5194 CVE-2017-5356 CVE-2017-15227
CVE-2017-15228 CVE-2017-15721 CVE-2017-15722}
[wheezy] - irssi 0.8.15-5+deb7u4
[21 Dec 2017] DLA-1216-1 wordpress - security update
{CVE-2017-17091 CVE-2017-17092 CVE-2017-17093 CVE-2017-17094}
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-12-22 11:06:00 UTC (rev 58838)
+++ data/dla-needed.txt 2017-12-22 11:51:50 UTC (rev 58839)
@@ -30,8 +30,6 @@
--
imagemagick (Markus Koschany)
--
-irssi
---
lame (Hugo Lefeuvre)
NOTE: Couldn't reproduce CVE-2017-{69-72}, but successfully reproduced
CVE-2017-150{18,45,46}
NOTE: 20171120: Backporting 3.100 is not conceivable, diff >40k lines.
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58838 - data
Author: hertzog Date: 2017-12-22 11:06:00 + (Fri, 22 Dec 2017) New Revision: 58838 Modified: data/dla-needed.txt Log: Add enigmail to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-22 10:16:06 UTC (rev 58837) +++ data/dla-needed.txt 2017-12-22 11:06:00 UTC (rev 58838) @@ -19,6 +19,9 @@ couchdb NOTE: Only in wheezy, we are on our own. -- +enigmail + NOTE: we should backport 2:1.9.9-1 just like in jessie/stretch. +-- gimp (Emilio Pozuelo) -- graphicsmagick (Markus Koschany) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58837 - data
Author: pochu Date: 2017-12-22 10:16:06 + (Fri, 22 Dec 2017) New Revision: 58837 Modified: data/dla-needed.txt Log: dla: claim python probably no-dsa Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-22 09:43:23 UTC (rev 58836) +++ data/dla-needed.txt 2017-12-22 10:16:06 UTC (rev 58837) @@ -57,13 +57,13 @@ -- ohcount -- -python2.6 +python2.6 (Emilio Pozuelo) NOTE: webbrowser.py as binary is hard to exploit, but when using it as an import then it may be possible to trigger something. Should be fixed to be on the safe side even though it is not an urgent problem. -- -python2.7 +python2.7 (Emilio Pozuelo) NOTE: webbrowser.py as binary is hard to exploit, but when using it as an import then it may be possible to trigger something. Should be fixed to be on the safe side even though it is not an urgent problem. -- -python3.2 +python3.2 (Emilio Pozuelo) NOTE: webbrowser.py as binary is hard to exploit, but when using it as an import then it may be possible to trigger something. Should be fixed to be on the safe side even though it is not an urgent problem. -- rsync (Thorsten Alteholz) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58836 - data/CVE
Author: carnil Date: 2017-12-22 09:43:23 + (Fri, 22 Dec 2017) New Revision: 58836 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-12-22 09:43:12 UTC (rev 58835) +++ data/CVE/list 2017-12-22 09:43:23 UTC (rev 58836) @@ -10388,7 +10388,7 @@ CVE-2017-16728 RESERVED CVE-2017-16727 (A Credentials Management issue was discovered in Moxa NPort W2150A ...) - TODO: check + NOT-FOR-US: Moxa CVE-2017-16726 RESERVED CVE-2017-16725 (A Stack-based Buffer Overflow issue was discovered in Xiongmai ...) @@ -17344,7 +17344,7 @@ CVE-2017-14364 RESERVED CVE-2017-14363 (Cross-Site Scripting (XSS) vulnerability has been identified in Micro ...) - TODO: check + NOT-FOR-US: Micro Focus Operations Manager CVE-2017-14362 (Cross-Site Request Forgery vulnerability in Micro Focus Project and ...) NOT-FOR-US: Micro Focus Project and Portfolio Management Center CVE-2017-14361 (Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58835 - data/CVE
Author: carnil Date: 2017-12-22 09:43:12 + (Fri, 22 Dec 2017) New Revision: 58835 Modified: data/CVE/list Log: Sort top-down entries Modified: data/CVE/list === --- data/CVE/list 2017-12-22 09:10:16 UTC (rev 58834) +++ data/CVE/list 2017-12-22 09:43:12 UTC (rev 58835) @@ -2,8 +2,8 @@ RESERVED CVE-2017- [Multiple Enigmail issues] - enigmail 2:1.9.9-1 + [stretch] - enigmail 2:1.9.9-1~deb9u1 [jessie] - enigmail 2:1.9.9-1~deb8u1 - [stretch] - enigmail 2:1.9.9-1~deb9u1 NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute ...) - git-lfs (Fixed before initial upload to Debian) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58834 - data/CVE
Author: sectracker
Date: 2017-12-22 09:10:16 + (Fri, 22 Dec 2017)
New Revision: 58834
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-22 08:55:48 UTC (rev 58833)
+++ data/CVE/list 2017-12-22 09:10:16 UTC (rev 58834)
@@ -10387,8 +10387,8 @@
RESERVED
CVE-2017-16728
RESERVED
-CVE-2017-16727
- RESERVED
+CVE-2017-16727 (A Credentials Management issue was discovered in Moxa NPort
W2150A ...)
