[Secure-testing-commits] r58879 - data/CVE
Author: carnil Date: 2017-12-24 07:44:12 + (Sun, 24 Dec 2017) New Revision: 58879 Modified: data/CVE/list Log: Add CVE-2017-17866/mupdf Modified: data/CVE/list === --- data/CVE/list 2017-12-23 21:10:15 UTC (rev 58878) +++ data/CVE/list 2017-12-24 07:44:12 UTC (rev 58879) @@ -1,5 +1,7 @@ CVE-2017-17866 (pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain ...) - TODO: check + - mupdf + NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=520cc26d18c9ee245b56e9e91f9d4fcae02be5f0 + NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698699 (not public) CVE-2017-17865 RESERVED CVE-2017-17864 (kernel/bpf/verifier.c in the Linux kernel before 4.14 mishandles ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58878 - data/CVE
Author: sectracker
Date: 2017-12-23 21:10:15 + (Sat, 23 Dec 2017)
New Revision: 58878
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-23 20:12:20 UTC (rev 58877)
+++ data/CVE/list 2017-12-23 21:10:15 UTC (rev 58878)
@@ -1,13 +1,20 @@
-CVE-2017-17864 [bpf/verifier: Fix states_equal() comparison of pointer and
UNKNOWN]
+CVE-2017-17866 (pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles
certain ...)
+ TODO: check
+CVE-2017-17865
+ RESERVED
+CVE-2017-17864 (kernel/bpf/verifier.c in the Linux kernel before 4.14
mishandles ...)
+ {DSA-4073-1}
- linux
[jessie] - linux (Vulnerable code not present)
[wheezy] - linux (Vulnerable code not present)
-CVE-2017-17863 [bpf: reject out-of-bounds stack pointer calculation]
+CVE-2017-17863 (kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71
does not ...)
+ {DSA-4073-1}
- linux
[jessie] - linux (Vulnerable code not present)
[wheezy] - linux (Vulnerable code not present)
NOTE: https://www.spinics.net/lists/stable/msg206985.html
-CVE-2017-17862 [bpf: fix branch pruning logic]
+CVE-2017-17862 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8
ignores ...)
+ {DSA-4073-1}
- linux
[jessie] - linux (Vulnerable code not present)
[wheezy] - linux (Vulnerable code not present)
@@ -98,27 +105,27 @@
CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a
...)
TODO: check
CVE-2017-17843 (An issue was discovered in Enigmail before 1.9.9 that allows
remote ...)
- {DSA-4070-1}
+ {DSA-4070-1 DLA-1219-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
CVE-2017-17844 (An issue was discovered in Enigmail before 1.9.9. A remote
attacker can ...)
- {DSA-4070-1}
+ {DSA-4070-1 DLA-1219-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
CVE-2017-17845 (An issue was discovered in Enigmail before 1.9.9. Improper
Random ...)
- {DSA-4070-1}
+ {DSA-4070-1 DLA-1219-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
CVE-2017-17846 (An issue was discovered in Enigmail before 1.9.9. Regular
expressions ...)
- {DSA-4070-1}
+ {DSA-4070-1 DLA-1219-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
CVE-2017-17847 (An issue was discovered in Enigmail before 1.9.9. Signature
spoofing is ...)
- {DSA-4070-1}
+ {DSA-4070-1 DLA-1219-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
CVE-2017-17848 (An issue was discovered in Enigmail before 1.9.9. In a variant
of ...)
- {DSA-4070-1}
+ {DSA-4070-1 DLA-1219-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute
...)
@@ -274,12 +281,15 @@
CVE-2018-3560
RESERVED
CVE-2017-17807 (The KEYS subsystem in the Linux kernel before 4.14.6 omitted
an ...)
+ {DSA-4073-1}
- linux 4.14.7-1
NOTE: Fixed by:
https://git.kernel.org/linus/4dca6ea1d9432052afb06baf2e3ae78188a4410b
(v4.15-rc3)
CVE-2017-17806 (The HMAC implementation (crypto/hmac.c) in the Linux kernel
before ...)
