[Secure-testing-commits] r59011 - static
Author: carnil Date: 2017-12-29 07:38:05 + (Fri, 29 Dec 2017) New Revision: 59011 Modified: static/distributions.json Log: Add contact point for the supported distributions, cf. #878088 Add an additional field referring to the desired contact address. In case of no support, the field is not present. Modified: static/distributions.json === --- static/distributions.json 2017-12-29 07:20:18 UTC (rev 59010) +++ static/distributions.json 2017-12-29 07:38:05 UTC (rev 59011) @@ -1,15 +1,18 @@ { "wheezy": { "major-version": "7", -"support": "lts" +"support": "lts", +"contact": "debian-...@lists.debian.org" }, "jessie": { "major-version": "8", -"support": "security" +"support": "security", +"contact": "t...@security.debian.org" }, "stretch": { "major-version": "9", -"support": "security" +"support": "security", +"contact": "t...@security.debian.org" }, "buster": { "major-version": "10", ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59010 - data/CVE
Author: carnil Date: 2017-12-29 07:20:18 + (Fri, 29 Dec 2017) New Revision: 59010 Modified: data/CVE/list Log: Asked MITRE (and confirmed) for rejection of CVE-2017-17496 CVE is invalid, since the respective functions having the problems are just in dead code and unused. There is no vulnerability. The CVE is withdrawn by MITRE itself. Modified: data/CVE/list === --- data/CVE/list 2017-12-29 06:46:46 UTC (rev 59009) +++ data/CVE/list 2017-12-29 07:20:18 UTC (rev 59010) @@ -6105,8 +6105,8 @@ - tidy-html5 (Vulnerable code introduced after 5.6.0) - tidy (Vulnerable code not present) NOTE: https://github.com/htacg/tidy-html5/issues/656 -CVE-2017-17496 (The socket_create function in socket.c in idevicerestore through ...) - TODO: check +CVE-2017-17496 + REJECTED CVE-2017-17495 RESERVED CVE-2017-17494 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59009 - bin
Author: carnil Date: 2017-12-29 06:46:46 + (Fri, 29 Dec 2017) New Revision: 59009 Modified: bin/update Log: bin/update: Run commands from BASEDIR where update script was called Reasoning: The script is used for the automatic updates of the CVE list. This allows to call the script in the sectracker controlled path but working on the CVE list in a workdirectory. Modified: bin/update === --- bin/update 2017-12-28 22:12:38 UTC (rev 59008) +++ bin/update 2017-12-29 06:46:46 UTC (rev 59009) @@ -1,6 +1,9 @@ #!/bin/sh set -e +SCRIPT=$(readlink -f "$0") +BASEDIR=$(dirname "$SCRIPT") + if [ ! -d CVE ]; then echo "run in data subdirectory" >&2 exit 1 @@ -15,5 +18,5 @@ # capath=/etc/ssl/ca-global curl -s -o allitems.html.gz https://cve.mitre.org/data/downloads/allitems.html.gz gunzip allitems.html.gz -../../bin/updatelist allitems.html ../DSA/list ../DTSA/list ../DLA/list list > list.new +$BASEDIR/updatelist allitems.html ../DSA/list ../DTSA/list ../DLA/list list > list.new mv -f list.new list ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59008 - data
Author: jmm Date: 2017-12-28 22:12:38 + (Thu, 28 Dec 2017) New Revision: 59008 Modified: data/next-oldstable-point-update.txt data/next-point-update.txt Log: libextractor spu/ospu Modified: data/next-oldstable-point-update.txt === --- data/next-oldstable-point-update.txt2017-12-28 21:29:03 UTC (rev 59007) +++ data/next-oldstable-point-update.txt2017-12-28 22:12:38 UTC (rev 59008) @@ -47,3 +47,17 @@ [jessie] - soundtouch 1.8.0-1+deb8u1 CVE-2017-16879 [jessie] - ncurses 5.9+20140913-1+deb8u3 +CVE-2017-17440 + [jessie] - libextractor 1:1.3-2+deb8u1 +CVE-2017-15266 + [jessie] - libextractor 1:1.3-2+deb8u1 +CVE-2017-15267 + [jessie] - libextractor 1:1.3-2+deb8u1 +CVE-2017-15600 + [jessie] - libextractor 1:1.3-2+deb8u1 +CVE-2017-15601 + [jessie] - libextractor 1:1.3-2+deb8u1 +CVE-2017-15602 + [jessie] - libextractor 1:1.3-2+deb8u1 +CVE-2017-15922 + [jessie] - libextractor 1:1.3-2+deb8u1 Modified: data/next-point-update.txt === --- data/next-point-update.txt 2017-12-28 21:29:03 UTC (rev 59007) +++ data/next-point-update.txt 2017-12-28 22:12:38 UTC (rev 59008) @@ -37,3 +37,17 @@ [stretch] - soundtouch 1.9.2-2+deb9u1 CVE-2017-16879 [stretch] - ncurses 6.0+20161126-1+deb9u2 +CVE-2017-17440 + [stretch] - libextractor 1:1.3-4+deb9u1 +CVE-2017-15266 + [stretch] - libextractor 1:1.3-4+deb9u1 +CVE-2017-15267 + [stretch] - libextractor 1:1.3-4+deb9u1 +CVE-2017-15600 + [stretch] - libextractor 1:1.3-4+deb9u1 +CVE-2017-15601 + [stretch] - libextractor 1:1.3-4+deb9u1 +CVE-2017-15602 + [stretch] - libextractor 1:1.3-4+deb9u1 +CVE-2017-15922 + [stretch] - libextractor 1:1.3-4+deb9u1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59007 - data/CVE
Author: carnil Date: 2017-12-28 21:29:03 + (Thu, 28 Dec 2017) New Revision: 59007 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-12-28 21:10:14 UTC (rev 59006) +++ data/CVE/list 2017-12-28 21:29:03 UTC (rev 59007) @@ -215,31 +215,31 @@ CVE-2017-17961 RESERVED CVE-2017-17960 (PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17959 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17958 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17957 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17956 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17955 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17954 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17953 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17952 (PHP Scripts Mall PHP Multivendor Ecommerce has a predicable ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17951 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall PHP Multivendor Ecommerce CVE-2017-17950 (Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid ...) - TODO: check + NOT-FOR-US: Cells Blog CVE-2017-17949 (Cells Blog 3.5 has XSS via the pub_readpost.php fmid parameter. ...) - TODO: check + NOT-FOR-US: Cells Blog CVE-2017-17948 (Cells Blog 3.5 has XSS via the jfdname parameter in an act=showpic ...) - TODO: check + NOT-FOR-US: Cells Blog CVE-2017-17947 RESERVED CVE-2017-1000411 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59006 - data/CVE
