[Secure-testing-commits] r34277 - data/CVE
Author: aw-guest Date: 2015-05-14 19:31:08 + (Thu, 14 May 2015) New Revision: 34277 Modified: data/CVE/list Log: CVE-2015-1547 fixed Modified: data/CVE/list === --- data/CVE/list 2015-05-14 16:27:21 UTC (rev 34276) +++ data/CVE/list 2015-05-14 19:31:08 UTC (rev 34277) @@ -6860,6 +6860,8 @@ - tiff (bug #777390) - tiff3 NOTE: http://lcamtuf.coredump.cx/afl/vulns/libtiff5.tif + NOTE: fix in https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1547 + NOTE: is applied in 4.0.3-13 (but please recheck this) CVE-2015-1482 (Ansible Tower (aka Ansible UI) before 2.0.5 allows remote attackers to ...) NOT-FOR-US: Ansible Tower CVE-2015-1481 (Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r26609 - data/CVE
Author: aw-guest
Date: 2014-04-18 10:01:34 + (Fri, 18 Apr 2014)
New Revision: 26609
Modified:
data/CVE/list
Log:
CVE-2013-7270, CVE-2013-7263 fixed in stable
CVE-2014-2568 stable/oldstable not affected
Modified: data/CVE/list
===
--- data/CVE/list 2014-04-18 09:14:13 UTC (rev 26608)
+++ data/CVE/list 2014-04-18 10:01:34 UTC (rev 26609)
@@ -1015,6 +1015,8 @@
CVE-2014-2568 (Use-after-free vulnerability in the nfqnl_zcopy function in ...)
- linux 3.13.7-1
- linux-2.6
+ [wheezy] - linux (Introduced in 3.10 commit ae08ce002108)
+ [squeeze] - linux (Introduced in 3.10 commit
ae08ce002108)
NOTE: Upstream path: https://lkml.org/lkml/2014/3/20/421
CVE-2014-2567 (The OpenConnectionTask::handleStateHelper function in ...)
NOT-FOR-US: Trojita
@@ -4974,6 +4976,7 @@
- linux-2.6
[squeeze] - linux-2.6 (Too intrusive to backport)
- linux 3.12.6-1
+ [wheezy] - linux 3.2.54-1
NOTE: upstream fix:
https://git.kernel.org/linus/f3d3342602f8bcbf37d7c46641cb9bca7618eb1c
NOTE: included in
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4
CVE-2013-7269 (The nr_recvmsg function in net/netrom/af_netrom.c in the Linux
kernel ...)
@@ -5386,6 +5389,7 @@
{DSA-2906-1}
- linux-2.6 (low)
- linux 3.12.6-1 (low)
+ [wheezy] - linux 3.2.54-1 (low)
CVE-2013-7251 (Multiple cross-site request forgery (CSRF) vulnerabilities in
...)
NOT-FOR-US: ProjectForge
CVE-2013-7250 (Cross-site scripting (XSS) vulnerability in the JsonBuilder ...)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r25692 - data/CVE
Author: aw-guest
Date: 2014-02-11 21:37:09 + (Tue, 11 Feb 2014)
New Revision: 25692
Modified:
data/CVE/list
Log:
CVE-2013-2065 - fixed
Modified: data/CVE/list
===
--- data/CVE/list 2014-02-11 21:14:12 UTC (rev 25691)
+++ data/CVE/list 2014-02-11 21:37:09 UTC (rev 25692)
@@ -17490,8 +17490,9 @@
{DSA-2674-1}
- libxv 2:1.0.7-1+deb7u1
CVE-2013-2065 ((1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426,
and 2.0 ...)
- - ruby1.9.1
+ - ruby1.9.1 1.9.3.484-2
- ruby1.8 (Only affects 1.9 and 2.x)
+ NOTE: I checked 1.9.3.484-2, but
https://www.ruby-lang.org/en/news/2013/05/14/taint-bypass-dl-fiddle-cve-2013-2065/
says it should be closed since 1.9.3 patchlevel 426
CVE-2013-2064 (Integer overflow in X.org libxcb 1.9 and earlier allows X
servers to ...)
{DSA-2686-1}
- libxcb 1.8.1-2+deb7u1
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r25211 - doc
Author: aw-guest Date: 2014-01-14 23:44:49 + (Tue, 14 Jan 2014) New Revision: 25211 Modified: doc/narrative_introduction Log: pwgen wants separate bugs for each cve. Modified: doc/narrative_introduction === --- doc/narrative_introduction 2014-01-14 20:02:18 UTC (rev 25210) +++ doc/narrative_introduction 2014-01-14 23:44:49 UTC (rev 25211) @@ -272,6 +272,7 @@ is a list of packages for which each CVE should be reported separately: - php5 - libav +- pwgen A special exception is made for kernel related issues. The kernel-sec group will take care of them. It is not necessary to file bugs in the BTS for kernel ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r25171 - data/CVE
Author: aw-guest
Date: 2014-01-12 20:56:21 + (Sun, 12 Jan 2014)
New Revision: 25171
Modified:
data/CVE/list
Log:
CVE-2013-4357 unimportant?
CVE-2013-4237 CVE-2013-4332 CVE-2013-4458 CVE-2013-4387 fixed in point update
CVE-2013-6383 fixed in 3.11.8-1
CVE-2013-1741, CVE-2013-5606 bug reported
Modified: data/CVE/list
===
--- data/CVE/list 2014-01-12 15:47:15 UTC (rev 25170)
+++ data/CVE/list 2014-01-12 20:56:21 UTC (rev 25171)
@@ -4375,7 +4375,7 @@
- ceilometer 2013.2-4 (bug #730227)
CVE-2013-6383 (The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c
in the ...)
- linux-2.6
- - linux
+ - linux 3.11.8-1
NOTE:
http://git.kernel.org/linus/f856567b930dfcdbc3323261bf77240ccdde01f5
CVE-2013-6382 (Multiple buffer underflows in the XFS implementation in the
Linux ...)
- linux-2.6 (low)
@@ -6232,7 +6232,7 @@
{DSA-2820-1}
- nspr 2:4.10.2-1
CVE-2013-5606 (The CERT_VerifyCert function in lib/certhigh/certvfy.c in
Mozilla ...)
- - nss 2:3.15.3-1
+ - nss 2:3.15.3-1 (bug #735105)
CVE-2013-5605 (Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and
3.15 ...)
{DSA-2800-1}
- nss 2:3.15.3-1
@@ -8552,6 +8552,8 @@
CVE-2013-4592 (Memory leak in the __kvm_set_memory_region function in ...)
- linux 3.8-1
- linux-2.6
+ [wheezy] - linux 3.2.53-1
+ NOTE: fixed in point update
CVE-2013-4591 (Buffer overflow in the __nfs4_get_acl_uncached function in ...)
