[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 3d879298 by Abhijith PA at 2021-06-17T03:11:03+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -594,6 +594,7 @@ CVE-2021-34549 CVE-2021-34548 RESERVED - tor + [stretch] - tor ([DSA 4644-1]) NOTE: https://blog.torproject.org/node/2041 NOTE: https://bugs.torproject.org/tpo/core/tor/40389 CVE-2021-34547 (PRTG Network Monitor 20.1.55.1775 allows /editsettings CSRF for user a ...) @@ -2947,6 +2948,7 @@ CVE-2021-3563 - keystone [bullseye] - keystone (Minor issue) [buster] - keystone (Minor issue) + [stretch] - keystone (Keystone is not supported in stretch) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1962908 NOTE: https://bugs.launchpad.net/keystone/+bug/1901891 CVE-2021-33497 (Dutchcoders transfer.sh before 1.2.4 allows Directory Traversal for de ...) = data/dla-needed.txt = @@ -76,6 +76,11 @@ nvidia-graphics-drivers openexr -- python-babel (Abhijith PA) + NOTE: 20210617: CVE ID rejected. (abhijith) +-- +qemu +-- +rabbitmq-server (Abhijith PA) -- ruby-actionpack-page-caching (Markus Koschany) NOTE: 20200819: Upstream's patch on does not apply due to subsequent View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d879298ec1ee7f560d56eb2423f0930dff5bf1a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d879298ec1ee7f560d56eb2423f0930dff5bf1a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: ad7195ce by Abhijith PA at 2021-06-14T12:50:55+05:30 Stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -1828,6 +1828,7 @@ CVE-2021-33830 RESERVED CVE-2021-33829 (A cross-site scripting (XSS) vulnerability in the HTML Data Processor ...) - ckeditor 4.16.0+dfsg-2 + [stretch] - ckeditor (Fix along next DLA) NOTE: https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser NOTE: https://github.com/ckeditor/ckeditor4/commit/3e426ce34f7fc7bf784624358831ef9e189bb6ed CVE-2021-33828 @@ -6960,6 +6961,7 @@ CVE-2021-31685 RESERVED CVE-2021-31684 (A vulnerability was discovered in the indexOf function of JSONParserBy ...) - json-smart + [stretch] - json-smart (Minor issue) NOTE: https://github.com/netplex/json-smart-v2/issues/67 NOTE: https://github.com/netplex/json-smart-v2/commit/6ecff1c2974eaaab2e74e441bdf5ba8495227bf5 NOTE: Security impact disputed by upstream @@ -74628,6 +74630,7 @@ CVE-2020-15226 (In GLPI before version 9.5.2, there is a SQL Injection in the AP - glpi CVE-2020-15225 (django-filter is a generic system for filtering Django QuerySets based ...) - django-filter 2.4.0-1 + [stretch] - django-filter (Minor issue) NOTE: https://github.com/carltongibson/django-filter/security/advisories/GHSA-x7gm-rfgv-w973 NOTE: https://github.com/carltongibson/django-filter/commit/340cf7a23a2b3dcd7183f6a0d6c383e85b130d2b CVE-2020-15224 (In Open Enclave before version 0.12.0, an information disclosure vulne ...) = data/dla-needed.txt = @@ -53,6 +53,8 @@ gpac (Thorsten Alteholz) -- htmldoc (Utkarsh Gupta) -- +intel-microcode +-- jetty9 (Sylvain Beucler) -- libxstream-java @@ -71,6 +73,8 @@ nvidia-graphics-drivers NOTE: package is in non-free but also in packages-to-support NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in Stretch, no fix available for CVE-2021-1077 -- +openexr +-- prosody (Anton Gladky) NOTE: 20210519: at least the 10MB limit mentioned in CVE-2021-32918 is present NOTE: 20210530: WIP View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad7195ce804fbde7305b53aaca1c4ce6cabc5c39 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad7195ce804fbde7305b53aaca1c4ce6cabc5c39 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: a055a404 by Abhijith PA at 2021-03-08T01:41:45+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -6569,6 +6569,7 @@ CVE-2021-25289 RESERVED - pillow 8.1.1-1 [buster] - pillow (Vulnerable code not present) + [stretch] - pillow (Vulnerable code not present) NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html CVE-2021-25288 RESERVED @@ -66338,10 +66339,12 @@ CVE-2020-11989 (Apache Shiro before 1.5.3, when using Apache Shiro with Spring d NOTE: CVE is closely related to CVE-2020-1957. CVE-2020-11988 (Apache XmlGraphics Commons 2.4 is vulnerable to server-side request fo ...) - xmlgraphics-commons - TODO: check fixing commits + [stretch] - xmlgraphics-commons (Minor issue) + NOTE: https://github.com/apache/xmlgraphics-commons/commit/57393912eb87b994c7fed39ddf30fb778a275183.patch CVE-2020-11987 (Apache Batik 1.13 is vulnerable to server-side request forgery, caused ...) - batik - TODO: check fixing commits + [stretch] - batik (Minor issue) + NOTE: https://github.com/apache/xmlgraphics-batik/commit/0ef5b661a1f2d1110877ea9e0287987098f6.patch CVE-2020-11986 (To be able to analyze gradle projects, the build scripts need to be ex ...) - netbeans 12.1-1 [stretch] - netbeans (Minor issue) = data/dla-needed.txt = @@ -74,6 +74,10 @@ opendmarc -- php-pear (Ola Lundqvist) -- +pillow (Abhijith PA) +-- +privoxy (Abhijith PA) +-- python3.5 NOTE: 20210217: Fairly invasive change, changing/augmenting API of standard library. (lamby) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a055a404512e4d2636a4736f870d7325fb6842ba -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a055a404512e4d2636a4736f870d7325fb6842ba You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: c220ce4b by Abhijith PA at 2021-03-07T20:27:05+05:30 Stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1138,6 +1138,7 @@ CVE-2021-27516 (URI.js (aka urijs) before 1.19.6 mishandles certain uses of back NOT-FOR-US: urijs CVE-2021-27515 (url-parse before 1.5.0 mishandles certain uses of backslash such as ht ...) - node-url-parse + [stretch] - node-url-parse (Minor issue) NOTE: https://github.com/unshiftio/url-parse/commit/d1e7e8822f26e8a49794b757123b51386325b2b0 NOTE: https://github.com/unshiftio/url-parse/pull/197 CVE-2021-27514 (EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for th ...) @@ -2505,6 +2506,7 @@ CVE-2021-26907 RESERVED CVE-2021-26906 (An issue was discovered in res_pjsip_session.c in Digium Asterisk thro ...) - asterisk 1:16.16.1~dfsg-1 (bug #983159) + [stretch] - asterisk (Minor issue) NOTE: https://downloads.asterisk.org/pub/security/AST-2021-005.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29196 CVE-2021-3402 @@ -15641,6 +15643,7 @@ CVE-2020-35777 (NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by comma NOT-FOR-US: Netgear CVE-2020-35776 (A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk version ...) - asterisk 1:16.16.1~dfsg-1 (bug #983158) + [stretch] - asterisk (Minor issue) NOTE: https://downloads.asterisk.org/pub/security/AST-2021-001.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29227 CVE-2020-35775 (CITSmart before 9.1.2.23 allows LDAP Injection. ...) @@ -16475,7 +16478,7 @@ CVE-2021-21239 (PySAML2 is a pure python implementation of SAML Version 2 Standa NOTE: https://github.com/IdentityPython/pysaml2/commit/751dbf50a51131b13d55989395f9b115045f9737 CVE-2021-21238 (PySAML2 is a pure python implementation of SAML Version 2 Standard. Py ...) - python-pysaml2 6.5.1-1 (bug #980773) - [stretch] - python-pysaml2 (python3-xmlschema not available in stretch for fix) + [stretch] - python-pysaml2 (python3-xmlschema not available in stretch for fix) NOTE: https://github.com/IdentityPython/pysaml2/security/advisories/GHSA-f4g9-h89h-jgv9 NOTE: https://github.com/IdentityPython/pysaml2/commit/3b707723dcf1bf60677b424aac398c0c3557641d CVE-2021-21237 (Git LFS is a command line extension for managing large files with Git. ...) @@ -18644,6 +18647,7 @@ CVE-2021-20329 RESERVED CVE-2021-20328 (Specific versions of the Java driver that support client-side field le ...) - mongo-java-driver + [stretch] - mongo-java-driver (Minor issue) NOTE: https://jira.mongodb.org/browse/JAVA-4017 NOTE: https://github.com/mongodb/mongo-java-driver/commit/60d87d5a76645a331a77ccc45ef7c67aac88b234 CVE-2021-20327 (A specific version of the Node.js mongodb-client-encryption module doe ...) @@ -19104,6 +19108,7 @@ CVE-2021-20201 [Client initiated renegotiation denial of service] RESERVED - spice (bug #983698) [buster] - spice (Minor issue) + [stretch] - spice (Minor issue) NOTE: https://gitlab.freedesktop.org/spice/spice/-/issues/49 NOTE: https://gitlab.freedesktop.org/spice/spice/-/commit/ca5bbc5692e052159bce1a75f55dc60b36078749 NOTE: https://gitlab.freedesktop.org/spice/spice/-/commit/95a0cfac8a1c8eff50f05e65df945da3bb501fc9 @@ -31467,6 +31472,7 @@ CVE-2020-27224 (In Eclipse Theia versions up to and including 1.2.0, the Markdow NOT-FOR-US: Eclipse Theia CVE-2020-27223 (In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0 ...) - jetty9 9.4.38-1 + [stretch] - jetty9 (Minor issue) NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128 NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7 CVE-2020-27222 (In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based ( ...) @@ -38132,6 +38138,7 @@ CVE-2020-24393 (TweetStream 2.6.1 uses the library eventmachine in an insecure w NOT-FOR-US: TweetStream CVE-2020-24392 (In voloko twitter-stream 0.1.10, missing TLS hostname validation allow ...) - ruby-twitter-stream + [stretch] - ruby-twitter-stream (Minor issue) NOTE: https://securitylab.github.com/advisories/GHSL-2020-097-voloko-twitter-stream CVE-2020-24391 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c220ce4b2c4e79fe5bf698336c243b868194d03c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c220ce4b2c4e79fe5bf698336c243b868194d03c You're receiving this email because of your account on salsa.debian.org.
[Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 38c02cf1 by Abhijith PA at 2021-03-06T14:13:22+05:30 Stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -262,6 +262,7 @@ CVE-2021-27928 RESERVED CVE-2021-27927 (In Zabbix before 4.0.28rc1, 5.x before 5.0.8rc1, 5.1.x and 5.2.x befor ...) - zabbix 1:5.0.8+dfsg-1 + [stretch] - zabbix (minor issue) NOTE: https://support.zabbix.com/browse/ZBX-18942 CVE-2021-27926 RESERVED @@ -287,6 +288,7 @@ CVE-2021-27918 CVE-2021-3420 (A flaw was found in newlib in versions prior to 4.0.0. Improper overfl ...) - newlib (bug #984446) [buster] - newlib (Minor issue) + [stretch] - newlib (Minor issue) - picolibc 1.5-1 - libnewlib-nano (bug #984424) [buster] - libnewlib-nano (Minor issue) @@ -19477,11 +19479,13 @@ CVE-2020-35525 CVE-2020-35524 [Heap-based buffer overflow in TIFF2PDF tool] RESERVED - tiff 4.1.0+git201212-1 + [stretch] - tiff (can be fixed along in next DLA) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/7be2e452ddcf6d7abca88f41d3761e6edab72b22 NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/159 CVE-2020-35523 [Integer overflow in tif_getimage.c] RESERVED - tiff 4.1.0+git201212-1 + [stretch] - tiff (can be fixed along in next DLA) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/c8d613ef497058fe653c467fc84c70a62a4a71b2 NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/160 CVE-2020-35522 [Memory allocation failure in tif_pixarlog.c] @@ -26266,6 +26270,7 @@ CVE-2020-28497 RESERVED CVE-2020-28496 (This affects the package three before 0.125.0. This can happen when ha ...) - three.js + [stretch] - three.js (can be fixed along in next DLA) NOTE: https://github.com/mrdoob/three.js/pull/21143/commits/4a582355216b620176a291ff319d740e619d583e NOTE: https://github.com/mrdoob/three.js/issues/21132 CVE-2020-28495 (This affects the package total.js before 3.4.7. The set function can b ...) @@ -31175,6 +31180,7 @@ CVE-2020-27353 CVE-2020-27352 RESERVED - snapd 2.49-1 + [stretch] - snapd (Minor issue) NOTE: https://ubuntu.com/security/notices/USN-4728-1 NOTE: https://github.com/docker-snap/docker-snap/security/advisories/GHSA-798c-v3jq-h646 NOTE: https://bugs.launchpad.net/snapd/+bug/1910456 = data/dla-needed.txt = @@ -67,6 +67,8 @@ libebml (Thorsten Alteholz) libupnp NOTE: 20210302: since utkarsh working wpa, might want to handle this as well ? (abhijith) -- +libcaca (Abhijith PA) +-- linux (Ben Hutchings) -- linux-4.19 (Ben Hutchings) @@ -117,6 +119,8 @@ shiro NOTE: 20201004: Sent additional request to upstream dev list; stil no response. (roberto) NOTE: 20201220: Upstream has responded. Working with them to backport fixes. (roberto) -- +smarty3 (Abhijith PA) +-- spotweb NOTE: 20201220: The affected code uses string concatenation to construct a SQL query. NOTE: 20201220: Upstream's "fix" is to blacklist all the "bad" SQL commands. (roberto) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38c02cf161216beb63ec5f43bbecc228d16cd9c1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38c02cf161216beb63ec5f43bbecc228d16cd9c1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 15c99ffc by Abhijith PA at 2021-03-02T13:19:11+05:30 Stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -3516,6 +3516,7 @@ CVE-2018-25005 RESERVED CVE-2018-25004 (A user authorized to performing a specific type of query may trigger a ...) - mongodb + [stretch] - mongodb (https://lists.debian.org/debian-lts/2020/11/msg00058.html) NOTE: https://jira.mongodb.org/browse/SERVER-38275 CVE-2021-3345 (_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9. ...) [experimental] - libgcrypt20 1.9.1-1 (bug #981370) @@ -77569,6 +77570,7 @@ CVE-2020-7930 RESERVED CVE-2020-7929 (A user authorized to perform database queries may trigger denial of se ...) - mongodb + [stretch] - mongodb (https://lists.debian.org/debian-lts/2020/11/msg00058.html) NOTE: https://jira.mongodb.org/browse/SERVER-51083 CVE-2020-7928 (A user authorized to perform database queries may trigger a read overr ...) - mongodb = data/dla-needed.txt = @@ -69,6 +69,9 @@ jackson-dataformat-cbor (Abhijith PA) libebml (Thorsten Alteholz) NOTE: 20210221: testing package -- +libupnp + NOTE: 20210302: since utkarsh working wpa, might want to handle this as well ? (abhijith) +-- linux (Ben Hutchings) -- linux-4.19 (Ben Hutchings) @@ -132,6 +135,10 @@ spotweb subversion (Thorsten Alteholz) NOTE: 20210221: solving build problems -- +tomcat7 +-- +tomcat8 +-- wpa (Utkarsh) -- xmlbeans (Roberto C. Sánchez) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/15c99ffcd4b7e27977bae1d8a99f71e9c0a28e67 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/15c99ffcd4b7e27977bae1d8a99f71e9c0a28e67 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 47e7d5a4 by Abhijith PA at 2020-10-11T19:22:58+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -1653,6 +1653,7 @@ CVE-2020-26159 (In Oniguruma 6.9.5_rev1, an attacker able to supply a regular ex CVE-2019-20922 (Handlebars before 4.4.5 allows Regular Expression Denial of Service (R ...) - node-handlebars 3:4.7.2-1 - libjs-handlebars + [stretch] - libjs-handlebars (Only reverse depends was diaspora which not in stretch) NOTE: https://github.com/handlebars-lang/handlebars.js/commit/8d5530ee2c3ea9f0aee3fde310b9f36887d00b8b NOTE: https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388 NOTE: https://www.npmjs.com/advisories/1300 @@ -1661,6 +1662,7 @@ CVE-2019-20921 (bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS) CVE-2019-20920 (Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ...) - node-handlebars 3:4.5.3-1 - libjs-handlebars + [stretch] - libjs-handlebars (Only reverse depends was diaspora which not in stretch) NOTE: https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478 NOTE: https://www.npmjs.com/advisories/1316 NOTE: https://www.npmjs.com/advisories/1324 = data/dla-needed.txt = @@ -74,6 +74,8 @@ golang-1.7 -- golang-1.8 -- +golang-github-dgrijalva-jwt-go +-- golang-golang-x-net-dev -- guacamole-server (Markus Koschany) @@ -87,6 +89,8 @@ jupyter-notebook lemonldap-ng NOTE: 20200910: Released a DLA for CVE-2020-24660 a few days ago, so could defer. (lamby) -- +kdeconnect +-- libonig (Markus Koschany) NOTE: 20201002: Fix for CVE-2020-26159 is too trivial. Besides that, please consider NOTE: 20201002: fixing other errors mentioned in https://github.com/kkos/oniguruma/issues/207 @@ -116,8 +120,13 @@ php-horde-trean NOTE: 20200829: Reconsidering CVE-2019-12095 and what has been written in https://bugs.horde.org/ticket/14926 (sunweaver) NOTE: 20200829: We may not expect too much activity regarding this by upstream. (sunweaver) -- +phpmyadmin (Abhijith PA) +-- python3.5 (Thorsten Alteholz) -- +pluxml + NOTE: 20201011: issue is still open upstream. Also low priority for us (abhijith) +-- qtsvg-opensource-src (Adrian Bunk) -- reel View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47e7d5a422a065693233318b1817832d77faf5c8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47e7d5a422a065693233318b1817832d77faf5c8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 33833a83 by Abhijith PA at 2020-10-07T15:39:55+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -495,16 +495,19 @@ CVE-1999-0199 (manual/search.texi in the GNU C Library (aka glibc) before 2.2 la CVE-2020-26572 (The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a ...) - opensc [buster] - opensc (Minor issue) + [stretch] - opensc (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22967 NOTE: https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817 CVE-2020-26571 (The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 ...) - opensc [buster] - opensc (Minor issue) + [stretch] - opensc (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20612 TODO: check, unclear fixing commit CVE-2020-26570 (The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 ha ...) - opensc [buster] - opensc (Minor issue) + [stretch] - opensc (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24316 NOTE: https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e CVE-2020-26569 = data/dla-needed.txt = @@ -170,6 +170,10 @@ slirp NOTE: CVE-2020-7039 to be applied patched first, as they both patch NOTE: the same lines of code in tcp_subr.c (bam). -- +spice +-- +spice-gtk +-- sympa (Sylvain Beucler) NOTE: 20200525: Incomplete patch. Not the complete patch is made public. (utkarsh) NOTE: 20200525: But that is weird, given their announcement. (utkarsh) @@ -188,6 +192,8 @@ thunderbird (Emilio) tinymce (Abhijith PA) NOTE: 20201003: relevant commits are hard to chase down (abhijith) -- +wireshark +-- xcftools NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for upstream review (hle) NOTE: 20200414: Flurry of activity on/around 20200401 essentially rejecting original patch View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33833a8339dc954c8771f0d6f457b8338ea6f1b5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33833a8339dc954c8771f0d6f457b8338ea6f1b5 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8a1de3da by Abhijith PA at 2020-08-08T19:17:05+05:30
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=
data/CVE/list
=
@@ -3703,8 +3703,10 @@ CVE-2019-20907 (In Lib/tarfile.py in Python through
3.8.3, an attacker is able t
- python3.7 (low)
[buster] - python3.7 3.7.3-2+deb10u2
- python3.5 (low)
+ [stretch] - python3.5 (Minor issue, can be fixed in next
DLA)
- python2.7 (low)
[buster] - python2.7 (Minor issue)
+ [stretch] - python2.7 (Minor issue, can be fixed in next
DLA)
NOTE: https://bugs.python.org/issue39017
NOTE:
https://github.com/python/cpython/commit/5a8d121a1f3ef5ad7c105ee378cc79a3eac0c7d4
(master)
NOTE:
https://github.com/python/cpython/commit/f3232294ee695492f43d424cc6969d018d49861d
(3.9-branch)
@@ -5055,6 +5057,7 @@ CVE-2020-15118 (In Wagtail before versions 2.7.4 and
2.9.3, when a form page typ
NOT-FOR-US: Wagtail
CVE-2020-15117 (In Synergy before version 1.12.0, a Synergy server can be
crashed by r ...)
- synergy
+ [stretch] - synergy (minor issue, low priority)
NOTE:
https://github.com/symless/synergy-core/commit/0a97c2be0da2d0df25cb86dfd642429e7a8bea39
NOTE:
https://github.com/symless/synergy-core/security/advisories/GHSA-chfm-333q-gfpp
CVE-2020-15116
@@ -26194,6 +26197,7 @@ CVE-2020-7238 (Netty 4.1.43.Final allows HTTP Request
Smuggling because it misha
{DLA-2110-1 DLA-2109-1}
- netty 1:4.1.45-1 (bug #950967)
- netty-3.9
+ [stretch] - netty-3.9 (CVE-2019-16869 not fixed for
stretch)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1796225
NOTE: https://github.com/jdordonezn/CVE-2020-72381/issues/1
NOTE: Issue exists because of incomplete fix for CVE-2019-16869.