Author: sectracker Date: 2017-12-28 21:10:14 + (Thu, 28 Dec 2017) New Revision: 59006 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-12-28 20:44:59 UTC (rev 59005) +++ data/CVE/list 2017-12-28 21:10:14 UTC (rev 59006) @@ -1,3 +1,249 @@ +CVE-2018-3709 + RESERVED +CVE-2018-3708 + RESERVED +CVE-2018-3707 + RESERVED +CVE-2018-3706 + RESERVED +CVE-2018-3705 + RESERVED +CVE-2018-3704 + RESERVED +CVE-2018-3703 + RESERVED +CVE-2018-3702 + RESERVED +CVE-2018-3701 + RESERVED +CVE-2018-3700 + RESERVED +CVE-2018-3699 + RESERVED +CVE-2018-3698 + RESERVED +CVE-2018-3697 + RESERVED +CVE-2018-3696 + RESERVED +CVE-2018-3695 + RESERVED +CVE-2018-3694 + RESERVED +CVE-2018-3693 + RESERVED +CVE-2018-3692 + RESERVED +CVE-2018-3691 + RESERVED +CVE-2018-3690 + RESERVED +CVE-2018-3689 + RESERVED +CVE-2018-3688 + RESERVED +CVE-2018-3687 + RESERVED +CVE-2018-3686 + RESERVED +CVE-2018-3685 + RESERVED +CVE-2018-3684 + RESERVED +CVE-2018-3683 + RESERVED +CVE-2018-3682 + RESERVED +CVE-2018-3681 + RESERVED +CVE-2018-3680 + RESERVED +CVE-2018-3679 + RESERVED +CVE-2018-3678 + RESERVED +CVE-2018-3677 + RESERVED +CVE-2018-3676 + RESERVED +CVE-2018-3675 + RESERVED +CVE-2018-3674 + RESERVED +CVE-2018-3673 + RESERVED +CVE-2018-3672 + RESERVED +CVE-2018-3671 + RESERVED +CVE-2018-3670 + RESERVED +CVE-2018-3669 + RESERVED +CVE-2018-3668 + RESERVED +CVE-2018-3667 + RESERVED +CVE-2018-3666 + RESERVED +CVE-2018-3665 + RESERVED +CVE-2018-3664 + RESERVED +CVE-2018-3663 + RESERVED +CVE-2018-3662 + RESERVED +CVE-2018-3661 + RESERVED +CVE-2018-3660 + RESERVED +CVE-2018-3659 + RESERVED +CVE-2018-3658 + RESERVED +CVE-2018-3657 + RESERVED +CVE-2018-3656 + RESERVED +CVE-2018-3655 + RESERVED +CVE-2018-3654 + RESERVED +CVE-2018-3653 + RESERVED +CVE-2018-3652 + RESERVED +CVE-2018-3651 + RESERVED +CVE-2018-3650 + RESERVED +CVE-2018-3649 + RESERVED +CVE-2018-3648 + RESERVED +CVE-2018-3647 + RESERVED +CVE-2018-3646 + RESERVED +CVE-2018-3645 + RESERVED +CVE-2018-3644 + RESERVED +CVE-2018-3643 + RESERVED +CVE-2018-3642 + RESERVED +CVE-2018-3641 + RESERVED +CVE-2018-3640 + RESERVED +CVE-2018-3639 + RESERVED +CVE-2018-3638 + RESERVED +CVE-2018-3637 + RESERVED +CVE-2018-3636 + RESERVED +CVE-2018-3635 + RESERVED +CVE-2018-3634 + RESERVED +CVE-2018-3633 + RESERVED +CVE-2018-3632 + RESERVED +CVE-2018-3631 + RESERVED +CVE-2018-3630 + RESERVED +CVE-2018-3629 + RESERVED +CVE-2018-3628 + RESERVED +CVE-2018-3627 + RESERVED +CVE-2018-3626 + RESERVED +CVE-2018-3625 + RESERVED +CVE-2018-3624 + RESERVED +CVE-2018-3623 + RESERVED +CVE-2018-3622 + RESERVED +CVE-2018-3621 + RESERVED +CVE-2018-3620 + RESERVED +CVE-2018-3619 + RESERVED +CVE-2018-3618 + RESERVED +CVE-2018-3617 + RESERVED +CVE-2018-3616 + RESERVED +CVE-2018-3615 + RESERVED +CVE-2018-3614 + RESERVED +CVE-2018-3613 + RESERVED +CVE-2018-3612 + RESERVED +CVE-2018-3611 + RESERVED +CVE-2018-3610 + RESERVED +CVE-2017-17968 + RESERVED +CVE-2017-17967 (pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote ...) + TODO: check +CVE-2017-17966 + RESERVED +CVE-2017-17965 + RESERVED +CVE-2017-17964 + RESERVED +CVE-2017-17963 + RESERVED +CVE-2017-17962 + RESERVED +CVE-2017-17961 + RESERVED +CVE-2017-17960 (PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via ...) + TODO: check +CVE-2017-17959 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...) + TODO: check +CVE-2017-17958 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...) + TODO: check +CVE-2017-17957 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...) + TODO: check +CVE-2017-17956 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...) + TODO: check +CVE-2017-17955 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...) + TODO: check +CVE-2017-17954 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the ...) + TODO: check +CVE-2017-17953 (PHP Scripts Mall PHP Multivendor Ecommerce has XSS via the category.php ...) + TODO: check +CVE-2017-17952 (PHP Scripts Mall PHP Multivendor Ecommerce has a predicable ...) + TODO: check +CVE-2017-17951 (PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the ...) + TODO: check +CVE-2017-17950 (Cells Blog 3.5
[Secure-testing-commits] r59005 - data/CVE
Author: carnil Date: 2017-12-28 20:44:59 + (Thu, 28 Dec 2017) New Revision: 59005 Modified: data/CVE/list Log: Add CVE-2017-17932, NFU Modified: data/CVE/list === --- data/CVE/list 2017-12-28 20:19:58 UTC (rev 59004) +++ data/CVE/list 2017-12-28 20:44:59 UTC (rev 59005) @@ -57,7 +57,7 @@ CVE-2017-17933 RESERVED CVE-2017-17932 (A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ...) - TODO: check + NOT-FOR-US: ALLPlayer CVE-2017-17931 (PHP Scripts Mall Resume Clone Script has SQL Injection via the ...) NOT-FOR-US: PHP Scripts Mall Resume Clone Script CVE-2017-17930 (PHP Scripts Mall Professional Service Script has CSRF via ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59004 - data/CVE
Author: carnil Date: 2017-12-28 20:19:58 + (Thu, 28 Dec 2017) New Revision: 59004 Modified: data/CVE/list Log: Add fixing version for two libextractor issues for upload to unstable Modified: data/CVE/list === --- data/CVE/list 2017-12-28 20:10:17 UTC (rev 59003) +++ data/CVE/list 2017-12-28 20:19:58 UTC (rev 59004) @@ -6336,7 +6336,7 @@ NOTE: Patch: https://bitbucket.org/mpyne/game-music-emu/commits/205290614cdc057541b26adeea05a9d45993f860 NOTE: Additional hardening: https://bitbucket.org/mpyne/game-music-emu/commits/4a441e94cba14268bc4e983d4dfd6ed112084d00 CVE-2017-17440 (GNU Libextractor 1.6 allows remote attackers to cause a denial of ...) - - libextractor (bug #883528) + - libextractor 1:1.6-2 (bug #883528) [stretch] - libextractor (Minor issue) [jessie] - libextractor (Minor issue) [wheezy] - libextractor (Minor issue) @@ -13206,7 +13206,7 @@ NOTE: https://cgit.kde.org/konversation.git/commit/?h=1.7=6a7f59ee1b9dbc6e5cf9e5f3b306504d02b73ef0 CVE-2017-15922 (In GNU Libextractor 1.4, there is an out-of-bounds read in the ...) {DLA-1198-1} - - libextractor (low; bug #880016) + - libextractor 1:1.6-2 (low; bug #880016) [stretch] - libextractor (Minor issue) [jessie] - libextractor (Minor issue) NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg8.html ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59003 - tools/git-migration