- linux 3.8-1
[wheezy] - linux (Introduced in 3.6)
@@ -8992,7 +8994,7 @@
- lightdm (Only in combination with guest profile,
apparmor and 1.8.x branch)
CVE-2013-4458 (Stack-based buffer overflow in the getaddrinfo function in ...)
- eglibc (low; bug #727181)
- [wheezy] - eglibc (Minor issue)
+ [wheezy] - eglibc 2.13-38+deb7u1
[squeeze] - eglibc (Minor issue)
NOTE: https://sourceware.org/ml/libc-alpha/2013-10/msg00733.html
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=16072
@@ -9231,6 +9233,7 @@
CVE-2013-4387 (net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does
not ...)
- linux-2.6
- linux 3.11.5-1
+ [wheezy] - linux 3.2.53-2
CVE-2013-4386 (Multiple SQL injection vulnerabilities in ...)
- foreman (bug #663101)
CVE-2013-4385 (Buffer overflow in the "read-string!" procedure in
the "extras" unit ...)
@@ -9333,6 +9336,7 @@
RESERVED
- eglibc
NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=12671
+ NOTE: unimportant?
CVE-2013-4356 (Xen 4.3.x writes hypervisor mappings to certain shadow
pagetables when ...)
- xen
[wheezy] - xen (Only affects 4.3+)
@@ -9431,7 +9435,7 @@
NOT-FOR-US: OpenPNE
CVE-2013-4332 (Multiple integer overflows in malloc/malloc.c in the GNU C
Library ...)
- eglibc 2.17-93 (bug #722536)
- [wheezy] - eglibc (Will be fixed in point update)
+ [wheezy] - eglibc 2.13-38+deb7u1
CVE-2013-4331 [incorrect .Xauthority permissions]
RESERVED
- lightdm 1.6.2-1 (bug #721744)
@@ -9753,7 +9757,7 @@
NOTE: https://bugs.mageia.org/show_bug.cgi?id=10989
CVE-2013-4237 (sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or
libc6) ...)
- eglibc 2.17-94 (bug #719558)
- [wheezy] - eglibc (Will be fixed in point update)
+ [wheezy] - eglibc 2.13-38+deb7u1
NOTE: http://sourceware.org/bugzilla/show_bug.cgi?id=14699
NOTE: http://sourceware.org/ml/libc-alpha/2013-05/msg00445.html
CVE-2013-4236 (VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows
privileged ...)
@@ -16485,7 +16489,7 @@
- bugzilla4 (bug #669643)
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=924802
CVE-2013-1741 (Integer overflow in Mozilla Network Security Services (NSS)
3.15 ...)
- - nss 2:3.15.3-1
+ - nss 2:3.15.3-1 (bug #735105)
NOTE: https://hg.mozilla.org/projects/nss/rev/612d7d1eb9e7
CVE-2013-1740
RESERVED
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r24530 - data/CVE
Author: aw-guest Date: 2013-12-02 21:20:33 + (Mon, 02 Dec 2013) New Revision: 24530 Modified: data/CVE/list Log: CVE-2013-4483 - this is fixed at least in 3.11.8-1 (this time really) Modified: data/CVE/list === --- data/CVE/list 2013-12-02 21:18:33 UTC (rev 24529) +++ data/CVE/list 2013-12-02 21:20:33 UTC (rev 24530) @@ -5630,7 +5630,7 @@ - varnish 3.0.5-1 (medium; bug #728989) NOTE: https://www.varnish-cache.org/trac/ticket/1367 CVE-2013-4483 (The ipc_rcu_putref function in ipc/util.c in the Linux kernel before ...) - - linux (low) + - linux 3.11.8-1 (low) - linux-2.6 (low) NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6062a8 CVE-2013-4482 (Untrusted search path vulnerability in python-paste-script (aka ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r24529 - data/CVE
Author: aw-guest Date: 2013-12-02 21:18:33 + (Mon, 02 Dec 2013) New Revision: 24529 Modified: data/CVE/list Log: CVE-2013-4299 - corrected typo CVE-2013-4483 - this is fixed at least in 3.11.8-1 Modified: data/CVE/list === --- data/CVE/list 2013-12-02 18:57:59 UTC (rev 24528) +++ data/CVE/list 2013-12-02 21:18:33 UTC (rev 24529) @@ -6253,8 +6253,8 @@ [wheezy] - linux (Not exploitable by unprivileged users in 3.2) - linux-2.6 (Not exploitable by unprivileged users in 2.6.32) CVE-2013-4299 (Interpretation conflict in drivers/md/dm-snap-persistent.c in the ...) - - linux-2.6 3.11.6-2 - - linux + - linux-2.6 + - linux 3.11.6-2 NOTE: upstream commit: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e9c6a182649f4259db704ae15a91ac820e63b0ca CVE-2013-4297 (The virFileNBDDeviceAssociate function in util/virfile.c in libvirt ...) - libvirt 1.1.2-2 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r24198 - data/CVE
Author: aw-guest Date: 2013-10-28 21:40:19 + (Mon, 28 Oct 2013) New Revision: 24198 Modified: data/CVE/list Log: CVE-2013-0844 is fixed Modified: data/CVE/list === --- data/CVE/list 2013-10-28 21:14:33 UTC (rev 24197) +++ data/CVE/list 2013-10-28 21:40:19 UTC (rev 24198) @@ -14003,7 +14003,7 @@ CVE-2013-0844 [libavcodec/adpcm.c out of array access] RESERVED - ffmpeg - - libav + - libav 6:9.10-1 NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f18c873ab5ee3c78d00fdcc2582b39c133faecb4 CVE-2013-0843 (content/renderer/media/webrtc_audio_renderer.cc in Google Chrome ...) - chromium-browser (MacOS-specific) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r23520 - data/CVE
Author: aw-guest
Date: 2013-09-02 20:47:11 + (Mon, 02 Sep 2013)
New Revision: 23520
Modified:
data/CVE/list
Log:
CVE-2013-1961 - tiff3 not affected
Modified: data/CVE/list
===
--- data/CVE/list 2013-09-02 14:42:20 UTC (rev 23519)
+++ data/CVE/list 2013-09-02 20:47:11 UTC (rev 23520)
@@ -9050,8 +9050,9 @@
CVE-2013-1961 (Stack-based buffer overflow in the t2p_write_pdf_page function
in ...)
{DSA-2698-1}
- tiff 4.0.2-6+nmu1 (bug #706674)
- - tiff3 3.9.7-1 (bug #712840)
+ - tiff3 (bug #712840)
[wheezy] - tiff3 (the changes that effect the library are just
hardening, converting uses of sprintf to snprintf. those can be rolled into the
next tiff3 update, but a separate dsa isn't needed)
+ NOTE: The tiff3 package does not include tiff2pdf, so the issue does
not applyto tiff3.
