[Secure-testing-commits] r48510 - data/CVE
Author: sectracker Date: 2017-01-29 09:10:12 + (Sun, 29 Jan 2017) New Revision: 48510 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-01-29 00:19:43 UTC (rev 48509) +++ data/CVE/list 2017-01-29 09:10:12 UTC (rev 48510) @@ -7263,7 +7263,7 @@ NOTE: http://www.openwall.com/lists/oss-security/2014/11/03/5 CVE-2016- [heap-based buffer overflow in TIFFFillStrip (tif_read.c)] - tiff 4.0.7-2 (bug #846837) -[wheezy] - tiff 4.0.2-6+deb7u9 + [wheezy] - tiff 4.0.2-6+deb7u9 - tiff3 [wheezy] - tiff3 (Unreproducible) NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2608 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48511 - in data: . DLA
Author: rbalint
Date: 2017-01-29 09:43:31 + (Sun, 29 Jan 2017)
New Revision: 48511
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Claim DLA-804-1 for libgd2
Modified: data/DLA/list
===
--- data/DLA/list 2017-01-29 09:10:12 UTC (rev 48510)
+++ data/DLA/list 2017-01-29 09:43:31 UTC (rev 48511)
@@ -1,3 +1,6 @@
+[29 Jan 2017] DLA-804-1 libgd2 - security update
+ {CVE-2016-9317 CVE-2016-10167 CVE-2016-10168}
+ [wheezy] - libgd2 2.0.36~rc1~dfsg-6.1+deb7u8
[27 Jan 2017] DLA-781-2 asterisk - regression update
[wheezy] - asterisk 1:1.8.13.1~dfsg1-3+deb7u6
[26 Jan 2017] DLA-803-1 lcms2 - security update
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-01-29 09:10:12 UTC (rev 48510)
+++ data/dla-needed.txt 2017-01-29 09:43:31 UTC (rev 48511)
@@ -55,8 +55,6 @@
NOTE: Upstream should provide new point-releases fixing open security issues
in the next months.
NOTE: Lots of CVEs are open, this is going to take some time. (See
debian-lts ML)
--
-libgd2 (Balint Reczey)
---
libical
NOTE: No known solution as of 2017-01-16.
--
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48512 - data/CVE
Author: carnil Date: 2017-01-29 10:05:11 + (Sun, 29 Jan 2017) New Revision: 48512 Modified: data/CVE/list Log: Three wordpress CVEs fixed in unstable with 4.7.2+dfsg-1 upload Modified: data/CVE/list === --- data/CVE/list 2017-01-29 09:43:31 UTC (rev 48511) +++ data/CVE/list 2017-01-29 10:05:11 UTC (rev 48512) @@ -27,15 +27,15 @@ CVE-2017-5598 (An issue was discovered in eClinicalWorks healow@work 8.0 build 8. This ...) NOT-FOR-US: eClinicalWorks CVE-2017-5612 [XSS in the posts list table] - - wordpress (bug #852767) + - wordpress 4.7.2+dfsg-1 (bug #852767) NOTE: https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849 NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2 CVE-2017-5611 [SQL injection in WP_Query] - - wordpress (bug #852767) + - wordpress 4.7.2+dfsg-1 (bug #852767) NOTE: https://github.com/WordPress/WordPress/commit/85384297a6094e27e417eac56d24267054cb NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2 CVE-2017-5610 [taxonomy terms in Press This is shown to users who do not have permissions to use it] - - wordpress (bug #852767) + - wordpress 4.7.2+dfsg-1 (bug #852767) NOTE: https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454 NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/2 CVE-2017-5595 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48513 - data/CVE
Author: carnil Date: 2017-01-29 10:11:26 + (Sun, 29 Jan 2017) New Revision: 48513 Modified: data/CVE/list Log: Add upstream issue for CVE-2017-5499 Modified: data/CVE/list === --- data/CVE/list 2017-01-29 10:05:11 UTC (rev 48512) +++ data/CVE/list 2017-01-29 10:11:26 UTC (rev 48513) @@ -879,6 +879,7 @@ - jasper (unimportant) NOTE: Reproducer: https://github.com/asarubbo/poc/blob/master/00018-jasper-signedintoverflow-jpc_dec_c NOTE: http://blogs.gentoo.org/ago/2017/01/16/jasper-multiple-crashes-with-ubsan/ + NOTE: https://github.com/mdadams/jasper/issues/63 NOTE: Triggers an assert. Not suitable for code injection, hardly denial of service CVE-2017-5498 RESERVED ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48514 - data
Author: carnil Date: 2017-01-29 10:26:09 + (Sun, 29 Jan 2017) New Revision: 48514 Modified: data/dsa-needed.txt Log: Maintainer proposed debdiff for php5, needs review and ack Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-01-29 10:11:26 UTC (rev 48513) +++ data/dsa-needed.txt 2017-01-29 10:26:09 UTC (rev 48514) @@ -43,6 +43,8 @@ openjdk-7 (jmm) -- php5 + Maintainer proposed debdiff, which needs review and ack + (Missing Closes for open bugs) -- phpmyadmin -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48515 - in data: . DSA
Author: carnil
Date: 2017-01-29 10:30:16 + (Sun, 29 Jan 2017)
New Revision: 48515
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
Reserve DSA number for lcms2
Modified: data/DSA/list
===
--- data/DSA/list 2017-01-29 10:26:09 UTC (rev 48514)
+++ data/DSA/list 2017-01-29 10:30:16 UTC (rev 48515)
@@ -1,3 +1,6 @@
+[29 Jan 2017] DSA-3774-1 lcms2 - security update
+ {CVE-2016-10165}
+ [jessie] - lcms2 2.6-3+deb8u1
[27 Jan 2017] DSA-3773-1 openssl - security update
{CVE-2016-7056 CVE-2016-8610 CVE-2017-3731}
[jessie] - openssl 1.0.1t-1+deb8u6
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-01-29 10:26:09 UTC (rev 48514)
+++ data/dsa-needed.txt 2017-01-29 10:30:16 UTC (rev 48515)
@@ -27,8 +27,6 @@
--
jasper (jmm)
--
-lcms2 (carnil)
---
libgd2
Maintainer proposed debdiff, CVEs requested, and master-jessie git branch
updates (so build from there needed). Debdiff needs review and ack.