=
data/dla-needed.txt
=
@@ -21,6 +21,9 @@ ansible
NOTE: 20200508: bam: Upstream fix was reverted -
https://github.com/ansible/ansible/pull/68983
NOTE: 20200508: bam: See https://github.com/ansible/ansible/issues/67794
--
+apache2
+ NOTE: 20200808: Seems affected by CVE-2020-9490, CVE-2020-11993
+--
ark (Abhijith PA)
NOTE: 20200731: given PoC not working as intended. (abhijith)
NOTE: 20200801: though testing with other PoC's available over internet
seems exploitable (abhijith)
@@ -140,6 +143,8 @@ wordpress
NOTE: 20200710: in 4.1.31+dfsg-0+deb8u1 in jessie LTS, yet does not seem that
NOTE: 20200710: it was vulnerable to begin with. (lamby)
--
+wpa
+--
xcftools
NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for
upstream review (hle)
NOTE: 20200414: Flurry of activity on/around 20200401 essentially rejecting
original patch
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a1de3da649e30b5dae1948dde37bd2352107793
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a1de3da649e30b5dae1948dde37bd2352107793
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 841eed29 by Abhijith PA at 2020-08-06T10:55:55+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -15120,6 +15120,7 @@ CVE-2020-11558 (An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstra - gpac [buster] - gpac (Minor issue) [jessie] - gpac (Vulnerable code not present and not reproducible) + [stretch] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/commit/6063b1a011c3f80cee25daade18154e15e4c058c NOTE: https://github.com/gpac/gpac/issues/1440 CVE-2020-11557 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...) @@ -20581,6 +20582,7 @@ CVE-2020-9488 (Improper validation of certificate with host mismatch in Apache L - apache-log4j2 (bug #959450) [buster] - apache-log4j2 (Minor issue) [jessie] - apache-log4j2 (Minor issue; set mail.smtp.ssl.checkserveridentity to true to enable hostname verification) + [stretch] - apache-log4j2 (Minor issue; set mail.smtp.ssl.checkserveridentity to true to enable hostname verification) NOTE: https://www.openwall.com/lists/oss-security/2020/04/25/1 NOTE: https://issues.apache.org/jira/browse/LOG4J2-2819 NOTE: https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=6851b5083ef9610bae320bf07e1f24d2aa08851b (release-2.x) = data/dla-needed.txt = @@ -72,6 +72,8 @@ gupnp (Emilio) imagemagick NOTE: 20200713: Ongoing work -- +inetutils +-- jruby (Adrian Bunk) NOTE: 20200706: all open CVEs were fixed in jessie (Beuc) -- @@ -82,6 +84,8 @@ linux (Ben Hutchings) -- linux-4.9 (Ben Hutchings) -- +lucene-solr +-- mumble NOTE: 20200325: Regression in last upload, forgot to follow up. NOTE: 20200325: https://github.com/mumble-voip/mumble/issues/3605 (abhijith) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/841eed29f053643c3111f641ccd691b112c2bdd8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/841eed29f053643c3111f641ccd691b112c2bdd8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 98f146be by Abhijith PA at 2020-08-02T10:15:57+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -739,6 +739,7 @@ CVE-2020-15918 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities were NOT-FOR-US: Mida eFramework CVE-2020-15917 (common/session.c in Claws Mail before 3.17.6 has a protocol violation ...) - claws-mail 3.17.6-1 + [stretch] - claws-mail (low priority issue) NOTE: https://git.claws-mail.org/?p=claws.git;a=commit;h=fcc25329049b6f9bd8d890f1197ed61eb12e14d5 CVE-2020-15916 (goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices a ...) NOT-FOR-US: Tenda devices @@ -4657,6 +4658,7 @@ CVE-2020-14348 CVE-2020-14347 [X Server Pixel Data Uninitialized Memory Information Disclosure] RESERVED - xorg-server + [stretch] - xorg-server (Minor issue, can be fixed along in next release) NOTE: https://lists.x.org/archives/xorg-announce/2020-July/003051.html NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/aac28e162e5108510065ad4c323affd6deffd816 CVE-2020-14346 @@ -14034,6 +14036,7 @@ CVE-2020-11062 (In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS oc NOTE: Only supported behind an authenticated HTTP zone CVE-2020-11061 (In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and ...) - bareos (bug #965985) + [stretch] - bareos (minor issue, low priority) NOTE: https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4 CVE-2020-11060 (In GLPI before 9.4.6, an attacker can execute system commands by abusi ...) - glpi (unimportant) @@ -31638,6 +31641,7 @@ CVE-2020-4043 (phpMussel from versions 1.0.0 and less than 1.6.0 has an unserial NOT-FOR-US: phpMussel CVE-2020-4042 (Bareos before version 19.2.8 and earlier allows a malicious client to ...) - bareos (bug #965985) + [stretch] - bareos (minor issue, low priority) NOTE: https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752 CVE-2020-4041 (In Bolt CMS before version 3.7.1, the filename of uploaded files was v ...) NOT-FOR-US: Bolt CMS = data/dla-needed.txt = @@ -52,6 +52,8 @@ condor (Roberto C. Sánchez) NOTE: 20200712: Requested input on path forward from debian-lts@l.d.o (roberto) NOTE: 20200727: Waiting on maintainer feedback: https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto) -- +evolution-data-server +-- firefox-esr (Emilio) NOTE: 20200720: working on ESR 78 backport. (Emilio) -- @@ -73,6 +75,8 @@ jruby (Adrian Bunk) jupyter-notebook NOTE: 20200711: Vulnerable to (at least) CVE-2018-19351. (lamby) -- +libx11 +-- linux (Ben Hutchings) -- linux-4.9 (Ben Hutchings) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98f146be45839b3b897b79544f48b8f6f97bc24f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98f146be45839b3b897b79544f48b8f6f97bc24f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: a04d0d85 by Abhijith PA at 2020-07-31T12:37:48+05:30 stretch triage - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -21,6 +21,8 @@ ansible NOTE: 20200508: bam: Upstream fix was reverted - https://github.com/ansible/ansible/pull/68983 NOTE: 20200508: bam: See https://github.com/ansible/ansible/issues/67794 -- +ark (Abhijith PA) +-- cacti NOTE: 20200529: A patch need to be cooked up. Upstream patch not fit for jessie version (abhijith) NOTE: 20200620: WIP (abhijith) @@ -109,6 +111,8 @@ puma -- python2.7 (Thorsten Alteholz) -- +ruby-kramdown (Abhijith PA) +-- ruby-zip NOTE: 20200710: Vulnerable to at least CVE-2018-1000544. (lamby) NOTE: 20200710: Was fixed in jessie LTS via DLA-1467-1. (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a04d0d8503f2be5402253aed087a988d3007481a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a04d0d8503f2be5402253aed087a988d3007481a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6d60ccf9 by Moritz Muehlenhoff at 2019-06-03T20:20:16Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -318,6 +318,7 @@ CVE-2019-12451 RESERVED CVE-2019-12450 (file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 ...) - glib2.0 (bug #929753) + [stretch] - glib2.0 (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174 CVE-2019-12449 (An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gv ...) - gvfs (bug #929755) @@ -889,8 +890,10 @@ CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625 CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4620 TODO: check details and correct vulnerability location @@ -904,8 +907,10 @@ CVE-2019-12217 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626 CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4619 TODO: check details and correct vulnerability location @@ -3752,7 +3757,8 @@ CVE-2019-11039 [Out-of-bounds read in iconv.c:_php_iconv_mime_decode() due to in NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78069 CVE-2019-11038 [Uninitialized read in gdImageCreateFromXbm] RESERVED - - libgd2 (bug #929821) + - libgd2 (low; bug #929821) + [stretch] - libgd2 (Minor issue) - php7.3 7.3.6-1 (unimportant) - php7.0 (unimportant) - php5 (unimportant) @@ -11369,6 +11375,7 @@ CVE-2019-8340 RESERVED CVE-2019-8339 (An issue was discovered in Falco through 0.14.0. A missing indicator f ...) - sysdig + [stretch] - sysdig (Minor issue) CVE-2019-8338 (The signature verification routine in the Airmail GPG-PGP Plugin, vers ...) NOT-FOR-US: Airmail CVE-2019-8336 (HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a c ...) @@ -29849,12 +29856,14 @@ CVE-2018-19666 (The agent in OSSEC through 3.1.0 on Windows allows local users t - ossec-hids (bug #361954) CVE-2018-19665 (The Bluetooth subsystem in QEMU mishandles negative values for length ...) - qemu 1:3.1+dfsg-2 (low; bug #916278) - [stretch] - qemu (Revisit when final upstream patch is out) + [stretch] - qemu (Minor issue) [jessie] - qemu (Revisit when final upstream patch is out) - qemu-kvm NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg03570.html NOTE: note that previously mentioned patch will never be merged by upstream, see NOTE: https://lists.debian.org/debian-lts/2019/01/msg00073.html + NOTE: 3.1 marked bluetooth subsystem as unused/deprecated, will most likely be removed: + NOTE: https://github.com/qemu/qemu/commit/c0188e69d CVE-2018-19664 (libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel ...) - libjpeg-turbo (Vulnerable code introduced later) NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305 @@ -145880,7 +145889,8 @@ CVE-2016-7153 (The HTTP/2 protocol does not consider the role of the TCP congest CVE-2016-7152 (The HTTPS protocol does not consider the role of the TCP congestion wi ...) NOTE: CVE assigned for the HTTP/2 protocol issue CVE-2016-7151 (Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a re ...) - - capstone + - capstone (low) + [stretch] - capstone (Minor issue) [jessie] - capstone (Vulnerable code not present) NOTE: https://github.com/aquynh/capstone/commit/87a25bb543c8e4c09b48d4b4a6c7db31ce58df06 (4.0-alpha4) NOTE: https://github.com/aquynh/capstone/pull/725 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d60ccf93e51597dbb0a7d56689aa0d2801c241d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d60ccf93e51597dbb0a7d56689aa0d2801c241d You're receiving this email because of your
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
562f23ce by Moritz Muehlenhoff at 2019-05-26T09:02:57Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -76,7 +76,8 @@ CVE-2019-12297 (An issue was discovered in scopd on Motorola
routers CX2 1.01 an
CVE-2019-12296
RESERVED
CVE-2019-12295 (In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to
2.4.14, the ...)
- - wireshark (bug #929446)
+ - wireshark (low; bug #929446)
+ [stretch] - wireshark (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7b6e197da4c497e229ed3ebf6952bae5c426a820
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-19.html
@@ -3591,6 +3592,7 @@ CVE-2019-10872 (An issue was discovered in Poppler
0.74.0. There is a heap-based
[buster] - poppler (Revisit when fixed upstream)
[stretch] - poppler (Revisit when fixed upstream)
NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/750
+ NOTE:
https://gitlab.freedesktop.org/poppler/poppler/commit/6a1580e84f492b5671d23be98192267bb73de250
CVE-2019-10871 (An issue was discovered in Poppler 0.74.0. There is a
heap-based buffe ...)
- poppler (low; bug #926529)
[buster] - poppler (Revisit when fixed upstream)
@@ -12259,6 +12261,7 @@ CVE-2019-7637 (SDL (Simple DirectMedia Layer) through
1.2.15 and 2.x through 2.0
[stretch] - libsdl2 (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497
NOTE: https://hg.libsdl.org/SDL/rev/9b0e5c555c0f
+ NOTE: Patch causes regressions for some applications/games:
https://bugzilla.novell.com/show_bug.cgi?id=1124825
CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through
2.0.9 ha ...)
{DLA-1714-1 DLA-1713-1}
- libsdl1.2 (bug #924609)
@@ -12267,7 +12270,7 @@ CVE-2019-7636 (SDL (Simple DirectMedia Layer) through
1.2.15 and 2.x through 2.0
[stretch] - libsdl2 (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499
NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2)
- NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf
+ NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf (SDL-2)
CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through
2.0.9 ha ...)
{DLA-1714-1 DLA-1713-1}
- libsdl1.2 (bug #924609)
@@ -12282,9 +12285,8 @@ CVE-2019-7635 (SDL (Simple DirectMedia Layer) through
1.2.15 and 2.x through 2.0
[jessie] - libsdl2-image (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498
NOTE: https://hg.libsdl.org/SDL/rev/7c643f1c1887 (SDL-2)
- NOTE: https://hg.libsdl.org/SDL/rev/7c643f1c1887 (SDL-1.2)
- NOTE: https://hg.libsdl.org/SDL/rev/08f3b4992538 (SDL-1.2)
- NOTE: https://hg.libsdl.org/SDL/rev/4646533663ae (SDL-1.2)
+ NOTE: https://hg.libsdl.org/SDL/rev/08f3b4992538 (SDL-1.2) (correct)
+ NOTE: https://hg.libsdl.org/SDL/rev/4646533663ae (SDL-1.2) (broken)
NOTE: https://hg.libsdl.org/SDL_image/rev/03bd33e8cb49 (SDL_image-2)
CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux,
used for Bo ...)
NOT-FOR-US: BoKS
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/562f23ceb8bb0b9909ed8b779528dee49205dd4a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/562f23ceb8bb0b9909ed8b779528dee49205dd4a
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8ff9be23 by Moritz Muehlenhoff at 2019-05-22T21:27:37Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
@@ -135,22 +135,30 @@ CVE-2019-12223
RESERVED
CVE-2019-1 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2
+ [stretch] - libsdl2 (Minor issue)
- libsdl1.2
+ [stretch] - libsdl1.2 (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4621
TODO: check details and correct vulnerability location
CVE-2019-12221 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2
+ [stretch] - libsdl2 (Minor issue)
- libsdl1.2
+ [stretch] - libsdl1.2 (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4628
TODO: check details and correct vulnerability location
CVE-2019-12220 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2
+ [stretch] - libsdl2 (Minor issue)
- libsdl1.2
+ [stretch] - libsdl1.2 (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4627
TODO: check details and correct vulnerability location
CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2
+ [stretch] - libsdl2 (Minor issue)
- libsdl1.2
+ [stretch] - libsdl1.2 (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625
TODO: check details and correct vulnerability location
CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
@@ -160,7 +168,9 @@ CVE-2019-12218 (An issue was discovered in libSDL2.a in
Simple DirectMedia Layer
TODO: check details and correct vulnerability location
CVE-2019-12217 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2
+ [stretch] - libsdl1.2 (Minor issue)
- libsdl1.2
+ [stretch] - libsdl2 (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626
TODO: check details and correct vulnerability location
CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
@@ -2265,10 +2275,13 @@ CVE-2019-11340 (util/emailutils.py in Matrix Sydent
before 1.0.2 mishandles regi
NOT-FOR-US: Matrix Sydent
CVE-2019-11339 (The studio profile decoder in libavcodec/mpeg4videodec.c in
FFmpeg 4.0 ...)
- ffmpeg 7:4.1.3-1
+ [stretch] - ffmpeg (Vulnerable code not present)
+ - libav (Vulnerable code not present)
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/d227ed5d598340e719eff7156b1aa0a4469e9a6a
CVE-2019-11338 (libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of
duplicate ...)
- ffmpeg 7:4.1.3-1
+ - libav
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e
CVE-2019-11337
RESERVED
@@ -7008,14 +7021,15 @@ CVE-2019-9721 (A denial of service in the subtitle
decoder in FFmpeg 4.1 allows
- ffmpeg 7:4.1.3-1 (bug #92)
[stretch] - ffmpeg (Vulnerable code not present)
NOTE:
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65
+ - libav
CVE-2019-9720
RESERVED
CVE-2019-9719
RESERVED
CVE-2019-9718 (In FFmpeg 4.1, a denial of service in the subtitle decoder
allows atta ...)
- ffmpeg 7:4.1.3-1 (low; bug #92)
- [stretch] - ffmpeg (Wait until fixed in 3.2.x release)
NOTE:
https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982
+ - libav
CVE-2019-9717
RESERVED
CVE-2019-9716
@@ -12879,6 +12893,7 @@ CVE-2019-116 (FFMPEG version 4.1 contains a
CWE-129: Improper Validation of
- ffmpeg 7:4.1.1-1 (low; bug #922066)
[stretch] - ffmpeg (Vulnerable code not present)
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/b97a4b658814b2de8b9f2a3bce491c002d34de31#diff-cd7e24986650014d67f484f3ffceef3f
+ - libav
CVE-2019-115 (Chamilo Chamilo-lms version 1.11.8 and earlier contains a
Cross Site S ...)
NOT-FOR-US: Chamilo Chamilo-lms
CVE-2019-114 (Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a
Signing oracl ...)
@@ -22946,15 +22961,15 @@ CVE-2018-20407 (An issue was discovered in Bento4
1.5.1-627. There is a memory l
NOT-FOR-US: Bento4
CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer
overflow via a ...)
{DLA-1663-1}
- - python3.7 3.7.0-7
- - python3.6 3.6.7~rc1-1
- - python3.5
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c51aa39a by Moritz Muehlenhoff at 2019-05-09T20:12:06Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -570,11 +570,15 @@ CVE-2019-11599 (The coredump implementation in the Linux kernel before 5.0.10 do NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1790 CVE-2019-11598 (In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in ...) - imagemagick (bug #928206) + [stretch] - imagemagick (Fix along in next DSA) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1540 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e2a21735e3a3f3930bd431585ec36334c4c2eb77 CVE-2019-11597 (In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in ...) - imagemagick (bug #928207) + [stretch] - imagemagick (Fix along in next DSA) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1555 + NOTE: https://github.com/ImageMagick/ImageMagick6/commit/1d6c036f0388d7857c725342f7212b60e39a14c1 + NOTE: https://github.com/ImageMagick/ImageMagick6/commit/c979b348d64a25a04f12ea7fe7888b2b23f230a7 CVE-2019-11596 (In memcached before 1.5.14, a NULL pointer dereference was found in th ...) - memcached (bug #928205) [stretch] - memcached (Vulnerable code introduced later) @@ -794,10 +798,12 @@ CVE-2019-11505 (In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8 CVE-2019-11504 (Zotonic before version 0.47 has mod_admin XSS. ...) NOT-FOR-US: Zotonic CVE-2019-11503 (snap-confine as included in snapd before 2.39 did not guard against sy ...) - - snapd (bug #928052) + - snapd (low; bug #928052) + [stretch] - snapd (Minor issue) NOTE: https://github.com/snapcore/snapd/pull/6642 CVE-2019-11502 (snap-confine in snapd before 2.38 incorrectly set the ownership of a s ...) - - snapd (bug #928052) + - snapd (low; bug #928052) + [stretch] - snapd (Minor issue) NOTE: https://github.com/snapcore/snapd/commit/bdbfeebef03245176ae0dc323392bb0522a339b1 CVE-2017-18367 (libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR ...) - golang-github-seccomp-libseccomp-golang 0.9.0-2 (bug #927981) @@ -1910,6 +1916,7 @@ CVE-2019-11037 (In PHP imagick extension in versions between 3.3.0 and 3.4.4, wr CVE-2019-11036 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...) - php7.3 (bug #928421) - php7.0 + [stretch] - php7.0 (Fix along in future update) - php5 NOTE: Fixed in 7.1.29, 7.2.18, 7.3.5 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77950 @@ -6083,6 +6090,7 @@ CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: NOTE: https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html NOTE: https://github.com/python/cpython/commit/daad2c482c91de32d8305abbccc76a5de8b3a8be (3.7.x) NOTE: https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5 (2.7.x) + NOTE: Regression fix: https://bugs.python.org/issue36742 CVE-2019-9635 (NULL pointer dereference in Google TensorFlow before 1.12.2 could caus ...) - tensorflow (bug #804612) CVE-2019-1003039 (An insufficiently protected credentials vulnerability exists in Jenkin ...) = data/dsa-needed.txt = @@ -17,14 +17,18 @@ If needed, specify the release by adding a slash after the name of the source pa -- bind9 -- +drupal7 +-- evolution -- faad2 not yet fixed upstream -- -ffmpeg +ffmpeg (jmm) ping upstream for 3.2.14 release catching up with recent issues -- +ghostscript +-- glusterfs -- graphicsmagick @@ -44,6 +48,10 @@ nss -- openjdk-8 -- +python2.7 (jmm) +-- +python3.5 (jmm) +-- simplesamlphp -- smarty3 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c51aa39a4eb35afae9bf815ba255a48f0a23ecf5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c51aa39a4eb35afae9bf815ba255a48f0a23ecf5 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f34b74da by Moritz Muehlenhoff at 2019-05-06T17:59:07Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -2174,10 +2174,11 @@ CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer
overflow in CDataFileRea
NOTE: https://github.com/teeworlds/teeworlds/issues/2070
NOTE:
https://github.com/teeworlds/teeworlds/commit/4d529dcd2d01022e979ebfa0b91167dee37cdb8e
CVE-2019-10878 (In Teeworlds 0.7.2, there is a failed bounds check in
CDataFileReader: ...)
- - teeworlds 0.7.2-4 (bug #927152)
+ - teeworlds 0.7.2-5 (bug #927152)
[jessie] - teeworlds (Not supported in jessie LTS)
NOTE: https://github.com/teeworlds/teeworlds/issues/2073
NOTE:
https://github.com/teeworlds/teeworlds/commit/e086f4b35b1adf7edc35b4ad332dc7ed1edc5988
+ NOTE:
https://github.com/teeworlds/teeworlds/commit/cc3d59ae706752956d6cb8acc4187c8398b61c5c
CVE-2019-10877 (In Teeworlds 0.7.2, there is an integer overflow in
CMap::Load() in en ...)
- teeworlds 0.7.2-4 (bug #927152)
[jessie] - teeworlds (Not supported in jessie LTS)
@@ -16314,7 +16315,8 @@ CVE-2019-5431
CVE-2019-5430
RESERVED
CVE-2019-5429 (Untrusted search path in FileZilla before 3.41.0-rc1 allows an
attacke ...)
- - filezilla (bug #928282)
+ - filezilla (low; bug #928282)
+ [stretch] - filezilla (Minor issue)
NOTE:
https://svn.filezilla-project.org/filezilla?revision=9097=revision
NOTE: https://www.tenable.com/security/research/tra-2019-14
CVE-2019-5428
@@ -31354,6 +31356,7 @@ CVE-2019-0224 (In Apache JSPWiki 2.9.0 to 2.11.0.M2, a
carefully crafted URL cou
- jspwiki
CVE-2019-0223 (While investigating bug PROTON-2014, we discovered that under
some cir ...)