CVE-2013-1960 (Heap-based buffer overflow in the tp_process_jpeg_strip
function in ...)
{DSA-2698-1}
- tiff 4.0.2-6+nmu1 (bug #706675)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r22953 - data/CVE
Author: aw-guest Date: 2013-07-16 00:45:17 + (Tue, 16 Jul 2013) New Revision: 22953 Modified: data/CVE/list Log: CVE-2013-0845 - CVE-2013-0874, CVE-2013-3670, CVE-2013-3672, CVE-2013-3674: doublechecked, bug reported Modified: data/CVE/list === --- data/CVE/list 2013-07-15 21:14:27 UTC (rev 22952) +++ data/CVE/list 2013-07-16 00:45:17 UTC (rev 22953) @@ -2511,7 +2511,7 @@ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=9dd04f6d8cdd1c10c28b2cb4252c1a41df581915 CVE-2013-3674 (The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg ...) - ffmpeg (CD Graphics Video Decoder not present in 0.5 ffmpeg) - - libav + - libav (bug #717009) NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ad002e1a13a8df934bd6cb2c84175a4780ab8942 CVE-2013-3673 (The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg ...) - ffmpeg (Doesn't affect libav, specific to current ffmpeg) @@ -2519,7 +2519,7 @@ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d23b8462b5a4a9da78ed45c4a7a3b35d538df909 CVE-2013-3672 (The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg ...) - ffmpeg - - libav + - libav (bug #717009) NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=8d3c99e825317b7efda5fd12e69896b47c700303 CVE-2013-3671 (The format_line function in log.c in libavutil in FFmpeg before 1.2.1 ...) - ffmpeg (Doesn't affect libav, specific to current ffmpeg) @@ -2527,11 +2527,12 @@ NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7edb984dd051b6919d7d8471c70499273f31b0fa CVE-2013-3670 (The rle_unpack function in vmdav.c in libavcodec in FFmpeg git ...) - ffmpeg - - libav + - libav (bug #717009) NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c1f2c4c3b49277d65b71ccdd3b6b2878f1b593eb NOTE: These are likely the libav commits: NOTE: http://git.libav.org/?p=libav.git;a=commit;h=701966730ce10290fd49c5ccedd73f505680f764 NOTE: http://git.libav.org/?p=libav.git;a=commit;h=676da248cad49debc40720baa13214f0b94dcc71 + NOTE: given libav commits fix different things AFAICS CVE-2013-3669 RESERVED CVE-2013-3668 @@ -9861,17 +9862,18 @@ CVE-2013-0874 [libavcodec/tiff.c out of array accesses] RESERVED - ffmpeg - - libav - TODO: check + - libav (bug #717009) NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e1219cdaf9fb4bc8cea410e1caf802373c1bfe51 NOTE: Is that the relevant libav commit? NOTE: http://git.libav.org/?p=libav.git;a=commit;h=9c2216976907336dfae0e8e38a4d70ca2465a92c + NOTE: looks invalid - relevant code fragment is not present in libav CVE-2013-0873 [libavcodec/shorten.c freeing invalid addresses] RESERVED - ffmpeg - - libav + - libav (bug #717009) NOTE: Commit in libav: http://git.libav.org/?p=libav.git;a=commit;h=c10da30d8426a1f681d99a780b6e311f7fb4e5c5 NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=4f1279154ee9baf2078241bf5619774970d18b25 + TODO: this pactch seems to be applied, please doublecheck CVE-2013-0872 [libswresample/swresample.c out of array accesses] RESERVED - ffmpeg (libswresample not yet present in ffmpeg/0.5) @@ -9884,36 +9886,40 @@ CVE-2013-0870 [libavcodec/vp3.c] RESERVED - ffmpeg - - libav + - libav (bug #717009) NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=14c8ee00ffd9d45e6e0c6f11a957ce7e56f7eb3a + NOTE: looks invalid - relevant code fragment is not present in libav CVE-2013-0869 [libavcodec/h264.c out of array accesses] RESERVED - ffmpeg - - libav + - libav (bug #717009) NOTE: That should be the equivalent libav fix: http://git.libav.org/?p=libav.git;a=commit;h=706acb558a38eba633056773280155d66c2f4b24 NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=695af8eed642ff0104834495652d1ee784a4c14d + TODO: this pactch seems to be applied, please doublecheck CVE-2013-0868 [libavcodec/huffyuvdec.c out of array writes] RESERVED - ffmpeg - - libav + - libav (bug #717009) NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f67a0d115254461649470452058fa3c28c0df294 NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0dfc01c2bbf4b71bb56201bc4a393321e15d1b31 CVE-2013-0867 [libavcodec/h264.c out of array accesses] RESERVED - ffmpeg - - libav + - libav (bug #717009) NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=11c99c78bafa77f679a1a3ba06ad00984b9a4cae CVE-2013-0866 [libavcodec/aacdec.c out of array accesses] RESERVED - ffmpeg - - libav + - libav (bug #
[Secure-testing-commits] r22652 - data/CVE
Author: aw-guest Date: 2013-06-17 18:00:57 + (Mon, 17 Jun 2013) New Revision: 22652 Modified: data/CVE/list Log: CVE-2012-2372 - Note added Modified: data/CVE/list === --- data/CVE/list 2013-06-17 16:53:39 UTC (rev 22651) +++ data/CVE/list 2013-06-17 18:00:57 UTC (rev 22652) @@ -22388,6 +22388,7 @@ [squeeze] - linux-2.6 (Vulnerable code not present) CVE-2012-2372 (The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram ...) - linux (low) + NOTE: rds is not included in distributed kernel images CVE-2012-2371 (Cross-site scripting (XSS) vulnerability in index.php in the ...) NOT-FOR-US: WP-FaceThumb plugin for WordPress CVE-2012-2370 (Multiple integer overflows in the read_bitmap_file_data function in ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r22404 - data/CVE
Author: aw-guest Date: 2013-05-29 20:57:11 + (Wed, 29 May 2013) New Revision: 22404 Modified: data/CVE/list Log: CVE-2013-1957, CVE-2013-1958 are fixed Modified: data/CVE/list === --- data/CVE/list 2013-05-29 20:41:27 UTC (rev 22403) +++ data/CVE/list 2013-05-29 20:57:11 UTC (rev 22404) @@ -4107,9 +4107,9 @@ [wheezy] - linux (Introduced in 3.7) - linux-2.6 (Introduced in 3.7) CVE-2013-1958 (The scm_check_creds function in net/core/scm.c in the Linux kernel ...) - - linux + - linux 3.8.13-1 CVE-2013-1957 (The clone_mnt function in fs/namespace.c in the Linux kernel before ...) - - linux + - linux 3.8.13-1 CVE-2013-1956 (The create_user_ns function in kernel/user_namespace.c in the Linux ...) - linux 3.8.11-1 CVE-2013-1955 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r22108 - data/CVE