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48516 - data/CVE
Author: carnil
Date: 2017-01-29 10:51:48 + (Sun, 29 Jan 2017)
New Revision: 48516
Modified:
data/CVE/list
Log:
Update information for CVE-2016-1016{7,8}/libgd
Modified: data/CVE/list
===
--- data/CVE/list 2017-01-29 10:30:16 UTC (rev 48515)
+++ data/CVE/list 2017-01-29 10:51:48 UTC (rev 48516)
@@ -58,10 +58,20 @@
NOTE:
https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35
NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
CVE-2016-10167 [Fix DOS vulnerability in gdImageCreateFromGd2Ctx()]
+ - php7.1 7.1.1-1 (unimportant)
+ - php7.0 7.0.15-1 (unimportant)
+ - php5 (unimportant)
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73868
+ NOTE: Fixed in PHP 7.1.1, 7.0.15, 5.6.30
- libgd2 2.2.4-1
NOTE:
https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f
NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
CVE-2016-10168 [Fix #354: Signed Integer Overflow gd_io.c]
+ - php7.1 7.1.1-1 (unimportant)
+ - php7.0 7.0.15-1 (unimportant)
+ - php5 (unimportant)
+ NOTE: PHP Bug: https://bugs.php.net/bug.php?id=73869
+ NOTE: Fixed in PHP 7.1.1, 7.0.15, 5.6.30
- libgd2 2.2.4-1
NOTE:
https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6
NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48517 - data/CVE
Author: carnil Date: 2017-01-29 11:02:04 + (Sun, 29 Jan 2017) New Revision: 48517 Modified: data/CVE/list Log: Add four CVEs for wavpack Modified: data/CVE/list === --- data/CVE/list 2017-01-29 10:51:48 UTC (rev 48516) +++ data/CVE/list 2017-01-29 11:02:04 UTC (rev 48517) @@ -52,6 +52,22 @@ RESERVED CVE-2017-5589 RESERVED +CVE-2016-10172 [heap oob read in read_new_config_info / open_utils.c] + - wavpack + NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561951/ + NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) +CVE-2016-10171 [heap out of bounds read in unreorder_channels / wvunpack.c] + - wavpack + NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561939/ + NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) +CVE-2016-10170 [heap out of bounds read in WriteCaffHeader / caff.c] + - wavpack + NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561921/ + NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) +CVE-2016-10169 [global buffer overread in read_code / read_words.c] + - wavpack + NOTE: https://sourceforge.net/p/wavpack/mailman/message/35557889/ + NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10166 [Fix potential unsigned underflow] - libgd2 2.2.4-1 [wheezy] - libgd2 (Vulnerable code not present) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48518 - in data: . DLA
Author: alteholz
Date: 2017-01-29 11:13:51 + (Sun, 29 Jan 2017)
New Revision: 48518
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-805-1 for bind9
Modified: data/DLA/list
===
--- data/DLA/list 2017-01-29 11:02:04 UTC (rev 48517)
+++ data/DLA/list 2017-01-29 11:13:51 UTC (rev 48518)
@@ -1,3 +1,6 @@
+[29 Jan 2017] DLA-805-1 bind9 - security update
+ {CVE-2016-9131 CVE-2016-9147 CVE-2016-9444}
+ [wheezy] - bind9 1:9.8.4.dfsg.P1-6+nmu2+deb7u14
[29 Jan 2017] DLA-804-1 libgd2 - security update
{CVE-2016-9317 CVE-2016-10167 CVE-2016-10168}
[wheezy] - libgd2 2.0.36~rc1~dfsg-6.1+deb7u8
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-01-29 11:02:04 UTC (rev 48517)
+++ data/dla-needed.txt 2017-01-29 11:13:51 UTC (rev 48518)
@@ -14,8 +14,6 @@
NOTE: update needs testing in
https://lists.debian.org/87fukh7hcq@curie.anarc.at
NOTE: ready to upload after smoke tests, read the above thread.
