[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Filed CVE-2018-7667 as #893668
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker Commits: 7ae1f61b by Chris Lamb at 2018-03-20T22:51:33-04:00 Filed CVE-2018-7667 as #893668 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -2673,7 +2673,7 @@ CVE-2018-7669 CVE-2018-7668 (TestLink through 1.9.16 allows remote attackers to read arbitrary ...) NOT-FOR-US: TestLink CVE-2018-7667 (Adminer through 4.3.1 has SSRF via the server parameter. ...) - - adminer 4.5.0-1 + - adminer 4.5.0-1 (bug #893668) NOTE: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVER-SIDE-REQUEST-FORGERY.txt NOTE: https://github.com/vrana/adminer/commit/0fae40fb611b5c8167fa2b8d40bf576a8935a380 NOTE: adminer 4.4.0 disallows connecting to privileged ports, and thus not "enumerating" View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ae1f61b098450ae3d27e5c26e94d6c83165fae8 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ae1f61b098450ae3d27e5c26e94d6c83165fae8 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1000069, freeplane: bug filed
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 3b9e5a8c by Markus Koschany at 2018-03-21T00:27:57+01:00 CVE-2018-169,freeplane: bug filed - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -4073,7 +4073,7 @@ CVE-2018-171 (roundcube version 1.3.4 and earlier contains an Insecure Permi CVE-2018-170 (Bitmessage PyBitmessage version v0.6.2 (and introduced in or after ...) NOT-FOR-US: PyBitmessage CVE-2018-169 (FreePlane version 1.5.9 and earlier contains a XML External Entity ...) - - freeplane 1.6.6-1 + - freeplane 1.6.6-1 (bug #893669) NOTE: https://www.freeplane.org/wiki/index.php/XML_External_Entity_vulnerability_in_map_parser CVE-2018-7279 (A remote code execution issue was discovered in AlienVault USM and ...) NOT-FOR-US: AlienVault View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3b9e5a8c40d15d95e1f16f3dac6a3f4ea8d91823 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3b9e5a8c40d15d95e1f16f3dac6a3f4ea8d91823 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim libvirt in dla-needed.txt
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 962441f2 by Markus Koschany at 2018-03-21T00:14:08+01:00 Claim libvirt in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -76,6 +76,8 @@ libpodofo -- libreoffice -- +libvirt (Markus Koschany) +-- libvorbis NOTE: Underlying reason for CVE-2017-14160 yet unclear, no upstream feedback on this issue. NOTE: Fixes for other CVEs applied upstream and in sid. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/962441f28fdbd1254a46be619b742bcea5921847 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/962441f28fdbd1254a46be619b742bcea5921847 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add imagemagick to dla-needed.txt
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 694bc770 by Markus Koschany at 2018-03-21T00:08:20+01:00 Add imagemagick to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -43,6 +43,8 @@ graphicsmagick graphite2 (Abhijith PA) NOTE: 20180317: Unable to reproduce with given POC. Waiting for upstream comment -- +imagemagick +-- isc-dhcp (Thorsten Alteholz) -- jruby (Santiago R.R.) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/694bc7708d81893d3dc330ca50ef1e1313ca6235 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/694bc7708d81893d3dc330ca50ef1e1313ca6235 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 6863fa6c by Salvatore Bonaccorso at 2018-03-20T22:55:35+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -3225,7 +3225,7 @@ CVE-2018-7513 CVE-2018-7512 RESERVED CVE-2018-7511 (In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases ...) - TODO: check + NOT-FOR-US: Eaton ELCSoft CVE-2018-7510 RESERVED CVE-2018-7509 @@ -8398,11 +8398,11 @@ CVE-2018-5772 (In Exiv2 0.26, there is a segmentation fault caused by uncontroll CVE-2018-5771 RESERVED CVE-2018-5770 (An issue was discovered on Tenda AC15 devices. A remote, ...) - TODO: check + NOT-FOR-US: Tenda AC15 devices CVE-2018-5769 RESERVED CVE-2018-5768 (A remote, unauthenticated attacker can gain remote code execution on ...) - TODO: check + NOT-FOR-US: Tenda AC15 router CVE-2018-5767 (An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A ...) NOT-FOR-US: Tenda AC15 V15.03.1.16_multi devices CVE-2018-5766 (In Libav through 12.2, there is an invalid memcpy in the av_packet_ref ...) @@ -8574,7 +8574,7 @@ CVE-2018-5719 CVE-2018-5718 RESERVED CVE-2018-5717 (Memory write mechanism in NCR S2 Dispenser controller before firmware ...) - TODO: check + NOT-FOR-US: NCR S2 Dispenser controller CVE-2018-5716 (An issue was discovered in Reprise License Manager 11.0. This ...) NOT-FOR-US: Reprise License Manager CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query ...) @@ -9209,7 +9209,7 @@ CVE-2018-5440 (A Stack-based Buffer Overflow issue was discovered in 3S-Smart CO CVE-2018-5439 (A Command Injection issue was discovered in Nortek Linear eMerge E3 ...) NOT-FOR-US: Nortek Linear eMerge E3 series CVE-2018-5438 (Philips ISCV application prior to version 2.3.0 has an insufficient ...) - TODO: check + NOT-FOR-US: Philips ISCV application CVE-2018-5437 RESERVED CVE-2018-5436 @@ -10912,9 +10912,9 @@ CVE-2018-4846 CVE-2018-4845 RESERVED CVE-2018-4844 (A vulnerability has been identified in SIMATIC WinCC OA UI for Android ...) - TODO: check + NOT-FOR-US: SIMATIC CVE-2018-4843 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (All ...) - TODO: check + NOT-FOR-US: SIMATIC CVE-2018-4842 RESERVED CVE-2018-4841 @@ -19313,7 +19313,7 @@ CVE-2017-17669 (There is a heap-based buffer over-read in the ...) [wheezy] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/187 CVE-2017-17668 (Memory write mechanism in NCR S1 Dispenser controller before firmware ...) - TODO: check + NOT-FOR-US: NCR S1 Dispenser controller CVE-2017-17667 RESERVED CVE-2017-17666 @@ -21042,9 +21042,9 @@ CVE-2017-17322 (Huawei Honor Smart Scale Application with software of 1.1.1 has CVE-2017-17321 (Huawei eNSP software with software of versions earlier than ...) NOT-FOR-US: Huawei CVE-2017-17320 (Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-17319 (Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-17318 RESERVED CVE-2017-17317 @@ -21068,9 +21068,9 @@ CVE-2017-17309 CVE-2017-17308 RESERVED CVE-2017-17307 (Some Huawei Smartphones with software of VNS-L21AUTC555B141 have an ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-17306 (Some Huawei Smartphones with software of VNS-L21AUTC555B141, ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-17305 RESERVED CVE-2017-17304 (The CIDAM Protocol on Huawei DP300 V500R002C00; V500R002C00B010; ...) @@ -21252,7 +21252,7 @@ CVE-2017-17217 (Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C0 CVE-2017-17216 (Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; ...) NOT-FOR-US: Huawei CVE-2017-17215 (Huawei HG532 with some customized versions has a remote code execution ...) - TODO: check + NOT-FOR-US: Huawei CVE-2017-17214 RESERVED CVE-2017-17213 @@ -32585,7 +32585,7 @@ CVE-2017-14193 (The oauth function in controllers/member/api.php in dayrui FineC CVE-2017-14192 (The checktitle function in controllers/member/api.php in dayrui FineCms ...) NOT-FOR-US: dayrui FineCms CVE-2017-14191 (An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 ...) - TODO: check + NOT-FOR-US: Fortinet CVE-2017-14190 (A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to ...) NOT-FOR-US: Fortinet FortiOS CVE-2017-14189 (An improper access control vulnerability in
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove TODO item
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 05a8cdfa by Salvatore Bonaccorso at 2018-03-20T22:44:23+01:00 Remove TODO item - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -21,7 +21,6 @@ CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Inf NOTE: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1754671 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=746422 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634 - TODO: check CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...) NOT-FOR-US: windrvr1260.sys in Jungo DriverWizard WinDriver CVE-2018-8820 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/05a8cdfae666723a5e1b2ee55155f32b27d08122 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/05a8cdfae666723a5e1b2ee55155f32b27d08122 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000135/network-manager
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 388c6356 by Salvatore Bonaccorso at 2018-03-20T22:42:37+01:00 Add CVE-2018-1000135/network-manager - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -17,6 +17,10 @@ CVE-2018-8823 CVE-2018-8822 (Incorrect buffer length handling in the ncp_read_kernel function in ...) - linux CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Information ...) + - network-manager + NOTE: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1754671 + NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=746422 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634 TODO: check CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...) NOT-FOR-US: windrvr1260.sys in Jungo DriverWizard WinDriver View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/388c635636f35ea65b74179aa19d70f887734dbf --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/388c635636f35ea65b74179aa19d70f887734dbf You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8822/linux
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8fe9346a by Salvatore Bonaccorso at 2018-03-20T22:29:02+01:00 Add CVE-2018-8822/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -15,7 +15,7 @@ CVE-2018-8824 CVE-2018-8823 RESERVED CVE-2018-8822 (Incorrect buffer length handling in the ncp_read_kernel function in ...) - TODO: check + - linux CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Information ...) TODO: check CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fe9346a1d4bc4dfb0e093d45e553d6ac1ba5bb8 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8fe9346a1d4bc4dfb0e093d45e553d6ac1ba5bb8 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8828/kamailio