Author: aw-guest Date: 2013-04-30 22:51:27 + (Tue, 30 Apr 2013) New Revision: 22108 Modified: data/CVE/list Log: CVE-2013-0787, CVE-2013-0783, CVE-2013-0782, CVE-2013-0780, CVE-2013-0776, CVE-2013-0775, CVE-2013-0773 fixed in experimental. CVE-2013-2635, CVE-2013-0349, CVE-2013-0313, CVE-2013-0310, CVE-2013-0309, CVE-2013-0268 fixed. CVE-2013-2634, CVE-2013-1826, CVE-2013-1773 fixed in unstable/testing. Modified: data/CVE/list === --- data/CVE/list 2013-04-30 21:14:24 UTC (rev 22107) +++ data/CVE/list 2013-04-30 22:51:27 UTC (rev 22108) @@ -1417,11 +1417,11 @@ - linux (Introduced in 3.8) - linux-2.6 (Introduced in 3.8) CVE-2013-2635 (The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux ...) - - linux + - linux 3.2.41-2 - linux-2.6 [squeeze] - linux-2.6 (Introduced in 2.6.34) CVE-2013-2634 (net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize ...) - - linux + - linux 3.2.41-2 - linux-2.6 CVE-2013-2633 (Piwik before 1.11 accepts input from a POST request instead of a GET ...) - piwik (bug #506933) @@ -3459,8 +3459,9 @@ - linux-2.6 [squeeze] - linux-2.6 2.6.32-47 CVE-2013-1826 (The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux ...) - - linux (low) + - linux 3.2.41-2 (low) - linux-2.6 (low) + NOTE: Probably gone since 3.2.32-1, but I checked 3.2.41-2 CVE-2013-1825 REJECTED CVE-2013-1824 @@ -3608,8 +3609,9 @@ - linux 3.2.38-1 - linux-2.6 CVE-2013-1773 (Buffer overflow in the VFAT filesystem implementation in the Linux ...) - - linux + - linux 3.2.41-2 - linux-2.6 + NOTE: Probably gone since 3.2.15-1, but I checked 3.2.41-2 CVE-2013-1772 (The log_prefix function in kernel/printk.c in the Linux kernel 3.x ...) - linux 3.2.39-1 - linux-2.6 (Vulnerability exposed since 3.0) @@ -5897,7 +5899,7 @@ - iceweasel NOTE: fixed in experimental 20.0-1 CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...) - - iceweasel + - iceweasel 19.0.2-1 - icedove - iceape CVE-2013-0786 (The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x ...) @@ -5913,11 +5915,11 @@ - iceweasel (Doesn't affect the ESR series, only releases from experimental) - icedove (Doesn't affect the ESR series, only releases from experimental) CVE-2013-0783 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) - - iceweasel (bug #703071) + - iceweasel 19.0-1 (bug #703071) - icedove - iceape CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...) - - iceweasel (bug #703071) + - iceweasel 19.0-1 (bug #703071) - icedove - iceape CVE-2013-0781 (Use-after-free vulnerability in the nsPrintEngine::CommonPrint ...) @@ -5925,7 +5927,7 @@ - iceweasel (Doesn't affect the ESR series, only releases from experimental) - icedove (Doesn't affect the ESR series, only releases from experimental) CVE-2013-0780 (Use-after-free vulnerability in the ...) - - iceweasel (bug #703071) + - iceweasel 19.0-1 (bug #703071) - icedove - iceape CVE-2013-0779 (The nsCodingStateMachine::NextState function in Mozilla Firefox before ...) @@ -5941,11 +5943,11 @@ - iceweasel (Doesn't affect the ESR series, only releases from experimental) - icedove (Doesn't affect the ESR series, only releases from experimental) CVE-2013-0776 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...) - - iceweasel + - iceweasel 19.0-1 (bug #703071) - icedove - iceape CVE-2013-0775 (Use-after-free vulnerability in the ...) - - iceweasel (bug #703071) + - iceweasel 19.0-1 (bug #703071) - icedove - iceape CVE-2013-0774 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...) @@ -5953,7 +5955,7 @@ - iceweasel (Introduced in Firefox 15) - icedove (Introduced in Firefox 15) CVE-2013-0773 (The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) ...) - - iceweasel (bug #703071) + - iceweasel 19.0-1 (bug #703071) - icedove - iceape CVE-2013-0772 (The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, ...) @@ -7284,7 +7286,7 @@ - pktstat 1.8.5-3 (bug #701211) [squeeze] - pktstat (Vulnerable code not present) CVE-2013-0349 (The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux ...) - - linux + - linux 3.2.41-2 - linux-2.6 CVE-2013-0348 [sthttpd world-redable logdir] RESERVED @@ -7381,7 +7383,7 @@ CVE-2013-0314 (The GateIn Portal export/import gadget in
[Secure-testing-commits] r20554 - data/CVE
Author: aw-guest
Date: 2012-11-26 21:33:17 + (Mon, 26 Nov 2012)
New Revision: 20554
Modified:
data/CVE/list
Log:
CVE-2012-2372, CVE-2002-2439, CVE-2012-4398 - severity low
CVE-2012-3375 - linux-2.6 not-affected
CVE-2012-2882, CVE-2012-5359, CVE-2012-5360, CVE-2012-5361 - bug reported
Modified: data/CVE/list
===
--- data/CVE/list 2012-11-26 21:14:18 UTC (rev 20553)
+++ data/CVE/list 2012-11-26 21:33:17 UTC (rev 20554)
@@ -1571,17 +1571,17 @@
CVE-2012-5361
RESERVED
- ffmpeg
- - libav
+ - libav (bug #694483)
NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
CVE-2012-5360
RESERVED
- ffmpeg
- - libav
+ - libav (bug #694483)
NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
CVE-2012-5359
RESERVED
- ffmpeg
- - libav
+ - libav (bug #694483)
NOTE: http://technet.microsoft.com/en-us/security/msvr/msvr12-017
CVE-2012-5358
RESERVED
@@ -4270,7 +4270,7 @@
NOTE:
http://bakery.cakephp.org/articles/markstory/2012/07/14/security_release_-_cakephp_2_1_5_2_2_1
CVE-2012-4398
RESERVED
- - linux
+ - linux (low)
- linux-2.6
CVE-2012-4397 (Multiple cross-site scripting (XSS) vulnerabilities in ownCloud
before ...)