--
-bind9 (Thorsten Alteholz)
---
cgiemail
--
calibre
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48519 - in data: . DLA
Author: alteholz
Date: 2017-01-29 11:39:43 + (Sun, 29 Jan 2017)
New Revision: 48519
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-806-1 for zoneminder
Modified: data/DLA/list
===
--- data/DLA/list 2017-01-29 11:13:51 UTC (rev 48518)
+++ data/DLA/list 2017-01-29 11:39:43 UTC (rev 48519)
@@ -1,3 +1,6 @@
+[29 Jan 2017] DLA-806-1 zoneminder - security update
+ {CVE-2016-10140}
+ [wheezy] - zoneminder 1.25.0-4+deb7u1
[29 Jan 2017] DLA-805-1 bind9 - security update
{CVE-2016-9131 CVE-2016-9147 CVE-2016-9444}
[wheezy] - bind9 1:9.8.4.dfsg.P1-6+nmu2+deb7u14
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-01-29 11:13:51 UTC (rev 48518)
+++ data/dla-needed.txt 2017-01-29 11:39:43 UTC (rev 48519)
@@ -113,5 +113,3 @@
NOTE: Dominik George (maintainer) will take care of the issue:
NOTE: https://lists.debian.org/debian-lts/2016/12/msg00135.html
--
-zoneminder (Thorsten Alteholz)
---
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48520 - data/CVE
Author: carnil Date: 2017-01-29 12:53:17 + (Sun, 29 Jan 2017) New Revision: 48520 Modified: data/CVE/list Log: Update two CVE entries for libbpg Modified: data/CVE/list === --- data/CVE/list 2017-01-29 11:39:43 UTC (rev 48519) +++ data/CVE/list 2017-01-29 12:53:17 UTC (rev 48520) @@ -16046,7 +16046,10 @@ CVE-2016-8711 RESERVED CVE-2016-8710 (An exploitable heap write out of bounds vulnerability exists in the ...) - TODO: check + - ffmpeg + NOTE: The libbpg library is not packaged in Debian but seem embedded in ffmpeg + NOTE: http://blog.talosintel.com/2017/01/vulnerability-spotlight-libbpg-image.html + NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0223/ CVE-2016-8709 RESERVED CVE-2016-8708 @@ -26404,7 +26407,9 @@ CVE-2016-5638 RESERVED CVE-2016-5637 (The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 ...) - TODO: check + - ffmpeg + NOTE: The libbpg library is not packaged in Debian but seem embedded in ffmpeg + NOTE: https://www.kb.cert.org/vuls/id/123799 CVE-2016-103 (Mirror Manager version 0.7.2 and older is vulnerable to remote code ...) TODO: check CVE-2016-5727 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48521 - data/CVE
Author: carnil Date: 2017-01-29 13:05:10 + (Sun, 29 Jan 2017) New Revision: 48521 Modified: data/CVE/list Log: Mark CVE-2016-4992/389-ds-base as fixed with 1.3.5.13-1 Fixed according to the available details in 1.3.5.13 upstream at http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-5-13.html . Not much more information found at this stage, so we have to trust upstream that this is the fixing version :-( Modified: data/CVE/list === --- data/CVE/list 2017-01-29 12:53:17 UTC (rev 48520) +++ data/CVE/list 2017-01-29 13:05:10 UTC (rev 48521) @@ -29187,8 +29187,9 @@ NOT-FOR-US: JBoss Enterprise Application Platform CVE-2016-4992 [Information disclosure via repeated use of LDAP ADD operation] RESERVED - - 389-ds-base + - 389-ds-base 1.3.5.13-1 [jessie] - 389-ds-base (Minor issue) + NOTE: http://directory.fedoraproject.org/docs/389ds/releases/release-1-3-5-13.html CVE-2016-4991 RESERVED CVE-2016-4990 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48522 - data/CVE
Author: carnil Date: 2017-01-29 13:15:30 + (Sun, 29 Jan 2017) New Revision: 48522 Modified: data/CVE/list Log: CVE-2017-5617/svgsalamander assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-29 13:05:10 UTC (rev 48521) +++ data/CVE/list 2017-01-29 13:15:30 UTC (rev 48522) @@ -16,10 +16,10 @@ NOTE: https://git.sdaoden.eu/cgit/s-nail.git/commit/?id=f797c27efecad45af191c518b7f87fda32ada160 NOTE: https://git.sdaoden.eu/cgit/s-nail.git/commit/?id=f2699449b66dd702a98925bd1b11153a6f7294bf NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/27/7 -CVE-2017- [SSRF issue] +CVE-2017-5617 [SSRF issue] - svgsalamander NOTE: https://github.com/blackears/svgSalamander/issues/11 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/27/3 + NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/3 CVE-2017-5600 RESERVED CVE-2017-5599 (An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48523 - data/CVE
Author: carnil Date: 2017-01-29 13:18:49 + (Sun, 29 Jan 2017) New Revision: 48523 Modified: data/CVE/list Log: CVE-2017-5618/screen assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-29 13:15:30 UTC (rev 48522) +++ data/CVE/list 2017-01-29 13:18:49 UTC (rev 48523) @@ -117,16 +117,16 @@ - jasper NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/113 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/25/9 -CVE-2017- [screen privilege escalation] +CVE-2017-5618 [screen privilege escalation] - screen 4.5.0-3 (bug #852484) - [stretch] - screen (Vulnerable code not present) + [stretch] - screen (Vulnerable code not present/never migrated to stretch) [jessie] - screen (Vulnerable code not present) [wheezy] - screen (Vulnerable code not present) NOTE: https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html NOTE: https://savannah.gnu.org/bugs/?50142 NOTE: Introduced in (screen-v4): http://git.savannah.gnu.org/cgit/screen.git/commit/?h=screen-v4&id=5460f5d28c01a9a58e021eb1dffef2965e629d58 NOTE: Introduced in (master): http://git.savannah.gnu.org/cgit/screen.git/commit/?id=c575c40c9bd7653470639da32e06faed0a9b2ec4 - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/24/10 + NOTE: http://www.openwall.com/lists/oss-security/2017/01/24/10 CVE-2017-5597 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector ...) - wireshark 2.2.4+gcc3dc1b-1 NOTE: https://www.wireshark.org/security/wnpa-sec-2017-02.html ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48524 - data/CVE