+ {DSA-4073-1}
- linux 4.14.7-1
NOTE: Fixed by:
https://git.kernel.org/linus/af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1
(v4.15-rc4)
CVE-2017-17805 (The Salsa20 encryption algorithm in the Linux kernel before
4.14.8 does ...)
+ {DSA-4073-1}
- linux 4.14.7-1
NOTE: Fixed by:
https://git.kernel.org/linus/ecaaab5649781c5a0effdaf298a925063020500e (4.15-rc4)
CVE-2017-17804 (In IKARUS anti.virus 2.16.20, the driver file (ntguard.SYS)
allows ...)
@@ -380,12 +390,14 @@
NOTE: OTRS-5:
https://github.com/OTRS/otrs/commit/720c73fbf53e476ca7dfdf2ae1d4d3d2aad2b953
NOTE: OTRS-4:
https://github.com/OTRS/otrs/commit/26707eaaa791648e6c7ad6aeaa27efd70e7c66eb
CVE-2017-17785 (In GIMP 2.8.22, there is a heap-based buffer overflow in the
...)
+ {DLA-1220-1}
- gimp (bug #884836)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=739133
NOTE:
https://git.gnome.org/browse/gimp/commit/?id=edb251a7ef1602d20a5afcbf23f24afb163de63b
(master)
NOTE:
https://git.gnome.org/browse/gimp/commit/?id=1882bac996a20ab5c15c42b0c5e8f49033a1af54
(gimp-2-8)
NOTE: Can be reproduced (at least in wheezy)
[Secure-testing-commits] r58877 - data
Author: carnil
Date: 2017-12-23 20:12:20 + (Sat, 23 Dec 2017)
New Revision: 58877
Modified:
data/next-oldstable-point-update.txt
data/next-point-update.txt
Log:
mosquitto update proposed via {stretch,jessie}-pu
Modified: data/next-oldstable-point-update.txt
===
--- data/next-oldstable-point-update.txt2017-12-23 19:49:04 UTC (rev
58876)
+++ data/next-oldstable-point-update.txt2017-12-23 20:12:20 UTC (rev
58877)
@@ -37,3 +37,5 @@
[jessie] - mariadb-10.0 10.0.33-0+deb8u1
CVE-2017-17511
[jessie] - kildclient 3.0.0-2+deb8u1
+CVE-2017-9868
+ [jessie] - mosquitto 1.3.4-2+deb8u2
Modified: data/next-point-update.txt
===
--- data/next-point-update.txt 2017-12-23 19:49:04 UTC (rev 58876)
+++ data/next-point-update.txt 2017-12-23 20:12:20 UTC (rev 58877)
@@ -23,3 +23,5 @@
[stretch] - open-iscsi 2.0.874-3~deb9u2
CVE-2017-17511
[stretch] - kildclient 3.1.0-1+deb9u1
+CVE-2017-9868
+ [stretch] - mosquitto 1.4.10-3+deb9u1
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58876 - in data: . DSA
Author: carnil
Date: 2017-12-23 19:49:04 + (Sat, 23 Dec 2017)
New Revision: 58876
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
Reserve DSA number for linux update
Modified: data/DSA/list
===
--- data/DSA/list 2017-12-23 18:12:14 UTC (rev 58875)
+++ data/DSA/list 2017-12-23 19:49:04 UTC (rev 58876)
@@ -1,3 +1,6 @@
+[23 Dec 2017] DSA-4073-1 linux - security update
+ {CVE-2017-8824 CVE-2017-16538 CVE-2017-16644 CVE-2017-16995
CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-17712
CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17807 CVE-2017-17862
CVE-2017-17863 CVE-2017-17864 CVE-2017-1000407 CVE-2017-1000410}
+ [stretch] - linux 4.9.65-3+deb9u1
[21 Dec 2017] DSA-4072-1 bouncycastle - security update
{CVE-2017-13098}
[stretch] - bouncycastle 1.56-1+deb9u1
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-12-23 18:12:14 UTC (rev 58875)
+++ data/dsa-needed.txt 2017-12-23 19:49:04 UTC (rev 58876)
@@ -29,7 +29,7 @@
--
libxml2 (carnil)
--
-linux (benh, carnil)
+linux
Wait until more issues have piled up
--
openjpeg2
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58875 - data
Author: carnil
Date: 2017-12-23 18:12:14 + (Sat, 23 Dec 2017)
New Revision: 58875
Modified:
data/next-oldstable-point-update.txt
data/next-point-update.txt
Log:
ldclient update proposed via {jessie,stretch}-pu
Modified: data/next-oldstable-point-update.txt
===
--- data/next-oldstable-point-update.txt2017-12-23 17:40:21 UTC (rev
58874)
+++ data/next-oldstable-point-update.txt2017-12-23 18:12:14 UTC (rev
58875)
@@ -35,3 +35,5 @@