- owncloud 4.0.1debian-1
@@ -6879,7 +6879,7 @@
NOTE: http://seclists.org/bugtraq/2012/Jul/48
CVE-2012-3375 (The epoll_ctl system call in fs/eventpoll.c in the Linux kernel
before ...)
- linux 3.2.23-1
- - linux-2.6
+ - linux-2.6
(http://anonscm.debian.org/viewvc/kernel-sec/retired/CVE-2012-3375?revision=2730&view=markup)
CVE-2012-3374 (Buffer overflow in markup.c in the MXit protocol plugin in
libpurple ...)
{DSA-2509-1}
- pidgin 2.10.6-1 (bug #680661)
@@ -7955,7 +7955,7 @@
- chromium-browser 22.0.1229.94~r161065-1
CVE-2012-2882 (FFmpeg, as used in Google Chrome before 22.0.1229.79, does not
...)
- chromium-browser 22.0.1229.94~r161065-1
- - libav
+ - libav (bug #694483)
- ffmpeg
NOTE: https://chromiumcodereview.appspot.com/10829204
CVE-2012-2881 (Google Chrome before 22.0.1229.79 does not properly handle
plug-ins, ...)
@@ -9308,7 +9308,7 @@
- linux-2.6 3.2.19-1
CVE-2012-2372
RESERVED
- - linux
+ - linux (low)
CVE-2012-2371 (Cross-site scripting (XSS) vulnerability in index.php in the
...)
NOT-FOR-US: WP-FaceThumb plugin for WordPress
CVE-2012-2370 (Multiple integer overflows in the read_bitmap_file_data
function in ...)
@@ -10028,6 +10028,7 @@
- nova 2012.1-2 (bug #670637)
CVE-2012-2100 (The ext4_fill_flex_info function in fs/ext4/super.c in the
Linux ...)
- linux-2.6 3.2.2-1
+ [squeeze] - linux-2.6 2.6.32-41squeeze1
NOTE: incomplete fix of CVE-2009-4307, introducing another issue:
NOTE: https://lkml.org/lkml/2012/2/20/422
CVE-2012-2099
@@ -14497,10 +14498,10 @@
[squeeze] - gcc-4.1 (Potentially affected apps need to be
recompiled, if such issues are spotted in apps, these cases can be fixed on a
case-by-case basis)
- gcc-4.3
[squeeze] - gcc-4.3 (Potentially affected apps need to be
recompiled, if such issues are spotted in apps, these cases can be fixed on a
case-by-case basis)
- - gcc-4.4
+ - gcc-4.4 (low)
[squeeze] - gcc-4.4 (Potentially affected apps need to be
recompiled, if such issues are spotted in apps, these cases can be fixed on a
case-by-case basis)
[wheezy] - gcc-4.4 (Potentially affected apps need to be
recompiled, if such issues are spotted in apps, these cases can be fixed on a
case-by-case basis)
- - gcc-4.6
+ - gcc-4.6 (low)
[wheezy] - gcc-4.6 (Potentially affected apps need to be
recompiled, if such issues are spotted in apps, these cases can be fixed on a
case-by-case basis)
NOTE: Are there apps known to be exploitable through this?
NOTE: Any application using unguarded memory allocation would be
susceptible to DoS anyway?
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r20272 - data/CVE
Author: aw-guest
Date: 2012-10-01 11:43:11 + (Mon, 01 Oct 2012)
New Revision: 20272
Modified:
data/CVE/list
Log:
CVE-2012-0876 is fixed in 2.6.6-8 (link-system-expat.diff)
Modified: data/CVE/list
===
--- data/CVE/list 2012-10-01 10:26:09 UTC (rev 20271)
+++ data/CVE/list 2012-10-01 11:43:11 UTC (rev 20272)
@@ -10691,6 +10691,7 @@
{DSA-2525-1}
- expat 2.1.0~beta3-1 (bug #663579)
- python2.6 2.6.8-0.1
+ [squeeze] - python2.6 2.6.6-8
CVE-2012-0875 [systemtap invalid read leading to kernel DoS]
RESERVED
- systemtap 1.7-1 (low; bug #660929; bug #660886)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r20209 - data/CVE
Author: aw-guest
Date: 2012-09-21 20:24:33 + (Fri, 21 Sep 2012)
New Revision: 20209
Modified:
data/CVE/list
Log:
CVE-2012-0864 is fixed in 2.11.3-4 in squeeze
bug for CVE-2012-2677
Modified: data/CVE/list
===
--- data/CVE/list 2012-09-21 06:53:20 UTC (rev 20208)
+++ data/CVE/list 2012-09-21 20:24:33 UTC (rev 20209)
@@ -5814,7 +5814,7 @@
CVE-2012-2678 (389 Directory Server before 1.2.11.6 (aka Red Hat Directory
Server ...)
- 389-ds-base (Fixed before initial upload)
CVE-2012-2677 (Integer overflow in the ordered_malloc function in
boost/pool/pool.hpp ...)
- - boost1.42
+ - boost1.42 (bug #688331)
- boost1.49 1.49.0-3.1 (bug #677197)
CVE-2012-2676 (Multiple integer overflows in the (1) malloc and (2) calloc
functions ...)
NOT-FOR-US: Hoard memory allocator
@@ -10242,7 +10242,8 @@
CVE-2012-0864 [FORTIFY_SOURCE format string protection bypass]
RESERVED
- eglibc 2.13-31 (low; bug #660611)
- [squeeze] - eglibc (hardening bypass)
+ [squeeze] - eglibc 2.11.3-4
+ NOTE: hardening bypass
CVE-2012-0863 (Mumble 1.2.3 and earlier uses world-readable permissions for
...)