Author: carnil Date: 2017-01-29 13:22:47 + (Sun, 29 Jan 2017) New Revision: 48524 Modified: data/CVE/list Log: CVE-2016-10173/ruby-minitrar assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-29 13:18:49 UTC (rev 48523) +++ data/CVE/list 2017-01-29 13:22:47 UTC (rev 48524) @@ -52,6 +52,12 @@ RESERVED CVE-2017-5589 RESERVED +CVE-2016-10173 [directory traversal vulnerability] + - ruby-minitar + - ruby-archive-tar-minitar + NOTE: https://github.com/halostatue/minitar/issues/16 + NOTE: https://github.com/halostatue/minitar/commit/e25205ecbb6277ae8a3df1e6a306d7ed4458b6e4 + NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1021740 CVE-2016-10172 [heap oob read in read_new_config_info / open_utils.c] - wavpack NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561951/ ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48525 - data
Author: alteholz Date: 2017-01-29 15:18:37 + (Sun, 29 Jan 2017) New Revision: 48525 Modified: data/dla-needed.txt Log: add note to slurm-llnl Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-29 13:22:47 UTC (rev 48524) +++ data/dla-needed.txt 2017-01-29 15:18:37 UTC (rev 48525) @@ -90,6 +90,9 @@ NOTE: a bug (see #843861). -- slurm-llnl + NOTE: the patch from upstream uses new members of the struct batch_job_launch_msg_t + NOTE: from my point of view backporting the introduction of these new members to this old + NORE: version is way to invasive and such this should be marked as -- svgsalamander -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48526 - data
Author: carnil Date: 2017-01-29 15:30:40 + (Sun, 29 Jan 2017) New Revision: 48526 Modified: data/dla-needed.txt Log: Fix typo in prefix Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-29 15:18:37 UTC (rev 48525) +++ data/dla-needed.txt 2017-01-29 15:30:40 UTC (rev 48526) @@ -92,7 +92,7 @@ slurm-llnl NOTE: the patch from upstream uses new members of the struct batch_job_launch_msg_t NOTE: from my point of view backporting the introduction of these new members to this old - NORE: version is way to invasive and such this should be marked as + NOTE: version is way to invasive and such this should be marked as -- svgsalamander -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48527 - data/CVE
Author: carnil
Date: 2017-01-29 15:38:16 + (Sun, 29 Jan 2017)
New Revision: 48527
Modified:
data/CVE/list
Log:
Mark CVE-2017-0381/opus as no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-01-29 15:30:40 UTC (rev 48526)
+++ data/CVE/list 2017-01-29 15:38:16 UTC (rev 48527)
@@ -12657,6 +12657,7 @@
CVE-2017-0381 (An information disclosure vulnerability in
silk/NLSF_stabilize.c in ...)
{DLA-793-1}
- opus 1.2~alpha2-1 (bug #851612)
+ [jessie] - opus (Minor issue,
https://bugs.debian.org/851612#10)
NOTE: Fixed by:
https://github.com/xiph/opus/commit/79e8f527b0344b0897a65be35e77f7885bd99409
(v1.2-alpha)
CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in
"commands_dump" ...)
- bluez (bug #847837)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48528 - data/CVE
Author: anarcat Date: 2017-01-29 15:44:17 + (Sun, 29 Jan 2017) New Revision: 48528 Modified: data/CVE/list Log: add new calibre issue (bug #853004) Modified: data/CVE/list === --- data/CVE/list 2017-01-29 15:38:16 UTC (rev 48527) +++ data/CVE/list 2017-01-29 15:44:17 UTC (rev 48528) @@ -1,3 +1,6 @@ +CVE-2017- [javascript in books can access files on the computer using XMLHttpRequest] + - calibre 2.75.1+dfsg-1 (bug #853004) + NOTE: upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8 CVE-2017- [use after free in libmysqlclient.so] - mariadb-10.1 - mariadb-10.0 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48529 - data/CVE
Author: carnil Date: 2017-01-29 15:51:54 + (Sun, 29 Jan 2017) New Revision: 48529 Modified: data/CVE/list Log: Add bug reference for wavpack, #853076 Modified: data/CVE/list === --- data/CVE/list 2017-01-29 15:44:17 UTC (rev 48528) +++ data/CVE/list 2017-01-29 15:51:54 UTC (rev 48529) @@ -62,19 +62,19 @@ NOTE: https://github.com/halostatue/minitar/commit/e25205ecbb6277ae8a3df1e6a306d7ed4458b6e4 NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1021740 CVE-2016-10172 [heap oob read in read_new_config_info / open_utils.c] - - wavpack + - wavpack (bug #853076) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561951/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10171 [heap out of bounds read in unreorder_channels / wvunpack.c] - - wavpack + - wavpack (bug #853076) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561939/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10170 [heap out of bounds read in WriteCaffHeader / caff.c] - - wavpack + - wavpack (bug #853076) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561921/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10169 [global buffer overread in read_code / read_words.c] - - wavpack + - wavpack (bug #853076) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35557889/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10166 [Fix potential unsigned underflow] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48530 - data/CVE