Author: agx Date: 2017-12-28 20:10:17 + (Thu, 28 Dec 2017) New Revision: 59003 Added: tools/git-migration/add-security-tracker-bin-submodule tools/git-migration/filter-sec-tracker-data Log: Add scripts to split security-tracker into data and "binaries" Added: tools/git-migration/add-security-tracker-bin-submodule === --- tools/git-migration/add-security-tracker-bin-submodule (rev 0) +++ tools/git-migration/add-security-tracker-bin-submodule 2017-12-28 20:10:17 UTC (rev 59003) @@ -0,0 +1,25 @@ +#!/bin/sh +# +# Wire up the security-tracker-bin submodule in security-tracker (the data) +# +# For the moment we create compat symlinks so everything stays in place. +# In the long run we should be able to get rid of most of them. +# +# This will be run only once when migrating from svn to git + +set -e + +SUBMODULE=security-tracker-bin + +# From salsa +#git submodule add ../${SUBMODULE} +# Local copy for testing +git submodule add file://$PWD/../$SUBMODULE + +git submodule update +for d in bin check-external lib static templates tools website; do +rm -f $d +ln -s $SUBMODULE/$d $d +done + +make check-syntax Property changes on: tools/git-migration/add-security-tracker-bin-submodule ___ Added: svn:executable + * Added: tools/git-migration/filter-sec-tracker-data === --- tools/git-migration/filter-sec-tracker-data (rev 0) +++ tools/git-migration/filter-sec-tracker-data 2017-12-28 20:10:17 UTC (rev 59003) @@ -0,0 +1,26 @@ +#!/bin/bash +# +# Separate security tracker data form the "binaries" +# +# With no option the data repo will be built, with +# "--binary" the binary repo will be built +# +# This will be run only once when migrating from svn to git + +FILTER='^(conf|data|doc|org|packages|stamps)/|^TODO.gitmigration|^Makefile|^.gitignore' +BRANCH=master + +OUT=v +if [ "$1" == "--binary" ]; then +OUT= +fi + +git filter-branch \ +--prune-empty \ +--index-filter " +git ls-tree -z -r --name-only --full-tree \$GIT_COMMIT \ +| grep -zZE'${OUT}' '"${FILTER}"' \ +| xargs -0 -r git rm --cached -r +" \ +-- \ +"${BRANCH}" Property changes on: tools/git-migration/filter-sec-tracker-data ___ Added: svn:executable + * ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59002 - doc
Author: carnil Date: 2017-12-28 20:07:51 + (Thu, 28 Dec 2017) New Revision: 59002 Modified: doc/soriano.txt Log: sectracker user is as well subscribed to debian-lts-annou...@lists.debian.org Modified: doc/soriano.txt === --- doc/soriano.txt 2017-12-28 17:24:00 UTC (rev 59001) +++ doc/soriano.txt 2017-12-28 20:07:51 UTC (rev 59002) @@ -27,6 +27,7 @@ be notified of changes:+ The crontab of the "sectracker" user is set up such that the scripts ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59001 - in data: . DLA
Author: roberto Date: 2017-12-28 17:24:00 + (Thu, 28 Dec 2017) New Revision: 59001 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-1224-1 for mercurial Modified: data/DLA/list === --- data/DLA/list 2017-12-28 12:52:37 UTC (rev 59000) +++ data/DLA/list 2017-12-28 17:24:00 UTC (rev 59001) @@ -1,3 +1,6 @@ +[28 Dec 2017] DLA-1224-1 mercurial - security update + {CVE-2017-17458} + [wheezy] - mercurial 2.2.2-4+deb7u6 [24 Dec 2017] DLA-1223-1 thunderbird - security update {CVE-2017-7829 CVE-2017-7846 CVE-2017-7847 CVE-2017-7848} [wheezy] - thunderbird 1:52.5.2-1~deb7u1 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-28 12:52:37 UTC (rev 59000) +++ data/dla-needed.txt 2017-12-28 17:24:00 UTC (rev 59001) @@ -44,8 +44,6 @@ -- linux -- -mercurial (Roberto C. Sánchez) --- ming (Hugo Lefeuvre) NOTE: 20171120: wip, currently working on it with upstream, might take a while NOTE: Some issues currently in upstream's bug tracker are missing a CVE number, so number of issues might increase in the next weeks ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r59000 - /
Author: carnil Date: 2017-12-28 12:52:37 + (Thu, 28 Dec 2017) New Revision: 59000 Modified: TODO.gitmigration Log: Add some notes on implemented work from the TODO list Modified: TODO.gitmigration === --- TODO.gitmigration 2017-12-28 11:37:15 UTC (rev 58999) +++ TODO.gitmigration 2017-12-28 12:52:37 UTC (rev 59000) @@ -56,10 +56,16 @@ [20:19] < formorer> hope that helps [20:27] < formorer> carnil: https://wiki.debian.org/Salsa/Doc#Custom_Hooks + => agx/Guido implemented a solution installing a pre-commit hook via + bin/setup-repo. + although that is not an enforcement it is good enough until CI/runners are + available + security-team.debian.org website - move this file to git - ping federico3 to update the codebase for security-metrics.d.n (uses git-svn) + => This seems not to be updated anymore sectracker role account: - Creation request: https://salsa.debian.org/salsa/support/issues/6 @@ -73,6 +79,7 @@ bin/tracker_data.py: - needs a rewrite, contact buxy (Raphaël Hertzog) + => agx/Guido fixed this to work with the git repository old repository: - Add a pre-receive hook to prevent accidental pushes to the old alioth ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58999 - data
Author: jmm Date: 2017-12-28 11:37:15 + (Thu, 28 Dec 2017) New Revision: 58999 Modified: data/next-oldstable-point-update.txt data/next-point-update.txt Log: ncurses spu/opsu Modified: data/next-oldstable-point-update.txt === --- data/next-oldstable-point-update.txt2017-12-28 11:04:04 UTC (rev 58998) +++ data/next-oldstable-point-update.txt2017-12-28 11:37:15 UTC (rev 58999) @@ -45,3 +45,5 @@ [jessie] - soundtouch 1.8.0-1+deb8u1 CVE-2017-9260 [jessie] - soundtouch 1.8.0-1+deb8u1 +CVE-2017-16879 + [jessie] - ncurses 5.9+20140913-1+deb8u3 Modified: data/next-point-update.txt === --- data/next-point-update.txt 2017-12-28 11:04:04 UTC (rev 58998) +++ data/next-point-update.txt 2017-12-28 11:37:15 UTC (rev 58999) @@ -35,3 +35,5 @@ [stretch] - soundtouch 1.9.2-2+deb9u1 CVE-2017-9260 [stretch] - soundtouch 1.9.2-2+deb9u1 +CVE-2017-16879 + [stretch] - ncurses 6.0+20161126-1+deb9u2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58998 - data/CVE