{DSA-2411-1}
- mumble 1.2.3-3 (bug #659039)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r19927 - data/CVE
Author: aw-guest Date: 2012-08-10 20:41:59 + (Fri, 10 Aug 2012) New Revision: 19927 Modified: data/CVE/list Log: Bugs for CVE-2011-3389, CVE-2011-5095 CVE-2012-0876: python2.7 probably does not use embedded expat copy Modified: data/CVE/list === --- data/CVE/list 2012-08-10 13:13:19 UTC (rev 19926) +++ data/CVE/list 2012-08-10 20:41:59 UTC (rev 19927) @@ -946,7 +946,8 @@ CVE-2012-3790 (Cross-site scripting (XSS) vulnerability in index.php in Adiscon ...) NOT-FOR-US: Adiscon LogAnalyzer CVE-2011-5095 (The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when ...) - - openssl + - openssl (bug #684527) + NOTE: seems fixed in testing/unstable CVE-2012-3789 (Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, ...) - bitcoin 0.5.0~rc1-1 CVE-2012-3788 @@ -7989,6 +7990,7 @@ - expat 2.1.0~beta3-1 (bug #663579) - python2.6 2.6.8-0.1 - python2.7 + NOTE: python2.7 probably does not use embedded expat copy - python3.1 - python3.2 CVE-2012-0875 [systemtap invalid read leading to kernel DoS] @@ -15272,7 +15274,7 @@ NOTE: strictly speaking this is no lighttpd issue, but lighttpd adds a workaround - curl 7.24.0-1 NOTE: http://curl.haxx.se/docs/adv_20120124B.html - - python2.6 2.6.8-0.1 + - python2.6 2.6.8-0.1 (bug #684511) - python2.7 2.7.3~rc1-1 - python3.1 (bug #678998) - python3.2 3.2.3~rc1-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r19749 - data/CVE
Author: aw-guest
Date: 2012-07-17 08:46:24 + (Tue, 17 Jul 2012)
New Revision: 19749
Modified:
data/CVE/list
Log:
VE-2012-0864: eglibc 2.11.3-4 is fixed
Modified: data/CVE/list
===
--- data/CVE/list 2012-07-16 21:46:48 UTC (rev 19748)
+++ data/CVE/list 2012-07-17 08:46:24 UTC (rev 19749)
@@ -7486,7 +7486,8 @@
CVE-2012-0864 [FORTIFY_SOURCE format string protection bypass]
RESERVED
- eglibc 2.13-31 (low; bug #660611)
- [squeeze] - eglibc (Hardening bypass, can be fixed in next
point update)
+ [squeeze] - eglibc 2.11.3-4
+ NOTE: Hardening bypass, fixed in squeeze in next point update
CVE-2012-0863 (Mumble 1.2.3 and earlier uses world-readable permissions for
...)
{DSA-2411-1}
- mumble 1.2.3-3 (bug #659039)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r19746 - data/CVE
Author: aw-guest Date: 2012-07-16 17:33:23 + (Mon, 16 Jul 2012) New Revision: 19746 Modified: data/CVE/list Log: Bug for CVE-2012-0882 CVE-2012-1147 - not on *nix Modified: data/CVE/list === --- data/CVE/list 2012-07-16 14:27:44 UTC (rev 19745) +++ data/CVE/list 2012-07-16 17:33:23 UTC (rev 19746) @@ -6740,7 +6740,7 @@ - expat 2.1.0~beta3-1 (bug #663579) NOTE: memory leak CVE-2012-1147 (readfilemap.c in expat before 2.1.0 allows context-dependent attackers ...) - - expat 2.1.0~beta3-1 (low; bug #663579) + - expat (readfilemap.c is not used in *IX) NOTE: resource leak CVE-2012-1146 (The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in ...) - linux-2.6 3.2.10-1 (low) @@ -7406,7 +7406,7 @@ - apache2 (LD_LIBRARY_PATH not set in debian package) CVE-2012-0882 RESERVED - - mysql-5.1 + - mysql-5.1 (bug #675872) NOTE: limited information about issue, only a video of exploit taking place NOTE: see redhat link CVE-2012-0881 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r19420 - data/CVE
Author: aw-guest
Date: 2012-06-03 19:52:45 + (Sun, 03 Jun 2012)
New Revision: 19420
Modified:
data/CVE/list
Log:
CVE-2012-2133 fixed in 3.2.19-1
Modified: data/CVE/list
===
--- data/CVE/list 2012-06-03 18:55:37 UTC (rev 19419)
+++ data/CVE/list 2012-06-03 19:52:45 UTC (rev 19420)
@@ -2309,7 +2309,7 @@
CVE-2012-2133
RESERVED
{DSA-2469-1}
- - linux-2.6
+ - linux-2.6 3.2.19-1
CVE-2012-2132 [libsoup 2.32.2 sets ssl trusted flag despite no verification]
RESERVED
- libsoup2.4 (low; bug #672880)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r19231 - data/CVE
Author: aw-guest Date: 2012-05-12 19:43:18 + (Sat, 12 May 2012) New Revision: 19231 Modified: data/CVE/list Log: CVE-2012-0810 fixed. Modified: data/CVE/list === --- data/CVE/list 2012-05-12 09:43:14 UTC (rev 19230) +++ data/CVE/list 2012-05-12 19:43:18 UTC (rev 19231) @@ -4447,8 +4447,9 @@ NOTE: http://seclists.org/oss-sec/2012/q1/285 CVE-2012-0810 RESERVED - - linux-2.6 + - linux-2.6 3.2.16-1 (bug #672660) [squeeze] - linux-2.6 (rt patchset not yet present) + NOTE: Ben Hutchings said it was fixed in 3.2.9-1, I checked it for 3.2.16-1 CVE-2012-0809 (Format string vulnerability in the sudo_debug function in Sudo 1.8.0 ...) - sudo 1.8.3p2-1 (bug #657985) [squeeze] - sudo (Vulnerable code not present) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r19037 - data/CVE
Author: aw-guest
Date: 2012-04-22 20:04:40 + (Sun, 22 Apr 2012)
New Revision: 19037
Modified:
data/CVE/list
Log:
CVE-2011-4131: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.9
331818f1c468a24e581aedcbe52af799366a9dfe
CVE-2011-3628: bug reported
Modified: data/CVE/list
===
--- data/CVE/list 2012-04-22 08:56:44 UTC (rev 19036)
+++ data/CVE/list 2012-04-22 20:04:40 UTC (rev 19037)
@@ -8402,7 +8402,7 @@
[squeeze] - linux-2.6 2.6.32-40
CVE-2011-4131
RESERVED
- - linux-2.6
+ - linux-2.6 3.2.9-1
CVE-2011-4130 (Use-after-free vulnerability in the Response API in ProFTPD
before ...)