[jessie] - mariadb-10.0 10.0.33-0+deb8u1
CVE-2017-10268
[jessie] - mariadb-10.0 10.0.33-0+deb8u1
+CVE-2017-17511
+ [jessie] - kildclient 3.0.0-2+deb8u1
Modified: data/next-point-update.txt
===
--- data/next-point-update.txt 2017-12-23 17:40:21 UTC (rev 58874)
+++ data/next-point-update.txt 2017-12-23 18:12:14 UTC (rev 58875)
@@ -21,3 +21,5 @@
[stretch] - golang-github-go-ldap-ldap 2.4.1-1+deb9u1
CVE-2017-17840
[stretch] - open-iscsi 2.0.874-3~deb9u2
+CVE-2017-17511
+ [stretch] - kildclient 3.1.0-1+deb9u1
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58874 - in data: . CVE
Author: pochu Date: 2017-12-23 17:40:21 + (Sat, 23 Dec 2017) New Revision: 58874 Modified: data/CVE/list data/dla-needed.txt Log: CVE-2017-16926/ohcount no-dsa on wheezy as well Modified: data/CVE/list === --- data/CVE/list 2017-12-23 16:47:26 UTC (rev 58873) +++ data/CVE/list 2017-12-23 17:40:21 UTC (rev 58874) @@ -9507,6 +9507,7 @@ - ohcount (bug #882372) [stretch] - ohcount (Minor issue) [jessie] - ohcount (Minor issue) + [wheezy] - ohcount (Minor issue) NOTE: https://github.com/blackducksoftware/ohcount/commit/6bed45d6fb7c080ae5c163c12b4eb8749a3492ac (v3.1.0) CVE-2017-16925 RESERVED Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-23 16:47:26 UTC (rev 58873) +++ data/dla-needed.txt 2017-12-23 17:40:21 UTC (rev 58874) @@ -51,8 +51,6 @@ NOTE: 20171120: wip, currently working on it with upstream, might take a while NOTE: Some issues currently in upstream's bug tracker are missing a CVE number, so number of issues might increase in the next weeks -- -ohcount --- rtpproxy NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58873 - data/CVE
Author: carnil
Date: 2017-12-23 16:47:26 + (Sat, 23 Dec 2017)
New Revision: 58873
Modified:
data/CVE/list
Log:
CVE-2017-1786{2,3,4} assigned
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-23 16:35:48 UTC (rev 58872)
+++ data/CVE/list 2017-12-23 16:47:26 UTC (rev 58873)
@@ -1,3 +1,18 @@
+CVE-2017-17864 [bpf/verifier: Fix states_equal() comparison of pointer and
UNKNOWN]
+ - linux
+ [jessie] - linux (Vulnerable code not present)
+ [wheezy] - linux (Vulnerable code not present)
+CVE-2017-17863 [bpf: reject out-of-bounds stack pointer calculation]
+ - linux
+ [jessie] - linux (Vulnerable code not present)
+ [wheezy] - linux (Vulnerable code not present)
+ NOTE: https://www.spinics.net/lists/stable/msg206985.html
+CVE-2017-17862 [bpf: fix branch pruning logic]
+ - linux
+ [jessie] - linux (Vulnerable code not present)
+ [wheezy] - linux (Vulnerable code not present)
+ NOTE: Fixed by:
https://git.kernel.org/linus/c131187db2d3fa2f8bf32fdf4e9a4ef805168467
+ NOTE: https://www.spinics.net/lists/stable/msg206984.html
CVE-2017-17861
RESERVED
CVE-2017-17860
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58872 - in data: . DLA
Author: pochu
Date: 2017-12-23 16:35:48 + (Sat, 23 Dec 2017)
New Revision: 58872
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1220-1 for gimp
Modified: data/DLA/list
===
--- data/DLA/list 2017-12-23 14:06:01 UTC (rev 58871)
+++ data/DLA/list 2017-12-23 16:35:48 UTC (rev 58872)
@@ -1,3 +1,6 @@
+[23 Dec 2017] DLA-1220-1 gimp - security update
+ {CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 CVE-2017-17787
CVE-2017-17788 CVE-2017-17789}
+ [wheezy] - gimp 2.8.2-2+deb7u3
[23 Dec 2017] DLA-1219-1 enigmail - security update
{CVE-2017-17843 CVE-2017-17844 CVE-2017-17845 CVE-2017-17846
CVE-2017-17847 CVE-2017-17848}
[wheezy] - enigmail 2:1.9.9-1~deb7u1
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-12-23 14:06:01 UTC (rev 58871)
+++ data/dla-needed.txt 2017-12-23 16:35:48 UTC (rev 58872)
@@ -19,8 +19,6 @@
couchdb
NOTE: Only in wheezy, we are on our own.