- qpid-proton 0.22.0-1
+ [stretch] - qpid-proton (Minor issue)
NOTE: https://issues.apache.org/jira/browse/PROTON-2014
NOTE: https://qpid.apache.org/cves/CVE-2019-0223.html
NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=97c7733
@@ -31474,6 +31477,7 @@ CVE-2019-0188
RESERVED
CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in
distributed mod ...)
- jakarta-jmeter
+ [stretch] - jakarta-jmeter (Minor issue)
[jessie] - jakarta-jmeter (Minor issue)
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743
CVE-2019-0186 (The input fields of the Apache Pluto "Chat Room" demo portlet
3.0.0 an ...)
@@ -32142,6 +32146,7 @@ CVE-2018-19106 (Avi Vantage before 17.2.13 uses an
invalid URL encoding during a
CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of
service (0 ...)
{DLA-1776-1}
- librecad (bug #928477)
+ [stretch] - librecad (Minor issue)
NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
NOTE: https://github.com/LibreCAD/LibreCAD/issues/1038
NOTE: Fixed by
https://github.com/LibreCAD/LibreCAD/commit/6da7cc5f7f31afb008f03dbd11e07207ccd82085
@@ -37060,8 +37065,10 @@ CVE-2018-17203
REJECTED
CVE-2018-17202
RESERVED
+ NOTE: Apache Commons Imaging
CVE-2018-17201
RESERVED
+ NOTE: Apache Commons Imaging
CVE-2018-17200
RESERVED
CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior,
mod_session checks ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f34b74dab39049f2430ec605536cd54982d4eba4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f34b74dab39049f2430ec605536cd54982d4eba4
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 5f12af71 by Moritz Muehlenhoff at 2019-04-29T17:00:18Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -182,7 +182,8 @@ CVE-2019-11500 CVE-2019-11499 RESERVED CVE-2019-11498 (WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack t ...) - - wavpack 5.1.0-6 (bug #927903) + - wavpack 5.1.0-6 (low; bug #927903) + [stretch] - wavpack (Minor issue) NOTE: https://github.com/dbry/WavPack/issues/67 NOTE: https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4 CVE-2019-11497 @@ -1582,6 +1583,7 @@ CVE-2019-10907 (Airsonic 10.2.1 uses Spring's default remember-me mechanism base NOT-FOR-US: Airsonic CVE-2016-10745 (In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. ...) - jinja2 2.9.4-1 + [stretch] - jinja2 (Minor issue) NOTE: Fixed by: https://github.com/pallets/jinja/commit/9b53045c34e61013dc8f09b7e52a555fa16bed16 NOTE: Followup bugfix: https://github.com/pallets/jinja/commit/74bd64e56387f5b2931040dc7235a3509cde1611 CVE-2019-10906 (In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape ...) @@ -15791,7 +15793,8 @@ CVE-2019-5429 CVE-2019-5428 REJECTED CVE-2019-5427 (c3p0 version 0.9.5.4 may be exploited by a billion laughs attack ...) - - c3p0 (bug #927936) + - c3p0 (low; bug #927936) + [stretch] - c3p0 (Minor issue) [jessie] - c3p0 (Minor issue) NOTE: https://hackerone.com/reports/509315 NOTE: Fixed by: https://github.com/swaldman/c3p0/commit/f38f27635c384806c2a9d6500d80183d9f09d78b @@ -18937,6 +18940,7 @@ CVE-2019-3890 RESERVED [experimental] - evolution-ews 3.31.90-1 - evolution-ews (bug #926712) + [stretch] - evolution-ews (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/issues/27 NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/issues/36 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1678313 @@ -35929,13 +35933,15 @@ CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There is NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims NOTE: https://jira.hdfgroup.org/browse/HDFFV-10589 CVE-2018-17438 (A SIGFPE signal is raised in the function H5D__select_io() of H5Dselec ...) - - hdf5 + - hdf5 (low) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect NOTE: https://jira.hdfgroup.org/browse/HDFFV-10587 NOTE: fix in develop branch: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/7add52ff4f2443357648d53d52add274d1b18b5f CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in ...) [experimental] - hdf5 1.10.5+repack-1~exp1 - - hdf5 + - hdf5 (low) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#memory-leak-in-h5o_dtype_decode_helper NOTE: https://jira.hdfgroup.org/browse/HDFFV-10588 NOTE: fixed in 1.10.5, release notes: https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.5/src/hdf5-1.10.5-RELEASE.txt @@ -35949,7 +35955,8 @@ CVE-2018-17435 (A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c NOTE: https://jira.hdfgroup.org/browse/HDFFV-10591 CVE-2018-17434 (A SIGFPE signal is raised in the function apply_filters() of h5repack_ ...) [experimental] - hdf5 1.10.5+repack-1~exp1 - - hdf5 + - hdf5 (low) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_apply_filters_h5repack_filters NOTE: https://jira.hdfgroup.org/browse/HDFFV-10586 NOTE: fixed in 1.10.5, release notes: https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.5/src/hdf5-1.10.5-RELEASE.txt @@ -36380,7 +36387,8 @@ CVE-2018-17239 CVE-2018-17238 RESERVED CVE-2018-17237 (A SIGFPE signal is raised in the function H5D__chunk_set_info_real() o ...) - - hdf5 + - hdf5 (low) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/SegfaultMasters/covering360/blob/master/HDF5/README.md#divided-by-zero---h5d__chunk_set_info_real_div_by_zero NOTE: https://jira.hdfgroup.org/browse/HDFFV-10571 (not public) NOTE: does not appear in 1.10.5 release notes, but fixed in @@ -36396,14 +36404,16 @@ CVE-2018-17235 (The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp [jessie] - mp4v2
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 7ae96d6a by Moritz Muehlenhoff at 2019-04-24T17:46:45Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -61,7 +61,9 @@ CVE-2019-11473 (coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/5402c5cbd8bd NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/944dcbc457f8 CVE-2019-11472 (ReadXWDImage in coders/xwd.c in the XWD image parsing component of Ima ...) - - imagemagick (bug #927828) + - imagemagick (low; bug #927828) + [buster] - imagemagick (Minor issue) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1546 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4 CVE-2019-11471 (libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_al ...) @@ -69,7 +71,9 @@ CVE-2019-11471 (libheif 1.4.0 has a use-after-free in heif::HeifContext::Image:: NOTE: https://github.com/strukturag/libheif/commit/995a4283d8ed2d0d2c1ceb1a577b993df2f0e014 NOTE: https://github.com/strukturag/libheif/issues/123 CVE-2019-11470 (The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attack ...) - - imagemagick (bug #927830) + - imagemagick (low; bug #927830) + [buster] - imagemagick (Minor issue) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1472 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/a0473b29add9521ffd4c74f6f623b418811762b0 CVE-2018-20822 (LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrol ...) @@ -298,10 +302,12 @@ CVE-2019-11374 (74CMS v5.0.1 has a CSRF vulnerability to add a new admin user vi NOT-FOR-US: 74CMS CVE-2019-11373 (An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer ...) - libmediainfo (low; bug #927672) + [stretch] - libmediainfo (Minor issue) NOTE: https://github.com/MediaArea/MediaInfoLib/pull/ NOTE: https://sourceforge.net/p/mediainfo/bugs/1101/ CVE-2019-11372 (An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test ...) - libmediainfo (low; bug #927672) + [stretch] - libmediainfo (Minor issue) NOTE: https://github.com/MediaArea/MediaInfoLib/pull/ NOTE: https://sourceforge.net/p/mediainfo/bugs/1101/ CVE-2019-11371 (BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow vi ...) @@ -1055,12 +1061,14 @@ CVE-2019-11036 CVE-2019-11035 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...) - php7.3 7.3.4-1 - php7.0 + [stretch] - php7.0 (Fix along in future update) - php5 NOTE: Fixed in 7.1.28, 7.2.17, 7.3.4 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77831 CVE-2019-11034 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...) - php7.3 7.3.4-1 - php7.0 + [stretch] - php7.0 (Fix along in future update) - php5 NOTE: Fixed in 7.1.28, 7.2.17, 7.3.4 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77753 @@ -1094,10 +1102,10 @@ CVE-2019-11024 (The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8 NOTE: https://github.com/saitoha/libsixel/issues/85 NOTE: Negligible security impact CVE-2019-11023 (The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39. ...) - - graphviz (bug #926724) - [jessie] - graphviz (Minor issue; clean crash / DoS) + - graphviz (unimportant; bug #926724) NOTE: https://gitlab.com/graphviz/graphviz/issues/1517 NOTE: https://gitlab.com/graphviz/graphviz/commit/839085f8026afd6f6920a0c31ad2a9d880d97932 + NOTE: Crash in CLI tool, no security impact CVE-2019-11022 RESERVED CVE-2019-11021 @@ -1950,6 +1958,8 @@ CVE-2019-10715 RESERVED CVE-2019-10714 (LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 ...) - imagemagick + [buster] - imagemagick (Minor issue) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1495 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/aa6a769bd85f6750c26e53e53dcd8a2678745501 TODO: check, potentially only introduced in later versions than present in unstable as LocaleLowercase not present, but check if present before refactoring @@ -9711,6 +9721,7 @@ CVE-2019-7722 (PMD 5.8.1 and earlier processes XML external entities in ruleset NOT-FOR-US: PMD CVE-2019- [fuse mount exposes backup to unauthorized users] - borgbackup
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8dd2fc06 by Moritz Muehlenhoff at 2019-04-18T15:41:49Z
stretch triage
- - - - -
3 changed files:
- data/CVE/list
- data/dsa-needed.txt
- data/next-point-update.txt
Changes:
=
data/CVE/list
=
@@ -3068,7 +3068,7 @@ CVE-2019-9943
RESERVED
CVE-2016-10743 (hostapd before 2.6 does not prevent use of the low-quality
PRNG that i ...)
{DLA-1733-1}
- - wpa 2:2.6-7
+ - wpa 2:2.6-7 (unimportant)
NOTE:
https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389
NOTE: There was already a 2.6 upload late in 2016 but then reverted to
a 2.4 based
NOTE: version and only reuploaded as 2:2.6-7 to unstable.
@@ -15010,8 +15010,10 @@ CVE-2019-5421 (Plataformatec Devise version 4.5.0 and
earlier, using the lockabl
NOTE: https://github.com/plataformatec/devise/pull/4996
CVE-2019-5420 (A remote code execution vulnerability in development mode Rails
5. ...)
- rails 2:5.2.2.1+dfsg-1 (bug #924521)
+ [stretch] - rails (Vulnerable code not present)
[jessie] - rails (vulnerable code is not present in 4.x)
NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/3
+ NOTE: Introduced in
https://github.com/rails/rails/commit/69f976b859cae7f9d050152103da018b7f5dda6d
CVE-2019-5419 (There is a possible denial of service vulnerability in Action
View (Ra ...)
{DLA-1739-1}
- rails 2:5.2.2.1+dfsg-1 (bug #924520)
@@ -72689,6 +72691,7 @@ CVE-2018-3775 (Improper Authentication in Nextcloud
Server prior to version 12.0
- nextcloud (bug #835086)
CVE-2018-3774 (Incorrect parsing in url-parse 1.4.3 returns wrong hostname
which ...)
- node-url-parse 1.2.0-2 (bug #906058)
+ [stretch] - node-url-parse (Nodejs in stretch not covered by
security support)
NOTE: https://hackerone.com/reports/384029
NOTE:
https://github.com/unshiftio/url-parse/commit/53b1794e54d0711ceb52505e0f74145270570d5a
NOTE:
https://github.com/unshiftio/url-parse/commit/d7b582ec1243e8024e60ac0b62d2569c939ef5de
@@ -72834,6 +72837,7 @@ CVE-2018-3720 (assign-deep node module before 0.4.7
suffers from a Modification
NOT-FOR-US: assign-deep node module
CVE-2018-3719 (mixin-deep node module before 1.3.1 suffers from a Modification
of Ass ...)
- node-mixin-deep (bug #898315)
+ [stretch] - node-mixin-deep (Nodejs in stretch not covered by
security support)
NOTE: https://nodesecurity.io/advisories/578
CVE-2018-3718 (serve node module suffers from Improper Handling of URL
Encoding by pe ...)
NOT-FOR-US: serve node module
@@ -80742,6 +80746,7 @@ CVE-2018-1110 [Improper Input Validation]
CVE-2018-1109
RESERVED
- node-braces
+ [stretch] - node-braces (Nodejs in stretch not covered by
security support)
NOTE: https://snyk.io/vuln/npm:braces:20180219
NOTE:
https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451
CVE-2018-1108 (kernel drivers before version 4.17-rc1 are vulnerable to a
weakness in ...)
@@ -86869,6 +86874,7 @@ CVE-2017-16130 (exxx is an Http eX Frame Google
Style JavaScript Guide.
NOT-FOR-US: exxx
CVE-2017-16129 (The HTTP client module superagent is vulnerable to ZIP bomb
attacks. I ...)
- node-superagent 0.20.0+dfsg-2
+ [stretch] - node-superagent (Nodejs in stretch not covered by
security support)
NOTE: https://github.com/visionmedia/superagent/issues/1259
NOTE: https://nodesecurity.io/advisories/479
CVE-2017-16128 (The module npm-script-demo opened a connection to a command
and contro ...)
@@ -86891,6 +86897,7 @@ CVE-2017-16120 (liyujing is a static file server.
liyujing is vulnerable to a di
NOT-FOR-US: liyujing
CVE-2017-16119 (Fresh is a module used by the Express.js framework for HTTP
response f ...)
- node-fresh
+ [stretch] - node-braces (Nodejs in stretch not covered by
security support)
NOTE: https://nodesecurity.io/advisories/526
CVE-2017-16118 (The forwarded module is used by the Express.js framework to
handle the ...)
NOT-FOR-US: forwarded nodejs module
@@ -87085,6 +87092,7 @@ CVE-2017-16027
RESERVED
CVE-2017-16026 (Request is an http client. If a request is made using
```multipart```, ...)
- node-request (bug #901708)
+ [stretch] - node-request (Nodejs in stretch not covered by
security support)
NOTE: https://github.com/request/request/issues/1904
NOTE: https://nodesecurity.io/advisories/309
NOTE: https://github.com/request/request/pull/2018
@@ -87481,6 +87489,7 @@ CVE-2016-10543 (call is an HTTP router that is
primarily used by the hapi framew
NOT-FOR-US: call HTTP router
CVE-2016-10542 (ws is a "simple to use, blazing
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
16b9a778 by Moritz Muehlenhoff at 2019-04-15T20:40:06Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -356,6 +356,7 @@ CVE-2019-11069 (Sequelize before 5.3.0 does not properly
ensure that standard co
CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism
because ...)
{DLA-1756-1}
- libxslt (bug #926895)
+ [stretch] - libxslt (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/libxslt/issues/12 (not public)
NOTE:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
CVE-2006-7254 (The nscd daemon in the GNU C Library (glibc) before version 2.5
does n ...)
@@ -465,7 +466,8 @@ CVE-2019-11026 (FontInfoScanner::scanFonts in FontInfo.cc
in Poppler 0.75.0 has
- poppler (bug #926721)
NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/752
CVE-2019-11025 (In clearFilter() in utilities.php in Cacti before 1.2.3, no
escaping o ...)
- - cacti 1.2.2+ds1-2 (bug #926700)
+ - cacti 1.2.2+ds1-2 (low; bug #926700)
+ [stretch] - cacti (Minor issue)
NOTE: https://github.com/Cacti/cacti/issues/2581
CVE-2019-11024 (The load_pnm function in frompnm.c in libsixel.a in libsixel
1.8.2 has ...)
TODO: check
@@ -1173,6 +1175,7 @@ CVE-2019-10724
RESERVED
CVE-2019-10723 (An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache
class i ...)
- libpodofo (bug #926667)
+ [stretch] - libpodofo (Minor issue)
[jessie] - libpodofo (clean exception quit/DoS, low popcon)
NOTE: https://sourceforge.net/p/podofo/tickets/46/
CVE-2019-1003099 (A missing permission check in Jenkins openid Plugin in the
OpenIdSsoSe ...)
@@ -18257,8 +18260,10 @@ CVE-2019-3831 (A vulnerability was discovered in vdsm,
version 4.19 through 4.30
- vdsm (bug #668538)
CVE-2019-3830 (A vulnerability was found in ceilometer before version
12.0.0.0rc1. An ...)
- ceilometer (bug #925298)
+ [stretch] - ceilometer (Vulnerable code not present)
[jessie] - ceilometer (vulnerable code is not present)
NOTE: https://bugs.launchpad.net/ceilometer/+bug/1811098/
+ NOTE: Introduced in
https://github.com/openstack/ceilometer/commit/50415c0d08a3199d2280f3638dd121779585f0fe
(10.0.0.0)
CVE-2019-3829 (A vulnerability was found in gnutls versions from 3.5.8 before
3.6.7. ...)
[experimental] - gnutls28 3.6.7-1
- gnutls28 3.6.7-2
@@ -40046,7 +40051,8 @@ CVE-2018-15518 (QXmlStream in Qt 5.x before 5.11.3 has
a double-free or corrupti
{DSA-4374-1 DLA-1627-1}
[experimental] - qtbase-opensource-src 5.11.3+dfsg-1
- qtbase-opensource-src 5.11.3+dfsg-2
- - qt4-x11 4:4.8.7+dfsg-18
+ - qt4-x11 4:4.8.7+dfsg-18 (low)
+ [stretch] - qt4-x11 (Minor issue)
NOTE:
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
NOTE: https://codereview.qt-project.org/#/c/236691/
CVE-2018-15517 (The MailConnect feature on D-Link Central WiFiManager CWM-100
1.03 r00 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/16b9a77857efa08bf29299ea4ebbc0e7e58955d5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/16b9a77857efa08bf29299ea4ebbc0e7e58955d5
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 43244272 by Moritz Muehlenhoff at 2019-04-07T20:22:52Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1847,6 +1847,7 @@ CVE-2019-131 (A disk space or quota exhaustion issue exists in article2pdf_g CVE-2018-20815 [device_tree: heap buffer overflow while loading device tree blob] RESERVED - qemu 1:3.1+dfsg-7 + [stretch] - qemu (Minor issue) - qemu-kvm NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=da885fe1ee8b4589047484bd7fa05a4905b52b17 NOTE: https://www.openwall.com/lists/oss-security/2019/03/27/1 @@ -5081,18 +5082,22 @@ CVE-2019-9088 CVE-2019-9087 RESERVED - hoteldruid 2.3.2-1 + [stretch] - hoteldruid (Minor issue) [jessie] - hoteldruid (low popcon, not used by any sponsor) CVE-2019-9086 RESERVED - hoteldruid 2.3.2-1 + [stretch] - hoteldruid (Minor issue) [jessie] - hoteldruid (low popcon, not used by any sponsor) CVE-2019-9085 RESERVED - hoteldruid 2.3.2-1 + [stretch] - hoteldruid (Minor issue) [jessie] - hoteldruid (low popcon, not used by any sponsor) CVE-2019-9084 RESERVED - hoteldruid 2.3.2-1 + [stretch] - hoteldruid (Minor issue) [jessie] - hoteldruid (low popcon, not used by any sponsor) CVE-2019-9083 (SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanage ...) NOT-FOR-US: SQLiteManager @@ -14036,6 +14041,7 @@ CVE-2019-5422 (XSS in buttle npm package version 0.2.0 causes execution of attac TODO: check CVE-2019-5421 (Plataformatec Devise version 4.5.0 and earlier, using the lockable mod ...) - ruby-devise (bug #926348) + [stretch] - ruby-devise (Minor issue) NOTE: https://github.com/plataformatec/devise/issues/4981 NOTE: https://github.com/plataformatec/devise/pull/4996 CVE-2019-5420 (A remote code execution vulnerability in development mode Rails 5. ...) @@ -17158,7 +17164,8 @@ CVE-2019-3888 CVE-2019-3887 RESERVED CVE-2019-3886 (An incorrect permissions check was discovered in libvirt 4.8.0 and abo ...) - - libvirt 5.0.0-2 (bug #926418) + - libvirt 5.0.0-2 (low; bug #926418) + [stretch] - libvirt (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1694880 NOTE: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1131595#c3 @@ -17376,6 +17383,7 @@ CVE-2019-3828 (Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a NOTE: https://github.com/ansible/ansible/pull/52133 CVE-2019-3827 (An incorrect permission check in the admin backend in gvfs before vers ...) - gvfs 1.38.1-3 (bug #921816) + [stretch] - gvfs (Minor issue) [jessie] - gvfs (Vulnerable code not present) NOTE: https://gitlab.gnome.org/GNOME/gvfs/issues/355 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665578 @@ -29122,12 +29130,14 @@ CVE-2019-0163 CVE-2019-0162 RESERVED CVE-2019-0161 (Stack overflow in XHCI for EDK II may allow an unauthenticated user to ...) - - edk2 0~20180803.dd4cae4d-1 + - edk2 0~20180803.dd4cae4d-1 (low) + [stretch] - edk2 (Minor issue) [jessie] - edk2 (non-free, not used by any sponsor) NOTE: https://github.com/tianocore/edk2/commit/acebdf14c985c5c9f50b37ece0b15ada87767359 NOTE: https://github.com/tianocore/edk2/commit/72750e3bf9174f15c17e78f0f117b5e7311bb49f CVE-2019-0160 (Buffer overflow in system firmware for EDK II may allow unauthenticate ...) - - edk2 0~20181115.85588389-1 + - edk2 0~20181115.85588389-1 (low) + [stretch] - edk2 (Minor issue) [jessie] - edk2 (non-free, not used by any sponsor) NOTE: https://github.com/tianocore/edk2/commit/4df8f5bfa28b8b881e506437e8f08d92c1a00370 NOTE: https://github.com/tianocore/edk2/commit/b9ae1705adfdd43668027a25a2b03c2e81960219 @@ -46812,6 +46822,7 @@ CVE-2018-12480 (Mitigates an XSS issue in NetIQ Access Manager versions prior to NOT-FOR-US: NetIQ Access Manager CVE-2018-12479 (A Improper Input Validation vulnerability in Open Build Service allows ...) - open-build-service 2.9.4-1 (bug #911797) + [stretch] - open-build-service (Minor issue) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108435 NOTE: https://github.com/openSUSE/open-build-service/pull/5880 NOTE: https://github.com/openSUSE/open-build-service/commit/01b015ca2a320afc4fae823465d1e72da8bd60df @@ -46842,12 +46853,14 @@ CVE-2018-12468 (A vulnerability in the administration console of Micro Focus Gro NOT-FOR-US: Micro Focus CVE-2018-12467 (Authorized
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 0d809ab0 by Moritz Muehlenhoff at 2019-04-04T20:56:35Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1316,7 +1316,8 @@ CVE-2019-10271 CVE-2019-10270 RESERVED CVE-2019-10269 (BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based b ...) - - bwa 0.7.17-3 (bug #926014) + - bwa 0.7.17-3 (low; bug #926014) + [stretch] - bwa (Minor issue) [jessie] - bwa (vulnerable code is not present) NOTE: https://github.com/lh3/bwa/pull/232 NOTE: https://github.com/lh3/bwa/commit/20d0a13092aa4cb73230492b05f9697d5ef0b88e @@ -1898,6 +1899,7 @@ CVE-2019-10019 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the - xpdf (xpdf in Debian uses poppler, which is not affected or fixed) CVE-2019-10018 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) - poppler (bug #926133) + [stretch] - poppler (Minor issue) NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3=41276 (PostScriptFunction::e...@function.cc:1374-42___FPE PoC) CVE-2019-10017 (CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, ...) NOT-FOR-US: CMS Made Simple @@ -17273,6 +17275,7 @@ CVE-2019-3821 (A flaw was found in the way civetweb frontend was handling reques NOTE: https://github.com/ceph/civetweb/pull/33 CVE-2019-3820 (It was discovered that the gnome-shell lock screen since version 3.15. ...) - gnome-shell 3.30.2-3 (bug #921490) + [stretch] - gnome-shell (Minor issue) [jessie] - gnome-shell (Vulnerable code not present) NOTE: Introduced by: https://bugzilla.gnome.org/show_bug.cgi?id=745039 NOTE: Introduced by: https://gitlab.gnome.org/GNOME/gnome-shell/commit/c79d24b60e773262091023feb6ee1b3deef1c471 @@ -111633,7 +111636,8 @@ CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurat NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667 NOTE: https://github.com/eclipse/jetty.project/commit/a285deea CVE-2017-7655 (In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vu ...) - - mosquitto 1.5.4-1 + - mosquitto 1.5.4-1 (low) + [stretch] - mosquitto (Minor issue) [jessie] - mosquitto (Minor issue) NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=533775 NOTE: https://github.com/eclipse/mosquitto/commit/79a7b36d207c9142468a7ea33695a14181a9fd24 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d809ab06890cc27fea452c8b3a0812e89ee5607 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d809ab06890cc27fea452c8b3a0812e89ee5607 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 73941fc3 by Moritz Muehlenhoff at 2019-03-04T21:36:52Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -39,8 +39,9 @@ CVE-2019-9550 (DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. . CVE-2019-9549 (An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the ...) NOT-FOR-US: PopojiCMS CVE-2019- [insecure use of /tmp] - - bubblewrap 0.3.1-3 (bug #923557) + - bubblewrap 0.3.1-3 (unimportant; bug #923557) NOTE: https://github.com/projectatomic/bubblewrap/issues/304 + NOTE: Negligable security impact CVE-2019-1002100 [kube-apiserver: DoS with crafted patch of type json-patch] - kubernetes (bug #923686) NOTE: https://github.com/kubernetes/kubernetes/issues/74534 @@ -5336,6 +5337,7 @@ CVE-2019-7252 CVE-2019-7251 [Remote crash vulnerability with SDP protocol violation] RESERVED - asterisk (bug #923690) + [stretch] - asterisk (Vulnerable code not present) [jessie] - asterisk (Vulnerable code introduced later) NOTE: https://downloads.asterisk.org/pub/security/AST-2019-001.html CVE-2019-7250 (An issue was discovered in the Cross Reference Add-on 36 for Google ...) @@ -8953,7 +8955,8 @@ CVE-2018-20685 (In OpenSSH 7.9, scp.c in the scp client allows remote SSH server CVE-2018-20682 (Fork CMS 5.0.6 allows stored XSS via the private/en/settings ...) NOT-FOR-US: Fork CMS CVE-2018-20681 (mate-screensaver before 1.20.2 in MATE Desktop Environment allows ...) - - mate-screensaver 1.20.2-1 + - mate-screensaver 1.20.2-1 (low) + [stretch] - mate-screensaver (Minor issue) [jessie] - mate-screensaver (Vulnerability only manifests when built against GTK-3.22) NOTE: https://github.com/mate-desktop/mate-screensaver/issues/152 NOTE: https://github.com/mate-desktop/mate-screensaver/issues/155 @@ -12991,6 +12994,7 @@ CVE-2019-3842 RESERVED CVE-2019-3841 RESERVED + NOT-FOR-US: KubeVirt CVE-2019-3840 [NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function] RESERVED - libvirt 5.0.0-1 @@ -43241,6 +43245,8 @@ CVE-2018-12180 [Buffer Overflow in BlockIo service for RAM disk] NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037248.html NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037249.html NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037250.html + NOTE: https://github.com/tianocore/edk2/commit/38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f + NOTE: https://github.com/tianocore/edk2/commit/fccdb88022c1f6d85c773fce506b10c879063f1d CVE-2018-12179 RESERVED CVE-2018-12178 [improper DNS packet size check] @@ -43248,6 +43254,7 @@ CVE-2018-12178 [improper DNS packet size check] - edk2 [jessie] - edk2 (non-free is not supported) NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037251.html + NOTE: https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd CVE-2018-12177 (Improper directory permissions in the ZeroConfig service in Intel(R) ...) NOT-FOR-US: Intel PROSet/Wireless WiFi Software CVE-2018-12176 (Improper input validation in firmware for Intel NUC Kits may allow a ...) @@ -67370,9 +67377,10 @@ CVE-2018-3631 RESERVED CVE-2018-3630 [Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c] RESERVED - - edk2 + - edk2 (unimportant) [jessie] - edk2 (non-free is not supported) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683653 + NOTE: No security impact CVE-2018-3629 (Buffer overflow in event handler in Intel Active Management Technology ...) NOT-FOR-US: Intel CVE-2018-3628 (Buffer overflow in HTTP handler in Intel Active Management Technology ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73941fc35173e67bcacf7a932b1b751268133af8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73941fc35173e67bcacf7a932b1b751268133af8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2f24f90 by Moritz Muehlenhoff at 2019-03-01T19:07:14Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
@@ -558,10 +558,12 @@ CVE-2019-9211 (There is a reachable assertion abort in
the function ...)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683499
NOTE: Crash in CLI tool, no security impact
CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an
integer ...)
- - advancecomp (bug #923416)
+ - advancecomp (low; bug #923416)
+ [stretch] - advancecomp (Minor issue)
NOTE: https://sourceforge.net/p/advancemame/bugs/277/
CVE-2018-20797 (An issue was discovered in PoDoFo 0.9.6. There is an attempted
...)
- - libpodofo (bug #923415)
+ - libpodofo (low; bug #923415)
+ [stretch] - libpodofo (Minor issue)
[jessie] - libpodofo (Minor issue)
NOTE: https://sourceforge.net/p/podofo/tickets/34/
CVE-2019-9209 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER
and ...)
@@ -663,6 +665,7 @@ CVE-2019-9170
RESERVED
CVE-2019-9169 (In the GNU C Library (aka glibc or libc6) through 2.29, ...)
- glibc
+ [stretch] - glibc (Minor issue)
- eglibc
NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140
NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142
@@ -697,14 +700,16 @@ CVE-2019-9192 (** DISPUTED ** In the GNU C Library (aka
glibc or libc6) through
- eglibc (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24269
CVE-2018-20796 (In the GNU C Library (aka glibc or libc6) through 2.29, ...)
- - glibc
- - eglibc
+ - glibc (unimportant)
+ - eglibc (unimportant)
NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
NOTE:
https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html
+ NOTE: No treated as vulnerability:
https://sourceware.org/glibc/wiki/Security%20Exceptions
CVE-2009-5155 (In the GNU C Library (aka glibc or libc6) before 2.28,
parse_reg_exp in ...)
[experimental] - gnulib 20180621~6979c25-1
- gnulib
- glibc 2.28-1
+ [stretch] - glibc (Minor issue)
- eglibc
NOTE:
http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272
NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793
@@ -6428,6 +6433,7 @@ CVE-2019-6707 (PHPSHE 1.7 has SQL injection via the
admin.php?mod=productac
NOT-FOR-US: PHPSHE
CVE-2019-6706 (Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c.
For ...)
- lua5.3 (bug #920321)
+ [stretch] - lua5.3 (Minor issue, revisit when fixed
upstream)
- lua5.2 (Vulnerable code introduced later)
- lua5.1 (Vulnerable code introduced later)
- lua50 (Vulnerable code introduced later)
@@ -6991,7 +6997,8 @@ CVE-2019-6466
CVE-2019-6465 [Zone transfer controls for writable DLZ zones were not
effective]
RESERVED
{DLA-1697-1}
- - bind9 1:9.11.5.P4+dfsg-1 (bug #922955)
+ - bind9 1:9.11.5.P4+dfsg-1 (low; bug #922955)
+ [stretch] - bind9 (Can be fixed along in future DSA)
NOTE: https://kb.isc.org/docs/cve-2019-6465
NOTE:
https://gitlab.isc.org/isc-projects/bind9/commit/a9307de85e147f4756c75d15aa221d2262df7d67
CVE-2019-6464
@@ -14924,8 +14931,7 @@ CVE-2018-1000854 (esigate.org esigate version 5.2 and
earlier contains a CWE-74:
NOT-FOR-US: esigate
CVE-2018-1000852 (FreeRDP FreeRDP 2.0.0-rc3 released version before commit ...)
- freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1
- - freerdp
- [jessie] - freerdp (Vulnerable code not present)
+ - freerdp (Vulnerable code not present)
NOTE: https://github.com/FreeRDP/FreeRDP/issues/4866
NOTE: https://github.com/FreeRDP/FreeRDP/pull/4871
NOTE:
https://github.com/FreeRDP/FreeRDP/commit/baee520e3dd9be6511c45a14c5f5e77784de1471
@@ -44052,6 +44058,7 @@ CVE-2018-11784 (When the default servlet in Apache
Tomcat versions 9.0.0.M1 to 9
CVE-2018-11783 [Apache Traffic Server vulnerability with sslheader plugin]
RESERVED
- trafficserver 8.0.2+ds-1
+ [stretch] - trafficserver (Minor issue, experimental
plugin, will be fixed along in next DSA)
NOTE: https://github.com/apache/trafficserver/pull/4701
NOTE: https://www.openwall.com/lists/oss-security/2019/02/13/6
CVE-2018-11782
@@ -61434,7 +61441,8 @@ CVE-2018-5746
CVE-2018-5745 [An assertion failure can occur if a trust anchor rolls over to
an unsupported key algorithm when using managed-keys]
RESERVED
{DLA-1697-1}
- - bind9 1:9.11.5.P4+dfsg-1 (bug #922954)
+ - bind9 1:9.11.5.P4+dfsg-1 (low; bug
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 139a2cbf by Moritz Muehlenhoff at 2019-02-26T21:49:40Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -115,11 +115,9 @@ CVE-2019-9153 CVE-2019-9152 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul8 - TODO: check CVE-2019-9151 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul7 - TODO: check CVE-2019-9150 RESERVED CVE-2019-9149 @@ -1827,15 +1825,12 @@ CVE-2019-8399 CVE-2019-8398 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul6 - TODO: check CVE-2019-8397 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul5 - TODO: check CVE-2019-8396 (A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul4 - TODO: check CVE-2019-8395 (An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ...) NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus CVE-2019-8394 (Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows ...) @@ -20084,6 +20079,7 @@ CVE-2018-19609 (ShowDoc 2.4.1 allows remote attackers to obtain sensitive inform NOT-FOR-US: ShowDoc CVE-2018-19608 (Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a ...) - mbedtls 2.14.1-1 (bug #915796) + [stretch] - mbedtls (Minor issue) - polarssl NOTE: http://cat.eyalro.net/ NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released @@ -33057,6 +33053,7 @@ CVE-2018-15757 REJECTED CVE-2018-15756 (Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, ...) - libspring-java 4.3.21-1 (bug #911786) + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (vulnerable code introduced in later version) NOTE: https://pivotal.io/security/cve-2018-15756 CVE-2018-15755 (Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0, ...) @@ -45472,10 +45469,12 @@ CVE-2018-11041 (Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 NOT-FOR-US: Cloud Foundry CVE-2018-11040 (Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to ...) - libspring-java 4.3.19-1 + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (unable to find relevant commits) NOTE: https://pivotal.io/security/cve-2018-11040 CVE-2018-11039 (Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior ...) - libspring-java 4.3.19-1 + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (Minor issue) NOTE: https://pivotal.io/security/cve-2018-11039 CVE-2017-18270 (In the Linux kernel before 4.13.5, a local user could create keyrings ...) @@ -73518,6 +73517,7 @@ CVE-2018-1273 (Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2. NOT-FOR-US: Spring Data Commons CVE-2018-1272 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...) - libspring-java 4.3.19-1 (bug #895114) + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (vulnerable code not found) [wheezy] - libspring-java (Vulnerable broker code introduced in various commits re. https://github.com/spring-projects/spring-framework/blame/0009806debb578e884f6dc98bd1f2dc668020021/spring-messaging/src/main/java/org/springframework/messaging/simp/broker/DefaultSubscriptionRegistry.java) NOTE: https://pivotal.io/security/cve-2018-1272 @@ -73526,6 +73526,7 @@ CVE-2018-1271 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 pr NOTE: https://pivotal.io/security/cve-2018-1271 CVE-2018-1270 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...) - libspring-java 4.3.19-1 (bug #895114) + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (vulnerable code not found) [wheezy] - libspring-java (Vulnerable broker code introduced in various commits re. https://github.com/spring-projects/spring-framework/blame/0009806debb578e884f6dc98bd1f2dc668020021/spring-messaging/src/main/java/org/springframework/messaging/simp/broker/DefaultSubscriptionRegistry.java) NOTE: https://pivotal.io/security/cve-2018-1270 @@
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
babb564d by Moritz Muehlenhoff at 2019-02-22T19:57:12Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -1271,7 +1271,8 @@ CVE-2019-8402
CVE-2018-20782 (The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN
messages. ...)
NOT-FOR-US: WooCommerce plugin
CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x
before ...)
- - zabbix 1:3.0.17+dfsg-1
+ - zabbix 1:3.0.17+dfsg-1 (low)
+ [stretch] - zabbix (Minor issue)
NOTE: https://support.zabbix.com/browse/ZBX-10272
NOTE: https://support.zabbix.com/browse/ZBX-13133
CVE-2019-8401
@@ -5275,6 +5276,7 @@ CVE-2019-6690 [improper input validation in
gnupg.GPG.encrypt() and gnupg.GPG.de
RESERVED
{DLA-1675-1}
- python-gnupg 0.4.4-1
+ [stretch] - python-gnupg (Minor issue)
NOTE:
https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerability
NOTE:
https://github.com/vsajip/python-gnupg/commit/39eca266dd837e2ad89c94eb17b7a6f50b25e7cf#diff-88b99bb28683bd5b7e3a204826ead112
NOTE:
https://github.com/vsajip/python-gnupg/commit/3003b654ca1c29b0510a54b9848571b3ad57df19#diff-88b99bb28683bd5b7e3a204826ead112
@@ -6411,7 +6413,8 @@ CVE-2019-6246 (An issue was discovered in SVG++ (aka
svgpp) 1.2.3. After calling
NOTE: https://github.com/svgpp/svgpp/issues/70
CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as
used in ...)
{DLA-1656-1}
- - agg 1:2.4-r127+dfsg1-1 (bug #919322)
+ - agg 1:2.4-r127+dfsg1-1 (low; bug #919322)
+ [stretch] - agg (Minor issue)
- svgpp (bug #919321)
NOTE: https://github.com/svgpp/svgpp/issues/70
NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/
@@ -26578,6 +26581,7 @@ CVE-2018-1000808 (Python Cryptographic Authority
pyopenssl version Before 17.5.0
NOTE:
https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to
version ...)
- pyopenssl 17.5.0-1
+ [stretch] - pyopenssl (Minor issue)
[jessie] - pyopenssl (Minor issue, but also requires at least
cryptography 2.1.4 which exposes the X509_up_ref method)
NOTE: https://github.com/pyca/pyopenssl/pull/723
NOTE:
https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/babb564dff6eff5e7af22a5392f2ffe4d3ca4144
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/babb564dff6eff5e7af22a5392f2ffe4d3ca4144
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6680eaab by Moritz Muehlenhoff at 2019-02-20T22:01:13Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
@@ -1181,8 +1181,9 @@ CVE-2019-8383 (An issue was discovered in AdvanceCOMP
before 2.1. An invalid mem
CVE-2019-8382 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer
dereference ...)
NOT-FOR-US: Bento4
CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory
access ...)
- - tcpreplay (bug #922622)
+ - tcpreplay (unimportant; bug #922622)
NOTE: https://github.com/appneta/tcpreplay/issues/538
+ NOTE: Crash in a CLI tool, no security impact
CVE-2019-8380 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer
dereference ...)
NOT-FOR-US: Bento4
CVE-2019-8379 (An issue was discovered in AdvanceCOMP before 2.1. A NULL
pointer ...)
@@ -1190,11 +1191,13 @@ CVE-2019-8379 (An issue was discovered in AdvanceCOMP
before 2.1. A NULL pointer
CVE-2019-8378 (An issue was discovered in Bento4 1.5.1-628. A heap-based
buffer ...)
NOT-FOR-US: Bento4
CVE-2019-8377 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer
dereference ...)
- - tcpreplay (bug #922623)
+ - tcpreplay (unimportant; bug #922623)
NOTE: https://github.com/appneta/tcpreplay/issues/536
+ NOTE: Crash in a CLI tool, no security impact
CVE-2019-8376 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer
dereference ...)
- - tcpreplay (bug #922624)
+ - tcpreplay (unimportant; bug #922624)
NOTE: https://github.com/appneta/tcpreplay/issues/537
+ NOTE: Crash in a CLI tool, no security impact
CVE-2019-8375
RESERVED
CVE-2019-8374
@@ -4479,7 +4482,8 @@ CVE-2019-6977 (gdImageColorMatch in gd_color_match.c in
the GD Graphics Library
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77270
NOTE: Proposed patch:
https://gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced
CVE-2019-6976 (libvips before 8.7.4 writes to uninitialized memory locations
in ...)
- - vips 8.7.4-1
+ - vips 8.7.4-1 (low)
+ [stretch] - vips (Minor issue)
[jessie] - vips (Minor Issue)
NOTE:
https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
CVE-2019-6975 (Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x
before ...)
@@ -5700,6 +5704,9 @@ CVE-2019-6454 [systemd (PID1) crash with specially
crafted D-Bus message]
{DSA-4393-1 DLA-1684-1}
- systemd 240-6
NOTE: https://www.openwall.com/lists/oss-security/2019/02/18/3
+ NOTE:
https://github.com/systemd/systemd/commit/798ebaf9aea9b8ae3b8a0cc2702bc8de71acb3c6
+ NOTE:
https://github.com/systemd/systemd/commit/6d586a13717ae057aa1b4127400c3de61cd5b9e7
+ NOTE:
https://github.com/systemd/systemd/commit/f519a19bcd5afe674a9b8fc462cd77d8bad403c1
CVE-2019-6453 (mIRC before 7.55 allows remote command execution by using
argument ...)
NOT-FOR-US: mIRC
CVE-2019-6452
@@ -13014,37 +13021,44 @@ CVE-2018-20463 (An issue was discovered in the
JSmol2WP plugin 1.07 for WordPres
CVE-2018-20462 (An issue was discovered in the JSmol2WP plugin 1.07 for
WordPress. A ...)
NOT-FOR-US: JSmol2WP plugin for WordPress
CVE-2018-20461 (In radare2 prior to 3.1.1, core_anal_bytes in
libr/core/cmd_anal.c ...)
- - radare2 3.1.2+dfsg-1
+ - radare2 3.1.2+dfsg-1 (low)
+ [stretch] - radare2 (Minor issue)
[jessie] - radare2 (vulnerable code not present)
NOTE:
https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267
NOTE: https://github.com/radare/radare2/issues/12375
CVE-2018-20460 (In radare2 prior to 3.1.2, the parseOperands function in ...)
- - radare2 3.1.2+dfsg-1
+ - radare2 3.1.2+dfsg-1 (low)
+ [stretch] - radare2 (Minor issue)
[jessie] - radare2 (vulnerable code not present)
NOTE:
https://github.com/radare/radare2/commit/df167c7db545953bb7f71c72e98e7a3ca0c793bf
NOTE: https://github.com/radare/radare2/issues/12376
CVE-2018-20459 (In radare2 through 3.1.3, the armass_assemble function in ...)
- - radare2 3.2.1+dfsg-1 (bug #917322)
+ - radare2 3.2.1+dfsg-1 (low; bug #917322)
+ [stretch] - radare2 (Minor issue)
[jessie] - radare2 (vulnerable code not present)
NOTE:
https://github.com/radare/radare2/commit/e5c14c167b0dcf0a53d76bd50bacbbcc0dfc1ae7
NOTE: https://github.com/radare/radare2/issues/12418
CVE-2018-20458 (In radare2 prior to 3.1.1, r_bin_dyldcache_extract in ...)
- - radare2 3.1.2+dfsg-1
+ - radare2 3.1.2+dfsg-1 (low)
+ [stretch] - radare2 (Minor issue)
[jessie] - radare2 (vulnerable code not present)
NOTE:
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a9d86c13 by Moritz Muehlenhoff at 2019-02-19T21:16:37Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -3231,8 +3231,9 @@ CVE-2019-7444 CVE-2019-7443 [Insecure handling of arguments in helpers] RESERVED - kauth 5.54.0-2 (bug #921995) - [stretch] - kauth (Minor issue) + [stretch] - kauth (Minor issue, will be fixed in a point release) - kde4libs + [stretch] - kde4libs (Minor issue) NOTE: https://mail.kde.org/pipermail/kde-announce/2019-February/11.html NOTE: https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a CVE-2019-7442 @@ -29300,6 +29301,7 @@ CVE-2018-16868 (A Bleichenbacher type side-channel based padding oracle attack w NOTE: nettle version. CVE-2018-16867 (A flaw was found in qemu Media Transfer Protocol (MTP) before version ...) - qemu 1:3.1+dfsg-1 (bug #915884) + [stretch] - qemu (Vulnerable code not present) - qemu-kvm NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg00390.html NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c52d46e041b42bb1ee6f692e00a0abe37a9659f6 (master) = data/dsa-needed.txt = @@ -28,6 +28,9 @@ graphicsmagick libidn santiago proposed debdiffs for jessie and stretch -- +libpng1.6 + wait for final patch +-- libspring-java -- linux View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9d86c1336cad0d06ba9ece636395892232aecd4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9d86c1336cad0d06ba9ece636395892232aecd4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
90dc8906 by Moritz Muehlenhoff at 2019-02-18T22:27:35Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -2364,10 +2364,11 @@ CVE-2019-7754
CVE-2019-7753 (Verydows 2.0 has XSS via the
index.php?m=apic=statsa=count referrer ...)
NOT-FOR-US: Verydows
CVE-2018-20781 (In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the
user's ...)
- - gnome-keyring 3.28.0-1
+ - gnome-keyring 3.28.0-1 (unimportant)
NOTE:
https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781486
NOTE: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3
+ NOTE: Not a vulnerability, just a hardening patch
CVE-2019-7752
RESERVED
CVE-2019-7751
@@ -2613,6 +2614,7 @@ CVE-2019-7660
CVE-2019-7659 (Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to
cause a ...)
{DLA-1681-1}
- gsoap 2.8.75-1
+ [stretch] - gsoap (Minor issue)
- r-other-x4r
NOTE:
https://www.genivia.com/advisory.html#Bug_in_gSOAP_versions_2.7.0_to_2.8.74_for_applications_built_with_the_WITH_COOKIES_flag_enabled_
NOTE: https://lists.debian.org/debian-lts/2019/02/msg00131.html
@@ -12469,6 +12471,7 @@ CVE-2018-20594 (An issue was discovered in hsweb 3.0.4.
It is a reflected XSS ..
NOT-FOR-US: hsweb
CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer
overflow in ...)
- mxml
+ [stretch] - mxml (Minor issue)
[jessie] - mxml (Minor issue, only affects the mxmldoc tool)
NOTE:
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt
NOTE:
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt.err
(error output)
@@ -12478,6 +12481,7 @@ CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is
stack-based buffer overfl
NOTE: upstream tagged the issue with 'wontfix' and removed mxmldoc code
completely
CVE-2018-20592 (In Mini-XML (aka mxml) v2.12, there is a use-after-free in the
mxmlAdd ...)
- mxml
+ [stretch] - mxml (Minor issue)
[jessie] - mxml (Minor issue, only affected the mxmldoc tool)
NOTE:
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt
NOTE:
https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt.err
(error output)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/90dc8906034f1c907349984be86df87d8f404cff
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/90dc8906034f1c907349984be86df87d8f404cff
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 882875a5 by Moritz Muehlenhoff at 2019-02-15T19:53:32Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1406,12 +1406,14 @@ CVE-2019-7667 CVE-2019-7666 RESERVED CVE-2019-7665 (In elfutils 0.175, a heap-based buffer over-read was discovered in the ...) - - elfutils (bug #921880) + - elfutils (low; bug #921880) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24089 NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00049.html NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=de01cc6f9446187d69b9748bb3636361c79e77a4 CVE-2019-7664 (In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note ...) - - elfutils (bug #921881) + - elfutils (low; bug #921881) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24084 NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e65d91d21cb09d83b001fef9435e576ba447db32 CVE-2019-7663 (An Invalid Address dereference was discovered in ...) @@ -1479,19 +1481,27 @@ CVE-2019-7639 (An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. NOT-FOR-US: gsi-openssh-server (OpenSSH patched with openssh-7.9p1-gsissh.patch) CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4500 CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497 CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499 CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498 CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for ...) TODO: check @@ -1611,31 +1621,45 @@ CVE-2019-7579 RESERVED CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4494 CVE-2019-7577 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4492 CVE-2019-7576 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4490 CVE-2019-7575 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4493 CVE-2019-7574 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4496 CVE-2019-7573 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4491 CVE-2019-7572 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4495 CVE-2019-7571 RESERVED @@ -1973,9 +1997,10 @@ CVE-2019-7444 CVE-2019-7443 [Insecure handling of arguments in helpers] RESERVED - kauth
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9bbe4753 by Moritz Muehlenhoff at 2019-02-08T19:24:43Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -672,12 +672,14 @@ CVE-2019-121 (slixmpp version before commit
7cd73b594e8122dddf847953fcfc85ab
NOTE:
https://lab.louiz.org/poezio/slixmpp/commit/7cd73b594e8122dddf847953fcfc85ab4d316416
CVE-2019-120 (libarchive version commit
5a98dcf8a86364b3c2c469c85b93647dfb139961 ...)
{DLA-1668-1}
- - libarchive 3.3.3-4
+ - libarchive 3.3.3-4 (low)
+ [stretch] - libarchive (Minor issue)
NOTE: https://github.com/libarchive/libarchive/pull/1120
NOTE:
https://github.com/libarchive/libarchive/commit/8312eaa576014cd9b965012af51bc1f967b12423
CVE-2019-119 (libarchive version commit
bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 ...)
{DLA-1668-1}
- - libarchive 3.3.3-4
+ - libarchive 3.3.3-4 (low)
+ [stretch] - libarchive (Minor issue)
NOTE: https://github.com/libarchive/libarchive/pull/1120
NOTE:
https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
CVE-2019-117 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an
Incorrect ...)
@@ -8581,7 +8583,8 @@ CVE-2019-3826 [Stored DOM cross-site scripting (XSS)
attack via crafted URL]
[stretch] - prometheus (Only affects 2.1.0 onwards)
NOTE: https://github.com/prometheus/prometheus/pull/5163
CVE-2019-3825 (A vulnerability was discovered in gdm before 3.31.4. When timed
login ...)
- - gdm3
+ - gdm3 (low)
+ [stretch] - gdm3 (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/460
CVE-2019-3824
RESERVED
@@ -69492,6 +69495,7 @@ CVE-2018-1321 (An administrator with report and
template entitlements in Apache
CVE-2018-1320 (Apache Thrift Java client library versions 0.5.0 through 0.11.0
can ...)
{DLA-1662-1}
- libthrift-java 0.9.1-2.1 (bug #918736)
+ [stretch] - libthrift-java (Minor issue)
NOTE: https://issues.apache.org/jira/browse/THRIFT-4506
NOTE:
https://github.com/apache/thrift/commit/d973409661f820d80d72c0034d06a12348c8705e
CVE-2018-1319 (In Apache Allura prior to 1.8.1, attackers may craft URLs that
cause ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9bbe4753f3f59b50b2f6508f735fd369b8eb1f37
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9bbe4753f3f59b50b2f6508f735fd369b8eb1f37
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9c3d4031 by Moritz Muehlenhoff at 2019-02-02T05:06:10Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
@@ -352,12 +352,14 @@ CVE-2019-7151 (A NULL pointer dereference was discovered
in ...)
NOTE:
https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
NOTE:
https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
CVE-2019-7150 (An issue was discovered in elfutils 0.175. A segmentation fault
can ...)
- - elfutils (bug #920909)
+ - elfutils (low; bug #920909)
+ [stretch] - elfutils (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24103
NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00070.html
NOTE:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=da5c5336a1eaf519de246f7d9f0f5585e1d4ac59
CVE-2019-7149 (A heap-based buffer over-read was discovered in the function
...)
- - elfutils (bug #920910)
+ - elfutils (low; bug #920910)
+ [stretch] - elfutils (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24102
NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00068.html
NOTE:
https://sourceware.org/git/?p=elfutils.git;a=commit;h=2562759d6fe5b364fe224852e64e8bda39eb2e35
@@ -1200,7 +1202,8 @@ CVE-2017-18360 (In change_port_settings in
drivers/usb/serial/io_ti.c in the Lin
NOTE: Fixed by:
https://git.kernel.org/linus/6aeb75e6adfaed16e58780309613a578fe1ee90b
CVE-2017-18359 (PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows
remote ...)
{DLA-1653-1}
- - postgis 2.3.3+dfsg-1
+ - postgis 2.3.3+dfsg-1 (low)
+ [stretch] - postgis (Minor issue)
NOTE: https://trac.osgeo.org/postgis/ticket/3704
NOTE: https://trac.osgeo.org/postgis/changeset/15444
NOTE: https://trac.osgeo.org/postgis/changeset/15445
@@ -2034,7 +2037,8 @@ CVE-2019-6439 (examples/benchmark/tls_bench.c in a
benchmark tool in wolfSSL thr
NOTE: https://github.com/wolfSSL/wolfssl/issues/2032
NOTE: Issue only in example code
CVE-2019-6438 (SchedMD Slurm before 17.11.13 and 18.x before 18.08.5
mishandles 32-bit ...)
- - slurm-llnl (bug #920997)
+ - slurm-llnl (low; bug #920997)
+ [stretch] - slurm-llnl (Minor issue)
NOTE: https://www.schedmd.com/news.php?id=213
NOTE:
https://lists.schedmd.com/pipermail/slurm-announce/2019/18.html
CVE-2019-6437
@@ -8838,12 +8842,14 @@ CVE-2018-20555
CVE-2018-20554
RESERVED
CVE-2018-20553 (Tcpreplay before 4.3.1 has a heap-based buffer over-read in
get_l2len ...)
- - tcpreplay (bug #917574)
+ - tcpreplay (low; bug #917574)
+ [stretch] - tcpreplay (Minor issue)
[jessie] - tcpreplay (not used by any sponsor, hard to exploit)
NOTE: https://github.com/appneta/tcpreplay/issues/530
NOTE:
https://github.com/appneta/tcpreplay/pull/532/commits/6b830a1640ca20528032c89a4fdd8291a4d2d8b2
CVE-2018-20552 (Tcpreplay before 4.3.1 has a heap-based buffer over-read in
packet2tree ...)
- - tcpreplay (bug #917574)
+ - tcpreplay (low; bug #917574)
+ [stretch] - tcpreplay (Minor issue)
[jessie] - tcpreplay (not used by any sponsor, hard to exploit)
NOTE: https://github.com/appneta/tcpreplay/issues/530
NOTE:
https://github.com/appneta/tcpreplay/pull/532/commits/6b830a1640ca20528032c89a4fdd8291a4d2d8b2
@@ -18492,6 +18498,7 @@ CVE-2018-19518 (University of Washington IMAP Toolkit
2007f on UNIX, as used in
- php7.0 (bug #913836)
- php5
- uw-imap (bug #914632)
+ [stretch] - uw-imap (Minor issue)
NOTE: Fixed in 5.6.39, 7.0.33, 7.1.25, 7.2.13, 7.3.0
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76428
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77153
@@ -24537,7 +24544,8 @@ CVE-2018-17200
RESERVED
CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior,
mod_session checks ...)
{DLA-1647-1}
- - apache2 2.4.38-1 (bug #920303)
+ - apache2 2.4.38-1 (low; bug #920303)
+ [stretch] - apache2 (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2019/01/22/3
NOTE: 2.4.x http://svn.apache.org/r1851409
NOTE: 2.5.x http://svn.apache.org/r1850947
@@ -24566,7 +24574,8 @@ CVE-2018-17191 (Apache NetBeans (incubating) 9.0
NetBeans Proxy Auto-Configurati
CVE-2018-17190 (In all versions of Apache Spark, its standalone resource
manager ...)
NOT-FOR-US: Apache Spark
CVE-2018-17189 (In Apache HTTP server versions 2.4.37 and prior, by sending
request ...)
- - apache2 2.4.38-1 (bug #920302)
+ - apache2 2.4.38-1 (low; bug
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2f159f84 by Moritz Muehlenhoff at 2019-01-28T15:31:03Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1954,10 +1954,12 @@ CVE-2019-6132 (An issue was discovered in Bento4 v1.5.1-627. There is a memory l NOT-FOR-US: Bento4 CVE-2019-6131 (svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack ...) - mupdf 1.14.0+ds1-3 (bug #918970) + [stretch] - mupdf (Minor issue) NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700442 NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the ...) - mupdf 1.14.0+ds1-3 (bug #918971) + [stretch] - mupdf (Minor issue) NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700446 NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?faf47b94e24314d74907f3f6bc874105f2c962ed CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ...) @@ -1967,6 +1969,7 @@ CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory lea NOTE: Memory leak in CLI tool, no security impact CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory ...) - tiff + [stretch] - tiff (Minor issue) - tiff3 NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2836 CVE-2019-6127 (An issue was discovered in XiaoCms 20141229. It allows ...) = data/dsa-needed.txt = @@ -26,6 +26,8 @@ glusterfs graphicsmagick waiting for proper fix for CVE-2018-20185 -- +libgd2 +-- libidn santiago proposed debdiffs for jessie and stretch -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f159f84c6b28caf6671a1268a746307c05ca8a3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f159f84c6b28caf6671a1268a746307c05ca8a3 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
915804fa by Moritz Muehlenhoff at 2019-01-21T22:12:23Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
@@ -928,11 +928,12 @@ CVE-2019-6134
RESERVED
CVE-2019-6133 (In PolicyKit (aka polkit) 0.115, the start time
protection mechanism ...)
- policykit-1 0.105-25 (bug #918985)
+ [stretch] - policykit-1 (Minor issue, kernel mitigation will
land in next 4.9.x rebase)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1692
NOTE: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/19
NOTE:
https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81
NOTE: Issue can be mitigated in kernel with
- NOTE:
https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf
+ NOTE:
https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf (landed
in 4.9.150)
CVE-2019-6132 (An issue was discovered in Bento4 v1.5.1-627. There is a memory
leak in ...)
NOT-FOR-US: Bento4
CVE-2019-6131 (svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with
stack ...)
@@ -6966,7 +6967,8 @@ CVE-2018-20550
RESERVED
CVE-2018-20549 (There is an illegal WRITE memory access at caca/file.c
(function ...)
{DLA-1631-1}
- - libcaca (bug #917807)
+ - libcaca (low; bug #917807)
+ [stretch] - libcaca (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628
NOTE: https://github.com/cacalabs/libcaca/issues/41
NOTE: Fixed by:
https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
@@ -6979,13 +6981,15 @@ CVE-2018-20548 (There is an illegal WRITE memory access
at common-image.c (funct
NOTE: Debian binary packages built with the Imlib2 library
CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c
(function ...)
{DLA-1631-1}
- - libcaca (bug #917807)
+ - libcaca (low; bug #917807)
+ [stretch] - libcaca (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624
NOTE: https://github.com/cacalabs/libcaca/issues/39
NOTE: Fixed by:
https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
CVE-2018-20546 (There is an illegal READ memory access at caca/dither.c
(function ...)
{DLA-1631-1}
- - libcaca (bug #917807)
+ - libcaca (low; bug #917807)
+ [stretch] - libcaca (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622
NOTE: https://github.com/cacalabs/libcaca/issues/38
NOTE: Fixed by:
https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
@@ -6998,7 +7002,8 @@ CVE-2018-20545 (There is an illegal WRITE memory access
at common-image.c (funct
NOTE: Debian binary packages built with the Imlib2 library
CVE-2018-20544 (There is floating point exception at caca/dither.c (function
...)
{DLA-1631-1}
- - libcaca (bug #917807)
+ - libcaca (low; bug #917807)
+ [stretch] - libcaca (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627
NOTE: https://github.com/cacalabs/libcaca/issues/36
NOTE: Upstream fix:
https://github.com/cacalabs/libcaca/commit/84bd155087b93ab2d8d7cb5b1ac94ecd4cf4f93c
=
data/dsa-needed.txt
=
@@ -40,6 +40,8 @@ mbedtls
--
mercurial
--
+openjdk-8 (jmm)
+--
openjpeg2 (luciano)
--
openssh (corsac)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/915804fa12a0bde55db368b16581bbd89fe40adb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/915804fa12a0bde55db368b16581bbd89fe40adb
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b7e957b2 by Moritz Muehlenhoff at 2018-12-28T23:10:59Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -543,22 +543,28 @@ CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL NOTE: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4 NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause CVE-2018-20362 (A NULL pointer dereference was discovered in ifilter_bank of ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/26 CVE-2018-20361 (An invalid memory address dereference was discovered in the hf_assembly ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/30 CVE-2018-20360 (An invalid memory address dereference was discovered in the ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/32 CVE-2018-20359 (An invalid memory address dereference was discovered in the ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/29 CVE-2018-20358 (An invalid memory address dereference was discovered in the ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/31 CVE-2018-20357 (A NULL pointer dereference was discovered in sbr_process_channel of ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/28 CVE-2018-20356 RESERVED @@ -9290,7 +9296,8 @@ CVE-2018-19506 (Zurmo 3.2.4 has XSS via an admin's use of the name parameter in CVE-2018-19505 RESERVED CVE-2018-19504 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...) - - faad2 (bug #914641) + - faad2 (low; bug #914641) + [stretch] - faad2 (Minor issue) [jessie] - faad2 (Minor issue) NOTE: https://sourceforge.net/p/faac/bugs/240/ CVE-2018-19503 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...) @@ -20678,8 +20685,7 @@ CVE-2018-15127 (LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de co NOTE: https://github.com/LibVNC/libvncserver/commit/502821828ed00b4a2c4bef90683d0fd88ce495de NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/ CVE-2018-15126 (LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains ...) - - libvncserver (bug #916941) - [jessie] - libvncserver (Vulnerable code not present) + - libvncserver (Vulnerable code introduced after 0.9.11 release) NOTE: https://github.com/LibVNC/libvncserver/issues/242 NOTE: https://github.com/LibVNC/libvncserver/commit/73cb96fec028a576a5a24417b57723b55854ad7b NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-027-libvnc-heap-use-after-free/ = data/dsa-needed.txt = @@ -19,6 +19,7 @@ ansible Maintainer is preparing updates -- faad2 + not yet fixed upstream -- glusterfs -- @@ -30,6 +31,8 @@ libidn -- libspring-java -- +libvncserver (jmm) +-- linux Wait until more issues have piled up -- @@ -48,6 +51,8 @@ smarty3 sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- +thunderbird (jmm) +-- vlc (jmm) Maintainer proposed to wait for 3.0.5 and release a DSA based on 3.0.5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b7e957b2a9683e5dad951168524f7b2bfe5e2dde -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b7e957b2a9683e5dad951168524f7b2bfe5e2dde You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 391de870 by Moritz Muehlenhoff at 2018-12-28T09:21:00Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,6 @@ CVE-2018-20551 (A reachable Object::getString assertion in Poppler 0.72.0 allows ...) - - poppler (bug #917525) + - poppler (low; bug #917525) + [stretch] - poppler (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/703 NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/7f87dc10b6adccd6d1b977a28b064add254aa2da CVE-2018-20550 @@ -4476,6 +4477,7 @@ CVE-2018-19977 RESERVED CVE-2018-19976 (In YARA 3.8.1, bytecode in a specially crafted compiled rule is ...) - yara 3.8.1-2 (bug #916932) + [stretch] - yara (Minor issue) [jessie] - yara (Minor issue) NOTE: https://github.com/VirusTotal/yara/issues/999 NOTE: https://bnbdr.github.io/posts/extracheese/ @@ -4484,6 +4486,7 @@ CVE-2018-19976 (In YARA 3.8.1, bytecode in a specially crafted compiled rule is NOTE: https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c CVE-2018-19975 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...) - yara 3.8.1-2 (bug #916932) + [stretch] - yara (Minor issue) [jessie] - yara (Minor issue) NOTE: https://github.com/VirusTotal/yara/issues/999 NOTE: https://bnbdr.github.io/posts/extracheese/ @@ -4492,6 +4495,7 @@ CVE-2018-19975 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can NOTE: https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c CVE-2018-19974 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...) - yara 3.8.1-2 (bug #916932) + [stretch] - yara (Minor issue) [jessie] - yara (Minor issue) NOTE: https://github.com/VirusTotal/yara/issues/999 NOTE: https://bnbdr.github.io/posts/extracheese/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/391de87091db0cb79ae82ee6f3e6a5e2bf77844a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/391de87091db0cb79ae82ee6f3e6a5e2bf77844a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e707d541 by Moritz Muehlenhoff at 2018-12-27T11:03:52Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -528,7 +528,8 @@ CVE-2018-1000872 (OpenKMIP PyKMIP version All versions before 0.8.0 contains a C NOTE: https://github.com/OpenKMIP/PyKMIP/commit/3a7b880bdf70d295ed8af3a5880bab65fa6b3932 NOTE: https://github.com/OpenKMIP/PyKMIP/issues/430 CVE-2018-1000871 (HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL ...) - - hoteldruid (bug #917099) + - hoteldruid (low; bug #917099) + [stretch] - hoteldruid (Minor issue) NOTE: https://www.exploit-db.com/exploits/45976 CVE-2018-1000870 (PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in ...) - phpipam (bug #731713) @@ -5464,9 +5465,11 @@ CVE-2018-19874 RESERVED CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer ...) [experimental] - qtbase-opensource-src 5.11.3+dfsg-1 - - qtbase-opensource-src 5.11.3+dfsg-2 + - qtbase-opensource-src 5.11.3+dfsg-2 (low) + [stretch] - qtbase-opensource-src (Minor issue) [jessie] - qtbase-opensource-src (Minor issue) - - qt4-x11 + - qt4-x11 (low) + [stretch] - qt4-x11 (Minor issue) [jessie] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/238749/ @@ -5787,6 +5790,7 @@ CVE-2018-19759 (There is a heap-based buffer over-read at stb_image_write.h (fun TODO: check CVE-2018-19758 (There is a heap-based buffer over-read at wav.c in wav_write_header in ...) - libsndfile + [stretch] - libsndfile (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643812 CVE-2018-19757 (There is a NULL pointer dereference at function ...) TODO: check View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e707d541c32ae329230c73e4b4aec67c8fb0d11d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e707d541c32ae329230c73e4b4aec67c8fb0d11d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f77a7f98 by Moritz Muehlenhoff at 2018-12-26T11:08:12Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,6 @@ CVE-2018-20481 (XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef ...) - - poppler (bug #917325) + - poppler (low; bug #917325) + [stretch] - poppler (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/692 NOTE: Proposed fix: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143 CVE-2018-20480 (An issue was discovered in S-CMS 1.0. It allows SQL Injection via the ...) @@ -29,7 +30,8 @@ CVE-2018-20469 CVE-2018-20468 RESERVED CVE-2018-20467 (In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can ...) - - imagemagick (bug #917326) + - imagemagick (low; bug #917326) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1408 NOTE: https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb CVE-2018-20466 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f77a7f98f51bacb86e99573d6a66e29e6148daca -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f77a7f98f51bacb86e99573d6a66e29e6148daca You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 286cfb1b by Moritz Muehlenhoff at 2018-12-14T08:34:28Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2323,9 +2323,11 @@ CVE-2018-19872 RESERVED CVE-2018-19871 [QImage: QTgaFile CPU exhaustion] RESERVED - - qtimageformats-opensource-src + - qtimageformats-opensource-src (low) + [stretch] - qtimageformats-opensource-src (Minor issue) [jessie] - qtimageformats-opensource-src (Minor issue) - - qt4-x11 + - qt4-x11 (low) + [stretch] - qt4-x11 (Minor issue) [jessie] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/237761/ @@ -2333,8 +2335,10 @@ CVE-2018-19871 [QImage: QTgaFile CPU exhaustion] CVE-2018-19870 [Check for QImage allocation failure in qgifhandler] RESERVED [experimental] - qtbase-opensource-src 5.11.3+dfsg-1 - - qtbase-opensource-src - - qt4-x11 + - qtbase-opensource-src (low) + [stretch] - qtbase-opensource-src (Minor issue) + - qt4-x11 (low) + [stretch] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/235998/ NOTE: affected code can be in src/gui/image/qgifhandler.cpp or in @@ -77229,8 +77233,8 @@ CVE-2017-11431 RESERVED CVE-2017-11430 RESERVED - - ruby-omniauth-saml 1.10.0-1 (bug #892864) - NOTE: fixed in 1.10.0 + - ruby-omniauth-saml (The actual vulnerability is in ruby-saml, which is used by the Debian package) + NOTE: The change in 1.10.0 simply bumps the version requirement NOTE: https://github.com/omniauth/omniauth-saml/issues/156 NOTE: https://github.com/omniauth/omniauth-saml/pull/157 NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/286cfb1bc87594ec4ccf1c5b18cfdf76b4915d4c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/286cfb1bc87594ec4ccf1c5b18cfdf76b4915d4c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f6871666 by Moritz Muehlenhoff at 2018-12-12T21:01:32Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -42,6 +42,7 @@ CVE-2018-20094 (An issue was discovered in XXL-CONF 1.6.0. There is a path trave TODO: check CVE-2018- [response discrepancy information exposure] - mini-httpd (bug #916190) + [stretch] - mini-httpd (Minor issue) NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2018-01.md CVE-2018-20093 RESERVED @@ -111,6 +112,7 @@ CVE-2018-20061 (A SQL injection issue was discovered in ERPNext 10.x and 11.x th NOT-FOR-US: Frappe ERPNext CVE-2018-20060 (urllib3 before version 1.23 does not remove the Authorization HTTP ...) - python-urllib3 1.24-1 + [stretch] - python-urllib3 (Minor issue) NOTE: https://github.com/urllib3/urllib3/issues/1316 NOTE: https://github.com/urllib3/urllib3/pull/1346 NOTE: https://github.com/urllib3/urllib3/commit/3d7f98b07b6e6e04c2e89cdf5afb18024a2d804c @@ -5792,6 +5794,7 @@ CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the . CVE-2018-19516 RESERVED - kf5-messagelib (bug #915039) + [stretch] - kf5-messagelib (Minor issue) NOTE: https://www.kde.org/info/security/advisory-20181128-1.txt NOTE: https://cgit.kde.org/messagelib.git/commit/?id=34765909cdf8e55402a8567b48fb288839c61612 CVE-2018-19515 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6871666eceba4cdeb1b65f2573b4e75950a8039 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6871666eceba4cdeb1b65f2573b4e75950a8039 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 023a7b50 by Moritz Muehlenhoff at 2018-12-07T20:09:18Z stretch triage mark sqlite3 as untermined for now, this could be entirely limited to Chromiums use of sqlite recheck once details are available - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1541,8 +1541,9 @@ CVE-2018-19657 CVE-2018-19656 RESERVED CVE-2018-19655 (A stack-based buffer overflow in the find_green() function of dcraw ...) - - ufraw 0.22-3.1 (bug #890086) - - dcraw 9.28-2 (bug #906529) + - ufraw 0.22-3.1 (unimportant; bug #890086) + - dcraw 9.28-2 (unimportant; bug #906529) + NOTE: No security impact, crash in CLI tool CVE-2018-19654 (An issue was discovered in Sales Company Management System (SCMS) ...) NOT-FOR-US: Sales & Company Management System (SCMS) CVE-2018-19653 @@ -4607,7 +4608,8 @@ CVE-2018-19499 (Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code . CVE-2018-19498 RESERVED CVE-2018-19497 (In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c ...) - - sleuthkit (bug #914796) + - sleuthkit (low; bug #914796) + [stretch] - sleuthkit (Minor issue) NOTE: https://github.com/sleuthkit/sleuthkit/pull/1374 NOTE: https://github.com/sleuthkit/sleuthkit/commit/bc04aa017c0bd297de8a3b7fc40ffc6bb95d CVE-2018-19496 @@ -7776,7 +7778,7 @@ CVE-2018-18345 - chromium 71.0.3578.80-1 CVE-2018-18344 RESERVED - - sqlite3 + - sqlite3 - chromium 71.0.3578.80-1 CVE-2018-18343 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/023a7b507343ea3133d50b66abc21c737f493aa9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/023a7b507343ea3133d50b66abc21c737f493aa9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c7983a12 by Moritz Muehlenhoff at 2018-12-07T18:33:56Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
@@ -1035,7 +1035,8 @@ CVE-2018-19870 [Check for QImage allocation failure in
qgifhandler]
TODO: check for completeness
CVE-2018-19869 [Fix crash when parsing malformed url reference]
RESERVED
- - qtsvg-opensource-src
+ - qtsvg-opensource-src (low)
+ [stretch] - qtsvg-opensource-src (Minor issue)
NOTE:
https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/
NOTE: https://codereview.qt-project.org/#/c/234142/
TODO: check for completeness, possibly as well qt4-x11
@@ -1098,11 +1099,13 @@ CVE-2018-19845
CVE-2018-19844
RESERVED
CVE-2018-19843 (opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0
allows ...)
- - radare2 3.1.0+dfsg-1
+ - radare2 3.1.0+dfsg-1 (low)
+ [stretch] - radare2 (Minor issue)
NOTE:
https://github.com/radare/radare2/commit/f17bfd9f1da05f30f23a4dd05e9d2363e1406948
NOTE: https://github.com/radare/radare2/issues/12242
CVE-2018-19842 (getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0
allows ...)
- - radare2 3.1.0+dfsg-1
+ - radare2 3.1.0+dfsg-1 (low)
+ [stretch] - radare2 (Minor issue)
NOTE:
https://github.com/radare/radare2/commit/66191f780863ea8c66ace4040d0d04a8842e8432
NOTE: https://github.com/radare/radare2/issues/12239
CVE-2018-19841 (The function WavpackVerifySingleBlock in open_utils.c in
libwavpack.a ...)
@@ -1251,6 +1254,7 @@ CVE-2018-19788 (A flaw was found in PolicyKit (aka
polkit) 0.115 that allows a u
NOTE:
https://gitlab.freedesktop.org/polkit/polkit/commit/b534a10727455409acd54018a9c91000e7626126
CVE-2018-19787 (An issue was discovered in lxml before 4.2.5.
lxml/html/clean.py in the ...)
- lxml 4.2.5-1
+ [stretch] - lxml (Minor issue)
NOTE: Fixed by:
https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109
(lxml-4.2.5)
CVE-2018-19786 (HashiCorp Vault before 1.0.0 writes the master key to the
server log in ...)
NOT-FOR-US: HashiCorp Vault
@@ -4629,18 +4633,21 @@ CVE-2018-19492 (An issue was discovered in cairo.trm in
Gnuplot 5.2.5. This issu
NOTE: https://sourceforge.net/p/gnuplot/bugs/2089/
NOTE:
https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
NOTE: No security impact, neutralised by toolchain hardening
+ NOTE: No security impact, gnuplot can execute arbitrary commands and
need to come from a trusted source
CVE-2018-19491 (An issue was discovered in post.trm in Gnuplot 5.2.5. This
issue allows ...)
{DLA-1597-1 DLA-1595-1}
- - gnuplot
- - gnuplot5
+ - gnuplot (unimportant)
+ - gnuplot5 (unimportant)
NOTE: https://sourceforge.net/p/gnuplot/bugs/2094/
NOTE:
https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
+ NOTE: No security impact, gnuplot can execute arbitrary commands and
need to come from a trusted source
CVE-2018-19490 (An issue was discovered in datafile.c in Gnuplot 5.2.5. This
issue ...)
{DLA-1597-1 DLA-1595-1}
- - gnuplot
- - gnuplot5
+ - gnuplot (unimportant)
+ - gnuplot5 (unimportant)
NOTE: https://sourceforge.net/p/gnuplot/bugs/2093/
NOTE:
https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
+ NOTE: No security impact, gnuplot can execute arbitrary commands and
need to come from a trusted source
CVE-2018-19489 [9pfs: crash due to race condition in renaming files]
RESERVED
- qemu (bug #914727)
@@ -5001,14 +5008,16 @@ CVE-2018-19359 [Unauthorized service template creation]
- gitlab 11.3.10+dfsg-2 (bug #914166)
NOTE:
https://about.gitlab.com/2018/11/19/critical-security-release-gitlab-11-dot-4-dot-6-released/
CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve
login ...)
- - gnome-keyring (bug #914154)
- [jessie] - gnome-keyring (The current design works as expected)
+ - gnome-keyring (unimportant; bug #914154)
NOTE:
https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1780365
NOTE: https://github.com/sungjungk/keyring_crack
NOTE: The default keyring is automatically unlocked upon successful
login.
NOTE: The current behavior to access passwords via DBus is expected but
NOTE: cannot be compromised by another user on the system. Users can
choose
NOTE: to use a separate keyring if they prefer to be prompted.
+ NOTE: Non issue
+ NOTE:
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fc3ae5c3 by Moritz Muehlenhoff at 2018-11-28T16:11:53Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -2818,7 +2818,8 @@ CVE-2018-19534 CVE-2018-19533 RESERVED CVE-2018-19532 (A NULL pointer dereference vulnerability exists in the function ...) - - libpodofo + - libpodofo (low) + [stretch] - libpodofo (Minor issue) NOTE: https://sourceforge.net/p/podofo/tickets/32/ CVE-2018-19531 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote ...) TODO: check @@ -2845,8 +2846,9 @@ CVE-2018-19521 CVE-2018-19520 (An issue was discovered in SDCMS 1.6 with PHP 5.x. ...) NOT-FOR-US: SDCMS CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the ...) - - tcpdump + - tcpdump (unimportant) NOTE: https://github.com/zyingp/temp/blob/master/tcpdump.md + NOTE: Crash in CLI tool, no security impact CVE-2018-19516 RESERVED CVE-2018-19515 = data/dsa-needed.txt = @@ -50,7 +50,7 @@ smarty3 sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- -tiff +tiff (jmm) -- xen -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fc3ae5c34dae0f2551dd0eb64818ba3a56b17f18 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fc3ae5c34dae0f2551dd0eb64818ba3a56b17f18 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f2f0f309 by Moritz Muehlenhoff at 2018-11-16T16:16:33Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
@@ -1110,6 +1110,7 @@ CVE-2018-18957 (An issue has been found in libIEC61850
v1.3. It is a stack-based
NOT-FOR-US: libIEC61850
CVE-2018-18956 (The ProcessMimeEntity function in util-decode-mime.c in
Suricata 4.x ...)
- suricata
+ [stretch] - suricata (Minor issue)
[jessie] - suricata (Vulnerable code not present, no
MIME support in this version)
NOTE:
https://lists.openinfosecfoundation.org/pipermail/oisf-users/2018-October/016227.html
NOTE: https://redmine.openinfosecfoundation.org/issues/2658#change-10374
@@ -66297,6 +66298,7 @@ CVE-2017-12873 (SimpleSAMLphp 1.7.0 through 1.14.10
might allow attackers to obt
CVE-2017-12872 (The (1) Htpasswd authentication source in the authcrypt module
and (2) ...)
{DLA-1408-1 DLA-1205-1}
- simplesamlphp 1.14.15-1
+ [stretch] - simplesamlphp (Minor issue)
NOTE: https://simplesamlphp.org/security/201703-01
NOTE: Patches:
https://github.com/simplesamlphp/simplesamlphp/commit/ab7761d4a523a4ed00479fb1ddba688e7ca72439
NOTE:
https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1
@@ -66318,6 +66320,7 @@ CVE-2017-12869 (The multiauth module in SimpleSAMLphp
1.14.13 and earlier allows
CVE-2017-12868 (The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in
...)
{DLA-1408-1 DLA-1205-1}
- simplesamlphp 1.14.15-1
+ [stretch] - simplesamlphp (Only affects setups with old
PHP versions not found in stable)
NOTE: https://simplesamlphp.org/security/201705-01
NOTE: Patch:
https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1
CVE-2017-12867 (The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp
1.14.14 ...)
=
data/dsa-needed.txt
=
@@ -56,6 +56,8 @@ pdns
php7.0
wait until more severe issues have come up
--
+simplesamlphp
+--
smarty3
--
sssd
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f2f0f309ffad00946b79b2e0c8f89c88d2d2de43
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f2f0f309ffad00946b79b2e0c8f89c88d2d2de43
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 051203e2 by Moritz Muehlenhoff at 2018-11-13T21:39:16Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -691,7 +691,8 @@ CVE-2018-19059 (An issue was discovered in Poppler 0.71.0. There is a out-of-bou NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/77a30e94d96220d7e22dff5b3f0a7f296f01b118 NOTE: Issue in pdfdetach cli tool leading to crash CVE-2018-19058 (An issue was discovered in Poppler 0.71.0. There is a reachable abort ...) - - poppler (bug #913177) + - poppler (low; bug #913177) + [stretch] - poppler (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/659 NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/6912e06d9ab19ba28991b5cab3319d61d856bd6d CVE-2018-19057 (SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG ...) @@ -11159,9 +11160,11 @@ CVE-2018-14775 (tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has NOT-FOR-US: OpenBSD CVE-2018-14774 (An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, ...) - symfony 3.4.14+dfsg-1 + [stretch] - symfony (Minor issue) NOTE: https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache CVE-2018-14773 (An issue was discovered in Http Foundation in Symfony 2.7.0 through ...) - symfony 3.4.14+dfsg-1 + [stretch] - symfony (Minor issue) NOTE: https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers CVE-2018-14772 (Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution ...) - ajaxplorer (bug #668381) @@ -70267,9 +70270,11 @@ CVE-2017-11429 CVE-2017-11428 RESERVED - ruby-saml 1.7.2-1 (bug #892865) + [stretch] - ruby-saml (Minor issue) NOTE: fixed in 1.7.0 NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations NOTE: https://www.kb.cert.org/vuls/id/475445 + NOTE: https://github.com/onelogin/ruby-saml/commit/048a544730930f86e46804387a6b6fad50d8176f CVE-2017-11427 RESERVED NOT-FOR-US: OneLogin python-saml = data/dsa-needed.txt = @@ -63,8 +63,6 @@ smarty3 sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- -symfony --- tiff -- xml-security-c View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/051203e2349b49327f0da2e6d7192245057b0785 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/051203e2349b49327f0da2e6d7192245057b0785 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a4af964f by Moritz Muehlenhoff at 2018-11-11T21:43:22Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -163,10 +163,12 @@ CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended NOT-FOR-US: tianti CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD ...) - exiv2 (bug #913272) + [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/426 NOTE: https://github.com/Exiv2/exiv2/pull/518 CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from ...) - exiv2 (bug #913273) + [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/427 NOTE: https://github.com/Exiv2/exiv2/pull/518 CVE-2018-19106 = data/dsa-needed.txt = @@ -20,6 +20,8 @@ ansible -- ceph -- +chromium-browser +-- glusterfs -- gnutls28 @@ -42,10 +44,14 @@ mariadb-10.1/stable -- mercurial -- +mkvtoolnix +-- openjpeg2 (luciano) -- passenger -- +pdns +-- php7.0 wait until more severe issues have come up -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a4af964f0a88b3ef0ce742a345697a51c24cf857 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a4af964f0a88b3ef0ce742a345697a51c24cf857 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 584185ce by Moritz Muehlenhoff at 2018-10-29T21:22:43Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -191,8 +191,9 @@ CVE-2018-18720 (An XSS issue was discovered in index.php/admin/system/basic in Y CVE-2018-18719 RESERVED CVE-2018-18718 (An issue was discovered in gThumb through 3.6.2. There is a double-free ...) - - gthumb + - gthumb (unimportant) NOTE: https://gitlab.gnome.org/GNOME/gthumb/issues/18 + NOTE: Crash in end user application, no security impact CVE-2018-18717 (An issue was discovered in Eleanor CMS through 2015-03-19. XSS exists ...) NOT-FOR-US: Eleanor CMS CVE-2018-18716 @@ -4901,7 +4902,9 @@ CVE-2018-16791 RESERVED CVE-2018-16790 (_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in ...) - libbson + [stretch] - libbson (Minor issue) NOTE: https://jira.mongodb.org/browse/CDRIVER-2819 + NOTE: https://github.com/mongodb/mongo-c-driver/commit/0d9a4d98bfdf4acd2c0138d4aaeb4e2e0934bd84 CVE-2018-16789 RESERVED CVE-2018-16788 @@ -26714,7 +26717,8 @@ CVE-2018-8294 (A remote code execution vulnerability exists in the way that the CVE-2018-8293 RESERVED CVE-2018-8292 (An information disclosure vulnerability exists in .NET Core when ...) - - mono + NOT-FOR-US: .dotnet CoreFX + NOTE: https://github.com/dotnet/corefx/commit/56aae8a7076f283e334b88f642ef6bb7c59e02c3 CVE-2018-8291 (A remote code execution vulnerability exists in the way the scripting ...) NOT-FOR-US: Microsoft CVE-2018-8290 (A remote code execution vulnerability exists in the way that the ...) @@ -49832,7 +49836,9 @@ CVE-2018-0736 RESERVED CVE-2018-0735 (The OpenSSL ECDSA signature algorithm has been shown to be vulnerable ...) - openssl + [stretch] - openssl (Wait for next DSA and upstream release) - openssl1.0 + [stretch] - openssl1.0 (Wait for next DSA and upstream release) NOTE: https://www.openssl.org/news/secadv/20181029.txt NOTE: OpenSSL_1_1_1-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4 NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=56fb454d281a023b3f950d969693553d3f3ceea1 = data/dsa-needed.txt = @@ -68,3 +68,5 @@ sssd -- symfony -- +tiff +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/584185ce350a491fbc9dd7800c72d403eaa848bf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/584185ce350a491fbc9dd7800c72d403eaa848bf You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6e3d2c46 by Moritz Muehlenhoff at 2018-10-27T07:45:31Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -4,7 +4,8 @@ CVE-2018-18653 (The Linux kernel, as used in Ubuntu 18.10 and
when booted with U
CVE-2018-18652 (A remote command execution vulnerability in Veritas NetBackup
Appliance ...)
NOT-FOR-US: Veritas NetBackup Appliance
CVE-2018-18655 (Prayer through 1.3.5 sends a Referer header, containing a
user's ...)
- - prayer (bug #911842)
+ - prayer (low; bug #911842)
+ [stretch] - prayer (Minor issue)
CVE-2018-18654 (Crossroads 2.81 does not properly handle the /tmp directory
during a ...)
- crossroads (unimportant; bug #911877)
NOTE: Issue exploitable only during build of package
@@ -240,7 +241,8 @@ CVE-2018-18557 (LibTIFF 4.0.9 (with JBIG enabled) decodes
arbitrarily-sized JBIG
NOTE: https://gitlab.com/libtiff/libtiff/merge_requests/38
NOTE:
https://gitlab.com/libtiff/libtiff/commit/681748ec2f5ce88da5f9fa6831e1653e46af8a66
CVE-2018- [out of bounds memory read in MED files]
- - libopenmpt 0.3.13-1 (bug #911584)
+ - libopenmpt 0.3.13-1 (low; bug #911584)
+ [stretch] - libopenmpt (Minor issue)
NOTE:
https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/
NOTE:
https://source.openmpt.org/browse/openmpt/trunk/?op=revision=10903
CVE-2018-18556
@@ -1867,7 +1869,8 @@ CVE-2018-17943
RESERVED
CVE-2018-17942 (The convert_to_decimal function in vasnprintf.c in Gnulib
before ...)
{DLA-1543-1}
- - gnulib (bug #910757)
+ - gnulib (low; bug #910757)
+ [stretch] - gnulib (Minor issue)
NOTE: pspp affecting bug:
https://savannah.gnu.org/bugs/?func=detailitem_id=54686
NOTE:
https://lists.gnu.org/archive/html/bug-gnulib/2018-09/msg00107.html
NOTE:
https://github.com/coreutils/gnulib/commit/278b4175c9d7dd47c1a3071554aac02add3b3c35
@@ -10275,6 +10278,7 @@ CVE-2018-14500 (joyplus-cms 1.6.0 has XSS via the ...)
CVE-2018-1999023 (The Battle for Wesnoth Project version 1.7.0 through 1.14.3
contains a ...)
- wesnoth-1.14 1:1.14.4-1
- wesnoth-1.12
+ [stretch] - wesnoth-1.12 (Scheduled for removal from stretch)
- wesnoth-1.10
[jessie] - wesnoth-1.10 (Games are not supported in
Jessie)
NOTE: http://www.openwall.com/lists/oss-security/2018/07/20/1
@@ -11458,7 +11462,8 @@ CVE-2018-14043 (mstdlib (aka the M Standard Library for
C) 1.2.0 has incorrect f
NOT-FOR-US: mstdlib
CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the
data-container ...)
- twitter-bootstrap (Vulnerable code not present)
- - twitter-bootstrap3 (bug #907414)
+ - twitter-bootstrap3 (low; bug #907414)
+ [stretch] - twitter-bootstrap3 (Minor issue)
[jessie] - twitter-bootstrap3 (Vulnerable code not
present)
NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
NOTE: https://github.com/twbs/bootstrap/issues/26423
@@ -11467,7 +11472,8 @@ CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is
possible in the data-container
NOTE:
https://github.com/twbs/bootstrap/pull/26630/commits/efca80bb5bb34546a2e7a9488b89f71457d2ad92
CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target
property ...)
- twitter-bootstrap (Vulnerable code not present)
- - twitter-bootstrap3 (bug #907414)
+ - twitter-bootstrap3 (low; bug #907414)
+ [stretch] - twitter-bootstrap3 (Minor issue)
[jessie] - twitter-bootstrap3 (Vulnerable code not
present)
NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
NOTE: https://github.com/twbs/bootstrap/issues/26423
@@ -11477,7 +11483,8 @@ CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is
possible in the data-target pr
CVE-2018-14040 (In Bootstrap before 4.1.2, XSS is possible in the collapse
data-parent ...)
{DLA-1479-1}
- twitter-bootstrap (Vulnerable code not present)
- - twitter-bootstrap3 (bug #907414)
+ - twitter-bootstrap3 (low; bug #907414)
+ [stretch] - twitter-bootstrap3 (Minor issue)
NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
NOTE: https://github.com/twbs/bootstrap/issues/26423
NOTE: https://github.com/twbs/bootstrap/issues/26625
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6e3d2c46e00da9585e0e8c586ee1fbc5a70b5467
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6e3d2c46e00da9585e0e8c586ee1fbc5a70b5467
You're receiving this email because of your account on salsa.debian.org.
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fdf7576b by Moritz Muehlenhoff at 2018-10-19T22:56:33Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -13,11 +13,13 @@ CVE-2018-18523 CVE-2018-18522 RESERVED CVE-2018-18521 (Divide-by-zero vulnerabilities in the function arlib_add_symbols() in ...) - - elfutils (bug #911413) + - elfutils (low; bug #911413) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23786 NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function elf_end in ...) - - elfutils (bug #911414) + - elfutils (low; bug #911414) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787 NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html CVE-2018-18519 @@ -288,8 +290,9 @@ CVE-2018-18411 CVE-2018-18410 RESERVED CVE-2018-18409 (A stack-based buffer over-read exists in setbit() at iptree.h of ...) - - tcpflow (bug #911263) + - tcpflow (unimportant; bug #911263) NOTE: https://github.com/simsong/tcpflow/issues/195 + NOTE: Crash in CLI tool, no security impact CVE-2018-18408 (A use-after-free was discovered in the tcpbridge binary of Tcpreplay ...) - tcpreplay NOTE: https://github.com/appneta/tcpreplay/issues/489 @@ -342,7 +345,8 @@ CVE-2018-18386 (drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows lo [jessie] - linux 3.16.56-1 NOTE: Fixed by: https://git.kernel.org/linus/966031f340185eddd05affcf72b740549f056348 CVE-2018-18385 (Asciidoctor v1.5.7.1 allows remote attackers to cause a denial of ...) - - asciidoctor + - asciidoctor (low) + [stretch] - asciidoctor (Minor issue) NOTE: https://github.com/asciidoctor/asciidoctor/issues/2888 CVE-2018-18384 (Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive ...) - unzip 6.0-11 (bug #741384) @@ -1323,6 +1327,7 @@ CVE-2018-18026 RESERVED CVE-2018-18025 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...) - imagemagick + [stretch] - imagemagick (Fix along in next DSA) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1335 CVE-2018-18024 (In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ...) - imagemagick (low) @@ -9432,6 +9437,7 @@ CVE-2018-14636 (Live-migrated instances are briefly able to inspect traffic for [jessie] - neutron (Minor issue) CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants are ...) - neutron 2:13.0.0-1 + [stretch] - neutron (Minor issue) [jessie] - neutron (Minor issue) NOTE: https://bugs.launchpad.net/neutron/+bug/1757482 NOTE: https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d = data/dsa-needed.txt = @@ -17,6 +17,8 @@ If needed, specify the release by adding a slash after the name of the source pa -- ceph -- +chromium-browser +-- ghostscript (carnil) Regression update: #909076, possibly #909929 (but see upstream issue), and #909957 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fdf7576b3ba1ef06ba079bfcc334c7444d223a43 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fdf7576b3ba1ef06ba079bfcc334c7444d223a43 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ec8c21a1 by Moritz Muehlenhoff at 2018-10-12T20:02:35Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -626,6 +626,7 @@ CVE-2018-18056
RESERVED
CVE-2018-1000810 (The Rust Programming Language Standard Library version
1.29.0, 1.28.0, ...)
- rustc
+ [stretch] - rustc (Can be fixed along in future rustc update
for ESR68)
NOTE:
https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html
NOTE:
https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0
NOTE: Fixed upstream in 1.29.1
@@ -1732,7 +1733,8 @@ CVE-2018-17568 (utils/ut_rpc.c in ViaBTC Exchange Server
before 2018-08-21 has a
NOT-FOR-US: ViaBTC Exchange Server
CVE-2018-17567 (Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through
3.8.3 ...)
{DLA-1541-1}
- - jekyll (bug #909933)
+ - jekyll (low; bug #909933)
+ [stretch] - jekyll (Minor issue)
NOTE: https://github.com/jekyll/jekyll/pull/7224
NOTE:
https://jekyllrb.com/news/2018/09/19/security-fixes-for-3-6-3-7-3-8/
CVE-2018-17566 (In ThinkPHP 5.1.24, the inner function delete can be used for
SQL ...)
@@ -1971,6 +1973,7 @@ CVE-2018-17456 (Git before 2.14.5, 2.15.x before 2.15.3,
2.16.x before 2.16.5, 2
CVE-2018-17455 [IDOR merge request approvals]
RESERVED
- gitlab
+ [stretch] - gitlab (Scheduled for removal in next point
release)
NOTE:
https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
CVE-2018-17454 [Persistent XSS on issue details]
RESERVED
@@ -1985,6 +1988,7 @@ CVE-2018-17453 [GRPC::Unknown logging token disclosure]
CVE-2018-17452 [validate_localhost function in url_blocker.rb could be
bypassed]
RESERVED
- gitlab
+ [stretch] - gitlab (Scheduled for removal in next point
release)
NOTE:
https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
CVE-2018-17451 [Slack integration CSRF Oauth2]
RESERVED
@@ -5056,13 +5060,16 @@ CVE-2018-16048 (An issue was discovered in GitLab
Community and Enterprise Editi
NOTE:
https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018-16051 (An issue was discovered in GitLab Community and Enterprise
Edition ...)
- gitlab
+ [stretch] - gitlab (Scheduled for removal in next point
release)
NOTE: https://gitlab.com/gitlab-org/gitlab-ee/issues/6012
NOTE:
https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018- [gitlab: Missing CSRF in System Hooks]
- gitlab
+ [stretch] - gitlab (Scheduled for removal in next point
release)
NOTE:
https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018-16049 (An issue was discovered in GitLab Community and Enterprise
Edition ...)
- gitlab
+ [stretch] - gitlab (Scheduled for removal in next point
release)
NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/46967
NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/49272
NOTE:
https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
@@ -6850,6 +6857,7 @@ CVE-2018-15474 (** DISPUTED ** CSV Injection (aka Excel
Macro Injection or Formu
CVE-2018-15472 [Diff formatter DoS in Sidekiq jobs]
RESERVED
- gitlab
+ [stretch] - gitlab (Scheduled for removal in next point
release)
NOTE:
https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/
CVE-2018-15467
RESERVED
@@ -8894,6 +8902,7 @@ CVE-2018-14604 (An issue was discovered in GitLab
Community and Enterprise Editi
NOTE:
https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
CVE-2018-14603 (An issue was discovered in GitLab Community and Enterprise
Edition ...)
- gitlab
+ [stretch] - gitlab (Scheduled for removal in next point
release)
NOTE:
https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
CVE-2018-14602 (An issue was discovered in GitLab Community and Enterprise
Edition ...)
- gitlab
@@ -9606,6 +9615,7 @@ CVE-2018-14365
RESERVED
CVE-2018-14364 (GitLab Community and Enterprise Edition before 10.7.7, 10.8.x
before ...)
- gitlab 10.7.7+dfsg-2 (bug #904026)
+ [stretch] - gitlab (Scheduled for removal in next point
release)
NOTE:
https://about.gitlab.com/2018/07/17/critical-security-release-gitlab-11-dot-0-dot-4-released/
CVE-2018-14363 (An issue was discovered in NeoMutt before 2018-07-16. newsrc.c
does not ...)
{DSA-4277-1 DLA-1455-1}
@@ -13849,9 +13859,11 @@
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 4e38ad89 by Moritz Muehlenhoff at 2018-10-04T20:56:29Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -328,6 +328,7 @@ CVE-2018-17826 (HisiPHP 1.0.8 allows CSRF via admin.php/admin/user/adduser.html NOT-FOR-US: HisiPHP CVE-2018-17825 (An issue was discovered in AdPlug 2.3.1. There are several double-free ...) - adplug + [stretch] - adplug (Minor issue) NOTE: https://github.com/adplug/adplug/issues/67 NOTE: https://github.com/adplug/adplug/commit/19ebb61bf92262dc1868de10ba5a211db249ce76 CVE-2018-17824 @@ -3251,7 +3252,8 @@ CVE-2018-16550 (TeamViewer 10.x through 13.x allows remote attackers to bypass t CVE-2018-16549 (HScripts PHP File Browser Script v1.0 allows Directory Traversal via ...) NOT-FOR-US: HScripts PHP File Browser Script CVE-2018-16548 (An issue was discovered in ZZIPlib through 0.13.69. There is a memory ...) - - zziplib + - zziplib (low) + [stretch] - zziplib (Minor issue) [jessie] - zziplib (Minor issue) NOTE: https://github.com/gdraheim/zziplib/issues/58 CVE-2018-16547 @@ -15230,7 +15232,8 @@ CVE-2018-11776 (Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer fr - libstruts1.2-java (Specific to 2.x) NOTE: https://cwiki.apache.org/confluence/display/WW/S2-057 CVE-2018-11775 (TLS hostname verification when using the Apache ActiveMQ Client before ...) - - activemq 5.15.6-1 (bug #908950) + - activemq 5.15.6-1 (low; bug #908950) + [stretch] - activemq (Minor issue) NOTE: http://activemq.apache.org/security-advisories.data/CVE-2018-11775-announcement.txt NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;a=commit;h=bde7097fb8173cf871827df7811b3865679b963d NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;a=commit;h=02971a40e281713a8397d3a1809c164b594abfbb @@ -76769,6 +76772,7 @@ CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute code NOT-FOR-US: WinDjView CVE-2017-7893 (In SaltStack Salt before 2016.3.6, compromised salt-minions can ...) - salt 2016.11.5+ds-1 + [stretch] - salt (Minor issue) NOTE: https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html NOTE: https://github.com/saltstack/salt/issues/48939 NOTE: https://github.com/saltstack/salt/commit/0a0f46fb1478be5eb2f90882a90390cb35ec43cb View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e38ad8905c952471a74d7f5573641591656e5e2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e38ad8905c952471a74d7f5573641591656e5e2 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d085fc39 by Moritz Muehlenhoff at 2018-09-20T18:57:20Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
@@ -334,6 +334,7 @@ CVE-2018-17183 (Artifex Ghostscript before 9.25 allowed a
user-writable error ex
NOTE:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624
CVE-2018-17095 (An issue has been discovered in mpruett Audio File Library
(aka ...)
- audiofile
+ [stretch] - audiofile (Minor issue)
[jessie] - audiofile (Can be fixed along in future DLA)
NOTE: https://github.com/mpruett/audiofile/issues/50
NOTE: https://github.com/mpruett/audiofile/issues/51
@@ -422,6 +423,7 @@ CVE-2018-17058
RESERVED
CVE-2018-17057 (An issue was discovered in TCPDF before 6.2.22. Attackers can
trigger ...)
- tcpdf (bug #908866)
+ [stretch] - tcpdf (Minor issue)
[jessie] - tcpdf (Minor issue)
NOTE:
https://github.com/tecnickcom/TCPDF/commit/1861e33fe05f653b67d070f7c106463e7a5c26e
NOTE: Was considered minor for jessie since arbitrary deserialization
@@ -1560,6 +1562,7 @@ CVE-2018-1000673
REJECTED
CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL
Redirection to ...)
- sympa (bug #908165)
+ [stretch] - sympa (Minor issue)
NOTE: https://github.com/sympa-community/sympa/issues/268
NOTE:
https://github.com/sympa-community/sympa/commit/c6ce32a6c203070702eac45a4442a17d2bf7b0c1
NOTE:
https://github.com/sympa-community/sympa/commit/03314a9baf7f7903283253829877afd0ae50e325
@@ -6169,6 +6172,7 @@ CVE-2018-14637
RESERVED
CVE-2018-14636 (Live-migrated instances are briefly able to inspect traffic
for other ...)
- neutron (low)
+ [stretch] - neutron (Minor issue)
[jessie] - neutron (Minor issue)
CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants
are ...)
- neutron 2:13.0.0-1
@@ -7218,6 +7222,7 @@ CVE-2018-14321
RESERVED
CVE-2018-14320 (This vulnerability allows remote attackers to disclose
sensitive ...)
- libpodofo
+ [stretch] - libpodofo (Minor issue)
[jessie] - libpodofo (Minor issue)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-18-1046/
CVE-2018-14319
@@ -7814,8 +7819,7 @@ CVE-2018-14044 (The RateTransposer::setChannels function
in RateTransposer.cpp i
CVE-2018-14043 (mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect
file ...)
NOT-FOR-US: mstdlib
CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the
data-container ...)
- - twitter-bootstrap
- [jessie] - twitter-bootstrap (Vulnerable code not
present)
+ - twitter-bootstrap (Vulnerable code not present)
- twitter-bootstrap3 (bug #907414)
[jessie] - twitter-bootstrap3 (Vulnerable code not
present)
NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
@@ -7824,8 +7828,7 @@ CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is
possible in the data-container
NOTE: https://github.com/twbs/bootstrap/pull/26630
NOTE:
https://github.com/twbs/bootstrap/pull/26630/commits/efca80bb5bb34546a2e7a9488b89f71457d2ad92
CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target
property ...)
- - twitter-bootstrap
- [jessie] - twitter-bootstrap (Vulnerable code not
present)
+ - twitter-bootstrap (Vulnerable code not present)
- twitter-bootstrap3 (bug #907414)
[jessie] - twitter-bootstrap3 (Vulnerable code not
present)
NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
@@ -7835,8 +7838,7 @@ CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is
possible in the data-target pr
NOTE:
https://github.com/twbs/bootstrap/pull/26630/commits/3229efc0811df29765c1d0a949c85362378b0628
CVE-2018-14040 (In Bootstrap before 4.1.2, XSS is possible in the collapse
data-parent ...)
{DLA-1479-1}
- - twitter-bootstrap
- [jessie] - twitter-bootstrap (Vulnerable code not
present)
+ - twitter-bootstrap (Vulnerable code not present)
- twitter-bootstrap3 (bug #907414)
NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/
NOTE: https://github.com/twbs/bootstrap/issues/26423
@@ -2,11 +4,10 @@ CVE-2018-1000522
CVE-2018-1000521 (BigTree-CMS contains a Cross Site Scripting (XSS)
vulnerability in ...)
NOT-FOR-US: BigTree-CMS
CVE-2018-1000520 (ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite
Allows ...)
- - mbedtls (low)
- [stretch] - mbedtls (Minor issue)
- - polarssl
- [jessie] - polarssl (Minor issue)
+ - mbedtls (unimportant)
+ -
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2a93573c by Moritz Muehlenhoff at 2018-09-03T18:40:51Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -1862,6 +1862,7 @@ CVE-2018-1000655 (Jsish version 2.4.65 contains a
CWE-476: NULL Pointer Derefere
NOT-FOR-US: Jsish
CVE-2018-1000654 (GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13,
libtasn1-4.12 ...)
- libtasn1-6 (bug #906768)
+ [stretch] - libtasn1-6 (Minor issue)
[jessie] - libtasn1-6 (Minor issue since this cannot be
exploited at runtime)
- libtasn1-3
NOTE: https://gitlab.com/gnutls/libtasn1/issues/4
@@ -6199,8 +6200,8 @@ CVE-2018-13819 (A hardcoded secret key, in CA Unified
Infrastructure Management
NOT-FOR-US: CA Unified Infrastructure Management
CVE-2018-13818 (Twig before 2.4.4 allows Server-Side Template Injection (SSTI)
via the ...)
- twig 2.4.4-2
+ [stretch] - twig (Minor issue)
NOTE: Fixed upstream in 2.4.4
- TODO: check, details
CVE-2018-13817
RESERVED
CVE-2018-13816
@@ -13716,11 +13717,13 @@ CVE-2018-10889 (A flaw was found in moodle before
versions 3.5.1, 3.4.4, 3.3.7.
- moodle
CVE-2018-10888 (A flaw was found in libgit2 before version 0.27.3. A missing
check in ...)
{DLA-1477-1}
- - libgit2 0.27.4+dfsg.1-0.1 (bug #903508)
+ - libgit2 0.27.4+dfsg.1-0.1 (low; bug #903508)
+ [stretch] - libgit2 (Minor issue)
NOTE:
https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3
CVE-2018-10887 (A flaw was found in libgit2 before version 0.27.3. It has been
...)
{DLA-1477-1}
- - libgit2 0.27.4+dfsg.1-0.1 (bug #903509)
+ - libgit2 0.27.4+dfsg.1-0.1 (low; bug #903509)
+ [stretch] - libgit2 (Minor issue)
NOTE:
https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a
NOTE:
https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22
CVE-2018- [Incomplete fix for CVE-2018-10886]
@@ -50699,6 +50702,7 @@ CVE-2017-15140
CVE-2017-15139 (A vulnerability was found in openstack-cinder releases up to
and ...)
[experimental] - cinder 2:13.0.0-1
- cinder
+ [stretch] - cinder (Minor issue)
[jessie] - cinder (ScaleIO Driver support does not exist)
NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0084
NOTE: https://bugs.launchpad.net/ossn/+bug/1699573
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2a93573c485852177a6867505c084b1ba08978ba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2a93573c485852177a6867505c084b1ba08978ba
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
069ff9b5 by Moritz Muehlenhoff at 2018-08-22T20:30:43Z
stretch triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -237,9 +237,9 @@ CVE-2018-15609
CVE-2018-15608
RESERVED
CVE-2018-15607 (In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36
0x36 0x36 ...)
- - imagemagick
+ - imagemagick (low)
+ [stretch] - imagemagick (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/1255
- TODO: check
CVE-2018-15606
RESERVED
CVE-2018-15605
@@ -330,6 +330,7 @@ CVE-2018-1000657 (Rust Programming Language Rust standard
library version Commit
NOTE: https://github.com/rust-lang/rust/issues/44800
CVE-2018-1000656 (The Pallets Project flask version Before 0.12.3 contains a
CWE-20: ...)
- flask 1.0.2-1
+ [stretch] - flask (Minor issue)
NOTE: https://github.com/pallets/flask/pull/2691
CVE-2018-1000655 (Jsish version 2.4.65 contains a CWE-476: NULL Pointer
Dereference ...)
NOT-FOR-US: Jsish
@@ -340,7 +341,8 @@ CVE-2018-1000654 (GNU Libtasn1-4.13 libtasn1-4.13 version
libtasn1-4.13, libtasn
CVE-2018-1000653 (zzcms version 8.3 and earlier contains a SQL Injection
vulnerability ...)
NOT-FOR-US: zzcms
CVE-2018-1000652 (JabRef version =4.3.1 contains a XML External Entity
(XXE) ...)
- - jabref
+ - jabref (low)
+ [stretch] - jabref (Minor issue)
NOTE: https://github.com/JabRef/jabref/issues/4229
NOTE:
https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e
CVE-2018-1000651 (Stroom version 5.4.5 contains a XML External Entity
(XXE) ...)
@@ -1360,7 +1362,8 @@ CVE-2018-15121
RESERVED
CVE-2018-15120 [denial of service by emoji (assertion failure)]
RESERVED
- - pango1.0 1.42.4-1
+ - pango1.0 1.42.4-1 (low)
+ [stretch] - pango1.0 (Vulnerable code not present)
NOTE:
https://gitlab.gnome.org/GNOME/pango/commit/71aaeaf020340412b8d012fe23a556c0420eda5f
CVE-2018-15119
RESERVED
@@ -12257,7 +12260,8 @@ CVE-2018-10857 (git-annex is vulnerable to a private
data exposure and exfiltrat
CVE-2018-10856 (It has been discovered that podman before version 0.6.1 does
not drop ...)
NOT-FOR-US: Podman
CVE-2018-10855 (Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not
honor the ...)
- - ansible 2.5.5+dfsg-1
+ - ansible 2.5.5+dfsg-1 (low)
+ [stretch] - ansible (Vulnerable code not present)
[jessie] - ansible (vulnerable code not present)
NOTE: https://github.com/ansible/ansible/pull/41414
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1588855
@@ -21985,7 +21989,8 @@ CVE-2015-9253 (An issue was discovered in PHP 7.3.x
before 7.3.0alpha3, 7.2.x be
NOTE: https://bugs.php.net/bug.php?id=75968
NOTE: Only exploitable with malicious script
CVE-2018-7226 (An issue was discovered in vcSetXCutTextProc() in VNConsole.c
in ...)
- - vncterm (bug #898453)
+ - vncterm (low; bug #898453)
+ [stretch] - vncterm (Minor issue)
NOTE: https://github.com/LibVNC/vncterm/issues/6
CVE-2018-7225 (An issue was discovered in LibVNCServer through 0.9.11. ...)
{DSA-4221-1 DLA-1332-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/069ff9b58c0ed6fd40048304c49a4a1d34caafd0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/069ff9b58c0ed6fd40048304c49a4a1d34caafd0
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5c7f646f by Moritz Muehlenhoff at 2018-08-20T18:43:34Z
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -168,7 +168,8 @@ CVE-2018-15503 (The unpack implementation in Swoole version
4.0.4 lacks correct
CVE-2018-15502
RESERVED
CVE-2018-15501 (In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6
and 0.27.x ...)
- - libgit2 0.27.4+dfsg.1-0.1
+ - libgit2 0.27.4+dfsg.1-0.1 (low)
+ [stretch] - libgit2 (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9406
NOTE:
https://github.com/libgit2/libgit2/commit/1f9a8510e1d2f20ed7334eeeddb92c4dd8e7c649
CVE-2018-15500
@@ -773,6 +774,7 @@ CVE-2018-15210
RESERVED
CVE-2018-15209 (ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF
4.0.9 allows ...)
- tiff (bug #905798)
+ [stretch] - tiff (Can be fixed along in future DSA)
- tiff3
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2808
CVE-2018-15208
@@ -3739,6 +3741,7 @@ CVE-2018-14029 (CSRF vulnerability in admin/user/edit in
Creatiwity wityCMS 0.6.
NOT-FOR-US: Creatiwity wityCMS
CVE-2018-14028 (In WordPress 4.9.7, plugins uploaded via the admin area are
not ...)
- wordpress (bug #906565)
+ [stretch] - wordpress (Minor issue)
[jessie] - wordpress (can be fixed with a later update)
NOTE: https://core.trac.wordpress.org/ticket/44710
NOTE:
https://rastating.github.io/unrestricted-file-upload-via-plugin-uploader-in-wordpress/
@@ -9284,6 +9287,7 @@ CVE-2018-11772
RESERVED
CVE-2018-11771 (When reading a specially crafted ZIP archive, the read method
of ...)
- libcommons-compress-java (bug #906301)
+ [stretch] - libcommons-compress-java (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2018/08/16/2
CVE-2018-11770 (From version 1.3.0 onward, Apache Spark's standalone master
exposes a ...)
NOT-FOR-US: Apache Spark
@@ -18925,9 +18929,11 @@ CVE-2018-8021
RESERVED
CVE-2018-8020 (Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a
flaw ...)
- tomcat-native 1.2.17-1
+ [stretch] - tomcat-native (Minor issue)
NOTE: https://svn.apache.org/r1832863
CVE-2018-8019 (When using an OCSP responder Apache Tomcat Native 1.2.0 to
1.2.16 and ...)
- tomcat-native 1.2.17-1
+ [stretch] - tomcat-native (Minor issue)
NOTE: https://svn.apache.org/r1832832
CVE-2018-8018 (Apache Ignite 2.5 and earlier serialization mechanism does not
have a ...)
NOT-FOR-US: Apache Ignite
@@ -31268,6 +31274,7 @@ CVE-2017-1000434 (Wordpress plugin Furikake version
0.1.0 is vulnerable to an Op
CVE-2017-1000433 (pysaml2 version 4.4.0 and older accept any password when run
with ...)
{DLA-1410-1}
- python-pysaml2 (bug #886423)
+ [stretch] - python-pysaml2 (Minor issue)
NOTE: https://github.com/rohe/pysaml2/issues/451
NOTE: Fixed by:
https://github.com/rohe/pysaml2/commit/6312a41e037954850867f29d329e5007df1424a5
CVE-2017-1000432 (Vanilla Forums below 2.1.5 are affected by CSRF leading to
Deleting ...)
=
data/dsa-needed.txt
=
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -65,6 +65,8 @@ openjpeg2 (luciano)
openssh (seb)
User enumeration vulnerability
--
+openssh
+--
otrs2
--
passenger
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c7f646f0e6c5f4f5372ce5f3f528145eb739255
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c7f646f0e6c5f4f5372ce5f3f528145eb739255
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fd5acd84 by Moritz Muehlenhoff at 2018-08-15T18:47:47Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -853,6 +853,7 @@ CVE-2018- [Heap-based buffer overflow in zutils zcat] NOTE: Fixed by: upstream/0001-zcat-buffer-overrun.patch (in 1.7-3) CVE-2018-14938 (An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through ...) - tcpflow (bug #905483) + [stretch] - tcpflow (Minor issue) NOTE: https://github.com/simsong/tcpflow/commit/a4e1cd14eb5ccc51ed271b65b3420f7d692c40eb NOTE: https://github.com/simsong/tcpflow/issues/182 CVE-2018-14937 (The Add page option in my little forum 2.4.12 allows XSS via the Menu ...) @@ -1788,6 +1789,7 @@ CVE-2018-14569 RESERVED CVE-2018-1999024 (MathJax version prior to version 2.7.4 contains a Cross Site Scripting ...) - mathjax 2.7.4+dfsg-1 + [stretch] - mathjax (Minor issue) NOTE: https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1 CVE-2018-1999021 (Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) ...) NOT-FOR-US: Gleezcms Gleez Cms @@ -18400,6 +18402,7 @@ CVE-2018-8033 RESERVED CVE-2018-8032 (Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site ...) - axis (bug #905328) + [stretch] - axis (Minor issue) NOTE: https://issues.apache.org/jira/browse/AXIS-2924 NOTE: https://svn.apache.org/r1831943 CVE-2018-8031 (The TomEE console (tomee-webapp) has a XSS vulnerability which could ...) = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -18,6 +18,8 @@ If needed, specify the release by adding a slash after the name of the source pa asterisk berni working on updates -- +ceph +-- enigmail -- gitlab @@ -52,6 +54,8 @@ mariadb-10.1/stable including some other changes -> Needs review if suitable to include via security upload or need an SRM ack first. -- +mbedtls +-- mercurial -- mosquitto (seb) @@ -68,6 +72,8 @@ openjfx -- openjpeg2 (luciano) -- +otrs2 +-- passenger -- php-horde-image View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd5acd849355c3e87b95df2e09a902a836233b65 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd5acd849355c3e87b95df2e09a902a836233b65 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 40308adb by Moritz Muehlenhoff at 2018-08-01T16:32:05Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -564,6 +564,7 @@ CVE-2018-1999008 (October CMS version prior to build 437 contains a Cross Site S NOT-FOR-US: October CMS CVE-2018-14568 (Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a ...) - suricata 1:4.0.5-1 + [stretch] - suricata (Minor issue) NOTE: https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345 NOTE: https://redmine.openinfosecfoundation.org/issues/2501 CVE-2018-14567 @@ -608,6 +609,7 @@ CVE-2018-14552 RESERVED CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses ...) - imagemagick 8:6.9.10.8+dfsg-1 (bug #904713) + [stretch] - imagemagick (Can be fixed along in a future DSA) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1221 NOTE: https://github.com/ImageMagick/ImageMagick/commit/389ecc365a7c61404ba078a72c3fa5a3cf1b4101 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/db7a4be592328af06d776ce3bab24b8c6de5be20 @@ -731,6 +733,7 @@ CVE-2018-1999023 (The Battle for Wesnoth Project version 1.7.0 through 1.14.3 co NOTE: https://github.com/wesnoth/wesnoth/commit/d911268a783467842d38eae7ac1630f1fea41318 (1.14.x) CVE-2018-14505 (mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to ...) - mitmproxy (bug #904293) + [stretch] - mitmproxy (Minor issue) NOTE: https://github.com/mitmproxy/mitmproxy/issues/3234 NOTE: https://github.com/mitmproxy/mitmproxy/pull/3243 CVE-2018-14499 @@ -2046,7 +2049,8 @@ CVE-2018-13990 CVE-2018-13989 (Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST ...) NOT-FOR-US: Grundig Smart Inter@ctive TV 3.0 devices CVE-2018-13988 (Poppler through 0.62 contains a Buffer Overflow vulnerability due to ...) - - poppler (bug #904922) + - poppler (low; bug #904922) + [stretch] - poppler (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1602838 NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee (poppler-0.67.0) CVE-2018-13987 = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -77,6 +77,8 @@ passenger php-horde-image Chris Lamb proposed debdiff adressing CVE-2017-9773, CVE-2017-9774 and CVE-2017-14650 -- +python-django +-- sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40308adb3ab2814985621ae5b3053d4832cc2284 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40308adb3ab2814985621ae5b3053d4832cc2284 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2906ee00 by Moritz Muehlenhoff at 2018-07-20T08:08:26+02:00 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -307,6 +307,7 @@ CVE-2018-14338 (samples/geotag.cpp in the example code of Exiv2 0.26 misuses the NOTE: Issue in example code of Exiv2 CVE-2018-14337 (The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 ...) - mruby (bug #903985) + [stretch] - mruby (Minor issue) NOTE: https://github.com/mruby/mruby/issues/4062 NOTE: https://github.com/mruby/mruby/commit/695f29cd604787f43be1af16e38d13610bf8312b NOTE: https://github.com/mruby/mruby/commit/adb1eae912659d680a9c5b7832e22cf73d36a69a @@ -328,11 +329,9 @@ CVE-2018-14331 (An issue was discovered in XiaoCms X1 v20140305. There is a CSRF CVE-2018-14330 RESERVED CVE-2018-14329 (In HTSlib 1.8, a race condition in cram/cram_io.c might allow local ...) - - htslib - [jessie] - htslib (Minor issue, ignored by upstream) + - htslib (unimportant) NOTE: https://github.com/samtools/htslib/issues/736 - NOTE: Upstream closed the issue, reasoning that fixing the issue would - NOTE: cause another set of problems. + NOTE: Neutralised by kernel hardening CVE-2018-14328 RESERVED CVE-2018-14327 @@ -4386,6 +4385,7 @@ CVE-2018-12582 (An issue was discovered in AKCMS 6.1. CSRF can add an admin acco NOT-FOR-US: AKCMS CVE-2018-12581 (An issue was discovered in js/designer/move.js in phpMyAdmin before ...) - phpmyadmin (low) + [stretch] - phpmyadmin (Vulnerable code not present) [jessie] - phpmyadmin (vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2018-3/ NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e @@ -7249,11 +7249,13 @@ CVE-2018-11491 RESERVED CVE-2018-11490 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly ...) - giflib (bug #904114) + [stretch] - giflib (Minor issue) NOTE: https://github.com/pts/sam2p/issues/38 NOTE: https://sourceforge.net/p/giflib/bugs/113/ NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib. CVE-2018-11489 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly ...) - giflib (bug #904113) + [stretch] - giflib (Minor issue) NOTE: https://github.com/pts/sam2p/issues/37 NOTE: https://sourceforge.net/p/giflib/bugs/112/ NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib. @@ -10672,6 +10674,7 @@ CVE-2018-10189 (An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It NOT-FOR-US: Mautic CVE-2018-10188 (phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to ...) - phpmyadmin (bug #896490) + [stretch] - phpmyadmin (Only affects 4.8.x) [jessie] - phpmyadmin (vulnerable code not present) [wheezy] - phpmyadmin (vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2018-2/ @@ -32090,6 +32093,7 @@ CVE-2018-2599 (Vulnerability in the Java SE, Java SE Embedded, JRockit component [wheezy] - openjdk-6 CVE-2018-2598 (Vulnerability in the MySQL Workbench component of Oracle MySQL ...) - mysql-workbench (bug #904112) + [stretch] - mysql-workbench (Exact details undisclosed, but marginal CVSS score) CVE-2018-2597 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management ...) NOT-FOR-US: Oracle CVE-2018-2596 (Vulnerability in the Oracle WebCenter Content component of Oracle ...) @@ -46081,6 +46085,7 @@ CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in . NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/28bad01242898d7f863deedbfa8502c348293093 CVE-2017-14988 (Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote ...) - openexr (bug #878551) + [stretch] - openexr (Minor issue) [wheezy] - openexr (Should be fixed along in future update) NOTE: https://github.com/openexr/openexr/issues/248 CVE-2017-14987 @@ -53432,7 +53437,7 @@ CVE-2017-12597 (OpenCV (Open Source Computer Vision Library) through 3.3 has an NOTE: https://github.com/opencv/opencv/issues/9309 CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...) - openexr 2.2.0-11.1 (bug #877352) - [stretch] - opencv (Minor issue) + [stretch] - openexr (Minor issue) [wheezy] - openexr 1.6.1-6+deb7u1 NOTE: https://github.com/openexr/openexr/issues/238 NOTE: Upstream fix
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c3f166c6 by Moritz Muehlenhoff at 2018-07-09T22:09:54+02:00 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -689,7 +689,8 @@ CVE-2018-13442 CVE-2018-13441 RESERVED CVE-2018-13440 (The audiofile Audio File Library 0.3.6 has a NULL pointer dereference ...) - - audiofile + - audiofile (low) + [stretch] - audiofile (Minor issue) NOTE: https://github.com/mpruett/audiofile/issues/49 CVE-2018-13439 (WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a ...) NOT-FOR-US: WeChat Pay Java SDK @@ -728,14 +729,16 @@ CVE-2018-13423 (admin/themes/default/items/tag-form.php in Omeka before 2.6.1 al CVE-2018-13422 (TCExam before 14.1.2 has XSS via an ff_ or xl_ field. ...) NOT-FOR-US: TCExam CVE-2018-13421 (Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a ...) - - fast-cpp-csv-parser 0.0+git20160525~9bf299c-2 (bug #903247) + - fast-cpp-csv-parser 0.0+git20160525~9bf299c-2 (low; bug #903247) + [stretch] - fast-cpp-csv-parser (Minor issue) NOTE: https://github.com/ben-strasser/fast-cpp-csv-parser/issues/67 NOTE: https://github.com/ben-strasser/fast-cpp-csv-parser/commit/8cf591aa7397f4372778cc927e184d28ee591093 CVE-2018-13420 (** DISPUTED ** Google gperftools 2.7 has a memory leak in ...) - - google-perftools (low; bug #903248) + - google-perftools (unimportant; bug #903248) NOTE: https://github.com/gperftools/gperftools/issues/1013 CVE-2018-13419 (An issue has been found in libsndfile 1.0.28. There is a memory leak in ...) - libsndfile (low) + [stretch] - libsndfile (Minor issue) NOTE: https://github.com/erikd/libsndfile/issues/398 CVE-2018-13418 RESERVED @@ -2544,7 +2547,8 @@ CVE-2018-1000534 (Joplin version prior to 1.0.90 contains a XSS evolving into co CVE-2018-1000533 (klaussilveira GitList version = 0.6 contains a Passing incorrectly ...) NOT-FOR-US: klaussilveira GitList CVE-2018-1000532 (beep version 1.3 and up contains a External Control of File Name or ...) - - beep (bug #902722) + - beep (low; bug #902722) + [stretch] - beep (Minor issue) NOTE: https://github.com/johnath/beep/issues/11#issuecomment-379514298 CVE-2018-1000531 (inversoft prime-jwt version prior to commit ...) NOT-FOR-US: prime-jwt @@ -2944,6 +2948,7 @@ CVE-2018-12521 RESERVED CVE-2018-12520 (An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG ...) - ntopng (bug #903154) + [stretch] - ntopng (Minor issue) NOTE: http://seclists.org/fulldisclosure/2018/Jul/14 NOTE: https://gist.github.com/Psychotropos/3e8c047cada9b1fb716e6a014a428b7f NOTE: https://github.com/ntop/ntopng/commit/30610bda60cbfc058f90a1c0a17d0e8f4516221a @@ -6814,6 +6819,7 @@ CVE-2018-11038 RESERVED CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in ...) - exiv2 + [stretch] - exiv2 (Revisit when fixed upstream) [jessie] - exiv2 (Minor issue, wait for more issues) NOTE: https://github.com/Exiv2/exiv2/issues/307 CVE-2018-11036 (Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, ...) @@ -7268,6 +7274,7 @@ CVE-2018-10860 (perl-archive-zip is vulnerable to a directory traversal in ...) CVE-2018-10859 RESERVED - git-annex 6.20180626-1 + [stretch] - git-annex (Will be fixed via next point release) NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4 NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/ CVE-2018-10858 @@ -7275,6 +7282,7 @@ CVE-2018-10858 CVE-2018-10857 RESERVED - git-annex 6.20180626-1 + [stretch] - git-annex (Will be fixed via next point release) NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4 NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/ CVE-2018-10856 (It has been discovered that podman before version 0.6.1 does not drop ...) = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -22,6 +22,8 @@ enigmail ffmpeg Wait for next 3.2.x release -- +gitlab +-- glusterfs -- graphicsmagick View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3f166c6a47cd66a9361078f81ae78ff663027d5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3f166c6a47cd66a9361078f81ae78ff663027d5 You're receiving this email because of your account on salsa.debian.org.
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
918cff8e by Moritz Muehlenhoff at 2018-06-22T00:25:51+02:00
stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=
data/CVE/list
=
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -540,7 +540,8 @@ CVE-2018-12439 (MatrixSSL through 3.9.5 Open allows a
memory-cache side-channel
CVE-2018-12438 (The Elliptic Curve Cryptography library (aka sunec or
libsunec) allows ...)
TODO: check
CVE-2018-12437 (LibTomCrypt through 1.18.1 allows a memory-cache side-channel
attack on ...)
- - libtomcrypt (bug #901626)
+ - libtomcrypt (low; bug #901626)
+ [stretch] - libtomcrypt (Minor issue)
NOTE: https://github.com/libtom/libtomcrypt/issues/407
CVE-2018-12436 (wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a
...)
- wolfssl (bug #901627)
@@ -1444,10 +1445,12 @@ CVE-2018-12037
CVE-2018-12036 (OWASP Dependency-Check before 3.2.0 allows attackers to write
to ...)
NOT-FOR-US: OWASP Dependency-Check
CVE-2018-12035 (In YARA 3.7.1 and prior, parsing a specially crafted compiled
rule ...)
- - yara 3.7.1-3
+ - yara 3.7.1-3 (low)
+ [stretch] - yara (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/891
CVE-2018-12034 (In YARA 3.7.1 and prior, parsing a specially crafted compiled
rule ...)
- - yara 3.7.1-3
+ - yara 3.7.1-3 (low)
+ [stretch] - yara (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/891
CVE-2018-12033
RESERVED
@@ -12285,11 +12288,13 @@ CVE-2018-7691
CVE-2018-7690
RESERVED
CVE-2018-7689 (Lack of permission checks in the InitializeDevelPackage
function in ...)
- - open-build-service
+ - open-build-service (low)
+ [stretch] - open-build-service (Minor issue)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1094819
NOTE:
https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b
CVE-2018-7688 (A missing permission check in the review handling of openSUSE
Open ...)
- - open-build-service
+ - open-build-service (low)
+ [stretch] - open-build-service (Minor issue)
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1094820
NOTE:
https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553
CVE-2018-7687 (The Micro Focus Client for OES before version 2 SP4 IR8a has a
...)
@@ -18429,15 +18434,18 @@ CVE-2018-5807
RESERVED
CVE-2018-5806 [NULL pointer dereference in leaf_hdr_load_raw() function in
internal/dcraw_common.cpp]
RESERVED
- - libraw 0.18.8-1
+ - libraw 0.18.8-1 (low)
+ [stretch] - libraw (Minor issue)
NOTE:
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
CVE-2018-5805 [Stack-based buffer overflow in quicktake_100_load_raw()
function in internal/dcraw_common.cpp]
RESERVED
- - libraw 0.18.8-1
+ - libraw 0.18.8-1 (low)
+ [stretch] - libraw (Minor issue)
NOTE:
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
CVE-2018-5804 [type confusion error in identify() function in
internal/dcraw_common.cpp]
RESERVED
- - libraw 0.18.8-1
+ - libraw 0.18.8-1 (low)
+ [stretch] - libraw (Minor issue)
NOTE:
https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03
CVE-2018-5803 (In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87,
4.4.121, ...)
{DSA-4188-1 DSA-4187-1 DLA-1369-1}
=
data/dsa-needed.txt
=
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -44,6 +44,8 @@ lava-server
libidn
santiago proposed debdiffs for jessie and stretch
--
+libspring-java
+--
linux
Wait until more issues have piled up
--
@@ -55,6 +57,9 @@ mercurial
mosquitto (seb)
2018-02-27: Roger Light provided a debdiff targetting stretch, needs review
--
+mupdf
+ leaf package, might be a candidate for simply moving to 1.13 in stretch
+--
openjpeg2 (luciano)
--
passenger
@@ -67,6 +72,10 @@ ruby2.3
Santiago will prepare an update
work-in-progress:
https://salsa.debian.org/ruby-team/ruby/tree/stretch-security-wip
--
+ruby-rack-protection (jmm)
+-
+ruby-sprockets
+--
sssd
Maintainer prepared an update and proposed debdiff, acked for upload, but
update needs further testing before release.
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/918cff8e407e264a4dd7edbc191da68e20f08539
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/918cff8e407e264a4dd7edbc191da68e20f08539
You're receiving this email because of your account on salsa.debian.org.