Author: anarcat Date: 2017-01-29 16:48:50 + (Sun, 29 Jan 2017) New Revision: 48530 Modified: data/CVE/list Log: CVE requested for calibre Modified: data/CVE/list === --- data/CVE/list 2017-01-29 15:51:54 UTC (rev 48529) +++ data/CVE/list 2017-01-29 16:48:50 UTC (rev 48530) @@ -1,6 +1,7 @@ CVE-2017- [javascript in books can access files on the computer using XMLHttpRequest] - calibre 2.75.1+dfsg-1 (bug #853004) NOTE: upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8 + NOTE: CVE requested on oss-security CVE-2017- [use after free in libmysqlclient.so] - mariadb-10.1 - mariadb-10.0 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48531 - data/CVE
Author: carnil Date: 2017-01-29 16:50:30 + (Sun, 29 Jan 2017) New Revision: 48531 Modified: data/CVE/list Log: Update status for CVE-2010-1028/calibre, vulnerable code removed in 2.38.0+dfsg-1 Modified: data/CVE/list === --- data/CVE/list 2017-01-29 16:48:50 UTC (rev 48530) +++ data/CVE/list 2017-01-29 16:50:30 UTC (rev 48531) @@ -158290,7 +158290,8 @@ CVE-2010-1028 (Integer overflow in the decompression functionality in the Web Open ...) - xulrunner (vulnerability introduced in firefox 3.6) - iceape (Vulnerable code not present) - - calibre (bug #787085) + - calibre 2.38.0+dfsg-1 (bug #787085) + NOTE: 2.38.0+dfsg-1 removed the copy of woff below src/calibre/utils/fonts/woff/ CVE-2010- [Escape href attribute in auto links] - redmine 0.9.3-3 CVE-2010- [Fixes permission check in QueriesController] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48532 - data/CVE
Author: agx Date: 2017-01-29 17:06:50 + (Sun, 29 Jan 2017) New Revision: 48532 Modified: data/CVE/list Log: Remove trailing quote that confuses syntax highlight Modified: data/CVE/list === --- data/CVE/list 2017-01-29 16:50:30 UTC (rev 48531) +++ data/CVE/list 2017-01-29 17:06:50 UTC (rev 48532) @@ -192,7 +192,7 @@ NOTE: Introduced after: http://git.qemu.org/?p=qemu.git;a=commit;h=62232bf48456bda4058ceae05851bc58c1032338 (v2.4.0) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1415795 NOTE: Marked as unimportant, since 1:2.8+dfsg-2 upload reverts - NOTE: enable virtio gpu (virglrenderer) and opengl support" + NOTE: enable virtio gpu (virglrenderer) and opengl support CVE-2017-5577 [drm/vc4: Return -EINVAL on the overflow checks failing] RESERVED - linux 4.9.6-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48533 - data/CVE
Author: agx Date: 2017-01-29 17:07:33 + (Sun, 29 Jan 2017) New Revision: 48533 Modified: data/CVE/list Log: Even wheezy is affected but hotplugging of sound devices needs QMP monitor access Modified: data/CVE/list === --- data/CVE/list 2017-01-29 17:06:50 UTC (rev 48532) +++ data/CVE/list 2017-01-29 17:07:33 UTC (rev 48533) @@ -449,14 +449,14 @@ NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01742.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1414209 NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da - TODO: check affected versions + NOTE: Sound device hotplug not supported by libvirt CVE-2017-5525 [audio: memory leakage in ac97 device; CVE for the memory consumption issue] RESERVED - qemu 1:2.8+dfsg-2 (bug #852021) - qemu-kvm NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01740.html NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=12351a91da97b414eec8cdb09f1d9f41e535a401 - TODO: check affected versions + NOTE: Sound device hotplug not supported by libvirt CVE-2017-5523 RESERVED CVE-2017-5522 [stack buffer overflow] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48534 - in data: . DSA
Author: jmm
Date: 2017-01-29 17:19:07 + (Sun, 29 Jan 2017)
New Revision: 48534
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
tcpdump DSA
Modified: data/DSA/list
===
--- data/DSA/list 2017-01-29 17:07:33 UTC (rev 48533)
+++ data/DSA/list 2017-01-29 17:19:07 UTC (rev 48534)
@@ -1,3 +1,6 @@
+[29 Jan 2017] DSA-3775-1 tcpdump - security update
+ {CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926
CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931
CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936
CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973
CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985
CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575
CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341
CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485
CVE-2017-5486}
+ [jessie] - tcpdump 4.9.0-1~deb8u1
[29 Jan 2017] DSA-3774-1 lcms2 - security update
{CVE-2016-10165}
[jessie] - lcms2 2.6-3+deb8u1
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-01-29 17:07:33 UTC (rev 48533)
+++ data/dsa-needed.txt 2017-01-29 17:19:07 UTC (rev 48534)
@@ -51,9 +51,6 @@
--
spip
--
-tcpdump (jmm)
- Maintainer prepared update
---
wordpress (seb)
Maintainer proposed a debdiff for the recent issues (without CVE yet).
NOTE: there is as well unfixed yet CVE-2016-5836, maybe worth including?