{DSA-2346-2 DSA-2346-1}
- proftpd-dfsg 1.3.4~rc3-2 (high; bug #648373)
@@ -10057,7 +10057,7 @@
NOT-FOR-US: Joomla
CVE-2011-3628
RESERVED
- - pam (low)
+ - pam (low; bug #670076)
[squeeze] - pam (Minor issue)
[lenny] - pam (Minor issue)
CVE-2011-3627 (The bytecode engine in ClamAV before 0.97.3 allows remote
attackers to ...)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r18783 - data/CVE
Author: aw-guest Date: 2012-03-29 15:31:33 + (Thu, 29 Mar 2012) New Revision: 18783 Modified: data/CVE/list Log: CVE-2009-5029 fixed in eglibc 2.11.3-3 Modified: data/CVE/list === --- data/CVE/list 2012-03-29 09:15:40 UTC (rev 18782) +++ data/CVE/list 2012-03-29 15:31:33 UTC (rev 18783) @@ -19866,7 +19866,7 @@ CVE-2009-5029 [glibc heap overflow] RESERVED - eglibc 2.13-24 (low; bug #656108) - [squeeze] - eglibc (Will be fixed in next point update) + [squeeze] - eglibc 2.11.3-3 - glibc NOTE: http://support.novell.com/security/cve/CVE-2009-5029.html NOTE: https://bugzilla.novell.com/show_bug.cgi?id=735850 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r18326 - data/CVE
Author: aw-guest Date: 2012-01-28 21:26:34 + (Sat, 28 Jan 2012) New Revision: 18326 Modified: data/CVE/list Log: CVE-2005-4890 - sudo seems quite vulnerable to me Modified: data/CVE/list === --- data/CVE/list 2012-01-28 10:17:34 UTC (rev 18325) +++ data/CVE/list 2012-01-28 21:26:34 UTC (rev 18326) @@ -10381,8 +10381,7 @@ [squeeze] - shadow (Minor issue) [lenny] - shadow (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=173008 - - sudo - NOTE: ubuntu indicates sudo may also be affected, but that code is completely different, so that seems unlikely + - sudo (low; bug #657784) CVE-2011-2331 (Integer overflow in img.exe in HP Intelligent Management Center (IMC) ...) NOT-FOR-US: HP Intelligent Management Center (IMC) CVE-2011-2330 (Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17713 - data/CVE
Author: aw-guest Date: 2011-11-30 14:50:53 + (Wed, 30 Nov 2011) New Revision: 17713 Modified: data/CVE/list Log: CVE-2011-1548 - CVE-2011-1551: actually I believe these were closed in 3.7.8-1, but I checked using 3.7.8-6 Modified: data/CVE/list === --- data/CVE/list 2011-11-30 09:31:46 UTC (rev 17712) +++ data/CVE/list 2011-11-30 14:50:53 UTC (rev 17713) @@ -8677,13 +8677,13 @@ - xpdf 3.02-9 - poppler (never used t1lib) CVE-2011-1551 (SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ ...) - - logrotate + - logrotate 3.7.8-6 CVE-2011-1550 (The default configuration of logrotate on SUSE openSUSE Factory uses ...) - - logrotate + - logrotate 3.7.8-6 CVE-2011-1549 (The default configuration of logrotate on Gentoo Linux uses root ...) - - logrotate + - logrotate 3.7.8-6 CVE-2011-1548 (The default configuration of logrotate on Debian GNU/Linux uses root ...) - - logrotate + - logrotate 3.7.8-6 CVE-2009-5064 (** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and ...) - eglibc 2.10.1-7 - glibc (unimportant) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17612 - data/CVE
Author: aw-guest
Date: 2011-11-14 19:10:50 + (Mon, 14 Nov 2011)
New Revision: 17612
Modified:
data/CVE/list
Log:
CVE-2011-0065, CVE-2011-0066 - not sure about earlier versions, but fixed here
CVE-2011-1097 - changelog says this is fixed in 3.0.8
Modified: data/CVE/list
===
--- data/CVE/list 2011-11-14 06:39:58 UTC (rev 17611)
+++ data/CVE/list 2011-11-14 19:10:50 UTC (rev 17612)
@@ -9542,7 +9542,7 @@
CVE-2011-1098 (Race condition in the createOutputFile function in logrotate.c
in ...)
- logrotate 3.8.0-1
CVE-2011-1097 (rsync 3.x before 3.0.8, when certain recursion, deletion, and
...)
- - rsync (low; bug #621866)
+ - rsync 3.0.8 (low; bug #621866)
CVE-2011-1096
RESERVED
CVE-2011-1095 (locale/programs/locale.c in locale in the GNU C Library (aka
glibc or ...)
@@ -12723,6 +12723,7 @@
[lenny] - iceweasel (Lenny's iceweasel uses Xulrunner
from the xulrunner source pkg)
- iceape 2.0.14-1
[lenny] - iceape (Only a stub package)
+ - icedove 3.1.15-1+b1
CVE-2011-0065 (Use-after-free vulnerability in Mozilla Firefox before 3.5.19
and ...)
{DSA-2235-1 DSA-2228-1 DSA-2227-1}
- xulrunner
@@ -12730,6 +12731,7 @@
[lenny] - iceweasel (Lenny's iceweasel uses Xulrunner
from the xulrunner source pkg)
- iceape 2.0.14-1
[lenny] - iceape (Only a stub package)
+ - icedove 3.1.15-1+b1
CVE-2011-0064 (The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as
used in ...)
{DSA-2178-1}
- pango1.0 1.28.3-2~sid1
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17457 - data/CVE
Author: aw-guest Date: 2011-10-19 20:33:53 + (Wed, 19 Oct 2011) New Revision: 17457 Modified: data/CVE/list Log: CVE-2008-1010 CVE-2008-1011 seem to be fixed. please doublecheck the release numbers Modified: data/CVE/list === --- data/CVE/list 2011-10-19 15:57:12 UTC (rev 17456) +++ data/CVE/list 2011-10-19 20:33:53 UTC (rev 17457) @@ -52454,8 +52454,12 @@ NOT-FOR-US: Apple AirPort CVE-2008-1011 (Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple ...) - webkit + NOTE: As far as I can see this has been addressed in revision 30871. + NOTE: Please doublecheck. CVE-2008-1010 (Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows ...) - webkit + NOTE: As far as I can see this has been addressed in revision 31388. + NOTE: Please doublecheck. CVE-2008-1009 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple ...) NOT-FOR-US: WebCore (Apple Safari) CVE-2008-1008 (Cross-site scripting (XSS) vulnerability in WebCore, as used in Apple ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17431 - data/CVE
Author: aw-guest
Date: 2011-10-16 12:12:24 + (Sun, 16 Oct 2011)
New Revision: 17431
Modified:
data/CVE/list
Log:
CVE-2011-1576 updated from
http://anonscm.debian.org/viewvc/kernel-sec/active/CVE-2011-1576?revision=2481&view=markup
Modified: data/CVE/list
===
--- data/CVE/list 2011-10-16 10:58:37 UTC (rev 17430)
+++ data/CVE/list 2011-10-16 12:12:24 UTC (rev 17431)
@@ -6781,7 +6781,9 @@
[squeeze] - linux-2.6 2.6.32-35
CVE-2011-1576 (Red Hat Enterprise Virtualization (RHEV) Hypervisor allows
remote ...)
{DSA-2303-1}
- TODO: check
+ - linux-2.6 3.0.0-5
+ [lenny] - linux-2.6 (Code not present)
+ NOTE: "...code path in question is no longer reachable..." not sure
when this was fixed
CVE-2011-1575 (The STARTTLS implementation in ftp_parser.c in Pure-FTPd before
1.0.30 ...)