Author: pochu Date: 2017-12-28 11:04:04 + (Thu, 28 Dec 2017) New Revision: 58998 Modified: data/CVE/list Log: CVE-2017-17664/asterisk n/a on wheezy Modified: data/CVE/list === --- data/CVE/list 2017-12-28 10:58:08 UTC (rev 58997) +++ data/CVE/list 2017-12-28 11:04:04 UTC (rev 58998) @@ -5340,6 +5340,7 @@ CVE-2017-17664 (A Remote Crash issue was discovered in Asterisk Open Source 13.x before ...) - asterisk (bug #884345) [jessie] - asterisk (Vulnerable code introduced later) + [wheezy] - asterisk (Vulnerable code introduced later) NOTE: http://downloads.digium.com/pub/security/AST-2017-012.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27382 NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27429 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58997 - org
Author: agx Date: 2017-12-28 10:58:08 + (Thu, 28 Dec 2017) New Revision: 58997 Modified: org/lts-frontdesk.2018.txt Log: lts: agx frontdesk Modified: org/lts-frontdesk.2018.txt === --- org/lts-frontdesk.2018.txt 2017-12-28 10:51:06 UTC (rev 58996) +++ org/lts-frontdesk.2018.txt 2017-12-28 10:58:08 UTC (rev 58997) @@ -13,11 +13,11 @@ From 01-01 to 07-01:Chris LambFrom 08-01 to 14-01: -From 15-01 to 21-01: +From 15-01 to 21-01:Guido Günther From 22-01 to 28-01:Thorsten Alteholz From 29-01 to 04-02: From 05-02 to 11-02: -From 12-02 to 18-02: +From 12-02 to 18-02:Guido Günther From 19-02 to 25-02:Chris Lamb From 26-02 to 04-03: From 05-03 to 11-03:Chris Lamb @@ -28,7 +28,7 @@ From 09-04 to 15-04: From 16-04 to 22-04: From 23-04 to 29-04:Thorsten Alteholz -From 30-04 to 06-05: +From 30-04 to 06-05:Guido Günther From 07-05 to 13-05: From 14-05 to 20-05:Chris Lamb From 21-05 to 27-05: @@ -37,7 +37,7 @@ From 11-06 to 17-06:Thorsten Alteholz From 18-06 to 24-06: From 25-06 to 01-07: -From 02-07 to 08-07: +From 02-07 to 08-07:Guido Günther From 09-07 to 15-07: From 16-07 to 22-07: From 23-07 to 29-07:Chris Lamb @@ -49,18 +49,18 @@ From 03-09 to 09-09:Chris Lamb From 10-09 to 16-09:Thorsten Alteholz From 17-09 to 23-09: -From 24-09 to 30-09: +From 24-09 to 30-09:Guido Günther From 01-10 to 07-10:Chris Lamb From 08-10 to 14-10: From 15-10 to 21-10: From 22-10 to 28-10:Thorsten Alteholz From 29-10 to 04-11: From 05-11 to 11-11:Chris Lamb -From 12-11 to 18-11: +From 12-11 to 18-11:Guido Günther From 19-11 to 25-11: From 26-11 to 02-12:Thorsten Alteholz From 03-12 to 09-12:Chris Lamb -From 10-12 to 16-12: +From 10-12 to 16-12:Guido Günther From 17-12 to 23-12: From 24-12 to 30-12: From 31-12 to 06-01: ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58996 - in data: . CVE
Author: pochu Date: 2017-12-28 10:51:06 + (Thu, 28 Dec 2017) New Revision: 58996 Modified: data/CVE/list data/dla-needed.txt Log: tor unsupported in wheezy Modified: data/CVE/list === --- data/CVE/list 2017-12-28 10:20:52 UTC (rev 58995) +++ data/CVE/list 2017-12-28 10:51:06 UTC (rev 58996) @@ -34282,26 +34282,31 @@ CVE-2017-8823 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...) {DSA-4054-1} - tor 0.3.1.9-1 + [wheezy] - tor (Not supported in wheezy LTS) NOTE: https://bugs.torproject.org/24313 NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 CVE-2017-8822 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...) {DSA-4054-1} - tor 0.3.1.9-1 + [wheezy] - tor (Not supported in wheezy LTS) NOTE: https://bugs.torproject.org/21534 NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 CVE-2017-8821 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...) {DSA-4054-1} - tor 0.3.1.9-1 + [wheezy] - tor (Not supported in wheezy LTS) NOTE: https://bugs.torproject.org/24246 NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 CVE-2017-8820 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...) {DSA-4054-1} - tor 0.3.1.9-1 + [wheezy] - tor (Not supported in wheezy LTS) NOTE: https://bugs.torproject.org/24245 NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 CVE-2017-8819 (In Tor before 0.2.5.16, 0.2.6 through 0.2.8 before 0.2.8.17, 0.2.9 ...) {DSA-4054-1} - tor 0.3.1.9-1 + [wheezy] - tor (Not supported in wheezy LTS) NOTE: https://bugs.torproject.org/24244 NOTE: https://blog.torproject.org/new-stable-tor-releases-security-fixes-0319-03013-02914-02817-02516 CVE-2017-8818 (curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to ...) Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-28 10:20:52 UTC (rev 58995) +++ data/dla-needed.txt 2017-12-28 10:51:06 UTC (rev 58996) @@ -61,8 +61,6 @@ -- tiff3 -- -tor --- wireshark (Thorsten Alteholz) NOTE: 2017-08-28: Contacted maintainer since most issues affect Jessie/Stretch as well NOTE: 2017-12-12: The maintainer asked us to handle the package ourselves. See ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58995 - data
Author: pochu Date: 2017-12-28 10:20:52 + (Thu, 28 Dec 2017) New Revision: 58995 Modified: data/dla-needed.txt Log: dla: remove rtpproxy, issue marked as unimportant Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-28 10:20:11 UTC (rev 58994) +++ data/dla-needed.txt 2017-12-28 10:20:52 UTC (rev 58995) @@ -53,9 +53,6 @@ mupdf NOTE: 20171224: Upstream patch does not apply to LTS cleanly. Might need hanges to apps/pdfclean.c rather than pdf-write.c (lamby) -- -rtpproxy - NOTE: it's not clear to me if a fix is even possible. (Raphaël Hertzog) --- swftools (Guido Günther) NOTE: 20171118: At least CVE-2017-16797 is present. (lamby) NOTE: 20171210: likely to be turned into a pkg with limited sec support ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58994 - in data: . CVE