--
-gimp (Emilio Pozuelo)
---
graphicsmagick (Markus Koschany)
--
icu (Roberto C. Sánchez)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58871 - data/CVE
Author: carnil Date: 2017-12-23 14:06:01 + (Sat, 23 Dec 2017) New Revision: 58871 Modified: data/CVE/list Log: Add bug reference for CVE-2017-17850/asterisk, #885072 Modified: data/CVE/list === --- data/CVE/list 2017-12-23 13:58:40 UTC (rev 58870) +++ data/CVE/list 2017-12-23 14:06:01 UTC (rev 58871) @@ -9,7 +9,7 @@ CVE-2017-17851 RESERVED CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and ...) - - asterisk + - asterisk (bug #885072) NOTE: http://downloads.asterisk.org/pub/security/AST-2017-014.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27480 CVE-2017-17849 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58870 - data
Author: pochu Date: 2017-12-23 13:58:40 + (Sat, 23 Dec 2017) New Revision: 58870 Modified: data/dla-needed.txt Log: dla: drop python, unimportant issue Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-23 13:56:50 UTC (rev 58869) +++ data/dla-needed.txt 2017-12-23 13:58:40 UTC (rev 58870) @@ -55,15 +55,6 @@ -- ohcount -- -python2.6 (Emilio Pozuelo) - NOTE: webbrowser.py as binary is hard to exploit, but when using it as an import then it may be possible to trigger something. Should be fixed to be on the safe side even though it is not an urgent problem. --- -python2.7 (Emilio Pozuelo) - NOTE: webbrowser.py as binary is hard to exploit, but when using it as an import then it may be possible to trigger something. Should be fixed to be on the safe side even though it is not an urgent problem. --- -python3.2 (Emilio Pozuelo) - NOTE: webbrowser.py as binary is hard to exploit, but when using it as an import then it may be possible to trigger something. Should be fixed to be on the safe side even though it is not an urgent problem. --- rtpproxy NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58869 - data/CVE
Author: carnil Date: 2017-12-23 13:56:50 + (Sat, 23 Dec 2017) New Revision: 58869 Modified: data/CVE/list Log: Add CVE-2017-17850/asterisk Modified: data/CVE/list === --- data/CVE/list 2017-12-23 13:34:27 UTC (rev 58868) +++ data/CVE/list 2017-12-23 13:56:50 UTC (rev 58869) @@ -9,7 +9,9 @@ CVE-2017-17851 RESERVED CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and ...) - TODO: check + - asterisk + NOTE: http://downloads.asterisk.org/pub/security/AST-2017-014.html + NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27480 CVE-2017-17849 RESERVED CVE-2017-17857 (The check_stack_boundary function in kernel/bpf/verifier.c in the Linux ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58868 - data/CVE
Author: carnil Date: 2017-12-23 13:34:27 + (Sat, 23 Dec 2017) New Revision: 58868 Modified: data/CVE/list Log: Mark CVE-2017-17522 as unimportant Hardly an issue with security impact and as well disputed upstream as the code in question relies on further processing via subprocess.Popen and with the default shell=False. Modified: data/CVE/list === --- data/CVE/list 2017-12-23 13:31:03 UTC (rev 58867) +++ data/CVE/list 2017-12-23 13:34:27 UTC (rev 58868) @@ -5404,18 +5404,20 @@ [wheezy] - lilypond (Minor issue) NOTE: https://sourceforge.net/p/testlilyissues/issues/5243/ CVE-2017-17522 (** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not ...) - - jython + - jython (unimportant) [wheezy] - jython (Vulnerable code is not provided in the binary package) - - python2.6 - - python2.7 - - python3.2 - - python3.4 - - python3.5 - - python3.6 - - python3.7 + - python2.6 (unimportant) + - python2.7 (unimportant) + - python3.2 (unimportant) + - python3.4 (unimportant) + - python3.5 (unimportant) + - python3.6 (unimportant) + - python3.7 (unimportant) NOTE: Lib/webbrowser.py does not validate strings before launching the program NOTE: specified by the BROWSER environment variable. NOTE: https://bugs.python.org/issue32367 + NOTE: Hardly an issue with security impact, as the problematic code further relies + NOTE: on subprocess.Popen with the default shell=False. CVE-2017-17521 (uiutil.c in FontForge through 20170731 does not validate strings before ...) - fontforge (unimportant) NOTE: https://sources.debian.org/src/fontforge/1:20170731%7Edfsg-1/fontforgeexe/uiutil.c/#L285 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58867 - data/CVE
Author: carnil Date: 2017-12-23 13:31:03 + (Sat, 23 Dec 2017) New Revision: 58867 Modified: data/CVE/list Log: Update CVe-2017-17840, code not present in wheezy Modified: data/CVE/list === --- data/CVE/list 2017-12-23 13:07:55 UTC (rev 58866) +++ data/CVE/list 2017-12-23 13:31:03 UTC (rev 58867) @@ -56,7 +56,7 @@ - open-iscsi 2.0.874-5 (bug #885021) [stretch] - open-iscsi (Minor issue) [jessie] - open-iscsi (Minor issue, iscsiuio not built in this version, source affected) - [wheezy] - open-iscsi (Minor issue) + [wheezy] - open-iscsi (Vulnerable code not present) NOTE: http://www.openwall.com/lists/oss-security/2017/12/13/2 NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1072312 NOTE: Specfic CVE fixed by https://github.com/open-iscsi/open-iscsi/pull/72/commits/b9c33683bdc0aed28ffe31c3f3d50bf5cdf519ea ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58866 - data/CVE
Author: carnil Date: 2017-12-23 13:07:55 + (Sat, 23 Dec 2017) New Revision: 58866 Modified: data/CVE/list Log: Mark fixed version for CVE-2017-13099/wolfssl Modified: data/CVE/list === --- data/CVE/list 2017-12-23 13:06:20 UTC (rev 58865) +++ data/CVE/list 2017-12-23 13:07:55 UTC (rev 58866) @@ -20717,7 +20717,7 @@ CVE-2017-13100 RESERVED CVE-2017-13099 (wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle ...) - - wolfssl (bug #884235) + - wolfssl 3.13.0+dfsg-1 (bug #884235) NOTE: https://github.com/wolfSSL/wolfssl/pull/1229 NOTE: https://robotattack.org/ CVE-2017-13098 (BouncyCastle TLS prior to version 1.0.3, when configured to use the ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58865 - data
Author: carnil Date: 2017-12-23 13:06:20 + (Sat, 23 Dec 2017) New Revision: 58865 Modified: data/next-point-update.txt Log: Track fix for CVE-2017-17840 via stretch-pu Modified: data/next-point-update.txt === --- data/next-point-update.txt 2017-12-23 12:24:08 UTC (rev 58864) +++ data/next-point-update.txt 2017-12-23 13:06:20 UTC (rev 58865) @@ -19,3 +19,5 @@ [stretch] - glibc 2.24-11+deb9u2 CVE-2017-14623 [stretch] - golang-github-go-ldap-ldap 2.4.1-1+deb9u1 +CVE-2017-17840 + [stretch] - open-iscsi 2.0.874-3~deb9u2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58864 - data/CVE