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d9a80c21 by Salvatore Bonaccorso at 2018-03-20T22:25:38+01:00 Add CVE-2018-8828/kamailio - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1,7 +1,9 @@ CVE-2018-8829 RESERVED CVE-2018-8828 (A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x ...) - TODO: check + - kamailio 5.1.2-1 + NOTE: https://github.com/EnableSecurity/advisories/tree/master/ES2018-05-kamailio-heap-overflow + NOTE: https://github.com/kamailio/kamailio/commit/e1d8008a09d9390ebaf698abe8909e10dfec4097 CVE-2018-8827 RESERVED CVE-2018-8826 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d9a80c21cf644121a4cb1b5083db47e06e997291 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d9a80c21cf644121a4cb1b5083db47e06e997291 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e2207b15 by security tracker role at 2018-03-20T21:10:20+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,21 @@ +CVE-2018-8829 + RESERVED +CVE-2018-8828 (A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x ...) + TODO: check +CVE-2018-8827 + RESERVED +CVE-2018-8826 + RESERVED +CVE-2018-8825 + RESERVED +CVE-2018-8824 + RESERVED +CVE-2018-8823 + RESERVED +CVE-2018-8822 (Incorrect buffer length handling in the ncp_read_kernel function in ...) + TODO: check +CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Information ...) + TODO: check CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...) NOT-FOR-US: windrvr1260.sys in Jungo DriverWizard WinDriver CVE-2018-8820 @@ -1599,8 +1617,8 @@ CVE-2018-8090 RESERVED CVE-2018-8089 RESERVED -CVE-2018-8088 - RESERVED +CVE-2018-8088 (org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before ...) + TODO: check CVE-2018-8087 (Memory leak in the hwsim_new_radio_nl function in ...) - linux 4.15.11-1 [jessie] - linux (Vulnerable code not present) @@ -3201,8 +3219,8 @@ CVE-2018-7513 RESERVED CVE-2018-7512 RESERVED -CVE-2018-7511 - RESERVED +CVE-2018-7511 (In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases ...) + TODO: check CVE-2018-7510 RESERVED CVE-2018-7509 @@ -8374,12 +8392,12 @@ CVE-2018-5772 (In Exiv2 0.26, there is a segmentation fault caused by uncontroll NOTE: https://github.com/Exiv2/exiv2/issues/216 CVE-2018-5771 RESERVED -CVE-2018-5770 - RESERVED +CVE-2018-5770 (An issue was discovered on Tenda AC15 devices. A remote, ...) + TODO: check CVE-2018-5769 RESERVED -CVE-2018-5768 - RESERVED +CVE-2018-5768 (A remote, unauthenticated attacker can gain remote code execution on ...) + TODO: check CVE-2018-5767 (An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A ...) NOT-FOR-US: Tenda AC15 V15.03.1.16_multi devices CVE-2018-5766 (In Libav through 12.2, there is an invalid memcpy in the av_packet_ref ...) @@ -8550,8 +8568,8 @@ CVE-2018-5719 RESERVED CVE-2018-5718 RESERVED -CVE-2018-5717 - RESERVED +CVE-2018-5717 (Memory write mechanism in NCR S2 Dispenser controller before firmware ...) + TODO: check CVE-2018-5716 (An issue was discovered in Reprise License Manager 11.0. This ...) NOT-FOR-US: Reprise License Manager CVE-2018-5715 (phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query ...) @@ -9185,8 +9203,8 @@ CVE-2018-5440 (A Stack-based Buffer Overflow issue was discovered in 3S-Smart CO NOT-FOR-US: 3S-Smart CVE-2018-5439 (A Command Injection issue was discovered in Nortek Linear eMerge E3 ...) NOT-FOR-US: Nortek Linear eMerge E3 series -CVE-2018-5438 - RESERVED +CVE-2018-5438 (Philips ISCV application prior to version 2.3.0 has an insufficient ...) + TODO: check CVE-2018-5437 RESERVED CVE-2018-5436 @@ -10783,7 +10801,7 @@ CVE-2017-1000489 (Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed cou CVE-2017-1000488 (Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack ...) NOT-FOR-US: Mautic CVE-2017-1000487 (Plexus-utils before 3.0.16 is vulnerable to command injection because ...) - {DLA-1237-1 DLA-1236-1} + {DSA-4146-1 DLA-1237-1 DLA-1236-1} - plexus-utils 1:1.5.15-5 - plexus-utils2 3.0.22-1 NOTE: https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522 @@ -10888,10 +10906,10 @@ CVE-2018-4846 RESERVED CVE-2018-4845 RESERVED -CVE-2018-4844 - RESERVED -CVE-2018-4843 - RESERVED +CVE-2018-4844 (A vulnerability has been identified in SIMATIC WinCC OA UI for Android ...) + TODO: check +CVE-2018-4843 (A vulnerability has been identified in SIMATIC CP 343-1 Advanced (All ...) + TODO: check CVE-2018-4842 RESERVED CVE-2018-4841 @@ -13674,8 +13692,8 @@ CVE-2018-3628 RESERVED CVE-2018-3627 RESERVED -CVE-2018-3626 - RESERVED +CVE-2018-3626 (Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and ...) + TODO: check CVE-2018-3625 RESERVED CVE-2018-3624 @@ -19289,8 +19307,8 @@ CVE-2017-17669 (There is a heap-based buffer over-read in the ...) [jessie] - exiv2 (Minor issue) [wheezy] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/187 -CVE-2017-17668 - RESERVED +CVE-2017-17668 (Memory write mechanism in NCR S1 Dispenser controller before firmware ...) +
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] plexus-utils DSA
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c95fd55d by Moritz Muehlenhoff at 2018-03-20T21:19:55+01:00 plexus-utils DSA - - - - - 2 changed files: - data/DSA/list - data/dsa-needed.txt Changes: = data/DSA/list = --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,7 @@ +[20 Mar 2018] DSA-4146-1 plexus-utils - security update + {CVE-2017-1000487} + [jessie] - plexus-utils 1:1.5.15-4+deb8u1 + [stretch] - plexus-utils 1:1.5.15-4+deb9u1 [18 Mar 2018] DSA-4145-1 gitlab - security update {CVE-2017-0915 CVE-2017-0916 CVE-2017-0917 CVE-2017-0918 CVE-2017-0925 CVE-2017-0926 CVE-2018-3710} [stretch] - gitlab 8.13.11+dfsg1-8+deb9u1 = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -65,8 +65,6 @@ phpmyadmin/oldstable (abhijith) -- pjproject -- -plexus-utils (jmm) --- plexus-utils2/oldstable (jmm) -- python-django View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c95fd55d83acbed6fe391bb47d82eaf8a96fc14c --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c95fd55d83acbed6fe391bb47d82eaf8a96fc14c You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mark CVE-2018-7667 as fixed with 4.5.0-1