Author: pochu Date: 2017-12-28 10:20:11 + (Thu, 28 Dec 2017) New Revision: 58994 Modified: data/CVE/list data/dla-needed.txt Log: nasm no-dsa on wheezy as well Modified: data/CVE/list === --- data/CVE/list 2017-12-28 10:19:28 UTC (rev 58993) +++ data/CVE/list 2017-12-28 10:20:11 UTC (rev 58994) @@ -405,59 +405,70 @@ - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392433 CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435 NOTE: http://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af (nasm-2.13.02rc3) CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392428 CVE-2017-17817 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392427 CVE-2017-17816 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392426 CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: http://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3 (nasm-2.13.02rc3) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436 CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392430 CVE-2017-17813 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392429 CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: http://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9 (nasm-2.13.02rc3) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424 CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392432 CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0, there is a SEGV on unknown ...) - nasm 2.13.02-0.1 [stretch] - nasm (Minor issue) [jessie] - nasm (Minor issue) + [wheezy] - nasm (Minor issue) NOTE: http://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4 (nasm-2.13.02rc3) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431 CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice ...) Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-12-28 10:19:28 UTC (rev 58993) +++ data/dla-needed.txt 2017-12-28 10:20:11 UTC (rev 58994) @@ -53,8 +53,6 @@ mupdf NOTE: 20171224: Upstream patch does not apply to LTS cleanly. Might need hanges to apps/pdfclean.c rather than pdf-write.c (lamby) -- -nasm --- rtpproxy NOTE: it's not clear to me if a fix is even possible. (Raphaël Hertzog) -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58993 - data/CVE
Author: carnil Date: 2017-12-28 10:19:28 + (Thu, 28 Dec 2017) New Revision: 58993 Modified: data/CVE/list Log: Add bug reference for CVE-2017-17942/tiff, #885579 Modified: data/CVE/list === --- data/CVE/list 2017-12-28 09:56:56 UTC (rev 58992) +++ data/CVE/list 2017-12-28 10:19:28 UTC (rev 58993) @@ -7,7 +7,7 @@ CVE-2017-17943 RESERVED CVE-2017-17942 (In LibTIFF 4.0.9, there is a heap-based buffer over-read in the ...) - - tiff + - tiff (bug #885579) - tiff3 NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2767 CVE-2017-17941 (PHP Scripts Mall Single Theater Booking has SQL Injection via the ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58992 - data/CVE
Author: carnil Date: 2017-12-28 09:56:56 + (Thu, 28 Dec 2017) New Revision: 58992 Modified: data/CVE/list Log: Mark nvidia-graphics-drivers issues as unixed Likely, reading the advisory, that the issues affect older branches as well, but they just were not addressed in older versions: > Note: > > - If you are using earlier driver branches of the affected products, >upgrade to a supported driver branch that contains the fix as listed >in tables for Windows and Linux. > - If you are using GFE, install the latest drivers. GFE security >bulletins are available on the NVIDIA Product Security page. > - CVE-2017-6277 and CVE-2017-6272 were addressed in branch R375. >However, these CVEs were not disclosed in the previous >security bulletin. Cf: https://nvidia.custhelp.com/app/answers/detail/a_id/4544 Modified: data/CVE/list === --- data/CVE/list 2017-12-28 09:37:55 UTC (rev 58991) +++ data/CVE/list 2017-12-28 09:56:56 UTC (rev 58992) @@ -42545,8 +42545,11 @@ [stretch] - nvidia-graphics-drivers (Non-free not supported) [jessie] - nvidia-graphics-drivers (Non-free not supported) [wheezy] - nvidia-graphics-drivers (Non-free not supported) - - nvidia-graphics-drivers-legacy-340xx - - nvidia-graphics-drivers-legacy-304xx + - nvidia-graphics-drivers-legacy-340xx + [stretch] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) + - nvidia-graphics-drivers-legacy-304xx + [stretch] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) + [jessie] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544 CVE-2017-6271 (NVIDIA Windows GPU Display Driver contains a vulnerability in the ...) NOT-FOR-US: NVIDIA Windows GPU Display Driver @@ -42562,8 +42565,11 @@ [stretch] - nvidia-graphics-drivers (Non-free not supported) [jessie] - nvidia-graphics-drivers (Non-free not supported) [wheezy] - nvidia-graphics-drivers (Non-free not supported) - - nvidia-graphics-drivers-legacy-340xx - - nvidia-graphics-drivers-legacy-304xx + - nvidia-graphics-drivers-legacy-340xx + [stretch] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) + - nvidia-graphics-drivers-legacy-304xx + [stretch] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) + [jessie] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544 CVE-2017-6266 (NVIDIA GPU Display Driver contains a vulnerability in the kernel mode ...) [experimental] - nvidia-graphics-drivers 384.90-1 @@ -42571,8 +42577,11 @@ [stretch] - nvidia-graphics-drivers (Non-free not supported) [jessie] - nvidia-graphics-drivers (Non-free not supported) [wheezy] - nvidia-graphics-drivers (Non-free not supported) - - nvidia-graphics-drivers-legacy-340xx - - nvidia-graphics-drivers-legacy-304xx + - nvidia-graphics-drivers-legacy-340xx + [stretch] - nvidia-graphics-drivers-legacy-340xx (Non-free not supported) + - nvidia-graphics-drivers-legacy-304xx + [stretch] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) + [jessie] - nvidia-graphics-drivers-legacy-304xx (Non-free not supported) NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/4544 CVE-2017-6265 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58990 - in data: . DSA