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48535 - data/CVE
Author: anarcat Date: 2017-01-29 17:28:33 + (Sun, 29 Jan 2017) New Revision: 48535 Modified: data/CVE/list Log: link to calibre CVE request Modified: data/CVE/list === --- data/CVE/list 2017-01-29 17:19:07 UTC (rev 48534) +++ data/CVE/list 2017-01-29 17:28:33 UTC (rev 48535) @@ -1,7 +1,7 @@ CVE-2017- [javascript in books can access files on the computer using XMLHttpRequest] - calibre 2.75.1+dfsg-1 (bug #853004) NOTE: upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8 - NOTE: CVE requested on oss-security + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/8 CVE-2017- [use after free in libmysqlclient.so] - mariadb-10.1 - mariadb-10.0 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48536 - data
Author: rbalint Date: 2017-01-29 17:41:22 + (Sun, 29 Jan 2017) New Revision: 48536 Modified: data/dla-needed.txt Log: Claim mysql-5.5 and wireshark for DLA Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-29 17:28:33 UTC (rev 48535) +++ data/dla-needed.txt 2017-01-29 17:41:22 UTC (rev 48536) @@ -68,7 +68,7 @@ -- mcollective -- -mysql-5.5 +mysql-5.5 (Balint Reczey) -- mysql-connector-python NOTE: see http://bugs.debian.org/841677 for current discussion @@ -106,7 +106,7 @@ -- qemu-kvm (Guido Günther) -- -wireshark +wireshark (Balint Reczey) -- wordpress (Markus Koschany) -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48537 - data/CVE
Author: jmm Date: 2017-01-29 18:21:11 + (Sun, 29 Jan 2017) New Revision: 48537 Modified: data/CVE/list Log: mark two current wireshark issues as no-dsa not suitable for code injection, can be fixed along with next wireshark round Modified: data/CVE/list === --- data/CVE/list 2017-01-29 17:41:22 UTC (rev 48536) +++ data/CVE/list 2017-01-29 18:21:11 UTC (rev 48537) @@ -139,10 +139,12 @@ NOTE: http://www.openwall.com/lists/oss-security/2017/01/24/10 CVE-2017-5597 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector ...) - wireshark 2.2.4+gcc3dc1b-1 + [jessie] - wireshark (Can be fixed along with the next round of Wireshark vulnerabilities) NOTE: https://www.wireshark.org/security/wnpa-sec-2017-02.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13345 CVE-2017-5596 (In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector ...) - wireshark 2.2.4+gcc3dc1b-1 + [jessie] - wireshark (Can be fixed along with the next round of Wireshark vulnerabilities) NOTE: https://www.wireshark.org/security/wnpa-sec-2017-01.html NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13344 CVE-2017- [phpMyAdmin PMASA-2017-1 - PMASA-2017-7] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48538 - data/CVE
Author: carnil Date: 2017-01-29 18:40:07 + (Sun, 29 Jan 2017) New Revision: 48538 Modified: data/CVE/list Log: Add new firejail issue Modified: data/CVE/list === --- data/CVE/list 2017-01-29 18:21:11 UTC (rev 48537) +++ data/CVE/list 2017-01-29 18:40:07 UTC (rev 48538) @@ -1,3 +1,9 @@ +CVE-2017- [Incomplete fix for CVE-2017-5180] + - firejail 0.9.44.6-1 + NOTE: Changelog mentions the new fix for CVE-2017-5180 in RELNOTES for 0.9.44.6 + NOTE: an needs series of commits after 0.9.44.4 + NOTE: https://github.com/netblue30/firejail/blob/0.9.44.6/RELNOTES + NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/4 CVE-2017- [javascript in books can access files on the computer using XMLHttpRequest] - calibre 2.75.1+dfsg-1 (bug #853004) NOTE: upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48539 - data
Author: opal Date: 2017-01-29 20:35:01 + (Sun, 29 Jan 2017) New Revision: 48539 Modified: data/dla-needed.txt Log: Need a DLA. Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-29 18:40:07 UTC (rev 48538) +++ data/dla-needed.txt 2017-01-29 20:35:01 UTC (rev 48539) @@ -89,6 +89,8 @@ NOTE: Upstream is not going to fix CVE-2016-8686 since it believes it is not NOTE: a bug (see #843861). -- +ruby-archive-tar-minitar +-- slurm-llnl NOTE: the patch from upstream uses new members of the struct batch_job_launch_msg_t NOTE: from my point of view backporting the introduction of these new members to this old ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48540 - data
Author: lamby Date: 2017-01-29 20:50:48 + (Sun, 29 Jan 2017) New Revision: 48540 Modified: data/dla-needed.txt Log: Add note about ruby-archive-tar-minitar in data/dla-needed.txt. Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-29 20:35:01 UTC (rev 48539) +++ data/dla-needed.txt 2017-01-29 20:50:48 UTC (rev 48540) @@ -90,6 +90,7 @@ NOTE: a bug (see #843861). -- ruby-archive-tar-minitar + NOTE: Vulnerable code is in lib/archive/tar/minitar/command.rb -- slurm-llnl NOTE: the patch from upstream uses new members of the struct batch_job_launch_msg_t ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48541 - data/CVE
Author: sectracker
Date: 2017-01-29 21:10:13 + (Sun, 29 Jan 2017)
New Revision: 48541
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-01-29 20:50:48 UTC (rev 48540)
+++ data/CVE/list 2017-01-29 21:10:13 UTC (rev 48541)
@@ -90,6 +90,7 @@
NOTE:
https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35
NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
CVE-2016-10167 [Fix DOS vulnerability in gdImageCreateFromGd2Ctx()]
+ {DLA-804-1}
- php7.1 7.1.1-1 (unimportant)
- php7.0 7.0.15-1 (unimportant)
- php5 (unimportant)
@@ -99,6 +100,7 @@
NOTE:
https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f
NOTE: http://www.openwall.com/lists/oss-security/2017/01/26/1
CVE-2016-10168 [Fix #354: Signed Integer Overflow gd_io.c]
+ {DLA-804-1}
- php7.1 7.1.1-1 (unimportant)
- php7.0 7.0.15-1 (unimportant)
- php5 (unimportant)
@@ -158,7 +160,7 @@
NOTE: all minor issues
CVE-2016-10165 [heap OOB read parsing crafted ICC profile]
RESERVED
- {DLA-803-1}
+ {DSA-3774-1 DLA-803-1}
- lcms2 2.8-4 (bug #852627)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1367357
NOTE:
https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2
@@ -515,18 +517,23 @@
- b2evolution
CVE-2017-5486 [buffer overflow in print-isoclns.c:clnp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5485 [buffer overflow in addrtoname.c:lookup_nsap()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5484 [buffer overflow in print-atm.c:sig_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5483 [buffer overflow in print-snmp.c:asn1_parse()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5482 [buffer overflow in print-fr.c:q933_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5481
RESERVED
@@ -954,6 +961,7 @@
NOTE:
https://github.com/ImageMagick/ImageMagick/commit/aeff00de228bc5a158c2a975ab47845d8a1db456
NOTE: http://www.openwall.com/lists/oss-security/2017/01/16/6
CVE-2016-10140 (Information disclosure and authentication bypass vulnerability
exists ...)