- pure-ftpd 1.0.30-1
NOTE: http://www.pureftpd.org/project/pure-ftpd/news
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17430 - data/CVE
Author: aw-guest Date: 2011-10-16 10:58:37 + (Sun, 16 Oct 2011) New Revision: 17430 Modified: data/CVE/list Log: url for CVE-2007-2379 Modified: data/CVE/list === --- data/CVE/list 2011-10-16 00:32:08 UTC (rev 17429) +++ data/CVE/list 2011-10-16 10:58:37 UTC (rev 17430) @@ -66190,6 +66190,7 @@ NOT-FOR-US: Microsoft Atlas CVE-2007-2379 (The jQuery framework exchanges data using JavaScript Object Notation ...) - jquery (low) + NOTE: https://www.fortify.com/vulncat/en/vulncat/javascript/javascript_hijacking_ad_hoc_ajax.html CVE-2007-2378 (The Google Web Toolkit (GWT) framework exchanges data using JavaScript ...) - gwt (unimportant; bug #563542) NOTE: javascript security guidelines provided to developers to avoid these issues ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17428 - data/CVE
Author: aw-guest Date: 2011-10-15 20:27:55 + (Sat, 15 Oct 2011) New Revision: 17428 Modified: data/CVE/list Log: python2.7 has distutils world-readable password, too Modified: data/CVE/list === --- data/CVE/list 2011-10-15 16:08:32 UTC (rev 17427) +++ data/CVE/list 2011-10-15 20:27:55 UTC (rev 17428) @@ -8288,6 +8288,7 @@ - pixelpost CVE-2011- [python2.6: distutils world-readable password] - python2.6 (low; bug #615118) + - python2.7 (low) [squeeze] - python2.6 (minor issue) [lenny] - python2.6 (minor issue) TODO: are other python versions affected? ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17371 - data/CVE
Author: aw-guest Date: 2011-10-05 15:03:59 + (Wed, 05 Oct 2011) New Revision: 17371 Modified: data/CVE/list Log: CVE-2011-1429 is closed in testing and newer Modified: data/CVE/list === --- data/CVE/list 2011-10-05 12:59:43 UTC (rev 17370) +++ data/CVE/list 2011-10-05 15:03:59 UTC (rev 17371) @@ -6821,7 +6821,7 @@ CVE-2011-1430 (The STARTTLS implementation in the server in Ipswitch IMail 11.03 and ...) NOT-FOR-US: Ipswitch IMail CVE-2011-1429 (Mutt does not verify that the smtps server hostname matches the domain ...) - - mutt (low; bug #619216) + - mutt 1.5.21-5 (low; bug #619216) NOTE: http://dev.mutt.org/trac/ticket/3506 CVE-2011-1428 (Wee Enhanced Environment for Chat (aka WeeChat) 0.3.4 and earlier does ...) NOT-FOR-US: WeeChat ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17163 - data/CVE
Author: aw-guest Date: 2011-09-02 16:41:27 + (Fri, 02 Sep 2011) New Revision: 17163 Modified: data/CVE/list Log: I think this is gone since 2.13, but this is the version with which I verified Modified: data/CVE/list === --- data/CVE/list 2011-09-02 13:58:34 UTC (rev 17162) +++ data/CVE/list 2011-09-02 16:41:27 UTC (rev 17163) @@ -6107,7 +6107,7 @@ CVE-2011-1095 (locale/programs/locale.c in locale in the GNU C Library (aka glibc or ...) - glibc [lenny] - glibc (Minor issue) - - eglibc + - eglibc 2.13-16 [squeeze] - eglibc (Minor issue) NOTE: http://sources.redhat.com/bugzilla/show_bug.cgi?id=11904 NOTE: http://bugs.gentoo.org/show_bug.cgi?id=330923 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r17155 - data/CVE
Author: aw-guest Date: 2011-09-01 13:26:51 + (Thu, 01 Sep 2011) New Revision: 17155 Modified: data/CVE/list Log: CVE-2011-0188 - ruby 1.8 is fixed Modified: data/CVE/list === --- data/CVE/list 2011-09-01 08:06:52 UTC (rev 17154) +++ data/CVE/list 2011-09-01 13:26:51 UTC (rev 17155) @@ -8837,7 +8837,7 @@ CVE-2011-0189 (The default configuration of Terminal in Apple Mac OS X 10.6 before ...) NOT-FOR-US: Apple Mac OS CVE-2011-0188 (The VpMemAlloc function in bigdecimal.c in the BigDecimal class in ...) - - ruby1.8 (bug #628452) + - ruby1.8 1.8.7.352-1 (bug #628452) - ruby1.9 (bug #628451) - ruby1.9.1 1.9.2.290-1 (bug #628450) CVE-2011-0187 (The plug-in in QuickTime in Apple Mac OS X before 10.6.7 allows remote ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r16850 - data/CVE
Author: aw-guest Date: 2011-06-26 19:52:54 + (Sun, 26 Jun 2011) New Revision: 16850 Modified: data/CVE/list Log: CVE-2011-0285 closed by 1.9.1+dfsg-1 (Bug#622681) Modified: data/CVE/list === --- data/CVE/list 2011-06-25 11:23:58 UTC (rev 16849) +++ data/CVE/list 2011-06-26 19:52:54 UTC (rev 16850) @@ -6294,7 +6294,7 @@ [lenny] - ftpcopy (Minor issue) NOTE: CVE ID requested CVE-2011-0285 (The process_chpw_request function in schpw.c in the password-changing ...) - - krb5 (bug #622681) + - krb5 1.9.1+dfsg-1 (bug #622681) NOTE: 1.6 is not affected: While the error case in the process_chpw_request() NOTE: in kadmind in 1.6 can leave the data pointer uninitialized, the error NOTE: path in its caller will not free() that pointer (the invalid pointer ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r16818 - data/CVE
Author: aw-guest Date: 2011-06-17 18:10:46 + (Fri, 17 Jun 2011) New Revision: 16818 Modified: data/CVE/list Log: koffice not vulnerable to CVE-2006-1244 (for a long time now) Modified: data/CVE/list === --- data/CVE/list 2011-06-17 10:57:29 UTC (rev 16817) +++ data/CVE/list 2011-06-17 18:10:46 UTC (rev 16818) @@ -80417,6 +80417,8 @@ - xpdf (All issues previously fixed) NOTE: Discussion has shown that the revamp patch doesn't fix new vulnerabilities - gpdf 2.10.0-3 + - koffice 2.3.3-1 + NOTE: xpdf (and therewith the questionable code) is not part of koffice for some time now CVE-2006-1243 (Directory traversal vulnerability in install05.php in Simple PHP Blog ...) NOT-FOR-US: Simple PHP Blog CVE-2006-1242 (The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