Author: carnil Date: 2017-12-23 12:24:08 + (Sat, 23 Dec 2017) New Revision: 58864 Modified: data/CVE/list Log: Add fixing version for upx-ucl issues Modified: data/CVE/list === --- data/CVE/list 2017-12-23 12:09:08 UTC (rev 58863) +++ data/CVE/list 2017-12-23 12:24:08 UTC (rev 58864) @@ -9788,7 +9788,7 @@ CVE-2017-16870 (** DISPUTED ** The UpdraftPlus plugin through 1.13.12 for WordPress ...) NOT-FOR-US: UpdraftPlus plugin for WordPress CVE-2017-16869 (** DISPUTED ** p_mach.cpp in UPX 3.94 allows remote attackers to cause ...) - - upx-ucl (bug #882041; unimportant) + - upx-ucl 3.94-4 (bug #882041; unimportant) NOTE: https://github.com/upx/upx/issues/146 NOTE: crash in CLI tool, no security impact CVE-2017-16868 (In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not ...) @@ -15309,7 +15309,7 @@ CVE-2017-15057 RESERVED CVE-2017-15056 (p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote ...) - - upx-ucl (unimportant) + - upx-ucl 3.94-4 (unimportant) NOTE: https://github.com/upx/upx/issues/128 NOTE: https://github.com/upx/upx/commit/ef336dbcc6dc8344482f8cf6c909ae96c3286317 NOTE: crash in CLI tool, no security impact ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58863 - data/CVE
Author: carnil Date: 2017-12-23 12:09:08 + (Sat, 23 Dec 2017) New Revision: 58863 Modified: data/CVE/list Log: Update status for CVE-2017-17840 Modified: data/CVE/list === --- data/CVE/list 2017-12-23 11:31:33 UTC (rev 58862) +++ data/CVE/list 2017-12-23 12:09:08 UTC (rev 58863) @@ -53,15 +53,17 @@ CVE-2017-17841 RESERVED CVE-2017-17840 (An issue was discovered in Open-iSCSI through 2.0.875. A local attacker ...) - - open-iscsi (bug #885021) + - open-iscsi 2.0.874-5 (bug #885021) [stretch] - open-iscsi (Minor issue) - [jessie] - open-iscsi (Minor issue) + [jessie] - open-iscsi (Minor issue, iscsiuio not built in this version, source affected) [wheezy] - open-iscsi (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2017/12/13/2 NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1072312 NOTE: Specfic CVE fixed by https://github.com/open-iscsi/open-iscsi/pull/72/commits/b9c33683bdc0aed28ffe31c3f3d50bf5cdf519ea NOTE: But all of the commits in https://github.com/open-iscsi/open-iscsi/pull/72 NOTE: should be applied. + NOTE: Not marking the issue as unimportant, since vulnerable source is present, but + NOTE: not in all suites iscsiuio is built. CVE-2017-17839 RESERVED CVE-2017-17838 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58862 - in data: . DLA
Author: pochu
Date: 2017-12-23 11:31:33 + (Sat, 23 Dec 2017)
New Revision: 58862
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1219-1 for enigmail
Modified: data/DLA/list
===
--- data/DLA/list 2017-12-23 11:04:46 UTC (rev 58861)
+++ data/DLA/list 2017-12-23 11:31:33 UTC (rev 58862)
@@ -1,3 +1,6 @@
+[23 Dec 2017] DLA-1219-1 enigmail - security update
+ {CVE-2017-17843 CVE-2017-17844 CVE-2017-17845 CVE-2017-17846
CVE-2017-17847 CVE-2017-17848}
+ [wheezy] - enigmail 2:1.9.9-1~deb7u1
[23 Dec 2017] DLA-1218-1 rsync - security update
{CVE-2017-16548 CVE-2017-17433 CVE-2017-17434}
[wheezy] - rsync 3.0.9-4+deb7u1
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-12-23 11:04:46 UTC (rev 58861)
+++ data/dla-needed.txt 2017-12-23 11:31:33 UTC (rev 58862)
@@ -19,9 +19,6 @@
couchdb
NOTE: Only in wheezy, we are on our own.