Author: jmm Date: 2017-12-28 09:37:28 + (Thu, 28 Dec 2017) New Revision: 58990 Modified: data/DSA/list data/dsa-needed.txt Log: imagemagick DSA Modified: data/DSA/list === --- data/DSA/list 2017-12-28 09:18:33 UTC (rev 58989) +++ data/DSA/list 2017-12-28 09:37:28 UTC (rev 58990) @@ -1,3 +1,6 @@ +[28 Dec 2017] DSA-4074-1 imagemagick - security update + {CVE-2017-12877 CVE-2017-16546 CVE-2017-17499 CVE-2017-17504 CVE-2017-17879} + [stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u4 [23 Dec 2017] DSA-4073-1 linux - security update {CVE-2017-8824 CVE-2017-16538 CVE-2017-16644 CVE-2017-16995 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-17712 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17807 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-1000407 CVE-2017-1000410} [stretch] - linux 4.9.65-3+deb9u1 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-12-28 09:18:33 UTC (rev 58989) +++ data/dsa-needed.txt 2017-12-28 09:37:28 UTC (rev 58990) @@ -22,7 +22,7 @@ -- graphicsmagick -- -imagemagick (jmm) +imagemagick/oldstable (jmm) -- libav/oldstable We can ship the next libav 11.x point release when available ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58991 - data/CVE
Author: carnil Date: 2017-12-28 09:37:55 + (Thu, 28 Dec 2017) New Revision: 58991 Modified: data/CVE/list Log: Add bug reference for CVE-2017-7536 Modified: data/CVE/list === --- data/CVE/list 2017-12-28 09:37:28 UTC (rev 58990) +++ data/CVE/list 2017-12-28 09:37:55 UTC (rev 58991) @@ -38358,7 +38358,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470817 CVE-2017-7536 [Privilege escalation when running under the security manager] RESERVED - - libhibernate-validator-java + - libhibernate-validator-java (bug #885577) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465573 CVE-2017-7535 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58989 - data/CVE
Author: carnil Date: 2017-12-28 09:18:33 + (Thu, 28 Dec 2017) New Revision: 58989 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-12-28 09:13:35 UTC (rev 58988) +++ data/CVE/list 2017-12-28 09:18:33 UTC (rev 58989) @@ -11,17 +11,17 @@ - tiff3 NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2767 CVE-2017-17941 (PHP Scripts Mall Single Theater Booking has SQL Injection via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall Single Theater Booking CVE-2017-17940 (PHP Scripts Mall Single Theater Booking has XSS via the title parameter ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall Single Theater Booking CVE-2017-17939 (PHP Scripts Mall Single Theater Booking has CSRF via ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall Single Theater Booking CVE-2017-17938 (PHP Scripts Mall Single Theater Booking has XSS via the ...) - TODO: check + NOT-FOR-US: PHP Scripts Mall Single Theater Booking CVE-2017-17937 (Vanguard Marketplace Digital Products PHP has XSS via the phps_query ...) - TODO: check + NOT-FOR-US: Vanguard Marketplace Digital Products PHP CVE-2017-17936 (Vanguard Marketplace Digital Products PHP has CSRF via /search. ...) - TODO: check + NOT-FOR-US: Vanguard Marketplace Digital Products PHP CVE-2018-3609 RESERVED CVE-2018-3608 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58988 - data/CVE
Author: carnil Date: 2017-12-28 09:13:35 + (Thu, 28 Dec 2017) New Revision: 58988 Modified: data/CVE/list Log: Add CVE-2017-17942/tiff Modified: data/CVE/list === --- data/CVE/list 2017-12-28 09:10:14 UTC (rev 58987) +++ data/CVE/list 2017-12-28 09:13:35 UTC (rev 58988) @@ -7,7 +7,9 @@ CVE-2017-17943 RESERVED CVE-2017-17942 (In LibTIFF 4.0.9, there is a heap-based buffer over-read in the ...) - TODO: check + - tiff + - tiff3 + NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2767 CVE-2017-17941 (PHP Scripts Mall Single Theater Booking has SQL Injection via the ...) TODO: check CVE-2017-17940 (PHP Scripts Mall Single Theater Booking has XSS via the title parameter ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58987 - data/CVE
Author: sectracker Date: 2017-12-28 09:10:14 + (Thu, 28 Dec 2017) New Revision: 58987 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-12-28 09:06:37 UTC (rev 58986) +++ data/CVE/list 2017-12-28 09:10:14 UTC (rev 58987) @@ -1,3 +1,25 @@ +CVE-2017-17946 + RESERVED +CVE-2017-17945 + RESERVED +CVE-2017-17944 + RESERVED +CVE-2017-17943 + RESERVED +CVE-2017-17942 (In LibTIFF 4.0.9, there is a heap-based buffer over-read in the ...) + TODO: check +CVE-2017-17941 (PHP Scripts Mall Single Theater Booking has SQL Injection via the ...) + TODO: check +CVE-2017-17940 (PHP Scripts Mall Single Theater Booking has XSS via the title parameter ...) + TODO: check +CVE-2017-17939 (PHP Scripts Mall Single Theater Booking has CSRF via ...) + TODO: check +CVE-2017-17938 (PHP Scripts Mall Single Theater Booking has XSS via the ...) + TODO: check +CVE-2017-17937 (Vanguard Marketplace Digital Products PHP has XSS via the phps_query ...) + TODO: check +CVE-2017-17936 (Vanguard Marketplace Digital Products PHP has CSRF via /search. ...) + TODO: check CVE-2018-3609 RESERVED CVE-2018-3608 @@ -32,8 +54,8 @@ NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/08278c7cf1c0b4f1da4cdcfaa857ff6b2373a1b2 CVE-2017-17933 RESERVED -CVE-2017-17932 - RESERVED +CVE-2017-17932 (A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ...) + TODO: check CVE-2017-17931 (PHP Scripts Mall Resume Clone Script has SQL Injection via the ...) NOT-FOR-US: PHP Scripts Mall Resume Clone Script CVE-2017-17930 (PHP Scripts Mall Professional Service Script has CSRF via ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58986 - data/CVE
Author: carnil Date: 2017-12-28 09:06:37 + (Thu, 28 Dec 2017) New Revision: 58986 Modified: data/CVE/list Log: Add bug reference for CVE-2017-7559, #885576 Modified: data/CVE/list === --- data/CVE/list 2017-12-28 08:59:39 UTC (rev 58985) +++ data/CVE/list 2017-12-28 09:06:37 UTC (rev 58986) @@ -38230,8 +38230,8 @@ NOTE: Introduced by: https://github.com/spacewalkproject/spacewalk/commit/75d9c00b96ab430221c5c7668baebebc74ddd67e CVE-2017-7559 [HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)] RESERVED - - undertow - NOTE: For an incomplete fix of CVE-2017-2666 + - undertow (bug #885576) + NOTE: CVE is for an incomplete fix of CVE-2017-2666 NOTE: Invalid characters were still allowed in the query string and path parameters. TODO: check, asked for clarification to Red Hat: https://bugzilla.redhat.com/show_bug.cgi?id=1481665#c7 CVE-2017-7558 [sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 7 commits: two wireshark/imagemagick issues ignored