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 844013a8 by Salvatore Bonaccorso at 2018-03-20T14:38:53+01:00 mark CVE-2018-7667 as fixed with 4.5.0-1 The 4.4.0 upstream version adds two mitigations steps for the issue, which maybe could be better solved by restricting access to server instances configured via a configuration file on adminers side? (like phpmyadmin approach). But so far there probably not much more upstream can do, and admins af an adminer instance could additionaly restrict access to the adminer instance via upfront authentication. - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -2650,7 +2650,7 @@ CVE-2018-7669 CVE-2018-7668 (TestLink through 1.9.16 allows remote attackers to read arbitrary ...) NOT-FOR-US: TestLink CVE-2018-7667 (Adminer through 4.3.1 has SSRF via the server parameter. ...) - - adminer + - adminer 4.5.0-1 NOTE: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVER-SIDE-REQUEST-FORGERY.txt NOTE: https://github.com/vrana/adminer/commit/0fae40fb611b5c8167fa2b8d40bf576a8935a380 NOTE: adminer 4.4.0 disallows connecting to privileged ports, and thus not "enumerating" View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/844013a8e113f002abfb8355b5364d476522c5a4 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/844013a8e113f002abfb8355b5364d476522c5a4 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-3740
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5fb7e762 by Salvatore Bonaccorso at 2018-03-20T13:58:20+01:00 Add bug reference for CVE-2018-3740 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -13410,7 +13410,7 @@ CVE-2018-3741 RESERVED CVE-2018-3740 [Sanitize HTML injection vulnerability] RESERVED - - ruby-sanitize + - ruby-sanitize (bug #893610) NOTE: https://github.com/rgrove/sanitize/issues/176 NOTE: https://github.com/rgrove/sanitize/commit/01629a162e448a83d901456d0ba8b65f3b03d46e NOTE: Only an issue in combination with libxml2 >= 2.9.2 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5fb7e76273805c5f8ad453339f35fecebdb83f18 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5fb7e76273805c5f8ad453339f35fecebdb83f18 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note for CVE-2018-3740
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b693afbe by Salvatore Bonaccorso at 2018-03-20T13:33:18+01:00 Add note for CVE-2018-3740 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -13414,6 +13414,8 @@ CVE-2018-3740 [Sanitize HTML injection vulnerability] NOTE: https://github.com/rgrove/sanitize/issues/176 NOTE: https://github.com/rgrove/sanitize/commit/01629a162e448a83d901456d0ba8b65f3b03d46e NOTE: Only an issue in combination with libxml2 >= 2.9.2 + NOTE: The 'fragment' method was renamed from 'clean' method in earlier version + NOTE: in v3.0.0 CVE-2018-3739 RESERVED CVE-2018-3738 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b693afbeeb29265397b62529e42763962c16badb --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b693afbeeb29265397b62529e42763962c16badb You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8804 fixed in imagemagick/8:6.9.9.39+dfsg-1
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f96ec005 by Salvatore Bonaccorso at 2018-03-20T12:15:39+01:00 CVE-2018-8804 fixed in imagemagick/8:6.9.9.39+dfsg-1 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -38,7 +38,7 @@ CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the ...) CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the ...) NOT-FOR-US: Yxcms CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote ...) - - imagemagick + - imagemagick 8:6.9.9.39+dfsg-1 NOTE: https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6355db269e03f879c516cf9d592c72e157bc75d6 NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f96ec0053b599e15e8c301ce66fc6733e26b47ca --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f96ec0053b599e15e8c301ce66fc6733e26b47ca You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process three imagemagick issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 32b4dc81 by Salvatore Bonaccorso at 2018-03-20T12:12:28+01:00 Process three imagemagick issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -3340,7 +3340,7 @@ CVE-2018-7472 (INVT Studio 1.2 allows remote attackers to cause a denial of serv CVE-2018-7471 (KingView 7.5SP1 has an integer overflow during stgopenstorage API read ...) NOT-FOR-US: KingView CVE-2018-7470 (An issue was discovered in ImageMagick 7.0.7-22 Q16. The ...) - - imagemagick (unimportant; bug #891420) + - imagemagick 8:6.9.9.39+dfsg-1 (unimportant; bug #891420) NOTE: https://github.com/ImageMagick/ImageMagick/issues/998 NOTE: https://github.com/ImageMagick/ImageMagick/commit/9e80713e5132a3bd26702ee0a833306f7e801469 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/8130e12eb30685ef958f4e62fe624da393920be7 @@ -3435,7 +3435,7 @@ CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph before 3.7.6, the ...) NOTE: https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1 CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 ...) {DLA-1293-1} - - imagemagick (low; bug #891291) + - imagemagick 8:6.9.9.39+dfsg-1 (low; bug #891291) [stretch] - imagemagick (Minor issue) [jessie] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/999 @@ -13974,7 +13974,7 @@ CVE-2017-17881 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was fou NOTE: https://github.com/ImageMagick/ImageMagick/commit/ece953bbe14e8514afc23e05e4030eea872e29da NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/aa601d79a630f6de0694fadbeee31456a357fa73 CVE-2017-17880 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-21, there is a stack-based ...) - - imagemagick (unimportant) + - imagemagick 8:6.9.9.39+dfsg-1 (unimportant) NOTE: https://github.com/ImageMagick/ImageMagick/issues/907 NOTE: https://github.com/ImageMagick/ImageMagick/commit/4b5d1edb02c432040e3ff894d0c461bcce6fd2c9 NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/663b3b432c202cd2aeda7ea7e82b74cce51ab1cf View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/32b4dc814c2d943d71b318e6a58dedb0c274dd87 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/32b4dc814c2d943d71b318e6a58dedb0c274dd87 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8048