--
-enigmail (Emilio Pozuelo)
- NOTE: we should backport 2:1.9.9-1 just like in jessie/stretch.
---
gimp (Emilio Pozuelo)
--
graphicsmagick (Markus Koschany)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58861 - data
Author: agx Date: 2017-12-23 11:04:46 + (Sat, 23 Dec 2017) New Revision: 58861 Modified: data/dla-needed.txt Log: lts: add thunderbird Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-23 09:10:23 UTC (rev 58860) +++ data/dla-needed.txt 2017-12-23 11:04:46 UTC (rev 58861) @@ -78,6 +78,8 @@ NOTE: 20171118: At least CVE-2017-16797 is present. (lamby) NOTE: 20171210: likely to be turned into a pkg with limited sec support -- +thunderbird (Guido Günther) +-- tiff -- tiff3 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58860 - data/CVE
Author: sectracker
Date: 2017-12-23 09:10:23 + (Sat, 23 Dec 2017)
New Revision: 58860
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-23 08:31:21 UTC (rev 58859)
+++ data/CVE/list 2017-12-23 09:10:23 UTC (rev 58860)
@@ -1,34 +1,48 @@
-CVE-2017-17857 [bpf: fix missing error return in check_stack_boundary()]
+CVE-2017-17861
+ RESERVED
+CVE-2017-17860
+ RESERVED
+CVE-2017-17859
+ RESERVED
+CVE-2017-17858
+ RESERVED
+CVE-2017-17851
+ RESERVED
+CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4
and ...)
+ TODO: check
+CVE-2017-17849
+ RESERVED
+CVE-2017-17857 (The check_stack_boundary function in kernel/bpf/verifier.c in
the Linux ...)
- linux 4.14.7-1
[stretch] - linux (Vulnerable code introdued later)
[jessie] - linux (Vulnerable code introdued later)
[wheezy] - linux (Vulnerable code introdued later)
NOTE: Fixed by:
https://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469
-CVE-2017-17856 [bpf: force strict alignment checks for stack pointers]
+CVE-2017-17856 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8
allows local ...)
- linux 4.14.7-1
[stretch] - linux (Vulnerable code introdued later)
[jessie] - linux (Vulnerable code introdued later)
[wheezy] - linux (Vulnerable code introdued later)
NOTE: Fixed by:
https://git.kernel.org/linus/a5ec6ae161d72f01411169a938fa5f8baea16e8f
-CVE-2017-17855 [bpf: don't prune branches when a scalar is replaced with a
pointer]
+CVE-2017-17855 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8
allows local ...)
- linux 4.14.7-1
[stretch] - linux (Vulnerable code introdued later)
[jessie] - linux (Vulnerable code introdued later)
[wheezy] - linux (Vulnerable code introdued later)
NOTE: Fixed by:
https://git.kernel.org/linus/179d1c5602997fef5a940c6ddcf31212cbfebd14
-CVE-2017-17854 [bpf: fix integer overflows]
+CVE-2017-17854 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8
allows local ...)
- linux 4.14.7-1
[stretch] - linux (Vulnerable code introdued later)
[jessie] - linux (Vulnerable code introdued later)
[wheezy] - linux (Vulnerable code introdued later)
NOTE: Fixed by:
https://git.kernel.org/linus/bb7f0f989ca7de1153bd128a40a71709e339fa03
-CVE-2017-17853 [bpf/verifier: fix bounds calculation on BPF_RSH]
+CVE-2017-17853 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8
allows local ...)
- linux 4.14.7-1
[stretch] - linux (Vulnerable code introdued later)
[jessie] - linux (Vulnerable code introdued later)
[wheezy] - linux (Vulnerable code introdued later)
NOTE: Fixed by:
https://git.kernel.org/linus/4374f256ce8182019353c0c639bb8d0695b4c941
-CVE-2017-17852 [bpf: fix 32-bit ALU op verification]
+CVE-2017-17852 (kernel/bpf/verifier.c in the Linux kernel through 4.14.8
allows local ...)
- linux 4.14.7-1
[stretch] - linux (Vulnerable code introdued later)
[jessie] - linux (Vulnerable code introdued later)
@@ -64,22 +78,28 @@
RESERVED
CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a
...)