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d215439e by Moritz Muehlenhoff at 2017-12-28T08:25:42+00:00 two wireshark/imagemagick issues ignored git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58979 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - e45304a5 by László Böszörményi at 2017-12-28T08:36:41+00:00 Additional patch for CVE-2017-17913/graphicsmagick git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58980 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - 8021b8c5 by Salvatore Bonaccorso at 2017-12-28T08:39:25+00:00 Fix typo in note git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58981 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - 5cdf4631 by László Böszörményi at 2017-12-28T08:40:54+00:00 Add CVE-2017-1791[35]/graphicsmagick fixed version in unstable git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58982 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - 41e5a351 by Salvatore Bonaccorso at 2017-12-28T08:52:27+00:00 Add TODO for CVE-2017-7559 git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58983 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - 79dbe713 by Salvatore Bonaccorso at 2017-12-28T08:59:27+00:00 Add Red Hat reference for CVE-2017-7536 git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58984 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - f3a488bb by Salvatore Bonaccorso at 2017-12-28T08:59:39+00:00 Add description for CVE-2017-7536 git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58985 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -20,6 +20,8 @@ CVE-2018-3600 RESERVED CVE-2017-17935 (The File_read_line function in epan/wslua/wslua_file.c in Wireshark ...) - wireshark + [stretch] - wireshark (Minor issue) + [jessie] - wireshark (Minor issue) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295 NOTE: https://code.wireshark.org/review/#/c/24997/ NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=137ab7d5681486c6d6cc8faac4300b7cd4ec0cf1 @@ -65,16 +67,19 @@ CVE-2017-17917 CVE-2017-17916 RESERVED CVE-2017-17915 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based ...) - - graphicsmagick + - graphicsmagick 1.3.27-3 NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/1721f1b7e67a NOTE: https://sourceforge.net/p/graphicsmagick/bugs/535/ CVE-2017-17914 (In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ...) - imagemagick + [stretch] - imagemagick (Minor issue) + [jessie] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/908 NOTE: https://github.com/ImageMagick/ImageMagick/commit/650ec57d84b7b1dce66435b8cd3b58f7ae66db1b NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/42781eeebadf111a2e01559735ea504a78192046 CVE-2017-17913 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based ...) - - graphicsmagick + - graphicsmagick 1.3.27-3 + NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/88313ebe379c NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6dda3c33f35f NOTE: https://sourceforge.net/p/graphicsmagick/bugs/536/ TODO: check, potentially just unimportant like similar issue in imagemagick @@ -38227,7 +38232,8 @@ CVE-2017-7559 [HTTP Request smuggling vulnerability (incomplete fix of CVE-2017- RESERVED - undertow NOTE: For an incomplete fix of CVE-2017-2666 - NOTE: Invalid characters were still allwed in the query string and path parameters. + NOTE: Invalid characters were still allowed in the query string and path parameters. + TODO: check, asked for clarification to Red Hat: https://bugzilla.redhat.com/show_bug.cgi?id=1481665#c7 CVE-2017-7558 [sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()] RESERVED - linux 4.12.13-1 @@ -38326,9 +38332,10 @@ CVE-2017-7537 - dogtag-pki 10.3.5+12-5 (bug #869261) NOTE: https://github.com/dogtagpki/pki/commit/876d13c6d20e7e1235b9 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470817 -CVE-2017-7536 +CVE-2017-7536 [Privilege escalation when running under the security manager] RESERVED - libhibernate-validator-java + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465573 CVE-2017-7535 RESERVED - foreman (bug #663101) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/107c22e993fd2d68c6991c74aeed8ab4570f4702...f3a488bb54a17d84bff0ca02edf3c002e5166d1e --- View it on GitLab:
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Update information for CVE-2017-17850/asterisk
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 84ff91a0 by Salvatore Bonaccorso at 2017-12-27T22:20:49+00:00 Update information for CVE-2017-17850/asterisk Maintainer confirmed question about introducing versions. Confirmed to be post 13.15.0 and post 13.18.0 partially, resulting in 1:13.17.0~dfsg-1 beeing the first version in Debian including the vulnerability. Thanks: Bernhard Schmidt and Tzafrir git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58977 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - 107c22e9 by Salvatore Bonaccorso at 2017-12-27T23:13:38+00:00 CVE-2017-17850/asterisk fixed in unstable git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58978 e39458fd-73e7-0310-bf30-c45bca0a0e42 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -248,7 +248,10 @@ CVE-2017-17858 CVE-2017-17851 RESERVED CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and ...) - - asterisk (bug #885072) + - asterisk 1:13.18.5~dfsg-1 (bug #885072) + [stretch] - asterisk (Vulnerable code introduced after 13.15.0) + [jessie] - asterisk (Vulnerable code introduced after 13.15.0) + [wheezy] - asterisk (Vulnerable code introduced after 13.15.0) NOTE: http://downloads.asterisk.org/pub/security/AST-2017-014.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27480 CVE-2017-17849 (A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b55af15f3ef78d574aa2f8f3f4477f92fc986414...107c22e993fd2d68c6991c74aeed8ab4570f4702 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b55af15f3ef78d574aa2f8f3f4477f92fc986414...107c22e993fd2d68c6991c74aeed8ab4570f4702 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58985 - data/CVE