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 49e80ef9 by Salvatore Bonaccorso at 2018-03-20T10:52:00+01:00 Add bug reference for CVE-2018-8048 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1708,7 +1708,7 @@ CVE-2018-8049 RESERVED CVE-2018-8048 [XSS vulnerability] RESERVED - - ruby-loofah + - ruby-loofah (bug #893596) NOTE: https://github.com/flavorjones/loofah/issues/144 NOTE: https://github.com/flavorjones/loofah/commit/4a08c25a603654f2fc505a7d2bf0c35a39870ad7 CVE-2018-8047 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/49e80ef97b8d39e3d37f7df07831a481ff9aff6e --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/49e80ef97b8d39e3d37f7df07831a481ff9aff6e You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record fixes for linux/4.15.11-1
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5f11686d by Salvatore Bonaccorso at 2018-03-20T10:50:18+01:00 Record fixes for linux/4.15.11-1 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1602,7 +1602,7 @@ CVE-2018-8089 CVE-2018-8088 RESERVED CVE-2018-8087 (Memory leak in the hwsim_new_radio_nl function in ...) - - linux + - linux 4.15.11-1 [jessie] - linux (Vulnerable code not present) [wheezy] - linux (Vulnerable code not present) NOTE: Fixed by: https://git.kernel.org/linus/0ddcff49b672239dda94d70d0fcf50317a9f4b51 @@ -2052,7 +2052,7 @@ CVE-2018-7892 CVE-2018-7891 RESERVED CVE-2018-7995 (** DISPUTED ** Race condition in the store_int_with_restart() function ...) - - linux + - linux 4.15.11-1 NOTE: https://lkml.org/lkml/2018/3/2/970 CVE-2018-7890 (A remote code execution issue was discovered in Zoho ManageEngine ...) NOT-FOR-US: Zoho ManageEngine Applications Manager @@ -3030,7 +3030,7 @@ CVE-2018-7567 (** DISPUTED ** In the Admin Package Manager in Open Ticket Reques NOTE: respective admin to check packages before installation. CVE-2018-7566 [ALSA: seq: Fix racy pool initializations] RESERVED - - linux + - linux 4.15.11-1 NOTE: Fixed by: https://git.kernel.org/linus/d15d662e89fc667b90cd294b0eb45694e33144da CVE-2018-7565 (CSRF exists on Polycom QDX 6000 devices. ...) NOT-FOR-US: Polycom QDX 6000 devices @@ -8233,7 +8233,7 @@ CVE-2018-5804 RESERVED CVE-2018-5803 [Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service] RESERVED - - linux + - linux 4.15.11-1 NOTE: Fixed by: https://git.kernel.org/linus/07f2c7ab6f8d0a7e7c5764c4e6cc9c52951b9d9c CVE-2018-5802 [Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp] RESERVED @@ -8611,7 +8611,7 @@ CVE-2018-5704 (Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to NOTE: http://openocd.zylin.com/4331 NOTE: http://openocd.zylin.com/4335 CVE-2018-5703 (The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux ...) - - linux + - linux 4.15.11-1 [stretch] - linux (Vulnerable code not present) [jessie] - linux (Vulnerable code not present) [wheezy] - linux (Vulnerable code not present) @@ -20776,7 +20776,7 @@ CVE-2018-1070 CVE-2018-1069 (Red Hat OpenShift Enterprise version 3.7 is vulnerable to access ...) NOT-FOR-US: OpenShift CVE-2018-1068 (A flaw was found in the Linux 4.x kernel's implementation of 32-bit ...) - - linux + - linux 4.15.11-1 NOTE: https://git.kernel.org/linus/b71812168571fa55e44cdd0254471331b9c4c4c6 NOTE: Unprivileged user namespaces are disabled in Debian, this only affects NOTE: non-standard setups @@ -20787,7 +20787,7 @@ CVE-2018-1066 (The Linux kernel before version 4.11 is vulnerable to a NULL poin [wheezy] - linux (Vulnerable code not present) NOTE: Fixed by: https://git.kernel.org/linus/cabfb3680f78981d26c078a26e5c748531257ebb CVE-2018-1065 (The netfilter subsystem in the Linux kernel through 4.15.7 mishandles ...) - - linux + - linux 4.15.11-1 [jessie] - linux (Vulnerable code introduced later) [wheezy] - linux (Vulnerable code introduced later) NOTE: Fixed by: https://git.kernel.org/linus/57ebd808a97d7c5b1e1afb937c2db22beba3c1f8 @@ -58481,7 +58481,7 @@ CVE-2017-5754 (Systems with microprocessors utilizing speculative execution and NOTE: https://01.org/security/advisories/intel-oss-10003 - linux-grsec CVE-2017-5753 (Systems with microprocessors utilizing speculative execution and ...) - - linux + - linux 4.15.11-1 - nvidia-graphics-drivers 384.111-1 (bug #886852) [stretch] - nvidia-graphics-drivers (Non-free not supported) [jessie] - nvidia-graphics-drivers (Non-free not supported) @@ -58572,7 +58572,7 @@ CVE-2017-5717 (Type Confusion in Content Protection HECI Service in Intel Graphi CVE-2017-5716 REJECTED CVE-2017-5715 (Systems with microprocessors utilizing speculative execution and ...) - - linux + - linux 4.15.11-1 NOTE: https://spectreattack.com/ NOTE: https://xenbits.xen.org/xsa/advisory-254.html NOTE: https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f11686d8fd68b8c0de0821da5564d6802a7bede --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f11686d8fd68b8c0de0821da5564d6802a7bede You're