TODO: check
-CVE-2017-17843
+CVE-2017-17843 (An issue was discovered in Enigmail before 1.9.9 that allows
remote ...)
+ {DSA-4070-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17844
+CVE-2017-17844 (An issue was discovered in Enigmail before 1.9.9. A remote
attacker can ...)
+ {DSA-4070-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17845
+CVE-2017-17845 (An issue was discovered in Enigmail before 1.9.9. Improper
Random ...)
+ {DSA-4070-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17846
+CVE-2017-17846 (An issue was discovered in Enigmail before 1.9.9. Regular
expressions ...)
+ {DSA-4070-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17847
+CVE-2017-17847 (An issue was discovered in Enigmail before 1.9.9. Signature
spoofing is ...)
+ {DSA-4070-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
-CVE-2017-17848
+CVE-2017-17848 (An issue was discovered in Enigmail before 1.9.9. In a variant
of ...)
+ {DSA-4070-1}
- enigmail 2:1.9.9-1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest
[Secure-testing-commits] r58859 - data/CVE
Author: hertzog Date: 2017-12-23 08:31:21 + (Sat, 23 Dec 2017) New Revision: 58859 Modified: data/CVE/list Log: Ignore open-iscsi CVE on wheezy too Modified: data/CVE/list === --- data/CVE/list 2017-12-23 08:10:29 UTC (rev 58858) +++ data/CVE/list 2017-12-23 08:31:21 UTC (rev 58859) @@ -42,6 +42,7 @@ - open-iscsi (bug #885021) [stretch] - open-iscsi (Minor issue) [jessie] - open-iscsi (Minor issue) + [wheezy] - open-iscsi (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2017/12/13/2 NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1072312 NOTE: Specfic CVE fixed by https://github.com/open-iscsi/open-iscsi/pull/72/commits/b9c33683bdc0aed28ffe31c3f3d50bf5cdf519ea ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58858 - in data: CVE DSA
Author: carnil
Date: 2017-12-23 08:10:29 + (Sat, 23 Dec 2017)
New Revision: 58858
Modified:
data/CVE/list
data/DSA/list
Log:
Track assigned enigmail CVEs
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-23 07:33:21 UTC (rev 58857)
+++ data/CVE/list 2017-12-23 08:10:29 UTC (rev 58858)
@@ -63,11 +63,24 @@
RESERVED
CVE-2017-17832 (ServersCheck Monitoring Software before 14.2.3 is prone to a
...)
TODO: check
-CVE-2017- [Multiple Enigmail issues]
+CVE-2017-17843
- enigmail 2:1.9.9-1
- [stretch] - enigmail 2:1.9.9-1~deb9u1
- [jessie] - enigmail 2:1.9.9-1~deb8u1
NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17844
+ - enigmail 2:1.9.9-1
+ NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17845
+ - enigmail 2:1.9.9-1
+ NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17846
+ - enigmail 2:1.9.9-1
+ NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17847
+ - enigmail 2:1.9.9-1
+ NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
+CVE-2017-17848
+ - enigmail 2:1.9.9-1
+ NOTE:
https://enigmail.net/download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf
CVE-2017-17831 (GitHub Git LFS before 2.1.1 allows remote attackers to execute
...)
- git-lfs (Fixed before initial upload to Debian)
NOTE: https://github.com/git-lfs/git-lfs/pull/2242
Modified: data/DSA/list
===
--- data/DSA/list 2017-12-23 07:33:21 UTC (rev 58857)
+++ data/DSA/list 2017-12-23 08:10:29 UTC (rev 58858)
@@ -6,6 +6,7 @@
[jessie] - sensible-utils 0.0.9+deb8u1
[stretch] - sensible-utils 0.0.9+deb9u1
[21 Dec 2017] DSA-4070-1 enigmail - security update
+ {CVE-2017-17843 CVE-2017-17844 CVE-2017-17845 CVE-2017-17846
CVE-2017-17847 CVE-2017-17848}
[jessie] - enigmail 2:1.9.9-1~deb8u1
[stretch] - enigmail 2:1.9.9-1~deb9u1
[20 Dec 2017] DSA-4069-1 otrs2 - security update
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