+ TODO: check
CVE-2017-16726
RESERVED
CVE-2017-16725 (A Stack-based Buffer Overflow issue was discovered in Xiongmai
...)
@@ -17343,8 +17343,8 @@
RESERVED
CVE-2017-14364
RESERVED
-CVE-2017-14363
- RESERVED
+CVE-2017-14363 (Cross-Site Scripting (XSS) vulnerability has been identified
in Micro ...)
+ TODO: check
CVE-2017-14362 (Cross-Site Request Forgery vulnerability in Micro Focus
Project and ...)
NOT-FOR-US: Micro Focus Project and Portfolio Management Center
CVE-2017-14361 (Man-In-The-Middle vulnerability in Micro Focus Project and
Portfolio ...)
@@ -20624,6 +20624,7 @@
NOTE: https://github.com/wolfSSL/wolfssl/pull/1229
NOTE: https://robotattack.org/
CVE-2017-13098 (BouncyCastle TLS prior to version 1.0.3, when configured to
use the ...)
+ {DSA-4072-1}
- bouncycastle 1.58-1 (bug #884241)
[jessie] - bouncycastle (Vulnerable code introduced in
1.56 with tls API addition)
[wheezy] - bouncycastle (Vulnerable code not present)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58831 - data
Author: lamby
Date: 2017-12-22 08:55:37 + (Fri, 22 Dec 2017)
New Revision: 58831
Modified:
data/dla-needed.txt
Log:
Triage irssi for LTS
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-12-22 06:37:32 UTC (rev 58830)
+++ data/dla-needed.txt 2017-12-22 08:55:37 UTC (rev 58831)
@@ -27,6 +27,8 @@
--
imagemagick (Markus Koschany)
--
+irssi
+--
lame (Hugo Lefeuvre)
NOTE: Couldn't reproduce CVE-2017-{69-72}, but successfully reproduced
CVE-2017-150{18,45,46}
NOTE: 20171120: Backporting 3.100 is not conceivable, diff >40k lines.
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58833 - data/CVE
Author: lamby Date: 2017-12-22 08:55:48 + (Fri, 22 Dec 2017) New Revision: 58833 Modified: data/CVE/list Log: Add link to https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf for recent enigmail issue. Modified: data/CVE/list === --- data/CVE/list 2017-12-22 08:55:38 UTC (rev 58832) +++ data/CVE/list 2017-12-22 08:55:48 UTC (rev 58833) @@ -4,6 +4,7 @@ - enigmail 2:1.9.9-1 [jessie] - enigmail 2:1.9.9-1~deb8u1 [stretch] - enigmail 2:1.9.9-1~deb9u1 + NOTE: https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute ...) - git-lfs (Fixed before initial upload to Debian) NOTE: https://github.com/git-lfs/git-lfs/pull/2242 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58832 - data
Author: lamby Date: 2017-12-22 08:55:38 + (Fri, 22 Dec 2017) New Revision: 58832 Modified: data/dla-needed.txt Log: Re-order rtpproxy in data/dla-needed.txt.. u > t in my locale! Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-22 08:55:37 UTC (rev 58831) +++ data/dla-needed.txt 2017-12-22 08:55:38 UTC (rev 58832) @@ -68,13 +68,13 @@ -- rsync (Thorsten Alteholz) -- +rtpproxy + NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog +-- ruby1.8 (Guido Günther) -- ruby1.9.1 (Guido Günther) -- -rtpproxy - NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog --- swftools (Guido Günther) NOTE: 20171118: At least CVE-2017-16797 is present. (lamby) NOTE: 20171210: likely to be turned into a pkg with limited sec support ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