+ {DLA-806-1}
- zoneminder (bug #851710)
NOTE: https://github.com/ZoneMinder/ZoneMinder/pull/1697
NOTE:
https://github.com/ZoneMinder/ZoneMinder/commit/6361f143878ce00659f64ce42593951d773e4e63
@@ -1053,9 +1061,11 @@
RESERVED
CVE-2017-5342 [bug in multiple protocol parsers could cause buffer overflow in
print-ether.c:ether_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5341 [buffer overflow in print-otv.c:otv_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2016-10141 (An integer overflow vulnerability was observed in the regemit
function ...)
NOT-FOR-US: MuJS
@@ -1323,15 +1333,19 @@
NOTE:
https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
CVE-2017-5205 [buffer overflow in print-isakmp.c:ikev2_e_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5204 [buffer overflow in print-ip6.c:ip6_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5203 [buffer overflow in print-bootp.c:bootp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5202 [buffer overflow in print-isoclns.c:clnp_print()]
RESERVED
+ {DSA-3775-1}
- tcpdump 4.9.0-1
CVE-2017-5201
RESERVED
@@ -13750,7 +13764,7 @@
CVE-2016-9454
RESERVED
CVE-2016-9444 (named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5,
and ...)
- {DSA-3758-1}
+ {DSA-3758-1 DLA-805-1}
[experimental] - bind9 1:9.10.4-P5-1
- bind9 1:9.10.3.dfsg.P4-11 (bug #851062)
NOTE: https://kb.isc.org/article/AA-01441/0
@@ -14405,6 +14419,7 @@
NOTE: The reason is that the correction is to introduce a new option
that can be specified if this new behaviour
NOTE: is wanted. It is not enforced by default.
CVE-2016-9317 (The gdImageCreate function in the GD Graphics Library (aka
libgd) ...)
+ {DLA-804-1}
- libgd2 2.2.4-1
NOTE:
https://github.com/libgd/libgd/commit/6944ea10cb730d5071620439c6c2e823e6caeff1
NOTE: https://github.com/libgd/libgd/issues/340
@@ -14907,7 +14922,7 @@
CVE-2016-9148
RESERVED
CVE-2016-9147 (named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1
allows ...)
- {DSA-3758-1}
+ {DSA-3758-1 DLA-805-1}
[experimental] - bind9 1:9.10.4-P5-1
- bind9 1:9.10.3.dfsg.P4-11 (bug #851063)
NOTE: https://kb.isc.org/arti
[Secure-testing-commits] r48542 - data/CVE
Author: fgeek-guest Date: 2017-01-29 22:50:56 + (Sun, 29 Jan 2017) New Revision: 48542 Modified: data/CVE/list Log: CVE-2016-3189/bzip2 fixed Modified: data/CVE/list === --- data/CVE/list 2017-01-29 21:10:13 UTC (rev 48541) +++ data/CVE/list 2017-01-29 22:50:56 UTC (rev 48542) @@ -34459,7 +34459,7 @@ [wheezy] - cairo (Minor issue) NOTE: https://cgit.freedesktop.org/cairo/patch/src/cairo-image-compositor.c?id=5c82d91a5e15d29b1489dcb413b24ee7fdf59934 CVE-2016-3189 (Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows ...) - - bzip2 (low; bug #827744) + - bzip2 1.0.6-8.1 (low; bug #827744) [jessie] - bzip2 (Minor issue) [wheezy] - bzip2 (Minor issue) CVE-2016-3188 (The _prepopulate_request_walk function in the Prepopulate module ...) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48543 - data/CVE
Author: carnil Date: 2017-01-30 05:41:49 + (Mon, 30 Jan 2017) New Revision: 48543 Modified: data/CVE/list Log: Mark two qemu issues as no-dsa Modified: data/CVE/list === --- data/CVE/list 2017-01-29 22:50:56 UTC (rev 48542) +++ data/CVE/list 2017-01-30 05:41:49 UTC (rev 48543) @@ -455,6 +455,7 @@ CVE-2017-5526 [audio: memory leakage in es1370 device; CVE for the memory consumption issue] RESERVED - qemu 1:2.8+dfsg-2 (bug #851910) + [jessie] - qemu (Minor issue) - qemu-kvm NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01742.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1414209 @@ -463,6 +464,7 @@ CVE-2017-5525 [audio: memory leakage in ac97 device; CVE for the memory consumption issue] RESERVED - qemu 1:2.8+dfsg-2 (bug #852021) + [jessie] - qemu (Minor issue) - qemu-kvm NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01740.html NOTE: http://git.qemu.org/?p=qemu.git;a=commit;h=12351a91da97b414eec8cdb09f1d9f41e535a401 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48544 - data/CVE
Author: carnil
Date: 2017-01-30 05:51:47 + (Mon, 30 Jan 2017)
New Revision: 48544
Modified:
data/CVE/list
Log:
Add note for CVE-2017-10127/pytho-pysaml2
Modified: data/CVE/list
===
--- data/CVE/list 2017-01-30 05:41:49 UTC (rev 48543)
+++ data/CVE/list 2017-01-30 05:51:47 UTC (rev 48544)
@@ -1386,6 +1386,8 @@
RESERVED
- python-pysaml2