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2875c3a7 by Salvatore Bonaccorso at 2018-03-20T10:31:02+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -3411,7 +3411,7 @@ CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent cross- CVE-2018-7446 RESERVED CVE-2018-7445 (A buffer overflow was found in the MikroTik RouterOS SMB service when ...) - TODO: check + NOT-FOR-US: MikroTik RouterOS CVE-2018-7444 RESERVED CVE-2017-18199 (realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote ...) @@ -20268,7 +20268,7 @@ CVE-2018-1220 (EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect .. CVE-2018-1219 (EMC RSA Archer, versions prior to 6.2.0.8, contains an improper access ...) NOT-FOR-US: EMC RSA Archer CVE-2018-1218 (In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to ...) - TODO: check + NOT-FOR-US: EMC NetWorker CVE-2018-1217 RESERVED CVE-2018-1216 (A hard-coded password vulnerability was discovered in vApp Manager ...) @@ -20459,7 +20459,7 @@ CVE-2018-1173 CVE-2018-1172 RESERVED CVE-2018-1171 (This vulnerability allows local attackers to escalate privileges on ...) - TODO: check + NOT-FOR-US: Joyent SmartOS CVE-2018-1170 (This vulnerability allows adjacent attackers to inject arbitrary ...) NOT-FOR-US: Volkswagen Customer-Link App and HTC Customer-Link Bridge CVE-2018-1169 (This vulnerability allows remote attackers to execute arbitrary code ...) @@ -144975,7 +144975,7 @@ CVE-2014-4026 CVE-2014-4025 RESERVED CVE-2014-4024 (SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x ...) - TODO: check + NOT-FOR-US: F5 BIG-IP CVE-2014-4023 (Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in ...) NOT-FOR-US: F5 BIG-IP CVE-2014-4022 (The alloc_domain_struct function in arch/arm/domain.c in Xen 4.4.x, ...) @@ -148927,9 +148927,9 @@ CVE-2014-2677 CVE-2014-2676 RESERVED CVE-2014-2675 (Cross-site request forgery (CSRF) vulnerability in inc/AdminPage.php ...) - TODO: check + NOT-FOR-US: WP HTML Sitemap plugin for WordPress CVE-2014-2674 (Directory traversal vulnerability in the Ajax Pagination (twitter ...) - TODO: check + NOT-FOR-US: Ajax Pagination (twitter Style) plugin for WordPress CVE-2014-2671 (Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote ...) NOT-FOR-US: Microsoft Windows Media Player CVE-2014-2670 (Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO ...) @@ -149232,7 +149232,7 @@ CVE-2014-2552 CVE-2014-2551 RESERVED CVE-2014-2550 (Cross-site request forgery (CSRF) vulnerability in the Disable ...) - TODO: check + NOT-FOR-US: Disable Comments plugin for WordPress CVE-2014-2549 RESERVED CVE-2014-2548 @@ -149987,7 +149987,7 @@ CVE-2014-2299 (Buffer overflow in the mpeg_read function in wiretap/mpeg.c in th CVE-2014-2298 RESERVED CVE-2014-2297 (Multiple cross-site scripting (XSS) vulnerabilities in the ...) - TODO: check + NOT-FOR-US: VideoWhisper Live Streaming Integration plugin for WordPress CVE-2014-2296 RESERVED CVE-2014-2295 @@ -150068,7 +150068,7 @@ CVE-2014-2276 (The FileUploadController servlet in EMC Connectrix Manager Conver CVE-2014-2275 RESERVED CVE-2014-2274 (Cross-site request forgery (CSRF) vulnerability in the Subscribe To ...) - TODO: check + NOT-FOR-US: Subscribe To Comments Reloaded plugin for WordPress CVE-2014-2273 (The hx170dec device driver in Huawei P2-6011 before V100R001C00B043 ...) NOT-FOR-US: Huawei Router CVE-2014-2272 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2875c3a72474f5db50e624a05ded9620e2b7b8a0 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2875c3a72474f5db50e624a05ded9620e2b7b8a0 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-88{08, 09, 10}/radare2
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a9fdb7c8 by Salvatore Bonaccorso at 2018-03-20T10:26:12+01:00 Add CVE-2018-88{08,09,10}/radare2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -21,11 +21,14 @@ CVE-2018-8812 CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in ...) NOT-FOR-US: OpenCMS CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) - TODO: check + - radare2 + NOTE: https://github.com/radare/radare2/issues/9727 CVE-2018-8809 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) - TODO: check + - radare2 + NOTE: https://github.com/radare/radare2/issues/9726 CVE-2018-8808 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) - TODO: check + - radare2 + NOTE: https://github.com/radare/radare2/issues/9725 CVE-2018-8807 (In libming 0.4.8, these is a use-after-free in the function ...) - ming NOTE: https://github.com/libming/libming/issues/129 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9fdb7c8e5f38e13f98635c8146c06b75ea8bdf5 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9fdb7c8e5f38e13f98635c8146c06b75ea8bdf5 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add two new ming issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7f330531 by Salvatore Bonaccorso at 2018-03-20T10:23:28+01:00 Add two new ming issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -27,9 +27,11 @@ CVE-2018-8809 (In radare2 2.4.0, there is a heap-based buffer over-read in the . CVE-2018-8808 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) TODO: check CVE-2018-8807 (In libming 0.4.8, these is a use-after-free in the function ...) - TODO: check + - ming + NOTE: https://github.com/libming/libming/issues/129 CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the ...) - TODO: check + - ming + NOTE: https://github.com/libming/libming/issues/128 CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the ...) NOT-FOR-US: Yxcms CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f33053190bb5cd105754f03fe1808dd4c138cd0 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f33053190bb5cd105754f03fe1808dd4c138cd0 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process one further NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f38a2173 by Salvatore Bonaccorso at 2018-03-20T10:22:13+01:00 Process one further NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -31,7 +31,7 @@ CVE-2018-8807 (In libming 0.4.8, these is a use-after-free in the function ...) CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the ...) TODO: check CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the ...) - TODO: check + NOT-FOR-US: Yxcms CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote ...) - imagemagick NOTE: https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f38a2173556c5a52e519f44d01b7ea7b81d2611a --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f38a2173556c5a52e519f44d01b7ea7b81d2611a You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8804/imagemagick
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8a347db7 by Salvatore Bonaccorso at 2018-03-20T10:21:16+01:00 Add CVE-2018-8804/imagemagick - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -33,7 +33,10 @@ CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the ...) CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the ...) TODO: check CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote ...) - TODO: check + - imagemagick + NOTE: https://github.com/ImageMagick/ImageMagick/commit/f55d3a622d234e940fb99325b92c6d3df578fa9b + NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/6355db269e03f879c516cf9d592c72e157bc75d6 + NOTE: https://github.com/ImageMagick/ImageMagick/issues/1025 CVE-2018-8803 RESERVED CVE-2018-8802 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8a347db7b4cc24f778bf327292e1e864b4b0dd6a --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8a347db7b4cc24f778bf327292e1e864b4b0dd6a You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7110ba29 by Salvatore Bonaccorso at 2018-03-20T10:16:14+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1,5 +1,5 @@ CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...) - TODO: check + NOT-FOR-US: windrvr1260.sys in Jungo DriverWizard WinDriver CVE-2018-8820 RESERVED CVE-2018-8819 @@ -11,7 +11,7 @@ CVE-2018-8817 CVE-2018-8816 RESERVED CVE-2018-8815 (Cross-site scripting (XSS) vulnerability in the gallery function in ...) - TODO: check + NOT-FOR-US: Alkacon OpenCMS CVE-2018-8814 RESERVED CVE-2018-8813 @@ -19,7 +19,7 @@ CVE-2018-8813 CVE-2018-8812 RESERVED CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in ...) - TODO: check + NOT-FOR-US: OpenCMS CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) TODO: check CVE-2018-8809 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7110ba296fcb4746d982fa30acf14ba49c951e02 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7110ba296fcb4746d982fa30acf14ba49c951e02 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7a94df74 by security tracker role at 2018-03-20T09:10:16+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,45 @@ +CVE-2018-8821 (windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers ...) + TODO: check +CVE-2018-8820 + RESERVED +CVE-2018-8819 + RESERVED +CVE-2018-8818 + RESERVED +CVE-2018-8817 + RESERVED +CVE-2018-8816 + RESERVED +CVE-2018-8815 (Cross-site scripting (XSS) vulnerability in the gallery function in ...) + TODO: check +CVE-2018-8814 + RESERVED +CVE-2018-8813 + RESERVED +CVE-2018-8812 + RESERVED +CVE-2018-8811 (Cross-site request forgery (CSRF) vulnerability in ...) + TODO: check +CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) + TODO: check +CVE-2018-8809 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) + TODO: check +CVE-2018-8808 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...) + TODO: check +CVE-2018-8807 (In libming 0.4.8, these is a use-after-free in the function ...) + TODO: check +CVE-2018-8806 (In libming 0.4.8, there is a use-after-free in the ...) + TODO: check +CVE-2018-8805 (Yxcms building system (compatible cell phone) v1.4.7 has XSS via the ...) + TODO: check +CVE-2018-8804 (WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote ...) + TODO: check +CVE-2018-8803 + RESERVED +CVE-2018-8802 + RESERVED +CVE-2018-8801 + RESERVED CVE-2018-8800 RESERVED CVE-2018-8799 @@ -3360,8 +3402,8 @@ CVE-2018-7447 (mojoPortal through 2.6.0.0 is prone to multiple persistent cross- NOT-FOR-US: mojoPortal CVE-2018-7446 RESERVED -CVE-2018-7445 - RESERVED +CVE-2018-7445 (A buffer overflow was found in the MikroTik RouterOS SMB service when ...) + TODO: check CVE-2018-7444 RESERVED CVE-2017-18199 (realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote ...) @@ -4045,8 +4087,7 @@ CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad th NOTE: https://bugs.debian.org/870608 NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1081784 TODO: clarify with MITRE why this CVE was additionally assigned -CVE-2018-7262 [Malformed HTTP requests handled in rgw_civetweb.cc:RGW::init_env() can lead to NULL pointer dereference] - RESERVED +CVE-2018-7262 (In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc ...) - ceph (Issue introduced later) NOTE: See details in https://bugs.debian.org/891963#15 . Ceph as present in NOTE: Debian up to 10.2.5-7.2 is not vulnerable as they contain an older @@ -9740,8 +9781,7 @@ CVE-2017-18022 (In ImageMagick 7.0.7-12 Q16, there are memory leaks in ...) CVE-2018-5244 (In Xen 4.10, new infrastructure was introduced as part of an overhaul ...) - xen (Only affects Xen 4.10 onwards) NOTE: https://xenbits.xen.org/xsa/advisory-253.html -CVE-2018-5233 - RESERVED +CVE-2018-5233 (Cross-site scripting (XSS) vulnerability in ...) NOT-FOR-US: Grav CMS admin plugin CVE-2018-5232 RESERVED @@ -141543,8 +141583,7 @@ CVE-2014-5459 (The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allo NOTE: Although #682157 and #759282 got closed the issues with unsafe use of NOTE: /tmp are not yet resolved, cf. https://bugs.debian.org/682157#36 NOTE: Neutralised by kernel hardening -CVE-2014-5450 - RESERVED +CVE-2014-5450 (Zarafa Collaboration Platform 4.1 uses world-readable permissions for ...) - zarafa (bug #658433) CVE-2014-5449 (Zarafa WebAccess 4.1 and WebApp uses world-readable permissions for ...) - zarafa (bug #658433) @@ -141552,8 +141591,7 @@ CVE-2014-5448 (Zarafa 5.00 uses world-readable permissions for the files in the - zarafa (bug #658433) CVE-2014-5447 (Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions ...) - zarafa (bug #658433) -CVE-2014-5443 - RESERVED +CVE-2014-5443 (Seafile Server before 3.1.2 and Server Professional Edition before ...) - seafile (Fixed before initial upload to the archive) CVE-2014-5388 (Off-by-one error in the pci_read function in the ACPI PCI hotplug ...) - qemu 2.1+dfsg-5 @@ -144928,8 +144966,8 @@ CVE-2014-4026 RESERVED CVE-2014-4025 RESERVED -CVE-2014-4024 - RESERVED +CVE-2014-4024 (SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x ...) + TODO: check CVE-2014-4023 (Cross-site scripting (XSS) vulnerability in tmui/dashboard/echo.jsp in ...) NOT-FOR-US: F5 BIG-IP CVE-2014-4022 (The
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3740/ruby-sanitize
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: aa848e1b by Salvatore Bonaccorso at 2018-03-20T07:24:39+01:00 Add CVE-2018-3740/ruby-sanitize - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -13360,8 +13360,12 @@ CVE-2018-3742 RESERVED CVE-2018-3741 RESERVED -CVE-2018-3740 +CVE-2018-3740 [Sanitize HTML injection vulnerability] RESERVED + - ruby-sanitize + NOTE: https://github.com/rgrove/sanitize/issues/176 + NOTE: https://github.com/rgrove/sanitize/commit/01629a162e448a83d901456d0ba8b65f3b03d46e + NOTE: Only an issue in combination with libxml2 >= 2.9.2 CVE-2018-3739 RESERVED CVE-2018-3738 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/aa848e1bb5c3c5a550c03e3ce265cb80e54cee9b --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/aa848e1bb5c3c5a550c03e3ce265cb80e54cee9b You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8048/ruby-loofah
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 27014370 by Salvatore Bonaccorso at 2018-03-20T07:14:13+01:00 Add CVE-2018-8048/ruby-loofah - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -1656,8 +1656,11 @@ CVE-2018-8050 (The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka NOTE: Negligable security impact CVE-2018-8049 RESERVED -CVE-2018-8048 +CVE-2018-8048 [XSS vulnerability] RESERVED + - ruby-loofah + NOTE: https://github.com/flavorjones/loofah/issues/144 + NOTE: https://github.com/flavorjones/loofah/commit/4a08c25a603654f2fc505a7d2bf0c35a39870ad7 CVE-2018-8047 RESERVED CVE-2018-8046 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2701437052393b5966a8a9807f271adb4f5e9963 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2701437052393b5966a8a9807f271adb4f5e9963 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Don't consider CVE-2017-5715 yet as fixed (not completely)
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c21b0a80 by Salvatore Bonaccorso at 2018-03-20T06:57:51+01:00 Dont consider CVE-2017-5715 yet as fixed (not completely) We will follow here Bens updates on kernel triage and only start considering CVE-2017-5715 as fixed in 4.16-rc4. For 4.9. in 4.9.88 and unstable (pending) in 4.15.11-1. - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -58517,8 +58517,7 @@ CVE-2017-5717 (Type Confusion in Content Protection HECI Service in Intel Graphi CVE-2017-5716 REJECTED CVE-2017-5715 (Systems with microprocessors utilizing speculative execution and ...) - {DSA-4120-1} - - linux 4.14.17-1 + - linux NOTE: https://spectreattack.com/ NOTE: https://xenbits.xen.org/xsa/advisory-254.html NOTE: https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html = data/DSA/list = --- a/data/DSA/list +++ b/data/DSA/list @@ -91,7 +91,7 @@ [22 Feb 2018] DSA-4121-1 gcc-6 - update [stretch] - gcc-6 6.3.0-18+deb9u1 [22 Feb 2018] DSA-4120-1 linux - security update - {CVE-2017-5715 CVE-2017-5754 CVE-2017-13166 CVE-2018-5750} + {CVE-2017-5754 CVE-2017-13166 CVE-2018-5750} [stretch] - linux 4.9.82-1+deb9u2 [19 Feb 2018] DSA-4119-1 libav - security update {CVE-2017-16803} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c21b0a803ea11fe49069117455a569dc96618169 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c21b0a803ea11fe49069117455a569dc96618169 You're receiving this email because of your account on salsa.debian.org. ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits