Utkarsh Gupta pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fd0c184e by Utkarsh Gupta at 2023-08-26T14:20:24+05:30
Add trafficserver to dla-needed
- - - - -
cd8a6baa by Utkarsh Gupta at 2023-08-26T14:23:19+05:30
Add freeimage to dla-needed
- - - - -
18ad23b8 by Utkarsh Gupta at 2023-08-26T14:42:11+05:30
Add python2.7 to dla-needed
- - - - -
d9f282f4 by Utkarsh Gupta at 2023-08-26T14:46:13+05:30
Add c-ares to dla-needed
- - - - -
ebf6bd82 by Utkarsh Gupta at 2023-08-26T14:47:42+05:30
Mark CVE-2022-447{29,30}/batik as no-dsa for buster
- - - - -
6faeaf9d by Utkarsh Gupta at 2023-08-26T14:48:11+05:30
Mark CVE-2022-48174/busybox as no-dsa for buster
- - - - -
dc545b60 by Utkarsh Gupta at 2023-08-26T14:48:43+05:30
Mark CVE-2022-41444/cacti as no-dsa for buster
- - - - -
2d3d57b8 by Utkarsh Gupta at 2023-08-26T14:49:10+05:30
Mark CVE-2022-34038/etcd as no-dsa for buster
- - - - -
18591a2c by Utkarsh Gupta at 2023-08-26T14:49:43+05:30
Mark CVE-2020-24904/gnome-gmail as no-dsa for buster
- - - - -
aab0ef6c by Utkarsh Gupta at 2023-08-26T14:50:06+05:30
Mark CVE-2022-45582/horizon as no-dsa for buster
- - - - -
593e97c7 by Utkarsh Gupta at 2023-08-26T14:51:05+05:30
Mark CVE-2020-24187/iotjs as ignored for buster
- - - - -
e613c18c by Utkarsh Gupta at 2023-08-26T14:51:45+05:30
Mark CVE-2023-38961/iotjs as ignored for buster
- - - - -
93239e0d by Utkarsh Gupta at 2023-08-26T14:52:43+05:30
Mark CVE-2022-4857libcrypto++ as no-dsa for buster
- - - - -
f587f8fe by Utkarsh Gupta at 2023-08-26T14:53:09+05:30
Mark CVE-2022-43358/libsass as no-dsa for buster
- - - - -
19eff1f2 by Utkarsh Gupta at 2023-08-26T14:53:35+05:30
Mark CVE-2020-21896/mupdf as no-dsa for buster
- - - - -
815e4e60 by Utkarsh Gupta at 2023-08-26T14:53:56+05:30
Mark CVE-2022-29654/nasm as no-das for buster
- - - - -
74f6d092 by Utkarsh Gupta at 2023-08-26T14:54:19+05:30
Mark CVE-2021-34193/opensc as no-dsa for buster
- - - - -
f7f4a9b6 by Utkarsh Gupta at 2023-08-26T14:54:43+05:30
Mark CVE-2022-36648/qemu as postponed for buster
- - - - -
89d4f988 by Utkarsh Gupta at 2023-08-26T14:55:20+05:30
Mark CVE-2021-28025/qtsvg-opensource-src as no-dsa for buster
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -564,6 +564,7 @@ CVE-2022-48570 (Crypto++ through 8.4 contains a timing side
channel in ECDSA sig
- libcrypto++ <unfixed>
[bookworm] - libcrypto++ <no-dsa> (Minor issue)
[bullseye] - libcrypto++ <no-dsa> (Minor issue)
+ [buster] - libcrypto++ <no-dsa> (Minor issue)
NOTE: https://github.com/weidai11/cryptopp/issues/992
NOTE: This issue exists because the CVE-2019-14318 fix was
intentionally removed for
NOTE: functionality reasons.
@@ -701,6 +702,7 @@ CVE-2023-38976 (An issue in weaviate v.1.20.0 allows a
remote attacker to cause
CVE-2023-38961 (Buffer Overflwo vulnerability in JerryScript Project
jerryscript v.3.0 ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5092
CVE-2023-38899 (SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows
a local ...)
NOT-FOR-US: berkaygediz O_Blog
@@ -41110,6 +41112,7 @@ CVE-2022-48174 (There is a stack overflow vulnerability
in ash.c:6030 in busybox
- busybox <unfixed>
[bookworm] - busybox <no-dsa> (Minor issue)
[bullseye] - busybox <no-dsa> (Minor issue)
+ [buster] - busybox <no-dsa> (Minor issue)
NOTE: https://bugs.busybox.net/show_bug.cgi?id=15216
NOTE:
https://git.busybox.net/busybox/commit/?id=d417193cf37ca1005830d7e16f5fa7e1d8a44209
CVE-2022-48173
@@ -50550,6 +50553,7 @@ CVE-2022-45582 (Open Redirect vulnerability in Horizon
Web Dashboard 19.4.0 thru
- horizon 3:23.1.0-3
[bookworm] - horizon <no-dsa> (Minor issue)
[bullseye] - horizon <no-dsa> (Minor issue)
+ [buster] - horizon <no-dsa> (Minor issue)
NOTE: https://bugs.launchpad.net/horizon/+bug/1982676
NOTE:
https://opendev.org/openstack/horizon/commit/beed6bf6f6f83df9972db5fb539d64175ce12ce9
(19.4.0)
NOTE:
https://opendev.org/openstack/horizon/commit/2f600272bfffb3024e6f06a369f9b4768dd1a0b0
(20.1.4)
@@ -53269,12 +53273,14 @@ CVE-2022-44730 (Server-Side Request Forgery (SSRF)
vulnerability in Apache Softw
- batik 1.17+dfsg-1
[bookworm] - batik <no-dsa> (Minor issue)
[bullseye] - batik <no-dsa> (Minor issue)
+ [buster] - batik <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2023/08/22/3
NOTE: https://issues.apache.org/jira/browse/BATIK-1347
CVE-2022-44729 (Server-Side Request Forgery (SSRF) vulnerability in Apache
Software Fo ...)
- batik 1.17+dfsg-1
[bookworm] - batik <no-dsa> (Minor issue)
[bullseye] - batik <no-dsa> (Minor issue)
+ [buster] - batik <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2023/08/22/2
NOTE: https://issues.apache.org/jira/browse/BATIK-1349
CVE-2022-44728
@@ -59936,6 +59942,7 @@ CVE-2022-43358 (Stack overflow vulnerability in
ast_selectors.cpp: in function S
- libsass <unfixed>
[bookworm] - libsass <no-dsa> (Minor issue)
[bullseye] - libsass <no-dsa> (Minor issue)
+ [buster] - libsass <no-dsa> (Minor issue)
NOTE: https://github.com/sass/libsass/issues/3178
CVE-2022-43357 (Stack overflow vulnerability in ast_selectors.cpp in function
Sass::Co ...)
- libsass <unfixed>
@@ -65336,6 +65343,7 @@ CVE-2022-41445 (A cross-site scripting (XSS)
vulnerability in Record Management
CVE-2022-41444 (Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via
crafted P ...)
- cacti 1.2.22+ds1-1
[bullseye] - cacti <no-dsa> (Minor issue)
+ [buster] - cacti <no-dsa> (Minor issue)
NOTE: https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2
NOTE: Fixed by:
https://github.com/Cacti/cacti/commit/ccb8b62de0f27f59d5e6073c2ae577a9ca7adaf8
(release/1.2.22)
CVE-2022-41443 (phpipam v1.5.0 was discovered to contain a header injection
vulnerabil ...)
@@ -78206,6 +78214,7 @@ CVE-2022-36648 (The hardware emulation in the
of_dpa_cmd_add_l2_flood of rocker
- qemu <unfixed>
[bookworm] - qemu <postponed> (Minor issue, revisit when fixed upstream)
[bullseye] - qemu <postponed> (Minor issue, revisit when fixed upstream)
+ [buster] - qemu <postponed> (Minor issue, revisit when fixed upstream)
NOTE:
https://lists.nongnu.org/archive/html/qemu-devel/2022-06/msg04469.html
CVE-2022-36647 (PKUVCL davs2 v1.6.205 was discovered to contain a global
buffer overfl ...)
- davs2 <unfixed> (bug #1019358)
@@ -85573,6 +85582,7 @@ CVE-2022-34038 (Etcd v3.5.4 allows remote attackers to
cause a denial of service
- etcd <unfixed>
[bookworm] - etcd <no-dsa> (Minor issue)
[bullseye] - etcd <no-dsa> (Minor issue)
+ [buster] - etcd <no-dsa> (Minor issue)
NOTE: https://github.com/etcd-io/etcd/pull/14022
NOTE: https://github.com/etcd-io/etcd/pull/14452
NOTE: Fixed by:
https://github.com/etcd-io/etcd/commit/5a315ef88fbfa454e02d27b0b8acb4f89457cd90
@@ -98074,6 +98084,7 @@ CVE-2022-29655 (An arbitrary file upload vulnerability
in the Upload Photos modu
CVE-2022-29654 (Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c
in nasm ...)
- nasm 2.16.01-1
[bullseye] - nasm <no-dsa> (Minor issue)
+ [buster] - nasm <no-dsa> (Minor issue)
NOTE: https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165f
CVE-2022-29653 (OFCMS v1.1.4 was discovered to contain a cross-site scripting
(XSS) vu ...)
NOT-FOR-US: OFCMS
@@ -157702,6 +157713,7 @@ CVE-2021-34194
CVE-2021-34193 (Stack overflow vulnerability in OpenSC smart card middleware
before 0. ...)
- opensc 0.22.0-1
[bullseye] - opensc <no-dsa> (Minor issue)
+ [buster] - opensc <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185
NOTE:
https://github.com/OpenSC/OpenSC/commit/f015746d22d249642c19674298a18ad824db0ed7
(0.22.0-rc1)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843
@@ -174167,6 +174179,7 @@ CVE-2021-28025 (Integer Overflow vulnerability in
qsvghandler.cpp in Qt qtsvg ve
- qt6-svg <not-affected> (Fixed before initial upload to the archive)
- qtsvg-opensource-src 5.15.4-2
[bullseye] - qtsvg-opensource-src <no-dsa> (Minor issue)
+ [buster] - qtsvg-opensource-src <no-dsa> (Minor issue)
- qt4-x11 <removed>
NOTE: https://bugreports.qt.io/browse/QTBUG-91507
NOTE:
https://code.qt.io/cgit/qt/qtsvg.git/commit/?id=7bbf88403fd2d1fe79fab7c8e469f8aeafeb7372
(v5.15.4-lts-lgpl)
@@ -213757,6 +213770,7 @@ CVE-2020-24905
CVE-2020-24904 (An issue was discovered in attach parameter in GNOME Gmail
version 2.5 ...)
- gnome-gmail <removed>
[bullseye] - gnome-gmail <no-dsa> (Minor issue)
+ [buster] - gnome-gmail <no-dsa> (Minor issue)
NOTE: https://github.com/davesteele/gnome-gmail/issues/84
TODO: check, might be an issue as well in src:viagee
CVE-2020-24903 (Cute Editor for ASP.NET 6.4 is vulnerable to reflected
cross-site scri ...)
@@ -215486,6 +215500,7 @@ CVE-2020-24188 (Cross-site scripting (XSS)
vulnerability in the search functiona
CVE-2020-24187 (An issue was discovered in ecma-helpers.c in jerryscript
version 2.3.0 ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/4076
CVE-2020-24186 (A Remote Code Execution vulnerability exists in the gVectors
wpDiscuz ...)
NOT-FOR-US: gVectors wpDiscuz plugin for WordPress
@@ -220444,6 +220459,7 @@ CVE-2020-21897
CVE-2020-21896 (A Use After Free vulnerability in
svg_dev_text_span_as_paths_defs func ...)
- mupdf 1.19.0+ds1-1
[bullseye] - mupdf <no-dsa> (Minor issue)
+ [buster] - mupdf <no-dsa> (Minor issue)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701294
NOTE:
https://git.ghostscript.com/?p=mupdf.git;h=8719e07834d6a72b6b4131539e49ed1e8e2ff79e
CVE-2020-21895
=====================================
data/dla-needed.txt
=====================================
@@ -28,6 +28,10 @@ amanda (Thorsten Alteholz)
aom (Markus Koschany)
NOTE: 20230823: Added by Front-Desk (apo)
--
+c-ares (Utkarsh)
+ NOTE: 20230826: Added by Front-Desk (utkarsh)
+ NOTE: 20230826: it's a heap buffer overflow. Have mixed feelings about this
one. Will look thoroughly. (utkarsh)
+--
cairosvg
NOTE: 20230323: Added by Front-Desk (gladk)
NOTE: 20230411: Proposed solution for CVE-2023-27586 in Buster to backport
the --unsafe switch, introduced in 1.0.21, might work (dleidert/inactive)
@@ -65,6 +69,12 @@ flask-security (Sean Whitton)
NOTE: 20230811: Experimental issue-based workflow: please self-assign and
follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/37
NOTE: 20230811: Follow fixes from bullseye 11.7 (1 CVE) (Beuc/front-desk)
--
+freeimage
+ NOTE: 20230826: Added by Front-Desk (utkarsh)
+ NOTE: 20230826: Anton Gladky is the maintainer. Please sync with him about
the
+ NOTE: 20230826: about this. Anyway, too many CVEs piled up. I feel we should
roll
+ NOTE: 20230826: out the DLA/ELA now. (utkarsh)
+--
glib2.0 (santiago)
NOTE: 20230612: Added by Front-Desk (apo)
NOTE: 20230710: WIP (santiago)
@@ -151,6 +161,13 @@ python-os-brick
NOTE: 20230525: Added by Front-Desk (lamby)
NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store,
python-os-brick, nova and cinder.
--
+python2.7
+ NOTE: 20230826: Added by Front-Desk (utkarsh)
+ NOTE: 20230826: some traces of vulnerable code found. My hunch is that it's
not-affected but it needs
+ NOTE: 20230826: a deeper triage. Also CVE-2023-24329 is vulnerable and was
partially fixed in some suites
+ NOTE: 20230826: and wasn't fixed in Debian, but the extra patch is now
available and can be fixed now. (utkarsh)
+ NOTE: 20230826: contact Utkarsh in case you're unable to find the
supplementary patch. (utkarsh)
+--
qpdf (Thorsten Alteholz)
NOTE: 20230820: Added by Front-Desk (ta)
--
@@ -223,3 +240,9 @@ suricata (Adrian Bunk)
tiff
NOTE: 20230826: Added by Front-Desk (utkarsh)
--
+trafficserver
+ NOTE: 20230826: Added by Front-Desk (utkarsh)
+ NOTE: 20230826: have pinged Leo in Ubuntu to clarify the status on the
+ NOTE: 20230826: Ubuntu side and track the fixing commits. I'll update when
+ NOTE: 20230826: I have the answer here. (utkarsh)
+--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/db782f459563dab35f523af6a619a1a1f1e68ed9...89d4f988a5442d2dbb52bd91084907ffb7bb6960
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/db782f459563dab35f523af6a619a1a1f1e68ed9...89d4f988a5442d2dbb52bd91084907ffb7bb6960
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