NOTE: https://github.com/rohe/pysaml2/issues/366
+ NOTE: A proper fix for this issue would be to fix the underlying issue
in src:libxml2
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1411794#c12
CVE-2016-10149 [CWE-776 (Entity Expansion)]
RESERVED
{DSA-3759-1}
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48545 - data/CVE
Author: carnil Date: 2017-01-30 05:52:55 + (Mon, 30 Jan 2017) New Revision: 48545 Modified: data/CVE/list Log: Add bug reference for CVE-2017-5617/svgsalamander Modified: data/CVE/list === --- data/CVE/list 2017-01-30 05:51:47 UTC (rev 48544) +++ data/CVE/list 2017-01-30 05:52:55 UTC (rev 48545) @@ -27,7 +27,7 @@ NOTE: https://git.sdaoden.eu/cgit/s-nail.git/commit/?id=f2699449b66dd702a98925bd1b11153a6f7294bf NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/27/7 CVE-2017-5617 [SSRF issue] - - svgsalamander + - svgsalamander (bug #853134) NOTE: https://github.com/blackears/svgSalamander/issues/11 NOTE: http://www.openwall.com/lists/oss-security/2017/01/27/3 CVE-2017-5600 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48546 - in data: . CVE
Author: agx Date: 2017-01-30 06:02:46 + (Mon, 30 Jan 2017) New Revision: 48546 Modified: data/CVE/list data/dla-needed.txt Log: lts: triage wavpack Modified: data/CVE/list === --- data/CVE/list 2017-01-30 05:52:55 UTC (rev 48545) +++ data/CVE/list 2017-01-30 06:02:46 UTC (rev 48546) @@ -70,6 +70,7 @@ NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=1021740 CVE-2016-10172 [heap oob read in read_new_config_info / open_utils.c] - wavpack (bug #853076) + [wheezy] - wavpack (Vulnerable code not present) NOTE: https://sourceforge.net/p/wavpack/mailman/message/35561951/ NOTE: Fixed by: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc (5.1.0) CVE-2016-10171 [heap out of bounds read in unreorder_channels / wvunpack.c] Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-30 05:52:55 UTC (rev 48545) +++ data/dla-needed.txt 2017-01-30 06:02:46 UTC (rev 48546) @@ -109,6 +109,11 @@ -- qemu-kvm (Guido Günther) -- +wavpack + NOTE: the provided testcases don't crash but this hunk + NOTE: https://github.com/dbry/WavPack/commit/4bc05fc490b66ef2d45b1de26abf1455b486b0dc#diff-bc1807cb462afb05056502f77834c6ebR291 + NOTE: is missing in the wheezy version +-- wireshark (Balint Reczey) -- wordpress (Markus Koschany) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48547 - in data: . DLA
Author: agx
Date: 2017-01-30 06:04:44 + (Mon, 30 Jan 2017)
New Revision: 48547
Modified:
data/DLA/list
data/dla-needed.txt
Log:
lts: grab DLA-807-1 for imagemagick
Modified: data/DLA/list
===
--- data/DLA/list 2017-01-30 06:02:46 UTC (rev 48546)
+++ data/DLA/list 2017-01-30 06:04:44 UTC (rev 48547)
@@ -1,3 +1,6 @@
+[30 Jan 2017] DLA-807-1 imagemagick - security update
+ {CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2017-5506
CVE-2017-5507 CVE-2017-5508 CVE-2017-5510 CVE-2017-5511}
+ [wheezy] - imagemagick 8:6.7.7.10-5+deb7u11
[29 Jan 2017] DLA-806-1 zoneminder - security update
{CVE-2016-10140}
[wheezy] - zoneminder 1.25.0-4+deb7u1
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-01-30 06:02:46 UTC (rev 48546)
+++ data/dla-needed.txt 2017-01-30 06:04:44 UTC (rev 48547)
@@ -38,8 +38,6 @@
NOTE: maintainer has prepared a backport, LTS team please test/release
NOTE: https://lists.debian.org/debian-lts/2017/01/msg00059.html
--
-imagemagick (Guido Günther)
---
jasper (Thorsten Alteholz)
NOTE: not really clear what CVEs need to be fixed
--
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
[Secure-testing-commits] r48548 - data/CVE
Author: carnil Date: 2017-01-30 07:26:15 + (Mon, 30 Jan 2017) New Revision: 48548 Modified: data/CVE/list Log: Reference upstream report for calibre Modified: data/CVE/list === --- data/CVE/list 2017-01-30 06:04:44 UTC (rev 48547) +++ data/CVE/list 2017-01-30 07:26:15 UTC (rev 48548) @@ -6,6 +6,7 @@ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/4 CVE-2017- [javascript in books can access files on the computer using XMLHttpRequest] - calibre 2.75.1+dfsg-1 (bug #853004) + NOTE: Upstream report: https://launchpad.net/bugs/1651728 NOTE: upstream fix: https://github.com/kovidgoyal/calibre/commit/3a89718664cb8 NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2017/01/29/8 CVE-2017- [use after free in libmysqlclient.so] ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