Author: carnil Date: 2017-12-28 08:59:39 + (Thu, 28 Dec 2017) New Revision: 58985 Modified: data/CVE/list Log: Add description for CVE-2017-7536 Modified: data/CVE/list === --- data/CVE/list 2017-12-28 08:59:27 UTC (rev 58984) +++ data/CVE/list 2017-12-28 08:59:39 UTC (rev 58985) @@ -38332,7 +38332,7 @@ - dogtag-pki 10.3.5+12-5 (bug #869261) NOTE: https://github.com/dogtagpki/pki/commit/876d13c6d20e7e1235b9 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1470817 -CVE-2017-7536 +CVE-2017-7536 [Privilege escalation when running under the security manager] RESERVED - libhibernate-validator-java NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465573 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58984 - data/CVE
Author: carnil Date: 2017-12-28 08:59:27 + (Thu, 28 Dec 2017) New Revision: 58984 Modified: data/CVE/list Log: Add Red Hat reference for CVE-2017-7536 Modified: data/CVE/list === --- data/CVE/list 2017-12-28 08:52:27 UTC (rev 58983) +++ data/CVE/list 2017-12-28 08:59:27 UTC (rev 58984) @@ -38335,6 +38335,7 @@ CVE-2017-7536 RESERVED - libhibernate-validator-java + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1465573 CVE-2017-7535 RESERVED - foreman (bug #663101) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58983 - data/CVE
Author: carnil Date: 2017-12-28 08:52:27 + (Thu, 28 Dec 2017) New Revision: 58983 Modified: data/CVE/list Log: Add TODO for CVE-2017-7559 Modified: data/CVE/list === --- data/CVE/list 2017-12-28 08:40:54 UTC (rev 58982) +++ data/CVE/list 2017-12-28 08:52:27 UTC (rev 58983) @@ -38233,6 +38233,7 @@ - undertow NOTE: For an incomplete fix of CVE-2017-2666 NOTE: Invalid characters were still allowed in the query string and path parameters. + TODO: check, asked for clarification to Red Hat: https://bugzilla.redhat.com/show_bug.cgi?id=1481665#c7 CVE-2017-7558 [sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()] RESERVED - linux 4.12.13-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58982 - data/CVE
Author: gcs Date: 2017-12-28 08:40:54 + (Thu, 28 Dec 2017) New Revision: 58982 Modified: data/CVE/list Log: Add CVE-2017-1791[35]/graphicsmagick fixed version in unstable Modified: data/CVE/list === --- data/CVE/list 2017-12-28 08:39:25 UTC (rev 58981) +++ data/CVE/list 2017-12-28 08:40:54 UTC (rev 58982) @@ -67,7 +67,7 @@ CVE-2017-17916 RESERVED CVE-2017-17915 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a heap-based ...) - - graphicsmagick + - graphicsmagick 1.3.27-3 NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/1721f1b7e67a NOTE: https://sourceforge.net/p/graphicsmagick/bugs/535/ CVE-2017-17914 (In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ...) @@ -78,7 +78,7 @@ NOTE: https://github.com/ImageMagick/ImageMagick/commit/650ec57d84b7b1dce66435b8cd3b58f7ae66db1b NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/42781eeebadf111a2e01559735ea504a78192046 CVE-2017-17913 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based ...) - - graphicsmagick + - graphicsmagick 1.3.27-3 NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/88313ebe379c NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6dda3c33f35f NOTE: https://sourceforge.net/p/graphicsmagick/bugs/536/ ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58981 - data/CVE
Author: carnil Date: 2017-12-28 08:39:25 + (Thu, 28 Dec 2017) New Revision: 58981 Modified: data/CVE/list Log: Fix typo in note Modified: data/CVE/list === --- data/CVE/list 2017-12-28 08:36:41 UTC (rev 58980) +++ data/CVE/list 2017-12-28 08:39:25 UTC (rev 58981) @@ -38232,7 +38232,7 @@ RESERVED - undertow NOTE: For an incomplete fix of CVE-2017-2666 - NOTE: Invalid characters were still allwed in the query string and path parameters. + NOTE: Invalid characters were still allowed in the query string and path parameters. CVE-2017-7558 [sctp: out-of-bounds read in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info()] RESERVED - linux 4.12.13-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58980 - data/CVE
Author: gcs Date: 2017-12-28 08:36:41 + (Thu, 28 Dec 2017) New Revision: 58980 Modified: data/CVE/list Log: Additional patch for CVE-2017-17913/graphicsmagick Modified: data/CVE/list === --- data/CVE/list 2017-12-28 08:25:42 UTC (rev 58979) +++ data/CVE/list 2017-12-28 08:36:41 UTC (rev 58980) @@ -79,6 +79,7 @@ NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/42781eeebadf111a2e01559735ea504a78192046 CVE-2017-17913 (In GraphicsMagick 1.4 snapshot-20171217 Q8, there is a stack-based ...) - graphicsmagick + NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/88313ebe379c NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/6dda3c33f35f NOTE: https://sourceforge.net/p/graphicsmagick/bugs/536/ TODO: check, potentially just unimportant like similar issue in imagemagick ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r58979 - data/CVE
Author: jmm Date: 2017-12-28 08:25:42 + (Thu, 28 Dec 2017) New Revision: 58979 Modified: data/CVE/list Log: two wireshark/imagemagick issues ignored Modified: data/CVE/list === --- data/CVE/list 2017-12-27 23:13:38 UTC (rev 58978) +++ data/CVE/list 2017-12-28 08:25:42 UTC (rev 58979) @@ -20,6 +20,8 @@ RESERVED CVE-2017-17935 (The File_read_line function in epan/wslua/wslua_file.c in Wireshark ...) - wireshark + [stretch] - wireshark (Minor issue) + [jessie] - wireshark (Minor issue) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295 NOTE: https://code.wireshark.org/review/#/c/24997/ NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=137ab7d5681486c6d6cc8faac4300b7cd4ec0cf1 @@ -70,6 +72,8 @@ NOTE: https://sourceforge.net/p/graphicsmagick/bugs/535/ CVE-2017-17914 (In ImageMagick 7.0.7-16 Q16, a vulnerability was found in the function ...) - imagemagick + [stretch] - imagemagick (Minor issue) + [jessie] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/908 NOTE: https://github.com/ImageMagick/ImageMagick/commit/650ec57d84b7b1dce66435b8cd3b58f7ae66db1b NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/42781eeebadf111a2e01559735ea504a78192046 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits