[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 3d879298 by Abhijith PA at 2021-06-17T03:11:03+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -594,6 +594,7 @@ CVE-2021-34549 CVE-2021-34548 RESERVED - tor + [stretch] - tor ([DSA 4644-1]) NOTE: https://blog.torproject.org/node/2041 NOTE: https://bugs.torproject.org/tpo/core/tor/40389 CVE-2021-34547 (PRTG Network Monitor 20.1.55.1775 allows /editsettings CSRF for user a ...) @@ -2947,6 +2948,7 @@ CVE-2021-3563 - keystone [bullseye] - keystone (Minor issue) [buster] - keystone (Minor issue) + [stretch] - keystone (Keystone is not supported in stretch) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1962908 NOTE: https://bugs.launchpad.net/keystone/+bug/1901891 CVE-2021-33497 (Dutchcoders transfer.sh before 1.2.4 allows Directory Traversal for de ...) = data/dla-needed.txt = @@ -76,6 +76,11 @@ nvidia-graphics-drivers openexr -- python-babel (Abhijith PA) + NOTE: 20210617: CVE ID rejected. (abhijith) +-- +qemu +-- +rabbitmq-server (Abhijith PA) -- ruby-actionpack-page-caching (Markus Koschany) NOTE: 20200819: Upstream's patch on does not apply due to subsequent View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d879298ec1ee7f560d56eb2423f0930dff5bf1a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d879298ec1ee7f560d56eb2423f0930dff5bf1a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: ad7195ce by Abhijith PA at 2021-06-14T12:50:55+05:30 Stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -1828,6 +1828,7 @@ CVE-2021-33830 RESERVED CVE-2021-33829 (A cross-site scripting (XSS) vulnerability in the HTML Data Processor ...) - ckeditor 4.16.0+dfsg-2 + [stretch] - ckeditor (Fix along next DLA) NOTE: https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser NOTE: https://github.com/ckeditor/ckeditor4/commit/3e426ce34f7fc7bf784624358831ef9e189bb6ed CVE-2021-33828 @@ -6960,6 +6961,7 @@ CVE-2021-31685 RESERVED CVE-2021-31684 (A vulnerability was discovered in the indexOf function of JSONParserBy ...) - json-smart + [stretch] - json-smart (Minor issue) NOTE: https://github.com/netplex/json-smart-v2/issues/67 NOTE: https://github.com/netplex/json-smart-v2/commit/6ecff1c2974eaaab2e74e441bdf5ba8495227bf5 NOTE: Security impact disputed by upstream @@ -74628,6 +74630,7 @@ CVE-2020-15226 (In GLPI before version 9.5.2, there is a SQL Injection in the AP - glpi CVE-2020-15225 (django-filter is a generic system for filtering Django QuerySets based ...) - django-filter 2.4.0-1 + [stretch] - django-filter (Minor issue) NOTE: https://github.com/carltongibson/django-filter/security/advisories/GHSA-x7gm-rfgv-w973 NOTE: https://github.com/carltongibson/django-filter/commit/340cf7a23a2b3dcd7183f6a0d6c383e85b130d2b CVE-2020-15224 (In Open Enclave before version 0.12.0, an information disclosure vulne ...) = data/dla-needed.txt = @@ -53,6 +53,8 @@ gpac (Thorsten Alteholz) -- htmldoc (Utkarsh Gupta) -- +intel-microcode +-- jetty9 (Sylvain Beucler) -- libxstream-java @@ -71,6 +73,8 @@ nvidia-graphics-drivers NOTE: package is in non-free but also in packages-to-support NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in Stretch, no fix available for CVE-2021-1077 -- +openexr +-- prosody (Anton Gladky) NOTE: 20210519: at least the 10MB limit mentioned in CVE-2021-32918 is present NOTE: 20210530: WIP View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad7195ce804fbde7305b53aaca1c4ce6cabc5c39 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad7195ce804fbde7305b53aaca1c4ce6cabc5c39 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: a055a404 by Abhijith PA at 2021-03-08T01:41:45+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -6569,6 +6569,7 @@ CVE-2021-25289 RESERVED - pillow 8.1.1-1 [buster] - pillow (Vulnerable code not present) + [stretch] - pillow (Vulnerable code not present) NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.1.html CVE-2021-25288 RESERVED @@ -66338,10 +66339,12 @@ CVE-2020-11989 (Apache Shiro before 1.5.3, when using Apache Shiro with Spring d NOTE: CVE is closely related to CVE-2020-1957. CVE-2020-11988 (Apache XmlGraphics Commons 2.4 is vulnerable to server-side request fo ...) - xmlgraphics-commons - TODO: check fixing commits + [stretch] - xmlgraphics-commons (Minor issue) + NOTE: https://github.com/apache/xmlgraphics-commons/commit/57393912eb87b994c7fed39ddf30fb778a275183.patch CVE-2020-11987 (Apache Batik 1.13 is vulnerable to server-side request forgery, caused ...) - batik - TODO: check fixing commits + [stretch] - batik (Minor issue) + NOTE: https://github.com/apache/xmlgraphics-batik/commit/0ef5b661a1f2d1110877ea9e0287987098f6.patch CVE-2020-11986 (To be able to analyze gradle projects, the build scripts need to be ex ...) - netbeans 12.1-1 [stretch] - netbeans (Minor issue) = data/dla-needed.txt = @@ -74,6 +74,10 @@ opendmarc -- php-pear (Ola Lundqvist) -- +pillow (Abhijith PA) +-- +privoxy (Abhijith PA) +-- python3.5 NOTE: 20210217: Fairly invasive change, changing/augmenting API of standard library. (lamby) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a055a404512e4d2636a4736f870d7325fb6842ba -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a055a404512e4d2636a4736f870d7325fb6842ba You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: c220ce4b by Abhijith PA at 2021-03-07T20:27:05+05:30 Stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1138,6 +1138,7 @@ CVE-2021-27516 (URI.js (aka urijs) before 1.19.6 mishandles certain uses of back NOT-FOR-US: urijs CVE-2021-27515 (url-parse before 1.5.0 mishandles certain uses of backslash such as ht ...) - node-url-parse + [stretch] - node-url-parse (Minor issue) NOTE: https://github.com/unshiftio/url-parse/commit/d1e7e8822f26e8a49794b757123b51386325b2b0 NOTE: https://github.com/unshiftio/url-parse/pull/197 CVE-2021-27514 (EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for th ...) @@ -2505,6 +2506,7 @@ CVE-2021-26907 RESERVED CVE-2021-26906 (An issue was discovered in res_pjsip_session.c in Digium Asterisk thro ...) - asterisk 1:16.16.1~dfsg-1 (bug #983159) + [stretch] - asterisk (Minor issue) NOTE: https://downloads.asterisk.org/pub/security/AST-2021-005.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29196 CVE-2021-3402 @@ -15641,6 +15643,7 @@ CVE-2020-35777 (NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by comma NOT-FOR-US: Netgear CVE-2020-35776 (A buffer overflow in res_pjsip_diversion.c in Sangoma Asterisk version ...) - asterisk 1:16.16.1~dfsg-1 (bug #983158) + [stretch] - asterisk (Minor issue) NOTE: https://downloads.asterisk.org/pub/security/AST-2021-001.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29227 CVE-2020-35775 (CITSmart before 9.1.2.23 allows LDAP Injection. ...) @@ -16475,7 +16478,7 @@ CVE-2021-21239 (PySAML2 is a pure python implementation of SAML Version 2 Standa NOTE: https://github.com/IdentityPython/pysaml2/commit/751dbf50a51131b13d55989395f9b115045f9737 CVE-2021-21238 (PySAML2 is a pure python implementation of SAML Version 2 Standard. Py ...) - python-pysaml2 6.5.1-1 (bug #980773) - [stretch] - python-pysaml2 (python3-xmlschema not available in stretch for fix) + [stretch] - python-pysaml2 (python3-xmlschema not available in stretch for fix) NOTE: https://github.com/IdentityPython/pysaml2/security/advisories/GHSA-f4g9-h89h-jgv9 NOTE: https://github.com/IdentityPython/pysaml2/commit/3b707723dcf1bf60677b424aac398c0c3557641d CVE-2021-21237 (Git LFS is a command line extension for managing large files with Git. ...) @@ -18644,6 +18647,7 @@ CVE-2021-20329 RESERVED CVE-2021-20328 (Specific versions of the Java driver that support client-side field le ...) - mongo-java-driver + [stretch] - mongo-java-driver (Minor issue) NOTE: https://jira.mongodb.org/browse/JAVA-4017 NOTE: https://github.com/mongodb/mongo-java-driver/commit/60d87d5a76645a331a77ccc45ef7c67aac88b234 CVE-2021-20327 (A specific version of the Node.js mongodb-client-encryption module doe ...) @@ -19104,6 +19108,7 @@ CVE-2021-20201 [Client initiated renegotiation denial of service] RESERVED - spice (bug #983698) [buster] - spice (Minor issue) + [stretch] - spice (Minor issue) NOTE: https://gitlab.freedesktop.org/spice/spice/-/issues/49 NOTE: https://gitlab.freedesktop.org/spice/spice/-/commit/ca5bbc5692e052159bce1a75f55dc60b36078749 NOTE: https://gitlab.freedesktop.org/spice/spice/-/commit/95a0cfac8a1c8eff50f05e65df945da3bb501fc9 @@ -31467,6 +31472,7 @@ CVE-2020-27224 (In Eclipse Theia versions up to and including 1.2.0, the Markdow NOT-FOR-US: Eclipse Theia CVE-2020-27223 (In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0 ...) - jetty9 9.4.38-1 + [stretch] - jetty9 (Minor issue) NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128 NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7 CVE-2020-27222 (In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based ( ...) @@ -38132,6 +38138,7 @@ CVE-2020-24393 (TweetStream 2.6.1 uses the library eventmachine in an insecure w NOT-FOR-US: TweetStream CVE-2020-24392 (In voloko twitter-stream 0.1.10, missing TLS hostname validation allow ...) - ruby-twitter-stream + [stretch] - ruby-twitter-stream (Minor issue) NOTE: https://securitylab.github.com/advisories/GHSL-2020-097-voloko-twitter-stream CVE-2020-24391 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c220ce4b2c4e79fe5bf698336c243b868194d03c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c220ce4b2c4e79fe5bf698336c243b868194d03c You're receiving this email because of your account on salsa.debian.org.
[Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 38c02cf1 by Abhijith PA at 2021-03-06T14:13:22+05:30 Stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -262,6 +262,7 @@ CVE-2021-27928 RESERVED CVE-2021-27927 (In Zabbix before 4.0.28rc1, 5.x before 5.0.8rc1, 5.1.x and 5.2.x befor ...) - zabbix 1:5.0.8+dfsg-1 + [stretch] - zabbix (minor issue) NOTE: https://support.zabbix.com/browse/ZBX-18942 CVE-2021-27926 RESERVED @@ -287,6 +288,7 @@ CVE-2021-27918 CVE-2021-3420 (A flaw was found in newlib in versions prior to 4.0.0. Improper overfl ...) - newlib (bug #984446) [buster] - newlib (Minor issue) + [stretch] - newlib (Minor issue) - picolibc 1.5-1 - libnewlib-nano (bug #984424) [buster] - libnewlib-nano (Minor issue) @@ -19477,11 +19479,13 @@ CVE-2020-35525 CVE-2020-35524 [Heap-based buffer overflow in TIFF2PDF tool] RESERVED - tiff 4.1.0+git201212-1 + [stretch] - tiff (can be fixed along in next DLA) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/7be2e452ddcf6d7abca88f41d3761e6edab72b22 NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/159 CVE-2020-35523 [Integer overflow in tif_getimage.c] RESERVED - tiff 4.1.0+git201212-1 + [stretch] - tiff (can be fixed along in next DLA) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/c8d613ef497058fe653c467fc84c70a62a4a71b2 NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/160 CVE-2020-35522 [Memory allocation failure in tif_pixarlog.c] @@ -26266,6 +26270,7 @@ CVE-2020-28497 RESERVED CVE-2020-28496 (This affects the package three before 0.125.0. This can happen when ha ...) - three.js + [stretch] - three.js (can be fixed along in next DLA) NOTE: https://github.com/mrdoob/three.js/pull/21143/commits/4a582355216b620176a291ff319d740e619d583e NOTE: https://github.com/mrdoob/three.js/issues/21132 CVE-2020-28495 (This affects the package total.js before 3.4.7. The set function can b ...) @@ -31175,6 +31180,7 @@ CVE-2020-27353 CVE-2020-27352 RESERVED - snapd 2.49-1 + [stretch] - snapd (Minor issue) NOTE: https://ubuntu.com/security/notices/USN-4728-1 NOTE: https://github.com/docker-snap/docker-snap/security/advisories/GHSA-798c-v3jq-h646 NOTE: https://bugs.launchpad.net/snapd/+bug/1910456 = data/dla-needed.txt = @@ -67,6 +67,8 @@ libebml (Thorsten Alteholz) libupnp NOTE: 20210302: since utkarsh working wpa, might want to handle this as well ? (abhijith) -- +libcaca (Abhijith PA) +-- linux (Ben Hutchings) -- linux-4.19 (Ben Hutchings) @@ -117,6 +119,8 @@ shiro NOTE: 20201004: Sent additional request to upstream dev list; stil no response. (roberto) NOTE: 20201220: Upstream has responded. Working with them to backport fixes. (roberto) -- +smarty3 (Abhijith PA) +-- spotweb NOTE: 20201220: The affected code uses string concatenation to construct a SQL query. NOTE: 20201220: Upstream's "fix" is to blacklist all the "bad" SQL commands. (roberto) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38c02cf161216beb63ec5f43bbecc228d16cd9c1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38c02cf161216beb63ec5f43bbecc228d16cd9c1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 15c99ffc by Abhijith PA at 2021-03-02T13:19:11+05:30 Stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -3516,6 +3516,7 @@ CVE-2018-25005 RESERVED CVE-2018-25004 (A user authorized to performing a specific type of query may trigger a ...) - mongodb + [stretch] - mongodb (https://lists.debian.org/debian-lts/2020/11/msg00058.html) NOTE: https://jira.mongodb.org/browse/SERVER-38275 CVE-2021-3345 (_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9. ...) [experimental] - libgcrypt20 1.9.1-1 (bug #981370) @@ -77569,6 +77570,7 @@ CVE-2020-7930 RESERVED CVE-2020-7929 (A user authorized to perform database queries may trigger denial of se ...) - mongodb + [stretch] - mongodb (https://lists.debian.org/debian-lts/2020/11/msg00058.html) NOTE: https://jira.mongodb.org/browse/SERVER-51083 CVE-2020-7928 (A user authorized to perform database queries may trigger a read overr ...) - mongodb = data/dla-needed.txt = @@ -69,6 +69,9 @@ jackson-dataformat-cbor (Abhijith PA) libebml (Thorsten Alteholz) NOTE: 20210221: testing package -- +libupnp + NOTE: 20210302: since utkarsh working wpa, might want to handle this as well ? (abhijith) +-- linux (Ben Hutchings) -- linux-4.19 (Ben Hutchings) @@ -132,6 +135,10 @@ spotweb subversion (Thorsten Alteholz) NOTE: 20210221: solving build problems -- +tomcat7 +-- +tomcat8 +-- wpa (Utkarsh) -- xmlbeans (Roberto C. Sánchez) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/15c99ffcd4b7e27977bae1d8a99f71e9c0a28e67 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/15c99ffcd4b7e27977bae1d8a99f71e9c0a28e67 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 47e7d5a4 by Abhijith PA at 2020-10-11T19:22:58+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -1653,6 +1653,7 @@ CVE-2020-26159 (In Oniguruma 6.9.5_rev1, an attacker able to supply a regular ex CVE-2019-20922 (Handlebars before 4.4.5 allows Regular Expression Denial of Service (R ...) - node-handlebars 3:4.7.2-1 - libjs-handlebars + [stretch] - libjs-handlebars (Only reverse depends was diaspora which not in stretch) NOTE: https://github.com/handlebars-lang/handlebars.js/commit/8d5530ee2c3ea9f0aee3fde310b9f36887d00b8b NOTE: https://snyk.io/vuln/SNYK-JS-HANDLEBARS-480388 NOTE: https://www.npmjs.com/advisories/1300 @@ -1661,6 +1662,7 @@ CVE-2019-20921 (bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS) CVE-2019-20920 (Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ...) - node-handlebars 3:4.5.3-1 - libjs-handlebars + [stretch] - libjs-handlebars (Only reverse depends was diaspora which not in stretch) NOTE: https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478 NOTE: https://www.npmjs.com/advisories/1316 NOTE: https://www.npmjs.com/advisories/1324 = data/dla-needed.txt = @@ -74,6 +74,8 @@ golang-1.7 -- golang-1.8 -- +golang-github-dgrijalva-jwt-go +-- golang-golang-x-net-dev -- guacamole-server (Markus Koschany) @@ -87,6 +89,8 @@ jupyter-notebook lemonldap-ng NOTE: 20200910: Released a DLA for CVE-2020-24660 a few days ago, so could defer. (lamby) -- +kdeconnect +-- libonig (Markus Koschany) NOTE: 20201002: Fix for CVE-2020-26159 is too trivial. Besides that, please consider NOTE: 20201002: fixing other errors mentioned in https://github.com/kkos/oniguruma/issues/207 @@ -116,8 +120,13 @@ php-horde-trean NOTE: 20200829: Reconsidering CVE-2019-12095 and what has been written in https://bugs.horde.org/ticket/14926 (sunweaver) NOTE: 20200829: We may not expect too much activity regarding this by upstream. (sunweaver) -- +phpmyadmin (Abhijith PA) +-- python3.5 (Thorsten Alteholz) -- +pluxml + NOTE: 20201011: issue is still open upstream. Also low priority for us (abhijith) +-- qtsvg-opensource-src (Adrian Bunk) -- reel View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47e7d5a422a065693233318b1817832d77faf5c8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47e7d5a422a065693233318b1817832d77faf5c8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 33833a83 by Abhijith PA at 2020-10-07T15:39:55+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -495,16 +495,19 @@ CVE-1999-0199 (manual/search.texi in the GNU C Library (aka glibc) before 2.2 la CVE-2020-26572 (The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a ...) - opensc [buster] - opensc (Minor issue) + [stretch] - opensc (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22967 NOTE: https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817 CVE-2020-26571 (The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 ...) - opensc [buster] - opensc (Minor issue) + [stretch] - opensc (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20612 TODO: check, unclear fixing commit CVE-2020-26570 (The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 ha ...) - opensc [buster] - opensc (Minor issue) + [stretch] - opensc (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24316 NOTE: https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e CVE-2020-26569 = data/dla-needed.txt = @@ -170,6 +170,10 @@ slirp NOTE: CVE-2020-7039 to be applied patched first, as they both patch NOTE: the same lines of code in tcp_subr.c (bam). -- +spice +-- +spice-gtk +-- sympa (Sylvain Beucler) NOTE: 20200525: Incomplete patch. Not the complete patch is made public. (utkarsh) NOTE: 20200525: But that is weird, given their announcement. (utkarsh) @@ -188,6 +192,8 @@ thunderbird (Emilio) tinymce (Abhijith PA) NOTE: 20201003: relevant commits are hard to chase down (abhijith) -- +wireshark +-- xcftools NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for upstream review (hle) NOTE: 20200414: Flurry of activity on/around 20200401 essentially rejecting original patch View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33833a8339dc954c8771f0d6f457b8338ea6f1b5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33833a8339dc954c8771f0d6f457b8338ea6f1b5 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 8a1de3da by Abhijith PA at 2020-08-08T19:17:05+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -3703,8 +3703,10 @@ CVE-2019-20907 (In Lib/tarfile.py in Python through 3.8.3, an attacker is able t - python3.7 (low) [buster] - python3.7 3.7.3-2+deb10u2 - python3.5 (low) + [stretch] - python3.5 (Minor issue, can be fixed in next DLA) - python2.7 (low) [buster] - python2.7 (Minor issue) + [stretch] - python2.7 (Minor issue, can be fixed in next DLA) NOTE: https://bugs.python.org/issue39017 NOTE: https://github.com/python/cpython/commit/5a8d121a1f3ef5ad7c105ee378cc79a3eac0c7d4 (master) NOTE: https://github.com/python/cpython/commit/f3232294ee695492f43d424cc6969d018d49861d (3.9-branch) @@ -5055,6 +5057,7 @@ CVE-2020-15118 (In Wagtail before versions 2.7.4 and 2.9.3, when a form page typ NOT-FOR-US: Wagtail CVE-2020-15117 (In Synergy before version 1.12.0, a Synergy server can be crashed by r ...) - synergy + [stretch] - synergy (minor issue, low priority) NOTE: https://github.com/symless/synergy-core/commit/0a97c2be0da2d0df25cb86dfd642429e7a8bea39 NOTE: https://github.com/symless/synergy-core/security/advisories/GHSA-chfm-333q-gfpp CVE-2020-15116 @@ -26194,6 +26197,7 @@ CVE-2020-7238 (Netty 4.1.43.Final allows HTTP Request Smuggling because it misha {DLA-2110-1 DLA-2109-1} - netty 1:4.1.45-1 (bug #950967) - netty-3.9 + [stretch] - netty-3.9 (CVE-2019-16869 not fixed for stretch) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1796225 NOTE: https://github.com/jdordonezn/CVE-2020-72381/issues/1 NOTE: Issue exists because of incomplete fix for CVE-2019-16869. = data/dla-needed.txt = @@ -21,6 +21,9 @@ ansible NOTE: 20200508: bam: Upstream fix was reverted - https://github.com/ansible/ansible/pull/68983 NOTE: 20200508: bam: See https://github.com/ansible/ansible/issues/67794 -- +apache2 + NOTE: 20200808: Seems affected by CVE-2020-9490, CVE-2020-11993 +-- ark (Abhijith PA) NOTE: 20200731: given PoC not working as intended. (abhijith) NOTE: 20200801: though testing with other PoC's available over internet seems exploitable (abhijith) @@ -140,6 +143,8 @@ wordpress NOTE: 20200710: in 4.1.31+dfsg-0+deb8u1 in jessie LTS, yet does not seem that NOTE: 20200710: it was vulnerable to begin with. (lamby) -- +wpa +-- xcftools NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for upstream review (hle) NOTE: 20200414: Flurry of activity on/around 20200401 essentially rejecting original patch View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a1de3da649e30b5dae1948dde37bd2352107793 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8a1de3da649e30b5dae1948dde37bd2352107793 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 841eed29 by Abhijith PA at 2020-08-06T10:55:55+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -15120,6 +15120,7 @@ CVE-2020-11558 (An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstra - gpac [buster] - gpac (Minor issue) [jessie] - gpac (Vulnerable code not present and not reproducible) + [stretch] - gpac (Minor issue) NOTE: https://github.com/gpac/gpac/commit/6063b1a011c3f80cee25daade18154e15e4c058c NOTE: https://github.com/gpac/gpac/issues/1440 CVE-2020-11557 (An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 20 ...) @@ -20581,6 +20582,7 @@ CVE-2020-9488 (Improper validation of certificate with host mismatch in Apache L - apache-log4j2 (bug #959450) [buster] - apache-log4j2 (Minor issue) [jessie] - apache-log4j2 (Minor issue; set mail.smtp.ssl.checkserveridentity to true to enable hostname verification) + [stretch] - apache-log4j2 (Minor issue; set mail.smtp.ssl.checkserveridentity to true to enable hostname verification) NOTE: https://www.openwall.com/lists/oss-security/2020/04/25/1 NOTE: https://issues.apache.org/jira/browse/LOG4J2-2819 NOTE: https://gitbox.apache.org/repos/asf?p=logging-log4j2.git;h=6851b5083ef9610bae320bf07e1f24d2aa08851b (release-2.x) = data/dla-needed.txt = @@ -72,6 +72,8 @@ gupnp (Emilio) imagemagick NOTE: 20200713: Ongoing work -- +inetutils +-- jruby (Adrian Bunk) NOTE: 20200706: all open CVEs were fixed in jessie (Beuc) -- @@ -82,6 +84,8 @@ linux (Ben Hutchings) -- linux-4.9 (Ben Hutchings) -- +lucene-solr +-- mumble NOTE: 20200325: Regression in last upload, forgot to follow up. NOTE: 20200325: https://github.com/mumble-voip/mumble/issues/3605 (abhijith) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/841eed29f053643c3111f641ccd691b112c2bdd8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/841eed29f053643c3111f641ccd691b112c2bdd8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 98f146be by Abhijith PA at 2020-08-02T10:15:57+05:30 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -739,6 +739,7 @@ CVE-2020-15918 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities were NOT-FOR-US: Mida eFramework CVE-2020-15917 (common/session.c in Claws Mail before 3.17.6 has a protocol violation ...) - claws-mail 3.17.6-1 + [stretch] - claws-mail (low priority issue) NOTE: https://git.claws-mail.org/?p=claws.git;a=commit;h=fcc25329049b6f9bd8d890f1197ed61eb12e14d5 CVE-2020-15916 (goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices a ...) NOT-FOR-US: Tenda devices @@ -4657,6 +4658,7 @@ CVE-2020-14348 CVE-2020-14347 [X Server Pixel Data Uninitialized Memory Information Disclosure] RESERVED - xorg-server + [stretch] - xorg-server (Minor issue, can be fixed along in next release) NOTE: https://lists.x.org/archives/xorg-announce/2020-July/003051.html NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/aac28e162e5108510065ad4c323affd6deffd816 CVE-2020-14346 @@ -14034,6 +14036,7 @@ CVE-2020-11062 (In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS oc NOTE: Only supported behind an authenticated HTTP zone CVE-2020-11061 (In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and ...) - bareos (bug #965985) + [stretch] - bareos (minor issue, low priority) NOTE: https://github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4 CVE-2020-11060 (In GLPI before 9.4.6, an attacker can execute system commands by abusi ...) - glpi (unimportant) @@ -31638,6 +31641,7 @@ CVE-2020-4043 (phpMussel from versions 1.0.0 and less than 1.6.0 has an unserial NOT-FOR-US: phpMussel CVE-2020-4042 (Bareos before version 19.2.8 and earlier allows a malicious client to ...) - bareos (bug #965985) + [stretch] - bareos (minor issue, low priority) NOTE: https://github.com/bareos/bareos/security/advisories/GHSA-vqpj-2vhj-h752 CVE-2020-4041 (In Bolt CMS before version 3.7.1, the filename of uploaded files was v ...) NOT-FOR-US: Bolt CMS = data/dla-needed.txt = @@ -52,6 +52,8 @@ condor (Roberto C. Sánchez) NOTE: 20200712: Requested input on path forward from debian-lts@l.d.o (roberto) NOTE: 20200727: Waiting on maintainer feedback: https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto) -- +evolution-data-server +-- firefox-esr (Emilio) NOTE: 20200720: working on ESR 78 backport. (Emilio) -- @@ -73,6 +75,8 @@ jruby (Adrian Bunk) jupyter-notebook NOTE: 20200711: Vulnerable to (at least) CVE-2018-19351. (lamby) -- +libx11 +-- linux (Ben Hutchings) -- linux-4.9 (Ben Hutchings) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98f146be45839b3b897b79544f48b8f6f97bc24f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98f146be45839b3b897b79544f48b8f6f97bc24f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: a04d0d85 by Abhijith PA at 2020-07-31T12:37:48+05:30 stretch triage - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -21,6 +21,8 @@ ansible NOTE: 20200508: bam: Upstream fix was reverted - https://github.com/ansible/ansible/pull/68983 NOTE: 20200508: bam: See https://github.com/ansible/ansible/issues/67794 -- +ark (Abhijith PA) +-- cacti NOTE: 20200529: A patch need to be cooked up. Upstream patch not fit for jessie version (abhijith) NOTE: 20200620: WIP (abhijith) @@ -109,6 +111,8 @@ puma -- python2.7 (Thorsten Alteholz) -- +ruby-kramdown (Abhijith PA) +-- ruby-zip NOTE: 20200710: Vulnerable to at least CVE-2018-1000544. (lamby) NOTE: 20200710: Was fixed in jessie LTS via DLA-1467-1. (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a04d0d8503f2be5402253aed087a988d3007481a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a04d0d8503f2be5402253aed087a988d3007481a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6d60ccf9 by Moritz Muehlenhoff at 2019-06-03T20:20:16Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -318,6 +318,7 @@ CVE-2019-12451 RESERVED CVE-2019-12450 (file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 ...) - glib2.0 (bug #929753) + [stretch] - glib2.0 (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174 CVE-2019-12449 (An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gv ...) - gvfs (bug #929755) @@ -889,8 +890,10 @@ CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625 CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4620 TODO: check details and correct vulnerability location @@ -904,8 +907,10 @@ CVE-2019-12217 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626 CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2-image + [stretch] - libsdl2-image (Minor issue) [jessie] - libsdl2-image (Minor issue) - sdl-image1.2 + [stretch] - sdl-image1.2 (Minor issue) [jessie] - sdl-image1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4619 TODO: check details and correct vulnerability location @@ -3752,7 +3757,8 @@ CVE-2019-11039 [Out-of-bounds read in iconv.c:_php_iconv_mime_decode() due to in NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78069 CVE-2019-11038 [Uninitialized read in gdImageCreateFromXbm] RESERVED - - libgd2 (bug #929821) + - libgd2 (low; bug #929821) + [stretch] - libgd2 (Minor issue) - php7.3 7.3.6-1 (unimportant) - php7.0 (unimportant) - php5 (unimportant) @@ -11369,6 +11375,7 @@ CVE-2019-8340 RESERVED CVE-2019-8339 (An issue was discovered in Falco through 0.14.0. A missing indicator f ...) - sysdig + [stretch] - sysdig (Minor issue) CVE-2019-8338 (The signature verification routine in the Airmail GPG-PGP Plugin, vers ...) NOT-FOR-US: Airmail CVE-2019-8336 (HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a c ...) @@ -29849,12 +29856,14 @@ CVE-2018-19666 (The agent in OSSEC through 3.1.0 on Windows allows local users t - ossec-hids (bug #361954) CVE-2018-19665 (The Bluetooth subsystem in QEMU mishandles negative values for length ...) - qemu 1:3.1+dfsg-2 (low; bug #916278) - [stretch] - qemu (Revisit when final upstream patch is out) + [stretch] - qemu (Minor issue) [jessie] - qemu (Revisit when final upstream patch is out) - qemu-kvm NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg03570.html NOTE: note that previously mentioned patch will never be merged by upstream, see NOTE: https://lists.debian.org/debian-lts/2019/01/msg00073.html + NOTE: 3.1 marked bluetooth subsystem as unused/deprecated, will most likely be removed: + NOTE: https://github.com/qemu/qemu/commit/c0188e69d CVE-2018-19664 (libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel ...) - libjpeg-turbo (Vulnerable code introduced later) NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/305 @@ -145880,7 +145889,8 @@ CVE-2016-7153 (The HTTP/2 protocol does not consider the role of the TCP congest CVE-2016-7152 (The HTTPS protocol does not consider the role of the TCP congestion wi ...) NOTE: CVE assigned for the HTTP/2 protocol issue CVE-2016-7151 (Capstone 3.0.4 has an out-of-bounds vulnerability (SEGV caused by a re ...) - - capstone + - capstone (low) + [stretch] - capstone (Minor issue) [jessie] - capstone (Vulnerable code not present) NOTE: https://github.com/aquynh/capstone/commit/87a25bb543c8e4c09b48d4b4a6c7db31ce58df06 (4.0-alpha4) NOTE: https://github.com/aquynh/capstone/pull/725 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d60ccf93e51597dbb0a7d56689aa0d2801c241d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d60ccf93e51597dbb0a7d56689aa0d2801c241d You're receiving this email because of your
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 562f23ce by Moritz Muehlenhoff at 2019-05-26T09:02:57Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -76,7 +76,8 @@ CVE-2019-12297 (An issue was discovered in scopd on Motorola routers CX2 1.01 an CVE-2019-12296 RESERVED CVE-2019-12295 (In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the ...) - - wireshark (bug #929446) + - wireshark (low; bug #929446) + [stretch] - wireshark (Minor issue) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7b6e197da4c497e229ed3ebf6952bae5c426a820 NOTE: https://www.wireshark.org/security/wnpa-sec-2019-19.html @@ -3591,6 +3592,7 @@ CVE-2019-10872 (An issue was discovered in Poppler 0.74.0. There is a heap-based [buster] - poppler (Revisit when fixed upstream) [stretch] - poppler (Revisit when fixed upstream) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/750 + NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/6a1580e84f492b5671d23be98192267bb73de250 CVE-2019-10871 (An issue was discovered in Poppler 0.74.0. There is a heap-based buffe ...) - poppler (low; bug #926529) [buster] - poppler (Revisit when fixed upstream) @@ -12259,6 +12261,7 @@ CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0 [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497 NOTE: https://hg.libsdl.org/SDL/rev/9b0e5c555c0f + NOTE: Patch causes regressions for some applications/games: https://bugzilla.novell.com/show_bug.cgi?id=1124825 CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...) {DLA-1714-1 DLA-1713-1} - libsdl1.2 (bug #924609) @@ -12267,7 +12270,7 @@ CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0 [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499 NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2) - NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf + NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf (SDL-2) CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...) {DLA-1714-1 DLA-1713-1} - libsdl1.2 (bug #924609) @@ -12282,9 +12285,8 @@ CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0 [jessie] - libsdl2-image (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498 NOTE: https://hg.libsdl.org/SDL/rev/7c643f1c1887 (SDL-2) - NOTE: https://hg.libsdl.org/SDL/rev/7c643f1c1887 (SDL-1.2) - NOTE: https://hg.libsdl.org/SDL/rev/08f3b4992538 (SDL-1.2) - NOTE: https://hg.libsdl.org/SDL/rev/4646533663ae (SDL-1.2) + NOTE: https://hg.libsdl.org/SDL/rev/08f3b4992538 (SDL-1.2) (correct) + NOTE: https://hg.libsdl.org/SDL/rev/4646533663ae (SDL-1.2) (broken) NOTE: https://hg.libsdl.org/SDL_image/rev/03bd33e8cb49 (SDL_image-2) CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for Bo ...) NOT-FOR-US: BoKS View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/562f23ceb8bb0b9909ed8b779528dee49205dd4a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/562f23ceb8bb0b9909ed8b779528dee49205dd4a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 8ff9be23 by Moritz Muehlenhoff at 2019-05-22T21:27:37Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -135,22 +135,30 @@ CVE-2019-12223 RESERVED CVE-2019-1 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2 + [stretch] - libsdl2 (Minor issue) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4621 TODO: check details and correct vulnerability location CVE-2019-12221 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2 + [stretch] - libsdl2 (Minor issue) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4628 TODO: check details and correct vulnerability location CVE-2019-12220 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2 + [stretch] - libsdl2 (Minor issue) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4627 TODO: check details and correct vulnerability location CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2 + [stretch] - libsdl2 (Minor issue) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625 TODO: check details and correct vulnerability location CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) @@ -160,7 +168,9 @@ CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer TODO: check details and correct vulnerability location CVE-2019-12217 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) - libsdl2 + [stretch] - libsdl1.2 (Minor issue) - libsdl1.2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626 TODO: check details and correct vulnerability location CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...) @@ -2265,10 +2275,13 @@ CVE-2019-11340 (util/emailutils.py in Matrix Sydent before 1.0.2 mishandles regi NOT-FOR-US: Matrix Sydent CVE-2019-11339 (The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 ...) - ffmpeg 7:4.1.3-1 + [stretch] - ffmpeg (Vulnerable code not present) + - libav (Vulnerable code not present) NOTE: https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb NOTE: https://github.com/FFmpeg/FFmpeg/commit/d227ed5d598340e719eff7156b1aa0a4469e9a6a CVE-2019-11338 (libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate ...) - ffmpeg 7:4.1.3-1 + - libav NOTE: https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e CVE-2019-11337 RESERVED @@ -7008,14 +7021,15 @@ CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 4.1 allows - ffmpeg 7:4.1.3-1 (bug #92) [stretch] - ffmpeg (Vulnerable code not present) NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65 + - libav CVE-2019-9720 RESERVED CVE-2019-9719 RESERVED CVE-2019-9718 (In FFmpeg 4.1, a denial of service in the subtitle decoder allows atta ...) - ffmpeg 7:4.1.3-1 (low; bug #92) - [stretch] - ffmpeg (Wait until fixed in 3.2.x release) NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982 + - libav CVE-2019-9717 RESERVED CVE-2019-9716 @@ -12879,6 +12893,7 @@ CVE-2019-116 (FFMPEG version 4.1 contains a CWE-129: Improper Validation of - ffmpeg 7:4.1.1-1 (low; bug #922066) [stretch] - ffmpeg (Vulnerable code not present) NOTE: https://github.com/FFmpeg/FFmpeg/commit/b97a4b658814b2de8b9f2a3bce491c002d34de31#diff-cd7e24986650014d67f484f3ffceef3f + - libav CVE-2019-115 (Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site S ...) NOT-FOR-US: Chamilo Chamilo-lms CVE-2019-114 (Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracl ...) @@ -22946,15 +22961,15 @@ CVE-2018-20407 (An issue was discovered in Bento4 1.5.1-627. There is a memory l NOT-FOR-US: Bento4 CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a ...) {DLA-1663-1} - - python3.7 3.7.0-7 - - python3.6 3.6.7~rc1-1 - - python3.5
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c51aa39a by Moritz Muehlenhoff at 2019-05-09T20:12:06Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -570,11 +570,15 @@ CVE-2019-11599 (The coredump implementation in the Linux kernel before 5.0.10 do NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1790 CVE-2019-11598 (In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in ...) - imagemagick (bug #928206) + [stretch] - imagemagick (Fix along in next DSA) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1540 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e2a21735e3a3f3930bd431585ec36334c4c2eb77 CVE-2019-11597 (In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in ...) - imagemagick (bug #928207) + [stretch] - imagemagick (Fix along in next DSA) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1555 + NOTE: https://github.com/ImageMagick/ImageMagick6/commit/1d6c036f0388d7857c725342f7212b60e39a14c1 + NOTE: https://github.com/ImageMagick/ImageMagick6/commit/c979b348d64a25a04f12ea7fe7888b2b23f230a7 CVE-2019-11596 (In memcached before 1.5.14, a NULL pointer dereference was found in th ...) - memcached (bug #928205) [stretch] - memcached (Vulnerable code introduced later) @@ -794,10 +798,12 @@ CVE-2019-11505 (In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8 CVE-2019-11504 (Zotonic before version 0.47 has mod_admin XSS. ...) NOT-FOR-US: Zotonic CVE-2019-11503 (snap-confine as included in snapd before 2.39 did not guard against sy ...) - - snapd (bug #928052) + - snapd (low; bug #928052) + [stretch] - snapd (Minor issue) NOTE: https://github.com/snapcore/snapd/pull/6642 CVE-2019-11502 (snap-confine in snapd before 2.38 incorrectly set the ownership of a s ...) - - snapd (bug #928052) + - snapd (low; bug #928052) + [stretch] - snapd (Minor issue) NOTE: https://github.com/snapcore/snapd/commit/bdbfeebef03245176ae0dc323392bb0522a339b1 CVE-2017-18367 (libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR ...) - golang-github-seccomp-libseccomp-golang 0.9.0-2 (bug #927981) @@ -1910,6 +1916,7 @@ CVE-2019-11037 (In PHP imagick extension in versions between 3.3.0 and 3.4.4, wr CVE-2019-11036 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...) - php7.3 (bug #928421) - php7.0 + [stretch] - php7.0 (Fix along in future update) - php5 NOTE: Fixed in 7.1.29, 7.2.18, 7.3.5 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77950 @@ -6083,6 +6090,7 @@ CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: NOTE: https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html NOTE: https://github.com/python/cpython/commit/daad2c482c91de32d8305abbccc76a5de8b3a8be (3.7.x) NOTE: https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5 (2.7.x) + NOTE: Regression fix: https://bugs.python.org/issue36742 CVE-2019-9635 (NULL pointer dereference in Google TensorFlow before 1.12.2 could caus ...) - tensorflow (bug #804612) CVE-2019-1003039 (An insufficiently protected credentials vulnerability exists in Jenkin ...) = data/dsa-needed.txt = @@ -17,14 +17,18 @@ If needed, specify the release by adding a slash after the name of the source pa -- bind9 -- +drupal7 +-- evolution -- faad2 not yet fixed upstream -- -ffmpeg +ffmpeg (jmm) ping upstream for 3.2.14 release catching up with recent issues -- +ghostscript +-- glusterfs -- graphicsmagick @@ -44,6 +48,10 @@ nss -- openjdk-8 -- +python2.7 (jmm) +-- +python3.5 (jmm) +-- simplesamlphp -- smarty3 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c51aa39a4eb35afae9bf815ba255a48f0a23ecf5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c51aa39a4eb35afae9bf815ba255a48f0a23ecf5 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f34b74da by Moritz Muehlenhoff at 2019-05-06T17:59:07Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2174,10 +2174,11 @@ CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer overflow in CDataFileRea NOTE: https://github.com/teeworlds/teeworlds/issues/2070 NOTE: https://github.com/teeworlds/teeworlds/commit/4d529dcd2d01022e979ebfa0b91167dee37cdb8e CVE-2019-10878 (In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader: ...) - - teeworlds 0.7.2-4 (bug #927152) + - teeworlds 0.7.2-5 (bug #927152) [jessie] - teeworlds (Not supported in jessie LTS) NOTE: https://github.com/teeworlds/teeworlds/issues/2073 NOTE: https://github.com/teeworlds/teeworlds/commit/e086f4b35b1adf7edc35b4ad332dc7ed1edc5988 + NOTE: https://github.com/teeworlds/teeworlds/commit/cc3d59ae706752956d6cb8acc4187c8398b61c5c CVE-2019-10877 (In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in en ...) - teeworlds 0.7.2-4 (bug #927152) [jessie] - teeworlds (Not supported in jessie LTS) @@ -16314,7 +16315,8 @@ CVE-2019-5431 CVE-2019-5430 RESERVED CVE-2019-5429 (Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacke ...) - - filezilla (bug #928282) + - filezilla (low; bug #928282) + [stretch] - filezilla (Minor issue) NOTE: https://svn.filezilla-project.org/filezilla?revision=9097=revision NOTE: https://www.tenable.com/security/research/tra-2019-14 CVE-2019-5428 @@ -31354,6 +31356,7 @@ CVE-2019-0224 (In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL cou - jspwiki CVE-2019-0223 (While investigating bug PROTON-2014, we discovered that under some cir ...) - qpid-proton 0.22.0-1 + [stretch] - qpid-proton (Minor issue) NOTE: https://issues.apache.org/jira/browse/PROTON-2014 NOTE: https://qpid.apache.org/cves/CVE-2019-0223.html NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=97c7733 @@ -31474,6 +31477,7 @@ CVE-2019-0188 RESERVED CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in distributed mod ...) - jakarta-jmeter + [stretch] - jakarta-jmeter (Minor issue) [jessie] - jakarta-jmeter (Minor issue) NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743 CVE-2019-0186 (The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 an ...) @@ -32142,6 +32146,7 @@ CVE-2018-19106 (Avi Vantage before 17.2.13 uses an invalid URL encoding during a CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0 ...) {DLA-1776-1} - librecad (bug #928477) + [stretch] - librecad (Minor issue) NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html NOTE: https://github.com/LibreCAD/LibreCAD/issues/1038 NOTE: Fixed by https://github.com/LibreCAD/LibreCAD/commit/6da7cc5f7f31afb008f03dbd11e07207ccd82085 @@ -37060,8 +37065,10 @@ CVE-2018-17203 REJECTED CVE-2018-17202 RESERVED + NOTE: Apache Commons Imaging CVE-2018-17201 RESERVED + NOTE: Apache Commons Imaging CVE-2018-17200 RESERVED CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f34b74dab39049f2430ec605536cd54982d4eba4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f34b74dab39049f2430ec605536cd54982d4eba4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 5f12af71 by Moritz Muehlenhoff at 2019-04-29T17:00:18Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -182,7 +182,8 @@ CVE-2019-11500 CVE-2019-11499 RESERVED CVE-2019-11498 (WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack t ...) - - wavpack 5.1.0-6 (bug #927903) + - wavpack 5.1.0-6 (low; bug #927903) + [stretch] - wavpack (Minor issue) NOTE: https://github.com/dbry/WavPack/issues/67 NOTE: https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4 CVE-2019-11497 @@ -1582,6 +1583,7 @@ CVE-2019-10907 (Airsonic 10.2.1 uses Spring's default remember-me mechanism base NOT-FOR-US: Airsonic CVE-2016-10745 (In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. ...) - jinja2 2.9.4-1 + [stretch] - jinja2 (Minor issue) NOTE: Fixed by: https://github.com/pallets/jinja/commit/9b53045c34e61013dc8f09b7e52a555fa16bed16 NOTE: Followup bugfix: https://github.com/pallets/jinja/commit/74bd64e56387f5b2931040dc7235a3509cde1611 CVE-2019-10906 (In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape ...) @@ -15791,7 +15793,8 @@ CVE-2019-5429 CVE-2019-5428 REJECTED CVE-2019-5427 (c3p0 version 0.9.5.4 may be exploited by a billion laughs attack ...) - - c3p0 (bug #927936) + - c3p0 (low; bug #927936) + [stretch] - c3p0 (Minor issue) [jessie] - c3p0 (Minor issue) NOTE: https://hackerone.com/reports/509315 NOTE: Fixed by: https://github.com/swaldman/c3p0/commit/f38f27635c384806c2a9d6500d80183d9f09d78b @@ -18937,6 +18940,7 @@ CVE-2019-3890 RESERVED [experimental] - evolution-ews 3.31.90-1 - evolution-ews (bug #926712) + [stretch] - evolution-ews (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/issues/27 NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/issues/36 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1678313 @@ -35929,13 +35933,15 @@ CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There is NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims NOTE: https://jira.hdfgroup.org/browse/HDFFV-10589 CVE-2018-17438 (A SIGFPE signal is raised in the function H5D__select_io() of H5Dselec ...) - - hdf5 + - hdf5 (low) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect NOTE: https://jira.hdfgroup.org/browse/HDFFV-10587 NOTE: fix in develop branch: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/7add52ff4f2443357648d53d52add274d1b18b5f CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in ...) [experimental] - hdf5 1.10.5+repack-1~exp1 - - hdf5 + - hdf5 (low) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#memory-leak-in-h5o_dtype_decode_helper NOTE: https://jira.hdfgroup.org/browse/HDFFV-10588 NOTE: fixed in 1.10.5, release notes: https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.5/src/hdf5-1.10.5-RELEASE.txt @@ -35949,7 +35955,8 @@ CVE-2018-17435 (A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c NOTE: https://jira.hdfgroup.org/browse/HDFFV-10591 CVE-2018-17434 (A SIGFPE signal is raised in the function apply_filters() of h5repack_ ...) [experimental] - hdf5 1.10.5+repack-1~exp1 - - hdf5 + - hdf5 (low) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_apply_filters_h5repack_filters NOTE: https://jira.hdfgroup.org/browse/HDFFV-10586 NOTE: fixed in 1.10.5, release notes: https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.5/src/hdf5-1.10.5-RELEASE.txt @@ -36380,7 +36387,8 @@ CVE-2018-17239 CVE-2018-17238 RESERVED CVE-2018-17237 (A SIGFPE signal is raised in the function H5D__chunk_set_info_real() o ...) - - hdf5 + - hdf5 (low) + [stretch] - hdf5 (Minor issue) NOTE: https://github.com/SegfaultMasters/covering360/blob/master/HDF5/README.md#divided-by-zero---h5d__chunk_set_info_real_div_by_zero NOTE: https://jira.hdfgroup.org/browse/HDFFV-10571 (not public) NOTE: does not appear in 1.10.5 release notes, but fixed in @@ -36396,14 +36404,16 @@ CVE-2018-17235 (The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp [jessie] - mp4v2
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 7ae96d6a by Moritz Muehlenhoff at 2019-04-24T17:46:45Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -61,7 +61,9 @@ CVE-2019-11473 (coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/5402c5cbd8bd NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/944dcbc457f8 CVE-2019-11472 (ReadXWDImage in coders/xwd.c in the XWD image parsing component of Ima ...) - - imagemagick (bug #927828) + - imagemagick (low; bug #927828) + [buster] - imagemagick (Minor issue) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1546 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4 CVE-2019-11471 (libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_al ...) @@ -69,7 +71,9 @@ CVE-2019-11471 (libheif 1.4.0 has a use-after-free in heif::HeifContext::Image:: NOTE: https://github.com/strukturag/libheif/commit/995a4283d8ed2d0d2c1ceb1a577b993df2f0e014 NOTE: https://github.com/strukturag/libheif/issues/123 CVE-2019-11470 (The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attack ...) - - imagemagick (bug #927830) + - imagemagick (low; bug #927830) + [buster] - imagemagick (Minor issue) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1472 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/a0473b29add9521ffd4c74f6f623b418811762b0 CVE-2018-20822 (LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrol ...) @@ -298,10 +302,12 @@ CVE-2019-11374 (74CMS v5.0.1 has a CSRF vulnerability to add a new admin user vi NOT-FOR-US: 74CMS CVE-2019-11373 (An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer ...) - libmediainfo (low; bug #927672) + [stretch] - libmediainfo (Minor issue) NOTE: https://github.com/MediaArea/MediaInfoLib/pull/ NOTE: https://sourceforge.net/p/mediainfo/bugs/1101/ CVE-2019-11372 (An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test ...) - libmediainfo (low; bug #927672) + [stretch] - libmediainfo (Minor issue) NOTE: https://github.com/MediaArea/MediaInfoLib/pull/ NOTE: https://sourceforge.net/p/mediainfo/bugs/1101/ CVE-2019-11371 (BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow vi ...) @@ -1055,12 +1061,14 @@ CVE-2019-11036 CVE-2019-11035 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...) - php7.3 7.3.4-1 - php7.0 + [stretch] - php7.0 (Fix along in future update) - php5 NOTE: Fixed in 7.1.28, 7.2.17, 7.3.4 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77831 CVE-2019-11034 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...) - php7.3 7.3.4-1 - php7.0 + [stretch] - php7.0 (Fix along in future update) - php5 NOTE: Fixed in 7.1.28, 7.2.17, 7.3.4 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77753 @@ -1094,10 +1102,10 @@ CVE-2019-11024 (The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8 NOTE: https://github.com/saitoha/libsixel/issues/85 NOTE: Negligible security impact CVE-2019-11023 (The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39. ...) - - graphviz (bug #926724) - [jessie] - graphviz (Minor issue; clean crash / DoS) + - graphviz (unimportant; bug #926724) NOTE: https://gitlab.com/graphviz/graphviz/issues/1517 NOTE: https://gitlab.com/graphviz/graphviz/commit/839085f8026afd6f6920a0c31ad2a9d880d97932 + NOTE: Crash in CLI tool, no security impact CVE-2019-11022 RESERVED CVE-2019-11021 @@ -1950,6 +1958,8 @@ CVE-2019-10715 RESERVED CVE-2019-10714 (LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 ...) - imagemagick + [buster] - imagemagick (Minor issue) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1495 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/aa6a769bd85f6750c26e53e53dcd8a2678745501 TODO: check, potentially only introduced in later versions than present in unstable as LocaleLowercase not present, but check if present before refactoring @@ -9711,6 +9721,7 @@ CVE-2019-7722 (PMD 5.8.1 and earlier processes XML external entities in ruleset NOT-FOR-US: PMD CVE-2019- [fuse mount exposes backup to unauthorized users] - borgbackup
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 8dd2fc06 by Moritz Muehlenhoff at 2019-04-18T15:41:49Z stretch triage - - - - - 3 changed files: - data/CVE/list - data/dsa-needed.txt - data/next-point-update.txt Changes: = data/CVE/list = @@ -3068,7 +3068,7 @@ CVE-2019-9943 RESERVED CVE-2016-10743 (hostapd before 2.6 does not prevent use of the low-quality PRNG that i ...) {DLA-1733-1} - - wpa 2:2.6-7 + - wpa 2:2.6-7 (unimportant) NOTE: https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389 NOTE: There was already a 2.6 upload late in 2016 but then reverted to a 2.4 based NOTE: version and only reuploaded as 2:2.6-7 to unstable. @@ -15010,8 +15010,10 @@ CVE-2019-5421 (Plataformatec Devise version 4.5.0 and earlier, using the lockabl NOTE: https://github.com/plataformatec/devise/pull/4996 CVE-2019-5420 (A remote code execution vulnerability in development mode Rails 5. ...) - rails 2:5.2.2.1+dfsg-1 (bug #924521) + [stretch] - rails (Vulnerable code not present) [jessie] - rails (vulnerable code is not present in 4.x) NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/3 + NOTE: Introduced in https://github.com/rails/rails/commit/69f976b859cae7f9d050152103da018b7f5dda6d CVE-2019-5419 (There is a possible denial of service vulnerability in Action View (Ra ...) {DLA-1739-1} - rails 2:5.2.2.1+dfsg-1 (bug #924520) @@ -72689,6 +72691,7 @@ CVE-2018-3775 (Improper Authentication in Nextcloud Server prior to version 12.0 - nextcloud (bug #835086) CVE-2018-3774 (Incorrect parsing in url-parse 1.4.3 returns wrong hostname which ...) - node-url-parse 1.2.0-2 (bug #906058) + [stretch] - node-url-parse (Nodejs in stretch not covered by security support) NOTE: https://hackerone.com/reports/384029 NOTE: https://github.com/unshiftio/url-parse/commit/53b1794e54d0711ceb52505e0f74145270570d5a NOTE: https://github.com/unshiftio/url-parse/commit/d7b582ec1243e8024e60ac0b62d2569c939ef5de @@ -72834,6 +72837,7 @@ CVE-2018-3720 (assign-deep node module before 0.4.7 suffers from a Modification NOT-FOR-US: assign-deep node module CVE-2018-3719 (mixin-deep node module before 1.3.1 suffers from a Modification of Ass ...) - node-mixin-deep (bug #898315) + [stretch] - node-mixin-deep (Nodejs in stretch not covered by security support) NOTE: https://nodesecurity.io/advisories/578 CVE-2018-3718 (serve node module suffers from Improper Handling of URL Encoding by pe ...) NOT-FOR-US: serve node module @@ -80742,6 +80746,7 @@ CVE-2018-1110 [Improper Input Validation] CVE-2018-1109 RESERVED - node-braces + [stretch] - node-braces (Nodejs in stretch not covered by security support) NOTE: https://snyk.io/vuln/npm:braces:20180219 NOTE: https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451 CVE-2018-1108 (kernel drivers before version 4.17-rc1 are vulnerable to a weakness in ...) @@ -86869,6 +86874,7 @@ CVE-2017-16130 (exxx is an Http eX Frame Google Style JavaScript Guide. NOT-FOR-US: exxx CVE-2017-16129 (The HTTP client module superagent is vulnerable to ZIP bomb attacks. I ...) - node-superagent 0.20.0+dfsg-2 + [stretch] - node-superagent (Nodejs in stretch not covered by security support) NOTE: https://github.com/visionmedia/superagent/issues/1259 NOTE: https://nodesecurity.io/advisories/479 CVE-2017-16128 (The module npm-script-demo opened a connection to a command and contro ...) @@ -86891,6 +86897,7 @@ CVE-2017-16120 (liyujing is a static file server. liyujing is vulnerable to a di NOT-FOR-US: liyujing CVE-2017-16119 (Fresh is a module used by the Express.js framework for HTTP response f ...) - node-fresh + [stretch] - node-braces (Nodejs in stretch not covered by security support) NOTE: https://nodesecurity.io/advisories/526 CVE-2017-16118 (The forwarded module is used by the Express.js framework to handle the ...) NOT-FOR-US: forwarded nodejs module @@ -87085,6 +87092,7 @@ CVE-2017-16027 RESERVED CVE-2017-16026 (Request is an http client. If a request is made using ```multipart```, ...) - node-request (bug #901708) + [stretch] - node-request (Nodejs in stretch not covered by security support) NOTE: https://github.com/request/request/issues/1904 NOTE: https://nodesecurity.io/advisories/309 NOTE: https://github.com/request/request/pull/2018 @@ -87481,6 +87489,7 @@ CVE-2016-10543 (call is an HTTP router that is primarily used by the hapi framew NOT-FOR-US: call HTTP router CVE-2016-10542 (ws is a "simple to use, blazing
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 16b9a778 by Moritz Muehlenhoff at 2019-04-15T20:40:06Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -356,6 +356,7 @@ CVE-2019-11069 (Sequelize before 5.3.0 does not properly ensure that standard co CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism because ...) {DLA-1756-1} - libxslt (bug #926895) + [stretch] - libxslt (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/libxslt/issues/12 (not public) NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 CVE-2006-7254 (The nscd daemon in the GNU C Library (glibc) before version 2.5 does n ...) @@ -465,7 +466,8 @@ CVE-2019-11026 (FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has - poppler (bug #926721) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/752 CVE-2019-11025 (In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping o ...) - - cacti 1.2.2+ds1-2 (bug #926700) + - cacti 1.2.2+ds1-2 (low; bug #926700) + [stretch] - cacti (Minor issue) NOTE: https://github.com/Cacti/cacti/issues/2581 CVE-2019-11024 (The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has ...) TODO: check @@ -1173,6 +1175,7 @@ CVE-2019-10724 RESERVED CVE-2019-10723 (An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class i ...) - libpodofo (bug #926667) + [stretch] - libpodofo (Minor issue) [jessie] - libpodofo (clean exception quit/DoS, low popcon) NOTE: https://sourceforge.net/p/podofo/tickets/46/ CVE-2019-1003099 (A missing permission check in Jenkins openid Plugin in the OpenIdSsoSe ...) @@ -18257,8 +18260,10 @@ CVE-2019-3831 (A vulnerability was discovered in vdsm, version 4.19 through 4.30 - vdsm (bug #668538) CVE-2019-3830 (A vulnerability was found in ceilometer before version 12.0.0.0rc1. An ...) - ceilometer (bug #925298) + [stretch] - ceilometer (Vulnerable code not present) [jessie] - ceilometer (vulnerable code is not present) NOTE: https://bugs.launchpad.net/ceilometer/+bug/1811098/ + NOTE: Introduced in https://github.com/openstack/ceilometer/commit/50415c0d08a3199d2280f3638dd121779585f0fe (10.0.0.0) CVE-2019-3829 (A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. ...) [experimental] - gnutls28 3.6.7-1 - gnutls28 3.6.7-2 @@ -40046,7 +40051,8 @@ CVE-2018-15518 (QXmlStream in Qt 5.x before 5.11.3 has a double-free or corrupti {DSA-4374-1 DLA-1627-1} [experimental] - qtbase-opensource-src 5.11.3+dfsg-1 - qtbase-opensource-src 5.11.3+dfsg-2 - - qt4-x11 4:4.8.7+dfsg-18 + - qt4-x11 4:4.8.7+dfsg-18 (low) + [stretch] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/236691/ CVE-2018-15517 (The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r00 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/16b9a77857efa08bf29299ea4ebbc0e7e58955d5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/16b9a77857efa08bf29299ea4ebbc0e7e58955d5 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 43244272 by Moritz Muehlenhoff at 2019-04-07T20:22:52Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1847,6 +1847,7 @@ CVE-2019-131 (A disk space or quota exhaustion issue exists in article2pdf_g CVE-2018-20815 [device_tree: heap buffer overflow while loading device tree blob] RESERVED - qemu 1:3.1+dfsg-7 + [stretch] - qemu (Minor issue) - qemu-kvm NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=da885fe1ee8b4589047484bd7fa05a4905b52b17 NOTE: https://www.openwall.com/lists/oss-security/2019/03/27/1 @@ -5081,18 +5082,22 @@ CVE-2019-9088 CVE-2019-9087 RESERVED - hoteldruid 2.3.2-1 + [stretch] - hoteldruid (Minor issue) [jessie] - hoteldruid (low popcon, not used by any sponsor) CVE-2019-9086 RESERVED - hoteldruid 2.3.2-1 + [stretch] - hoteldruid (Minor issue) [jessie] - hoteldruid (low popcon, not used by any sponsor) CVE-2019-9085 RESERVED - hoteldruid 2.3.2-1 + [stretch] - hoteldruid (Minor issue) [jessie] - hoteldruid (low popcon, not used by any sponsor) CVE-2019-9084 RESERVED - hoteldruid 2.3.2-1 + [stretch] - hoteldruid (Minor issue) [jessie] - hoteldruid (low popcon, not used by any sponsor) CVE-2019-9083 (SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanage ...) NOT-FOR-US: SQLiteManager @@ -14036,6 +14041,7 @@ CVE-2019-5422 (XSS in buttle npm package version 0.2.0 causes execution of attac TODO: check CVE-2019-5421 (Plataformatec Devise version 4.5.0 and earlier, using the lockable mod ...) - ruby-devise (bug #926348) + [stretch] - ruby-devise (Minor issue) NOTE: https://github.com/plataformatec/devise/issues/4981 NOTE: https://github.com/plataformatec/devise/pull/4996 CVE-2019-5420 (A remote code execution vulnerability in development mode Rails 5. ...) @@ -17158,7 +17164,8 @@ CVE-2019-3888 CVE-2019-3887 RESERVED CVE-2019-3886 (An incorrect permissions check was discovered in libvirt 4.8.0 and abo ...) - - libvirt 5.0.0-2 (bug #926418) + - libvirt 5.0.0-2 (low; bug #926418) + [stretch] - libvirt (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1694880 NOTE: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1131595#c3 @@ -17376,6 +17383,7 @@ CVE-2019-3828 (Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a NOTE: https://github.com/ansible/ansible/pull/52133 CVE-2019-3827 (An incorrect permission check in the admin backend in gvfs before vers ...) - gvfs 1.38.1-3 (bug #921816) + [stretch] - gvfs (Minor issue) [jessie] - gvfs (Vulnerable code not present) NOTE: https://gitlab.gnome.org/GNOME/gvfs/issues/355 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665578 @@ -29122,12 +29130,14 @@ CVE-2019-0163 CVE-2019-0162 RESERVED CVE-2019-0161 (Stack overflow in XHCI for EDK II may allow an unauthenticated user to ...) - - edk2 0~20180803.dd4cae4d-1 + - edk2 0~20180803.dd4cae4d-1 (low) + [stretch] - edk2 (Minor issue) [jessie] - edk2 (non-free, not used by any sponsor) NOTE: https://github.com/tianocore/edk2/commit/acebdf14c985c5c9f50b37ece0b15ada87767359 NOTE: https://github.com/tianocore/edk2/commit/72750e3bf9174f15c17e78f0f117b5e7311bb49f CVE-2019-0160 (Buffer overflow in system firmware for EDK II may allow unauthenticate ...) - - edk2 0~20181115.85588389-1 + - edk2 0~20181115.85588389-1 (low) + [stretch] - edk2 (Minor issue) [jessie] - edk2 (non-free, not used by any sponsor) NOTE: https://github.com/tianocore/edk2/commit/4df8f5bfa28b8b881e506437e8f08d92c1a00370 NOTE: https://github.com/tianocore/edk2/commit/b9ae1705adfdd43668027a25a2b03c2e81960219 @@ -46812,6 +46822,7 @@ CVE-2018-12480 (Mitigates an XSS issue in NetIQ Access Manager versions prior to NOT-FOR-US: NetIQ Access Manager CVE-2018-12479 (A Improper Input Validation vulnerability in Open Build Service allows ...) - open-build-service 2.9.4-1 (bug #911797) + [stretch] - open-build-service (Minor issue) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108435 NOTE: https://github.com/openSUSE/open-build-service/pull/5880 NOTE: https://github.com/openSUSE/open-build-service/commit/01b015ca2a320afc4fae823465d1e72da8bd60df @@ -46842,12 +46853,14 @@ CVE-2018-12468 (A vulnerability in the administration console of Micro Focus Gro NOT-FOR-US: Micro Focus CVE-2018-12467 (Authorized
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 0d809ab0 by Moritz Muehlenhoff at 2019-04-04T20:56:35Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1316,7 +1316,8 @@ CVE-2019-10271 CVE-2019-10270 RESERVED CVE-2019-10269 (BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based b ...) - - bwa 0.7.17-3 (bug #926014) + - bwa 0.7.17-3 (low; bug #926014) + [stretch] - bwa (Minor issue) [jessie] - bwa (vulnerable code is not present) NOTE: https://github.com/lh3/bwa/pull/232 NOTE: https://github.com/lh3/bwa/commit/20d0a13092aa4cb73230492b05f9697d5ef0b88e @@ -1898,6 +1899,7 @@ CVE-2019-10019 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the - xpdf (xpdf in Debian uses poppler, which is not affected or fixed) CVE-2019-10018 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...) - poppler (bug #926133) + [stretch] - poppler (Minor issue) NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3=41276 (PostScriptFunction::e...@function.cc:1374-42___FPE PoC) CVE-2019-10017 (CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, ...) NOT-FOR-US: CMS Made Simple @@ -17273,6 +17275,7 @@ CVE-2019-3821 (A flaw was found in the way civetweb frontend was handling reques NOTE: https://github.com/ceph/civetweb/pull/33 CVE-2019-3820 (It was discovered that the gnome-shell lock screen since version 3.15. ...) - gnome-shell 3.30.2-3 (bug #921490) + [stretch] - gnome-shell (Minor issue) [jessie] - gnome-shell (Vulnerable code not present) NOTE: Introduced by: https://bugzilla.gnome.org/show_bug.cgi?id=745039 NOTE: Introduced by: https://gitlab.gnome.org/GNOME/gnome-shell/commit/c79d24b60e773262091023feb6ee1b3deef1c471 @@ -111633,7 +111636,8 @@ CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurat NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535667 NOTE: https://github.com/eclipse/jetty.project/commit/a285deea CVE-2017-7655 (In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vu ...) - - mosquitto 1.5.4-1 + - mosquitto 1.5.4-1 (low) + [stretch] - mosquitto (Minor issue) [jessie] - mosquitto (Minor issue) NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=533775 NOTE: https://github.com/eclipse/mosquitto/commit/79a7b36d207c9142468a7ea33695a14181a9fd24 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d809ab06890cc27fea452c8b3a0812e89ee5607 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0d809ab06890cc27fea452c8b3a0812e89ee5607 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 73941fc3 by Moritz Muehlenhoff at 2019-03-04T21:36:52Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -39,8 +39,9 @@ CVE-2019-9550 (DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. . CVE-2019-9549 (An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the ...) NOT-FOR-US: PopojiCMS CVE-2019- [insecure use of /tmp] - - bubblewrap 0.3.1-3 (bug #923557) + - bubblewrap 0.3.1-3 (unimportant; bug #923557) NOTE: https://github.com/projectatomic/bubblewrap/issues/304 + NOTE: Negligable security impact CVE-2019-1002100 [kube-apiserver: DoS with crafted patch of type json-patch] - kubernetes (bug #923686) NOTE: https://github.com/kubernetes/kubernetes/issues/74534 @@ -5336,6 +5337,7 @@ CVE-2019-7252 CVE-2019-7251 [Remote crash vulnerability with SDP protocol violation] RESERVED - asterisk (bug #923690) + [stretch] - asterisk (Vulnerable code not present) [jessie] - asterisk (Vulnerable code introduced later) NOTE: https://downloads.asterisk.org/pub/security/AST-2019-001.html CVE-2019-7250 (An issue was discovered in the Cross Reference Add-on 36 for Google ...) @@ -8953,7 +8955,8 @@ CVE-2018-20685 (In OpenSSH 7.9, scp.c in the scp client allows remote SSH server CVE-2018-20682 (Fork CMS 5.0.6 allows stored XSS via the private/en/settings ...) NOT-FOR-US: Fork CMS CVE-2018-20681 (mate-screensaver before 1.20.2 in MATE Desktop Environment allows ...) - - mate-screensaver 1.20.2-1 + - mate-screensaver 1.20.2-1 (low) + [stretch] - mate-screensaver (Minor issue) [jessie] - mate-screensaver (Vulnerability only manifests when built against GTK-3.22) NOTE: https://github.com/mate-desktop/mate-screensaver/issues/152 NOTE: https://github.com/mate-desktop/mate-screensaver/issues/155 @@ -12991,6 +12994,7 @@ CVE-2019-3842 RESERVED CVE-2019-3841 RESERVED + NOT-FOR-US: KubeVirt CVE-2019-3840 [NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function] RESERVED - libvirt 5.0.0-1 @@ -43241,6 +43245,8 @@ CVE-2018-12180 [Buffer Overflow in BlockIo service for RAM disk] NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037248.html NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037249.html NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037250.html + NOTE: https://github.com/tianocore/edk2/commit/38c9fbdcaa0219eb86fe82d90e3f8cfb5a54be9f + NOTE: https://github.com/tianocore/edk2/commit/fccdb88022c1f6d85c773fce506b10c879063f1d CVE-2018-12179 RESERVED CVE-2018-12178 [improper DNS packet size check] @@ -43248,6 +43254,7 @@ CVE-2018-12178 [improper DNS packet size check] - edk2 [jessie] - edk2 (non-free is not supported) NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037251.html + NOTE: https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd CVE-2018-12177 (Improper directory permissions in the ZeroConfig service in Intel(R) ...) NOT-FOR-US: Intel PROSet/Wireless WiFi Software CVE-2018-12176 (Improper input validation in firmware for Intel NUC Kits may allow a ...) @@ -67370,9 +67377,10 @@ CVE-2018-3631 RESERVED CVE-2018-3630 [Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c] RESERVED - - edk2 + - edk2 (unimportant) [jessie] - edk2 (non-free is not supported) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683653 + NOTE: No security impact CVE-2018-3629 (Buffer overflow in event handler in Intel Active Management Technology ...) NOT-FOR-US: Intel CVE-2018-3628 (Buffer overflow in HTTP handler in Intel Active Management Technology ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73941fc35173e67bcacf7a932b1b751268133af8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/73941fc35173e67bcacf7a932b1b751268133af8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e2f24f90 by Moritz Muehlenhoff at 2019-03-01T19:07:14Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -558,10 +558,12 @@ CVE-2019-9211 (There is a reachable assertion abort in the function ...) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683499 NOTE: Crash in CLI tool, no security impact CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer ...) - - advancecomp (bug #923416) + - advancecomp (low; bug #923416) + [stretch] - advancecomp (Minor issue) NOTE: https://sourceforge.net/p/advancemame/bugs/277/ CVE-2018-20797 (An issue was discovered in PoDoFo 0.9.6. There is an attempted ...) - - libpodofo (bug #923415) + - libpodofo (low; bug #923415) + [stretch] - libpodofo (Minor issue) [jessie] - libpodofo (Minor issue) NOTE: https://sourceforge.net/p/podofo/tickets/34/ CVE-2019-9209 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and ...) @@ -663,6 +665,7 @@ CVE-2019-9170 RESERVED CVE-2019-9169 (In the GNU C Library (aka glibc or libc6) through 2.29, ...) - glibc + [stretch] - glibc (Minor issue) - eglibc NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140 NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142 @@ -697,14 +700,16 @@ CVE-2019-9192 (** DISPUTED ** In the GNU C Library (aka glibc or libc6) through - eglibc (unimportant) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24269 CVE-2018-20796 (In the GNU C Library (aka glibc or libc6) through 2.29, ...) - - glibc - - eglibc + - glibc (unimportant) + - eglibc (unimportant) NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 NOTE: https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html + NOTE: No treated as vulnerability: https://sourceware.org/glibc/wiki/Security%20Exceptions CVE-2009-5155 (In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in ...) [experimental] - gnulib 20180621~6979c25-1 - gnulib - glibc 2.28-1 + [stretch] - glibc (Minor issue) - eglibc NOTE: http://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=5513b40999149090987a0341c018d05d3eea1272 NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=22793 @@ -6428,6 +6433,7 @@ CVE-2019-6707 (PHPSHE 1.7 has SQL injection via the admin.php?mod=productac NOT-FOR-US: PHPSHE CVE-2019-6706 (Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For ...) - lua5.3 (bug #920321) + [stretch] - lua5.3 (Minor issue, revisit when fixed upstream) - lua5.2 (Vulnerable code introduced later) - lua5.1 (Vulnerable code introduced later) - lua50 (Vulnerable code introduced later) @@ -6991,7 +6997,8 @@ CVE-2019-6466 CVE-2019-6465 [Zone transfer controls for writable DLZ zones were not effective] RESERVED {DLA-1697-1} - - bind9 1:9.11.5.P4+dfsg-1 (bug #922955) + - bind9 1:9.11.5.P4+dfsg-1 (low; bug #922955) + [stretch] - bind9 (Can be fixed along in future DSA) NOTE: https://kb.isc.org/docs/cve-2019-6465 NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/a9307de85e147f4756c75d15aa221d2262df7d67 CVE-2019-6464 @@ -14924,8 +14931,7 @@ CVE-2018-1000854 (esigate.org esigate version 5.2 and earlier contains a CWE-74: NOT-FOR-US: esigate CVE-2018-1000852 (FreeRDP FreeRDP 2.0.0-rc3 released version before commit ...) - freerdp2 2.0.0~git20181120.1.e21b72c95+dfsg1-1 - - freerdp - [jessie] - freerdp (Vulnerable code not present) + - freerdp (Vulnerable code not present) NOTE: https://github.com/FreeRDP/FreeRDP/issues/4866 NOTE: https://github.com/FreeRDP/FreeRDP/pull/4871 NOTE: https://github.com/FreeRDP/FreeRDP/commit/baee520e3dd9be6511c45a14c5f5e77784de1471 @@ -44052,6 +44058,7 @@ CVE-2018-11784 (When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9 CVE-2018-11783 [Apache Traffic Server vulnerability with sslheader plugin] RESERVED - trafficserver 8.0.2+ds-1 + [stretch] - trafficserver (Minor issue, experimental plugin, will be fixed along in next DSA) NOTE: https://github.com/apache/trafficserver/pull/4701 NOTE: https://www.openwall.com/lists/oss-security/2019/02/13/6 CVE-2018-11782 @@ -61434,7 +61441,8 @@ CVE-2018-5746 CVE-2018-5745 [An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys] RESERVED {DLA-1697-1} - - bind9 1:9.11.5.P4+dfsg-1 (bug #922954) + - bind9 1:9.11.5.P4+dfsg-1 (low; bug
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 139a2cbf by Moritz Muehlenhoff at 2019-02-26T21:49:40Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -115,11 +115,9 @@ CVE-2019-9153 CVE-2019-9152 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul8 - TODO: check CVE-2019-9151 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul7 - TODO: check CVE-2019-9150 RESERVED CVE-2019-9149 @@ -1827,15 +1825,12 @@ CVE-2019-8399 CVE-2019-8398 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul6 - TODO: check CVE-2019-8397 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an out ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul5 - TODO: check CVE-2019-8396 (A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...) - hdf5 NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul4 - TODO: check CVE-2019-8395 (An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ...) NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus CVE-2019-8394 (Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows ...) @@ -20084,6 +20079,7 @@ CVE-2018-19609 (ShowDoc 2.4.1 allows remote attackers to obtain sensitive inform NOT-FOR-US: ShowDoc CVE-2018-19608 (Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a ...) - mbedtls 2.14.1-1 (bug #915796) + [stretch] - mbedtls (Minor issue) - polarssl NOTE: http://cat.eyalro.net/ NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released @@ -33057,6 +33053,7 @@ CVE-2018-15757 REJECTED CVE-2018-15756 (Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, ...) - libspring-java 4.3.21-1 (bug #911786) + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (vulnerable code introduced in later version) NOTE: https://pivotal.io/security/cve-2018-15756 CVE-2018-15755 (Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0, ...) @@ -45472,10 +45469,12 @@ CVE-2018-11041 (Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 NOT-FOR-US: Cloud Foundry CVE-2018-11040 (Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to ...) - libspring-java 4.3.19-1 + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (unable to find relevant commits) NOTE: https://pivotal.io/security/cve-2018-11040 CVE-2018-11039 (Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior ...) - libspring-java 4.3.19-1 + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (Minor issue) NOTE: https://pivotal.io/security/cve-2018-11039 CVE-2017-18270 (In the Linux kernel before 4.13.5, a local user could create keyrings ...) @@ -73518,6 +73517,7 @@ CVE-2018-1273 (Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2. NOT-FOR-US: Spring Data Commons CVE-2018-1272 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...) - libspring-java 4.3.19-1 (bug #895114) + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (vulnerable code not found) [wheezy] - libspring-java (Vulnerable broker code introduced in various commits re. https://github.com/spring-projects/spring-framework/blame/0009806debb578e884f6dc98bd1f2dc668020021/spring-messaging/src/main/java/org/springframework/messaging/simp/broker/DefaultSubscriptionRegistry.java) NOTE: https://pivotal.io/security/cve-2018-1272 @@ -73526,6 +73526,7 @@ CVE-2018-1271 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 pr NOTE: https://pivotal.io/security/cve-2018-1271 CVE-2018-1270 (Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior ...) - libspring-java 4.3.19-1 (bug #895114) + [stretch] - libspring-java (Minor issue) [jessie] - libspring-java (vulnerable code not found) [wheezy] - libspring-java (Vulnerable broker code introduced in various commits re. https://github.com/spring-projects/spring-framework/blame/0009806debb578e884f6dc98bd1f2dc668020021/spring-messaging/src/main/java/org/springframework/messaging/simp/broker/DefaultSubscriptionRegistry.java) NOTE: https://pivotal.io/security/cve-2018-1270 @@
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: babb564d by Moritz Muehlenhoff at 2019-02-22T19:57:12Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1271,7 +1271,8 @@ CVE-2019-8402 CVE-2018-20782 (The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. ...) NOT-FOR-US: WooCommerce plugin CVE-2016-10742 (Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before ...) - - zabbix 1:3.0.17+dfsg-1 + - zabbix 1:3.0.17+dfsg-1 (low) + [stretch] - zabbix (Minor issue) NOTE: https://support.zabbix.com/browse/ZBX-10272 NOTE: https://support.zabbix.com/browse/ZBX-13133 CVE-2019-8401 @@ -5275,6 +5276,7 @@ CVE-2019-6690 [improper input validation in gnupg.GPG.encrypt() and gnupg.GPG.de RESERVED {DLA-1675-1} - python-gnupg 0.4.4-1 + [stretch] - python-gnupg (Minor issue) NOTE: https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerability NOTE: https://github.com/vsajip/python-gnupg/commit/39eca266dd837e2ad89c94eb17b7a6f50b25e7cf#diff-88b99bb28683bd5b7e3a204826ead112 NOTE: https://github.com/vsajip/python-gnupg/commit/3003b654ca1c29b0510a54b9848571b3ad57df19#diff-88b99bb28683bd5b7e3a204826ead112 @@ -6411,7 +6413,8 @@ CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling NOTE: https://github.com/svgpp/svgpp/issues/70 CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in ...) {DLA-1656-1} - - agg 1:2.4-r127+dfsg1-1 (bug #919322) + - agg 1:2.4-r127+dfsg1-1 (low; bug #919322) + [stretch] - agg (Minor issue) - svgpp (bug #919321) NOTE: https://github.com/svgpp/svgpp/issues/70 NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/ @@ -26578,6 +26581,7 @@ CVE-2018-1000808 (Python Cryptographic Authority pyopenssl version Before 17.5.0 NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509 CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to version ...) - pyopenssl 17.5.0-1 + [stretch] - pyopenssl (Minor issue) [jessie] - pyopenssl (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method) NOTE: https://github.com/pyca/pyopenssl/pull/723 NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/babb564dff6eff5e7af22a5392f2ffe4d3ca4144 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/babb564dff6eff5e7af22a5392f2ffe4d3ca4144 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6680eaab by Moritz Muehlenhoff at 2019-02-20T22:01:13Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1181,8 +1181,9 @@ CVE-2019-8383 (An issue was discovered in AdvanceCOMP before 2.1. An invalid mem CVE-2019-8382 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference ...) NOT-FOR-US: Bento4 CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory access ...) - - tcpreplay (bug #922622) + - tcpreplay (unimportant; bug #922622) NOTE: https://github.com/appneta/tcpreplay/issues/538 + NOTE: Crash in a CLI tool, no security impact CVE-2019-8380 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference ...) NOT-FOR-US: Bento4 CVE-2019-8379 (An issue was discovered in AdvanceCOMP before 2.1. A NULL pointer ...) @@ -1190,11 +1191,13 @@ CVE-2019-8379 (An issue was discovered in AdvanceCOMP before 2.1. A NULL pointer CVE-2019-8378 (An issue was discovered in Bento4 1.5.1-628. A heap-based buffer ...) NOT-FOR-US: Bento4 CVE-2019-8377 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...) - - tcpreplay (bug #922623) + - tcpreplay (unimportant; bug #922623) NOTE: https://github.com/appneta/tcpreplay/issues/536 + NOTE: Crash in a CLI tool, no security impact CVE-2019-8376 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...) - - tcpreplay (bug #922624) + - tcpreplay (unimportant; bug #922624) NOTE: https://github.com/appneta/tcpreplay/issues/537 + NOTE: Crash in a CLI tool, no security impact CVE-2019-8375 RESERVED CVE-2019-8374 @@ -4479,7 +4482,8 @@ CVE-2019-6977 (gdImageColorMatch in gd_color_match.c in the GD Graphics Library NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77270 NOTE: Proposed patch: https://gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced CVE-2019-6976 (libvips before 8.7.4 writes to uninitialized memory locations in ...) - - vips 8.7.4-1 + - vips 8.7.4-1 (low) + [stretch] - vips (Minor issue) [jessie] - vips (Minor Issue) NOTE: https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a CVE-2019-6975 (Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before ...) @@ -5700,6 +5704,9 @@ CVE-2019-6454 [systemd (PID1) crash with specially crafted D-Bus message] {DSA-4393-1 DLA-1684-1} - systemd 240-6 NOTE: https://www.openwall.com/lists/oss-security/2019/02/18/3 + NOTE: https://github.com/systemd/systemd/commit/798ebaf9aea9b8ae3b8a0cc2702bc8de71acb3c6 + NOTE: https://github.com/systemd/systemd/commit/6d586a13717ae057aa1b4127400c3de61cd5b9e7 + NOTE: https://github.com/systemd/systemd/commit/f519a19bcd5afe674a9b8fc462cd77d8bad403c1 CVE-2019-6453 (mIRC before 7.55 allows remote command execution by using argument ...) NOT-FOR-US: mIRC CVE-2019-6452 @@ -13014,37 +13021,44 @@ CVE-2018-20463 (An issue was discovered in the JSmol2WP plugin 1.07 for WordPres CVE-2018-20462 (An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. A ...) NOT-FOR-US: JSmol2WP plugin for WordPress CVE-2018-20461 (In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c ...) - - radare2 3.1.2+dfsg-1 + - radare2 3.1.2+dfsg-1 (low) + [stretch] - radare2 (Minor issue) [jessie] - radare2 (vulnerable code not present) NOTE: https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267 NOTE: https://github.com/radare/radare2/issues/12375 CVE-2018-20460 (In radare2 prior to 3.1.2, the parseOperands function in ...) - - radare2 3.1.2+dfsg-1 + - radare2 3.1.2+dfsg-1 (low) + [stretch] - radare2 (Minor issue) [jessie] - radare2 (vulnerable code not present) NOTE: https://github.com/radare/radare2/commit/df167c7db545953bb7f71c72e98e7a3ca0c793bf NOTE: https://github.com/radare/radare2/issues/12376 CVE-2018-20459 (In radare2 through 3.1.3, the armass_assemble function in ...) - - radare2 3.2.1+dfsg-1 (bug #917322) + - radare2 3.2.1+dfsg-1 (low; bug #917322) + [stretch] - radare2 (Minor issue) [jessie] - radare2 (vulnerable code not present) NOTE: https://github.com/radare/radare2/commit/e5c14c167b0dcf0a53d76bd50bacbbcc0dfc1ae7 NOTE: https://github.com/radare/radare2/issues/12418 CVE-2018-20458 (In radare2 prior to 3.1.1, r_bin_dyldcache_extract in ...) - - radare2 3.1.2+dfsg-1 + - radare2 3.1.2+dfsg-1 (low) + [stretch] - radare2 (Minor issue) [jessie] - radare2 (vulnerable code not present) NOTE:
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a9d86c13 by Moritz Muehlenhoff at 2019-02-19T21:16:37Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -3231,8 +3231,9 @@ CVE-2019-7444 CVE-2019-7443 [Insecure handling of arguments in helpers] RESERVED - kauth 5.54.0-2 (bug #921995) - [stretch] - kauth (Minor issue) + [stretch] - kauth (Minor issue, will be fixed in a point release) - kde4libs + [stretch] - kde4libs (Minor issue) NOTE: https://mail.kde.org/pipermail/kde-announce/2019-February/11.html NOTE: https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a CVE-2019-7442 @@ -29300,6 +29301,7 @@ CVE-2018-16868 (A Bleichenbacher type side-channel based padding oracle attack w NOTE: nettle version. CVE-2018-16867 (A flaw was found in qemu Media Transfer Protocol (MTP) before version ...) - qemu 1:3.1+dfsg-1 (bug #915884) + [stretch] - qemu (Vulnerable code not present) - qemu-kvm NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg00390.html NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=c52d46e041b42bb1ee6f692e00a0abe37a9659f6 (master) = data/dsa-needed.txt = @@ -28,6 +28,9 @@ graphicsmagick libidn santiago proposed debdiffs for jessie and stretch -- +libpng1.6 + wait for final patch +-- libspring-java -- linux View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9d86c1336cad0d06ba9ece636395892232aecd4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a9d86c1336cad0d06ba9ece636395892232aecd4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 90dc8906 by Moritz Muehlenhoff at 2019-02-18T22:27:35Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2364,10 +2364,11 @@ CVE-2019-7754 CVE-2019-7753 (Verydows 2.0 has XSS via the index.php?m=apic=statsa=count referrer ...) NOT-FOR-US: Verydows CVE-2018-20781 (In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's ...) - - gnome-keyring 3.28.0-1 + - gnome-keyring 3.28.0-1 (unimportant) NOTE: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919 NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=781486 NOTE: https://gitlab.gnome.org/GNOME/gnome-keyring/issues/3 + NOTE: Not a vulnerability, just a hardening patch CVE-2019-7752 RESERVED CVE-2019-7751 @@ -2613,6 +2614,7 @@ CVE-2019-7660 CVE-2019-7659 (Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a ...) {DLA-1681-1} - gsoap 2.8.75-1 + [stretch] - gsoap (Minor issue) - r-other-x4r NOTE: https://www.genivia.com/advisory.html#Bug_in_gSOAP_versions_2.7.0_to_2.8.74_for_applications_built_with_the_WITH_COOKIES_flag_enabled_ NOTE: https://lists.debian.org/debian-lts/2019/02/msg00131.html @@ -12469,6 +12471,7 @@ CVE-2018-20594 (An issue was discovered in hsweb 3.0.4. It is a reflected XSS .. NOT-FOR-US: hsweb CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in ...) - mxml + [stretch] - mxml (Minor issue) [jessie] - mxml (Minor issue, only affects the mxmldoc tool) NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/so_mxmldoc.c:2971_1.txt.err (error output) @@ -12478,6 +12481,7 @@ CVE-2018-20593 (In Mini-XML (aka mxml) v2.12, there is stack-based buffer overfl NOTE: upstream tagged the issue with 'wontfix' and removed mxmldoc code completely CVE-2018-20592 (In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd ...) - mxml + [stretch] - mxml (Minor issue) [jessie] - mxml (Minor issue, only affected the mxmldoc tool) NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt NOTE: https://github.com/ntu-sec/pocs/blob/master/mxml-53c75b0/crashes/uaf_mxml-node.c:128_1.txt.err (error output) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/90dc8906034f1c907349984be86df87d8f404cff -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/90dc8906034f1c907349984be86df87d8f404cff You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 882875a5 by Moritz Muehlenhoff at 2019-02-15T19:53:32Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1406,12 +1406,14 @@ CVE-2019-7667 CVE-2019-7666 RESERVED CVE-2019-7665 (In elfutils 0.175, a heap-based buffer over-read was discovered in the ...) - - elfutils (bug #921880) + - elfutils (low; bug #921880) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24089 NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00049.html NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=de01cc6f9446187d69b9748bb3636361c79e77a4 CVE-2019-7664 (In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note ...) - - elfutils (bug #921881) + - elfutils (low; bug #921881) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24084 NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e65d91d21cb09d83b001fef9435e576ba447db32 CVE-2019-7663 (An Invalid Address dereference was discovered in ...) @@ -1479,19 +1481,27 @@ CVE-2019-7639 (An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. NOT-FOR-US: gsi-openssh-server (OpenSSH patched with openssh-7.9p1-gsissh.patch) CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4500 CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497 CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499 CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498 CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for ...) TODO: check @@ -1611,31 +1621,45 @@ CVE-2019-7579 RESERVED CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4494 CVE-2019-7577 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4492 CVE-2019-7576 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4490 CVE-2019-7575 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4493 CVE-2019-7574 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4496 CVE-2019-7573 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4491 CVE-2019-7572 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...) - libsdl1.2 + [stretch] - libsdl1.2 (Minor issue) - libsdl2 + [stretch] - libsdl2 (Minor issue) NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4495 CVE-2019-7571 RESERVED @@ -1973,9 +1997,10 @@ CVE-2019-7444 CVE-2019-7443 [Insecure handling of arguments in helpers] RESERVED - kauth
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 9bbe4753 by Moritz Muehlenhoff at 2019-02-08T19:24:43Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -672,12 +672,14 @@ CVE-2019-121 (slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab NOTE: https://lab.louiz.org/poezio/slixmpp/commit/7cd73b594e8122dddf847953fcfc85ab4d316416 CVE-2019-120 (libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 ...) {DLA-1668-1} - - libarchive 3.3.3-4 + - libarchive 3.3.3-4 (low) + [stretch] - libarchive (Minor issue) NOTE: https://github.com/libarchive/libarchive/pull/1120 NOTE: https://github.com/libarchive/libarchive/commit/8312eaa576014cd9b965012af51bc1f967b12423 CVE-2019-119 (libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 ...) {DLA-1668-1} - - libarchive 3.3.3-4 + - libarchive 3.3.3-4 (low) + [stretch] - libarchive (Minor issue) NOTE: https://github.com/libarchive/libarchive/pull/1120 NOTE: https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1 CVE-2019-117 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect ...) @@ -8581,7 +8583,8 @@ CVE-2019-3826 [Stored DOM cross-site scripting (XSS) attack via crafted URL] [stretch] - prometheus (Only affects 2.1.0 onwards) NOTE: https://github.com/prometheus/prometheus/pull/5163 CVE-2019-3825 (A vulnerability was discovered in gdm before 3.31.4. When timed login ...) - - gdm3 + - gdm3 (low) + [stretch] - gdm3 (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/460 CVE-2019-3824 RESERVED @@ -69492,6 +69495,7 @@ CVE-2018-1321 (An administrator with report and template entitlements in Apache CVE-2018-1320 (Apache Thrift Java client library versions 0.5.0 through 0.11.0 can ...) {DLA-1662-1} - libthrift-java 0.9.1-2.1 (bug #918736) + [stretch] - libthrift-java (Minor issue) NOTE: https://issues.apache.org/jira/browse/THRIFT-4506 NOTE: https://github.com/apache/thrift/commit/d973409661f820d80d72c0034d06a12348c8705e CVE-2018-1319 (In Apache Allura prior to 1.8.1, attackers may craft URLs that cause ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9bbe4753f3f59b50b2f6508f735fd369b8eb1f37 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9bbe4753f3f59b50b2f6508f735fd369b8eb1f37 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 9c3d4031 by Moritz Muehlenhoff at 2019-02-02T05:06:10Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -352,12 +352,14 @@ CVE-2019-7151 (A NULL pointer dereference was discovered in ...) NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e CVE-2019-7150 (An issue was discovered in elfutils 0.175. A segmentation fault can ...) - - elfutils (bug #920909) + - elfutils (low; bug #920909) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24103 NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00070.html NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=da5c5336a1eaf519de246f7d9f0f5585e1d4ac59 CVE-2019-7149 (A heap-based buffer over-read was discovered in the function ...) - - elfutils (bug #920910) + - elfutils (low; bug #920910) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24102 NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00068.html NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=2562759d6fe5b364fe224852e64e8bda39eb2e35 @@ -1200,7 +1202,8 @@ CVE-2017-18360 (In change_port_settings in drivers/usb/serial/io_ti.c in the Lin NOTE: Fixed by: https://git.kernel.org/linus/6aeb75e6adfaed16e58780309613a578fe1ee90b CVE-2017-18359 (PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote ...) {DLA-1653-1} - - postgis 2.3.3+dfsg-1 + - postgis 2.3.3+dfsg-1 (low) + [stretch] - postgis (Minor issue) NOTE: https://trac.osgeo.org/postgis/ticket/3704 NOTE: https://trac.osgeo.org/postgis/changeset/15444 NOTE: https://trac.osgeo.org/postgis/changeset/15445 @@ -2034,7 +2037,8 @@ CVE-2019-6439 (examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL thr NOTE: https://github.com/wolfSSL/wolfssl/issues/2032 NOTE: Issue only in example code CVE-2019-6438 (SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit ...) - - slurm-llnl (bug #920997) + - slurm-llnl (low; bug #920997) + [stretch] - slurm-llnl (Minor issue) NOTE: https://www.schedmd.com/news.php?id=213 NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2019/18.html CVE-2019-6437 @@ -8838,12 +8842,14 @@ CVE-2018-20555 CVE-2018-20554 RESERVED CVE-2018-20553 (Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len ...) - - tcpreplay (bug #917574) + - tcpreplay (low; bug #917574) + [stretch] - tcpreplay (Minor issue) [jessie] - tcpreplay (not used by any sponsor, hard to exploit) NOTE: https://github.com/appneta/tcpreplay/issues/530 NOTE: https://github.com/appneta/tcpreplay/pull/532/commits/6b830a1640ca20528032c89a4fdd8291a4d2d8b2 CVE-2018-20552 (Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree ...) - - tcpreplay (bug #917574) + - tcpreplay (low; bug #917574) + [stretch] - tcpreplay (Minor issue) [jessie] - tcpreplay (not used by any sponsor, hard to exploit) NOTE: https://github.com/appneta/tcpreplay/issues/530 NOTE: https://github.com/appneta/tcpreplay/pull/532/commits/6b830a1640ca20528032c89a4fdd8291a4d2d8b2 @@ -18492,6 +18498,7 @@ CVE-2018-19518 (University of Washington IMAP Toolkit 2007f on UNIX, as used in - php7.0 (bug #913836) - php5 - uw-imap (bug #914632) + [stretch] - uw-imap (Minor issue) NOTE: Fixed in 5.6.39, 7.0.33, 7.1.25, 7.2.13, 7.3.0 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=76428 NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77153 @@ -24537,7 +24544,8 @@ CVE-2018-17200 RESERVED CVE-2018-17199 (In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks ...) {DLA-1647-1} - - apache2 2.4.38-1 (bug #920303) + - apache2 2.4.38-1 (low; bug #920303) + [stretch] - apache2 (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2019/01/22/3 NOTE: 2.4.x http://svn.apache.org/r1851409 NOTE: 2.5.x http://svn.apache.org/r1850947 @@ -24566,7 +24574,8 @@ CVE-2018-17191 (Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configurati CVE-2018-17190 (In all versions of Apache Spark, its standalone resource manager ...) NOT-FOR-US: Apache Spark CVE-2018-17189 (In Apache HTTP server versions 2.4.37 and prior, by sending request ...) - - apache2 2.4.38-1 (bug #920302) + - apache2 2.4.38-1 (low; bug
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2f159f84 by Moritz Muehlenhoff at 2019-01-28T15:31:03Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1954,10 +1954,12 @@ CVE-2019-6132 (An issue was discovered in Bento4 v1.5.1-627. There is a memory l NOT-FOR-US: Bento4 CVE-2019-6131 (svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack ...) - mupdf 1.14.0+ds1-3 (bug #918970) + [stretch] - mupdf (Minor issue) NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700442 NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the ...) - mupdf 1.14.0+ds1-3 (bug #918971) + [stretch] - mupdf (Minor issue) NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700446 NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?faf47b94e24314d74907f3f6bc874105f2c962ed CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as ...) @@ -1967,6 +1969,7 @@ CVE-2019-6129 (png_create_info_struct in png.c in libpng 1.6.36 has a memory lea NOTE: Memory leak in CLI tool, no security impact CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory ...) - tiff + [stretch] - tiff (Minor issue) - tiff3 NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2836 CVE-2019-6127 (An issue was discovered in XiaoCms 20141229. It allows ...) = data/dsa-needed.txt = @@ -26,6 +26,8 @@ glusterfs graphicsmagick waiting for proper fix for CVE-2018-20185 -- +libgd2 +-- libidn santiago proposed debdiffs for jessie and stretch -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f159f84c6b28caf6671a1268a746307c05ca8a3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f159f84c6b28caf6671a1268a746307c05ca8a3 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 915804fa by Moritz Muehlenhoff at 2019-01-21T22:12:23Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -928,11 +928,12 @@ CVE-2019-6134 RESERVED CVE-2019-6133 (In PolicyKit (aka polkit) 0.115, the start time protection mechanism ...) - policykit-1 0.105-25 (bug #918985) + [stretch] - policykit-1 (Minor issue, kernel mitigation will land in next 4.9.x rebase) NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1692 NOTE: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/19 NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81 NOTE: Issue can be mitigated in kernel with - NOTE: https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf + NOTE: https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf (landed in 4.9.150) CVE-2019-6132 (An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in ...) NOT-FOR-US: Bento4 CVE-2019-6131 (svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack ...) @@ -6966,7 +6967,8 @@ CVE-2018-20550 RESERVED CVE-2018-20549 (There is an illegal WRITE memory access at caca/file.c (function ...) {DLA-1631-1} - - libcaca (bug #917807) + - libcaca (low; bug #917807) + [stretch] - libcaca (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628 NOTE: https://github.com/cacalabs/libcaca/issues/41 NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592 @@ -6979,13 +6981,15 @@ CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c (funct NOTE: Debian binary packages built with the Imlib2 library CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c (function ...) {DLA-1631-1} - - libcaca (bug #917807) + - libcaca (low; bug #917807) + [stretch] - libcaca (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624 NOTE: https://github.com/cacalabs/libcaca/issues/39 NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790 CVE-2018-20546 (There is an illegal READ memory access at caca/dither.c (function ...) {DLA-1631-1} - - libcaca (bug #917807) + - libcaca (low; bug #917807) + [stretch] - libcaca (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622 NOTE: https://github.com/cacalabs/libcaca/issues/38 NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790 @@ -6998,7 +7002,8 @@ CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c (funct NOTE: Debian binary packages built with the Imlib2 library CVE-2018-20544 (There is floating point exception at caca/dither.c (function ...) {DLA-1631-1} - - libcaca (bug #917807) + - libcaca (low; bug #917807) + [stretch] - libcaca (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627 NOTE: https://github.com/cacalabs/libcaca/issues/36 NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/84bd155087b93ab2d8d7cb5b1ac94ecd4cf4f93c = data/dsa-needed.txt = @@ -40,6 +40,8 @@ mbedtls -- mercurial -- +openjdk-8 (jmm) +-- openjpeg2 (luciano) -- openssh (corsac) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/915804fa12a0bde55db368b16581bbd89fe40adb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/915804fa12a0bde55db368b16581bbd89fe40adb You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b7e957b2 by Moritz Muehlenhoff at 2018-12-28T23:10:59Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -543,22 +543,28 @@ CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL NOTE: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4 NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause CVE-2018-20362 (A NULL pointer dereference was discovered in ifilter_bank of ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/26 CVE-2018-20361 (An invalid memory address dereference was discovered in the hf_assembly ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/30 CVE-2018-20360 (An invalid memory address dereference was discovered in the ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/32 CVE-2018-20359 (An invalid memory address dereference was discovered in the ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/29 CVE-2018-20358 (An invalid memory address dereference was discovered in the ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/31 CVE-2018-20357 (A NULL pointer dereference was discovered in sbr_process_channel of ...) - - faad2 + - faad2 (low) + [stretch] - faad2 (Minor issue) NOTE: https://github.com/knik0/faad2/issues/28 CVE-2018-20356 RESERVED @@ -9290,7 +9296,8 @@ CVE-2018-19506 (Zurmo 3.2.4 has XSS via an admin's use of the name parameter in CVE-2018-19505 RESERVED CVE-2018-19504 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...) - - faad2 (bug #914641) + - faad2 (low; bug #914641) + [stretch] - faad2 (Minor issue) [jessie] - faad2 (Minor issue) NOTE: https://sourceforge.net/p/faac/bugs/240/ CVE-2018-19503 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) ...) @@ -20678,8 +20685,7 @@ CVE-2018-15127 (LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de co NOTE: https://github.com/LibVNC/libvncserver/commit/502821828ed00b4a2c4bef90683d0fd88ce495de NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-028-libvnc-heap-out-of-bound-write/ CVE-2018-15126 (LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains ...) - - libvncserver (bug #916941) - [jessie] - libvncserver (Vulnerable code not present) + - libvncserver (Vulnerable code introduced after 0.9.11 release) NOTE: https://github.com/LibVNC/libvncserver/issues/242 NOTE: https://github.com/LibVNC/libvncserver/commit/73cb96fec028a576a5a24417b57723b55854ad7b NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-027-libvnc-heap-use-after-free/ = data/dsa-needed.txt = @@ -19,6 +19,7 @@ ansible Maintainer is preparing updates -- faad2 + not yet fixed upstream -- glusterfs -- @@ -30,6 +31,8 @@ libidn -- libspring-java -- +libvncserver (jmm) +-- linux Wait until more issues have piled up -- @@ -48,6 +51,8 @@ smarty3 sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- +thunderbird (jmm) +-- vlc (jmm) Maintainer proposed to wait for 3.0.5 and release a DSA based on 3.0.5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b7e957b2a9683e5dad951168524f7b2bfe5e2dde -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b7e957b2a9683e5dad951168524f7b2bfe5e2dde You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 391de870 by Moritz Muehlenhoff at 2018-12-28T09:21:00Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,6 @@ CVE-2018-20551 (A reachable Object::getString assertion in Poppler 0.72.0 allows ...) - - poppler (bug #917525) + - poppler (low; bug #917525) + [stretch] - poppler (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/703 NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/7f87dc10b6adccd6d1b977a28b064add254aa2da CVE-2018-20550 @@ -4476,6 +4477,7 @@ CVE-2018-19977 RESERVED CVE-2018-19976 (In YARA 3.8.1, bytecode in a specially crafted compiled rule is ...) - yara 3.8.1-2 (bug #916932) + [stretch] - yara (Minor issue) [jessie] - yara (Minor issue) NOTE: https://github.com/VirusTotal/yara/issues/999 NOTE: https://bnbdr.github.io/posts/extracheese/ @@ -4484,6 +4486,7 @@ CVE-2018-19976 (In YARA 3.8.1, bytecode in a specially crafted compiled rule is NOTE: https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c CVE-2018-19975 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...) - yara 3.8.1-2 (bug #916932) + [stretch] - yara (Minor issue) [jessie] - yara (Minor issue) NOTE: https://github.com/VirusTotal/yara/issues/999 NOTE: https://bnbdr.github.io/posts/extracheese/ @@ -4492,6 +4495,7 @@ CVE-2018-19975 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can NOTE: https://github.com/VirusTotal/yara/commit/d8f714891ed92da15d50b397b74d1d9431e9c54c CVE-2018-19974 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...) - yara 3.8.1-2 (bug #916932) + [stretch] - yara (Minor issue) [jessie] - yara (Minor issue) NOTE: https://github.com/VirusTotal/yara/issues/999 NOTE: https://bnbdr.github.io/posts/extracheese/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/391de87091db0cb79ae82ee6f3e6a5e2bf77844a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/391de87091db0cb79ae82ee6f3e6a5e2bf77844a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e707d541 by Moritz Muehlenhoff at 2018-12-27T11:03:52Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -528,7 +528,8 @@ CVE-2018-1000872 (OpenKMIP PyKMIP version All versions before 0.8.0 contains a C NOTE: https://github.com/OpenKMIP/PyKMIP/commit/3a7b880bdf70d295ed8af3a5880bab65fa6b3932 NOTE: https://github.com/OpenKMIP/PyKMIP/issues/430 CVE-2018-1000871 (HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL ...) - - hoteldruid (bug #917099) + - hoteldruid (low; bug #917099) + [stretch] - hoteldruid (Minor issue) NOTE: https://www.exploit-db.com/exploits/45976 CVE-2018-1000870 (PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in ...) - phpipam (bug #731713) @@ -5464,9 +5465,11 @@ CVE-2018-19874 RESERVED CVE-2018-19873 (An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer ...) [experimental] - qtbase-opensource-src 5.11.3+dfsg-1 - - qtbase-opensource-src 5.11.3+dfsg-2 + - qtbase-opensource-src 5.11.3+dfsg-2 (low) + [stretch] - qtbase-opensource-src (Minor issue) [jessie] - qtbase-opensource-src (Minor issue) - - qt4-x11 + - qt4-x11 (low) + [stretch] - qt4-x11 (Minor issue) [jessie] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/238749/ @@ -5787,6 +5790,7 @@ CVE-2018-19759 (There is a heap-based buffer over-read at stb_image_write.h (fun TODO: check CVE-2018-19758 (There is a heap-based buffer over-read at wav.c in wav_write_header in ...) - libsndfile + [stretch] - libsndfile (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643812 CVE-2018-19757 (There is a NULL pointer dereference at function ...) TODO: check View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e707d541c32ae329230c73e4b4aec67c8fb0d11d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e707d541c32ae329230c73e4b4aec67c8fb0d11d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f77a7f98 by Moritz Muehlenhoff at 2018-12-26T11:08:12Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,6 @@ CVE-2018-20481 (XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef ...) - - poppler (bug #917325) + - poppler (low; bug #917325) + [stretch] - poppler (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/692 NOTE: Proposed fix: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143 CVE-2018-20480 (An issue was discovered in S-CMS 1.0. It allows SQL Injection via the ...) @@ -29,7 +30,8 @@ CVE-2018-20469 CVE-2018-20468 RESERVED CVE-2018-20467 (In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can ...) - - imagemagick (bug #917326) + - imagemagick (low; bug #917326) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1408 NOTE: https://github.com/ImageMagick/ImageMagick/commit/db0add932fb850d762b02604ca3053b7d7ab6deb CVE-2018-20466 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f77a7f98f51bacb86e99573d6a66e29e6148daca -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f77a7f98f51bacb86e99573d6a66e29e6148daca You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 286cfb1b by Moritz Muehlenhoff at 2018-12-14T08:34:28Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2323,9 +2323,11 @@ CVE-2018-19872 RESERVED CVE-2018-19871 [QImage: QTgaFile CPU exhaustion] RESERVED - - qtimageformats-opensource-src + - qtimageformats-opensource-src (low) + [stretch] - qtimageformats-opensource-src (Minor issue) [jessie] - qtimageformats-opensource-src (Minor issue) - - qt4-x11 + - qt4-x11 (low) + [stretch] - qt4-x11 (Minor issue) [jessie] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/237761/ @@ -2333,8 +2335,10 @@ CVE-2018-19871 [QImage: QTgaFile CPU exhaustion] CVE-2018-19870 [Check for QImage allocation failure in qgifhandler] RESERVED [experimental] - qtbase-opensource-src 5.11.3+dfsg-1 - - qtbase-opensource-src - - qt4-x11 + - qtbase-opensource-src (low) + [stretch] - qtbase-opensource-src (Minor issue) + - qt4-x11 (low) + [stretch] - qt4-x11 (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/235998/ NOTE: affected code can be in src/gui/image/qgifhandler.cpp or in @@ -77229,8 +77233,8 @@ CVE-2017-11431 RESERVED CVE-2017-11430 RESERVED - - ruby-omniauth-saml 1.10.0-1 (bug #892864) - NOTE: fixed in 1.10.0 + - ruby-omniauth-saml (The actual vulnerability is in ruby-saml, which is used by the Debian package) + NOTE: The change in 1.10.0 simply bumps the version requirement NOTE: https://github.com/omniauth/omniauth-saml/issues/156 NOTE: https://github.com/omniauth/omniauth-saml/pull/157 NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/286cfb1bc87594ec4ccf1c5b18cfdf76b4915d4c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/286cfb1bc87594ec4ccf1c5b18cfdf76b4915d4c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f6871666 by Moritz Muehlenhoff at 2018-12-12T21:01:32Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -42,6 +42,7 @@ CVE-2018-20094 (An issue was discovered in XXL-CONF 1.6.0. There is a path trave TODO: check CVE-2018- [response discrepancy information exposure] - mini-httpd (bug #916190) + [stretch] - mini-httpd (Minor issue) NOTE: https://speirofr.appspot.com/files/advisory/SPADV-2018-01.md CVE-2018-20093 RESERVED @@ -111,6 +112,7 @@ CVE-2018-20061 (A SQL injection issue was discovered in ERPNext 10.x and 11.x th NOT-FOR-US: Frappe ERPNext CVE-2018-20060 (urllib3 before version 1.23 does not remove the Authorization HTTP ...) - python-urllib3 1.24-1 + [stretch] - python-urllib3 (Minor issue) NOTE: https://github.com/urllib3/urllib3/issues/1316 NOTE: https://github.com/urllib3/urllib3/pull/1346 NOTE: https://github.com/urllib3/urllib3/commit/3d7f98b07b6e6e04c2e89cdf5afb18024a2d804c @@ -5792,6 +5794,7 @@ CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the . CVE-2018-19516 RESERVED - kf5-messagelib (bug #915039) + [stretch] - kf5-messagelib (Minor issue) NOTE: https://www.kde.org/info/security/advisory-20181128-1.txt NOTE: https://cgit.kde.org/messagelib.git/commit/?id=34765909cdf8e55402a8567b48fb288839c61612 CVE-2018-19515 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6871666eceba4cdeb1b65f2573b4e75950a8039 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f6871666eceba4cdeb1b65f2573b4e75950a8039 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 023a7b50 by Moritz Muehlenhoff at 2018-12-07T20:09:18Z stretch triage mark sqlite3 as untermined for now, this could be entirely limited to Chromiums use of sqlite recheck once details are available - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1541,8 +1541,9 @@ CVE-2018-19657 CVE-2018-19656 RESERVED CVE-2018-19655 (A stack-based buffer overflow in the find_green() function of dcraw ...) - - ufraw 0.22-3.1 (bug #890086) - - dcraw 9.28-2 (bug #906529) + - ufraw 0.22-3.1 (unimportant; bug #890086) + - dcraw 9.28-2 (unimportant; bug #906529) + NOTE: No security impact, crash in CLI tool CVE-2018-19654 (An issue was discovered in Sales Company Management System (SCMS) ...) NOT-FOR-US: Sales & Company Management System (SCMS) CVE-2018-19653 @@ -4607,7 +4608,8 @@ CVE-2018-19499 (Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code . CVE-2018-19498 RESERVED CVE-2018-19497 (In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c ...) - - sleuthkit (bug #914796) + - sleuthkit (low; bug #914796) + [stretch] - sleuthkit (Minor issue) NOTE: https://github.com/sleuthkit/sleuthkit/pull/1374 NOTE: https://github.com/sleuthkit/sleuthkit/commit/bc04aa017c0bd297de8a3b7fc40ffc6bb95d CVE-2018-19496 @@ -7776,7 +7778,7 @@ CVE-2018-18345 - chromium 71.0.3578.80-1 CVE-2018-18344 RESERVED - - sqlite3 + - sqlite3 - chromium 71.0.3578.80-1 CVE-2018-18343 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/023a7b507343ea3133d50b66abc21c737f493aa9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/023a7b507343ea3133d50b66abc21c737f493aa9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c7983a12 by Moritz Muehlenhoff at 2018-12-07T18:33:56Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1035,7 +1035,8 @@ CVE-2018-19870 [Check for QImage allocation failure in qgifhandler] TODO: check for completeness CVE-2018-19869 [Fix crash when parsing malformed url reference] RESERVED - - qtsvg-opensource-src + - qtsvg-opensource-src (low) + [stretch] - qtsvg-opensource-src (Minor issue) NOTE: https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/ NOTE: https://codereview.qt-project.org/#/c/234142/ TODO: check for completeness, possibly as well qt4-x11 @@ -1098,11 +1099,13 @@ CVE-2018-19845 CVE-2018-19844 RESERVED CVE-2018-19843 (opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows ...) - - radare2 3.1.0+dfsg-1 + - radare2 3.1.0+dfsg-1 (low) + [stretch] - radare2 (Minor issue) NOTE: https://github.com/radare/radare2/commit/f17bfd9f1da05f30f23a4dd05e9d2363e1406948 NOTE: https://github.com/radare/radare2/issues/12242 CVE-2018-19842 (getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows ...) - - radare2 3.1.0+dfsg-1 + - radare2 3.1.0+dfsg-1 (low) + [stretch] - radare2 (Minor issue) NOTE: https://github.com/radare/radare2/commit/66191f780863ea8c66ace4040d0d04a8842e8432 NOTE: https://github.com/radare/radare2/issues/12239 CVE-2018-19841 (The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a ...) @@ -1251,6 +1254,7 @@ CVE-2018-19788 (A flaw was found in PolicyKit (aka polkit) 0.115 that allows a u NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/b534a10727455409acd54018a9c91000e7626126 CVE-2018-19787 (An issue was discovered in lxml before 4.2.5. lxml/html/clean.py in the ...) - lxml 4.2.5-1 + [stretch] - lxml (Minor issue) NOTE: Fixed by: https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109 (lxml-4.2.5) CVE-2018-19786 (HashiCorp Vault before 1.0.0 writes the master key to the server log in ...) NOT-FOR-US: HashiCorp Vault @@ -4629,18 +4633,21 @@ CVE-2018-19492 (An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issu NOTE: https://sourceforge.net/p/gnuplot/bugs/2089/ NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/ NOTE: No security impact, neutralised by toolchain hardening + NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source CVE-2018-19491 (An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows ...) {DLA-1597-1 DLA-1595-1} - - gnuplot - - gnuplot5 + - gnuplot (unimportant) + - gnuplot5 (unimportant) NOTE: https://sourceforge.net/p/gnuplot/bugs/2094/ NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/ + NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source CVE-2018-19490 (An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue ...) {DLA-1597-1 DLA-1595-1} - - gnuplot - - gnuplot5 + - gnuplot (unimportant) + - gnuplot5 (unimportant) NOTE: https://sourceforge.net/p/gnuplot/bugs/2093/ NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/ + NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source CVE-2018-19489 [9pfs: crash due to race condition in renaming files] RESERVED - qemu (bug #914727) @@ -5001,14 +5008,16 @@ CVE-2018-19359 [Unauthorized service template creation] - gitlab 11.3.10+dfsg-2 (bug #914166) NOTE: https://about.gitlab.com/2018/11/19/critical-security-release-gitlab-11-dot-4-dot-6-released/ CVE-2018-19358 (GNOME Keyring through 3.28.2 allows local users to retrieve login ...) - - gnome-keyring (bug #914154) - [jessie] - gnome-keyring (The current design works as expected) + - gnome-keyring (unimportant; bug #914154) NOTE: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1780365 NOTE: https://github.com/sungjungk/keyring_crack NOTE: The default keyring is automatically unlocked upon successful login. NOTE: The current behavior to access passwords via DBus is expected but NOTE: cannot be compromised by another user on the system. Users can choose NOTE: to use a separate keyring if they prefer to be prompted. + NOTE: Non issue + NOTE:
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fc3ae5c3 by Moritz Muehlenhoff at 2018-11-28T16:11:53Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -2818,7 +2818,8 @@ CVE-2018-19534 CVE-2018-19533 RESERVED CVE-2018-19532 (A NULL pointer dereference vulnerability exists in the function ...) - - libpodofo + - libpodofo (low) + [stretch] - libpodofo (Minor issue) NOTE: https://sourceforge.net/p/podofo/tickets/32/ CVE-2018-19531 (HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote ...) TODO: check @@ -2845,8 +2846,9 @@ CVE-2018-19521 CVE-2018-19520 (An issue was discovered in SDCMS 1.6 with PHP 5.x. ...) NOT-FOR-US: SDCMS CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the ...) - - tcpdump + - tcpdump (unimportant) NOTE: https://github.com/zyingp/temp/blob/master/tcpdump.md + NOTE: Crash in CLI tool, no security impact CVE-2018-19516 RESERVED CVE-2018-19515 = data/dsa-needed.txt = @@ -50,7 +50,7 @@ smarty3 sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- -tiff +tiff (jmm) -- xen -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fc3ae5c34dae0f2551dd0eb64818ba3a56b17f18 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fc3ae5c34dae0f2551dd0eb64818ba3a56b17f18 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f2f0f309 by Moritz Muehlenhoff at 2018-11-16T16:16:33Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -1110,6 +1110,7 @@ CVE-2018-18957 (An issue has been found in libIEC61850 v1.3. It is a stack-based NOT-FOR-US: libIEC61850 CVE-2018-18956 (The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x ...) - suricata + [stretch] - suricata (Minor issue) [jessie] - suricata (Vulnerable code not present, no MIME support in this version) NOTE: https://lists.openinfosecfoundation.org/pipermail/oisf-users/2018-October/016227.html NOTE: https://redmine.openinfosecfoundation.org/issues/2658#change-10374 @@ -66297,6 +66298,7 @@ CVE-2017-12873 (SimpleSAMLphp 1.7.0 through 1.14.10 might allow attackers to obt CVE-2017-12872 (The (1) Htpasswd authentication source in the authcrypt module and (2) ...) {DLA-1408-1 DLA-1205-1} - simplesamlphp 1.14.15-1 + [stretch] - simplesamlphp (Minor issue) NOTE: https://simplesamlphp.org/security/201703-01 NOTE: Patches: https://github.com/simplesamlphp/simplesamlphp/commit/ab7761d4a523a4ed00479fb1ddba688e7ca72439 NOTE: https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1 @@ -66318,6 +66320,7 @@ CVE-2017-12869 (The multiauth module in SimpleSAMLphp 1.14.13 and earlier allows CVE-2017-12868 (The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in ...) {DLA-1408-1 DLA-1205-1} - simplesamlphp 1.14.15-1 + [stretch] - simplesamlphp (Only affects setups with old PHP versions not found in stable) NOTE: https://simplesamlphp.org/security/201705-01 NOTE: Patch: https://github.com/simplesamlphp/simplesamlphp/commit/caf764cc2c9b68ac29741070ebdf133a595443f1 CVE-2017-12867 (The SimpleSAML_Auth_TimeLimitedToken class in SimpleSAMLphp 1.14.14 ...) = data/dsa-needed.txt = @@ -56,6 +56,8 @@ pdns php7.0 wait until more severe issues have come up -- +simplesamlphp +-- smarty3 -- sssd View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f2f0f309ffad00946b79b2e0c8f89c88d2d2de43 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f2f0f309ffad00946b79b2e0c8f89c88d2d2de43 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 051203e2 by Moritz Muehlenhoff at 2018-11-13T21:39:16Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -691,7 +691,8 @@ CVE-2018-19059 (An issue was discovered in Poppler 0.71.0. There is a out-of-bou NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/77a30e94d96220d7e22dff5b3f0a7f296f01b118 NOTE: Issue in pdfdetach cli tool leading to crash CVE-2018-19058 (An issue was discovered in Poppler 0.71.0. There is a reachable abort ...) - - poppler (bug #913177) + - poppler (low; bug #913177) + [stretch] - poppler (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/659 NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/6912e06d9ab19ba28991b5cab3319d61d856bd6d CVE-2018-19057 (SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG ...) @@ -11159,9 +11160,11 @@ CVE-2018-14775 (tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has NOT-FOR-US: OpenBSD CVE-2018-14774 (An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, ...) - symfony 3.4.14+dfsg-1 + [stretch] - symfony (Minor issue) NOTE: https://symfony.com/blog/cve-2018-14774-possible-host-header-injection-when-using-httpcache CVE-2018-14773 (An issue was discovered in Http Foundation in Symfony 2.7.0 through ...) - symfony 3.4.14+dfsg-1 + [stretch] - symfony (Minor issue) NOTE: https://symfony.com/blog/cve-2018-14773-remove-support-for-legacy-and-risky-http-headers CVE-2018-14772 (Pydio 4.2.1 through 8.2.1 has an authenticated remote code execution ...) - ajaxplorer (bug #668381) @@ -70267,9 +70270,11 @@ CVE-2017-11429 CVE-2017-11428 RESERVED - ruby-saml 1.7.2-1 (bug #892865) + [stretch] - ruby-saml (Minor issue) NOTE: fixed in 1.7.0 NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations NOTE: https://www.kb.cert.org/vuls/id/475445 + NOTE: https://github.com/onelogin/ruby-saml/commit/048a544730930f86e46804387a6b6fad50d8176f CVE-2017-11427 RESERVED NOT-FOR-US: OneLogin python-saml = data/dsa-needed.txt = @@ -63,8 +63,6 @@ smarty3 sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- -symfony --- tiff -- xml-security-c View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/051203e2349b49327f0da2e6d7192245057b0785 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/051203e2349b49327f0da2e6d7192245057b0785 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a4af964f by Moritz Muehlenhoff at 2018-11-11T21:43:22Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -163,10 +163,12 @@ CVE-2018-19109 (tianti 2.3 allows remote authenticated users to bypass intended NOT-FOR-US: tianti CVE-2018-19108 (In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD ...) - exiv2 (bug #913272) + [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/426 NOTE: https://github.com/Exiv2/exiv2/pull/518 CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from ...) - exiv2 (bug #913273) + [stretch] - exiv2 (Minor issue) NOTE: https://github.com/Exiv2/exiv2/issues/427 NOTE: https://github.com/Exiv2/exiv2/pull/518 CVE-2018-19106 = data/dsa-needed.txt = @@ -20,6 +20,8 @@ ansible -- ceph -- +chromium-browser +-- glusterfs -- gnutls28 @@ -42,10 +44,14 @@ mariadb-10.1/stable -- mercurial -- +mkvtoolnix +-- openjpeg2 (luciano) -- passenger -- +pdns +-- php7.0 wait until more severe issues have come up -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a4af964f0a88b3ef0ce742a345697a51c24cf857 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a4af964f0a88b3ef0ce742a345697a51c24cf857 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 584185ce by Moritz Muehlenhoff at 2018-10-29T21:22:43Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -191,8 +191,9 @@ CVE-2018-18720 (An XSS issue was discovered in index.php/admin/system/basic in Y CVE-2018-18719 RESERVED CVE-2018-18718 (An issue was discovered in gThumb through 3.6.2. There is a double-free ...) - - gthumb + - gthumb (unimportant) NOTE: https://gitlab.gnome.org/GNOME/gthumb/issues/18 + NOTE: Crash in end user application, no security impact CVE-2018-18717 (An issue was discovered in Eleanor CMS through 2015-03-19. XSS exists ...) NOT-FOR-US: Eleanor CMS CVE-2018-18716 @@ -4901,7 +4902,9 @@ CVE-2018-16791 RESERVED CVE-2018-16790 (_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in ...) - libbson + [stretch] - libbson (Minor issue) NOTE: https://jira.mongodb.org/browse/CDRIVER-2819 + NOTE: https://github.com/mongodb/mongo-c-driver/commit/0d9a4d98bfdf4acd2c0138d4aaeb4e2e0934bd84 CVE-2018-16789 RESERVED CVE-2018-16788 @@ -26714,7 +26717,8 @@ CVE-2018-8294 (A remote code execution vulnerability exists in the way that the CVE-2018-8293 RESERVED CVE-2018-8292 (An information disclosure vulnerability exists in .NET Core when ...) - - mono + NOT-FOR-US: .dotnet CoreFX + NOTE: https://github.com/dotnet/corefx/commit/56aae8a7076f283e334b88f642ef6bb7c59e02c3 CVE-2018-8291 (A remote code execution vulnerability exists in the way the scripting ...) NOT-FOR-US: Microsoft CVE-2018-8290 (A remote code execution vulnerability exists in the way that the ...) @@ -49832,7 +49836,9 @@ CVE-2018-0736 RESERVED CVE-2018-0735 (The OpenSSL ECDSA signature algorithm has been shown to be vulnerable ...) - openssl + [stretch] - openssl (Wait for next DSA and upstream release) - openssl1.0 + [stretch] - openssl1.0 (Wait for next DSA and upstream release) NOTE: https://www.openssl.org/news/secadv/20181029.txt NOTE: OpenSSL_1_1_1-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4 NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=56fb454d281a023b3f950d969693553d3f3ceea1 = data/dsa-needed.txt = @@ -68,3 +68,5 @@ sssd -- symfony -- +tiff +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/584185ce350a491fbc9dd7800c72d403eaa848bf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/584185ce350a491fbc9dd7800c72d403eaa848bf You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6e3d2c46 by Moritz Muehlenhoff at 2018-10-27T07:45:31Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -4,7 +4,8 @@ CVE-2018-18653 (The Linux kernel, as used in Ubuntu 18.10 and when booted with U CVE-2018-18652 (A remote command execution vulnerability in Veritas NetBackup Appliance ...) NOT-FOR-US: Veritas NetBackup Appliance CVE-2018-18655 (Prayer through 1.3.5 sends a Referer header, containing a user's ...) - - prayer (bug #911842) + - prayer (low; bug #911842) + [stretch] - prayer (Minor issue) CVE-2018-18654 (Crossroads 2.81 does not properly handle the /tmp directory during a ...) - crossroads (unimportant; bug #911877) NOTE: Issue exploitable only during build of package @@ -240,7 +241,8 @@ CVE-2018-18557 (LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG NOTE: https://gitlab.com/libtiff/libtiff/merge_requests/38 NOTE: https://gitlab.com/libtiff/libtiff/commit/681748ec2f5ce88da5f9fa6831e1653e46af8a66 CVE-2018- [out of bounds memory read in MED files] - - libopenmpt 0.3.13-1 (bug #911584) + - libopenmpt 0.3.13-1 (low; bug #911584) + [stretch] - libopenmpt (Minor issue) NOTE: https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/ NOTE: https://source.openmpt.org/browse/openmpt/trunk/?op=revision=10903 CVE-2018-18556 @@ -1867,7 +1869,8 @@ CVE-2018-17943 RESERVED CVE-2018-17942 (The convert_to_decimal function in vasnprintf.c in Gnulib before ...) {DLA-1543-1} - - gnulib (bug #910757) + - gnulib (low; bug #910757) + [stretch] - gnulib (Minor issue) NOTE: pspp affecting bug: https://savannah.gnu.org/bugs/?func=detailitem_id=54686 NOTE: https://lists.gnu.org/archive/html/bug-gnulib/2018-09/msg00107.html NOTE: https://github.com/coreutils/gnulib/commit/278b4175c9d7dd47c1a3071554aac02add3b3c35 @@ -10275,6 +10278,7 @@ CVE-2018-14500 (joyplus-cms 1.6.0 has XSS via the ...) CVE-2018-1999023 (The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a ...) - wesnoth-1.14 1:1.14.4-1 - wesnoth-1.12 + [stretch] - wesnoth-1.12 (Scheduled for removal from stretch) - wesnoth-1.10 [jessie] - wesnoth-1.10 (Games are not supported in Jessie) NOTE: http://www.openwall.com/lists/oss-security/2018/07/20/1 @@ -11458,7 +11462,8 @@ CVE-2018-14043 (mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect f NOT-FOR-US: mstdlib CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the data-container ...) - twitter-bootstrap (Vulnerable code not present) - - twitter-bootstrap3 (bug #907414) + - twitter-bootstrap3 (low; bug #907414) + [stretch] - twitter-bootstrap3 (Minor issue) [jessie] - twitter-bootstrap3 (Vulnerable code not present) NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/ NOTE: https://github.com/twbs/bootstrap/issues/26423 @@ -11467,7 +11472,8 @@ CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the data-container NOTE: https://github.com/twbs/bootstrap/pull/26630/commits/efca80bb5bb34546a2e7a9488b89f71457d2ad92 CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target property ...) - twitter-bootstrap (Vulnerable code not present) - - twitter-bootstrap3 (bug #907414) + - twitter-bootstrap3 (low; bug #907414) + [stretch] - twitter-bootstrap3 (Minor issue) [jessie] - twitter-bootstrap3 (Vulnerable code not present) NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/ NOTE: https://github.com/twbs/bootstrap/issues/26423 @@ -11477,7 +11483,8 @@ CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target pr CVE-2018-14040 (In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent ...) {DLA-1479-1} - twitter-bootstrap (Vulnerable code not present) - - twitter-bootstrap3 (bug #907414) + - twitter-bootstrap3 (low; bug #907414) + [stretch] - twitter-bootstrap3 (Minor issue) NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/ NOTE: https://github.com/twbs/bootstrap/issues/26423 NOTE: https://github.com/twbs/bootstrap/issues/26625 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6e3d2c46e00da9585e0e8c586ee1fbc5a70b5467 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6e3d2c46e00da9585e0e8c586ee1fbc5a70b5467 You're receiving this email because of your account on salsa.debian.org.
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fdf7576b by Moritz Muehlenhoff at 2018-10-19T22:56:33Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -13,11 +13,13 @@ CVE-2018-18523 CVE-2018-18522 RESERVED CVE-2018-18521 (Divide-by-zero vulnerabilities in the function arlib_add_symbols() in ...) - - elfutils (bug #911413) + - elfutils (low; bug #911413) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23786 NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function elf_end in ...) - - elfutils (bug #911414) + - elfutils (low; bug #911414) + [stretch] - elfutils (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787 NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html CVE-2018-18519 @@ -288,8 +290,9 @@ CVE-2018-18411 CVE-2018-18410 RESERVED CVE-2018-18409 (A stack-based buffer over-read exists in setbit() at iptree.h of ...) - - tcpflow (bug #911263) + - tcpflow (unimportant; bug #911263) NOTE: https://github.com/simsong/tcpflow/issues/195 + NOTE: Crash in CLI tool, no security impact CVE-2018-18408 (A use-after-free was discovered in the tcpbridge binary of Tcpreplay ...) - tcpreplay NOTE: https://github.com/appneta/tcpreplay/issues/489 @@ -342,7 +345,8 @@ CVE-2018-18386 (drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows lo [jessie] - linux 3.16.56-1 NOTE: Fixed by: https://git.kernel.org/linus/966031f340185eddd05affcf72b740549f056348 CVE-2018-18385 (Asciidoctor v1.5.7.1 allows remote attackers to cause a denial of ...) - - asciidoctor + - asciidoctor (low) + [stretch] - asciidoctor (Minor issue) NOTE: https://github.com/asciidoctor/asciidoctor/issues/2888 CVE-2018-18384 (Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive ...) - unzip 6.0-11 (bug #741384) @@ -1323,6 +1327,7 @@ CVE-2018-18026 RESERVED CVE-2018-18025 (In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in ...) - imagemagick + [stretch] - imagemagick (Fix along in next DSA) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1335 CVE-2018-18024 (In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ...) - imagemagick (low) @@ -9432,6 +9437,7 @@ CVE-2018-14636 (Live-migrated instances are briefly able to inspect traffic for [jessie] - neutron (Minor issue) CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants are ...) - neutron 2:13.0.0-1 + [stretch] - neutron (Minor issue) [jessie] - neutron (Minor issue) NOTE: https://bugs.launchpad.net/neutron/+bug/1757482 NOTE: https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d = data/dsa-needed.txt = @@ -17,6 +17,8 @@ If needed, specify the release by adding a slash after the name of the source pa -- ceph -- +chromium-browser +-- ghostscript (carnil) Regression update: #909076, possibly #909929 (but see upstream issue), and #909957 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fdf7576b3ba1ef06ba079bfcc334c7444d223a43 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fdf7576b3ba1ef06ba079bfcc334c7444d223a43 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: ec8c21a1 by Moritz Muehlenhoff at 2018-10-12T20:02:35Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -626,6 +626,7 @@ CVE-2018-18056 RESERVED CVE-2018-1000810 (The Rust Programming Language Standard Library version 1.29.0, 1.28.0, ...) - rustc + [stretch] - rustc (Can be fixed along in future rustc update for ESR68) NOTE: https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0 NOTE: Fixed upstream in 1.29.1 @@ -1732,7 +1733,8 @@ CVE-2018-17568 (utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has a NOT-FOR-US: ViaBTC Exchange Server CVE-2018-17567 (Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 ...) {DLA-1541-1} - - jekyll (bug #909933) + - jekyll (low; bug #909933) + [stretch] - jekyll (Minor issue) NOTE: https://github.com/jekyll/jekyll/pull/7224 NOTE: https://jekyllrb.com/news/2018/09/19/security-fixes-for-3-6-3-7-3-8/ CVE-2018-17566 (In ThinkPHP 5.1.24, the inner function delete can be used for SQL ...) @@ -1971,6 +1973,7 @@ CVE-2018-17456 (Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2 CVE-2018-17455 [IDOR merge request approvals] RESERVED - gitlab + [stretch] - gitlab (Scheduled for removal in next point release) NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/ CVE-2018-17454 [Persistent XSS on issue details] RESERVED @@ -1985,6 +1988,7 @@ CVE-2018-17453 [GRPC::Unknown logging token disclosure] CVE-2018-17452 [validate_localhost function in url_blocker.rb could be bypassed] RESERVED - gitlab + [stretch] - gitlab (Scheduled for removal in next point release) NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/ CVE-2018-17451 [Slack integration CSRF Oauth2] RESERVED @@ -5056,13 +5060,16 @@ CVE-2018-16048 (An issue was discovered in GitLab Community and Enterprise Editi NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/ CVE-2018-16051 (An issue was discovered in GitLab Community and Enterprise Edition ...) - gitlab + [stretch] - gitlab (Scheduled for removal in next point release) NOTE: https://gitlab.com/gitlab-org/gitlab-ee/issues/6012 NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/ CVE-2018- [gitlab: Missing CSRF in System Hooks] - gitlab + [stretch] - gitlab (Scheduled for removal in next point release) NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/ CVE-2018-16049 (An issue was discovered in GitLab Community and Enterprise Edition ...) - gitlab + [stretch] - gitlab (Scheduled for removal in next point release) NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/46967 NOTE: https://gitlab.com/gitlab-org/gitlab-ce/issues/49272 NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/ @@ -6850,6 +6857,7 @@ CVE-2018-15474 (** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formu CVE-2018-15472 [Diff formatter DoS in Sidekiq jobs] RESERVED - gitlab + [stretch] - gitlab (Scheduled for removal in next point release) NOTE: https://about.gitlab.com/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/ CVE-2018-15467 RESERVED @@ -8894,6 +8902,7 @@ CVE-2018-14604 (An issue was discovered in GitLab Community and Enterprise Editi NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/ CVE-2018-14603 (An issue was discovered in GitLab Community and Enterprise Edition ...) - gitlab + [stretch] - gitlab (Scheduled for removal in next point release) NOTE: https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/ CVE-2018-14602 (An issue was discovered in GitLab Community and Enterprise Edition ...) - gitlab @@ -9606,6 +9615,7 @@ CVE-2018-14365 RESERVED CVE-2018-14364 (GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before ...) - gitlab 10.7.7+dfsg-2 (bug #904026) + [stretch] - gitlab (Scheduled for removal in next point release) NOTE: https://about.gitlab.com/2018/07/17/critical-security-release-gitlab-11-dot-0-dot-4-released/ CVE-2018-14363 (An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not ...) {DSA-4277-1 DLA-1455-1} @@ -13849,9 +13859,11 @@
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 4e38ad89 by Moritz Muehlenhoff at 2018-10-04T20:56:29Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -328,6 +328,7 @@ CVE-2018-17826 (HisiPHP 1.0.8 allows CSRF via admin.php/admin/user/adduser.html NOT-FOR-US: HisiPHP CVE-2018-17825 (An issue was discovered in AdPlug 2.3.1. There are several double-free ...) - adplug + [stretch] - adplug (Minor issue) NOTE: https://github.com/adplug/adplug/issues/67 NOTE: https://github.com/adplug/adplug/commit/19ebb61bf92262dc1868de10ba5a211db249ce76 CVE-2018-17824 @@ -3251,7 +3252,8 @@ CVE-2018-16550 (TeamViewer 10.x through 13.x allows remote attackers to bypass t CVE-2018-16549 (HScripts PHP File Browser Script v1.0 allows Directory Traversal via ...) NOT-FOR-US: HScripts PHP File Browser Script CVE-2018-16548 (An issue was discovered in ZZIPlib through 0.13.69. There is a memory ...) - - zziplib + - zziplib (low) + [stretch] - zziplib (Minor issue) [jessie] - zziplib (Minor issue) NOTE: https://github.com/gdraheim/zziplib/issues/58 CVE-2018-16547 @@ -15230,7 +15232,8 @@ CVE-2018-11776 (Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer fr - libstruts1.2-java (Specific to 2.x) NOTE: https://cwiki.apache.org/confluence/display/WW/S2-057 CVE-2018-11775 (TLS hostname verification when using the Apache ActiveMQ Client before ...) - - activemq 5.15.6-1 (bug #908950) + - activemq 5.15.6-1 (low; bug #908950) + [stretch] - activemq (Minor issue) NOTE: http://activemq.apache.org/security-advisories.data/CVE-2018-11775-announcement.txt NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;a=commit;h=bde7097fb8173cf871827df7811b3865679b963d NOTE: https://git-wip-us.apache.org/repos/asf?p=activemq.git;a=commit;h=02971a40e281713a8397d3a1809c164b594abfbb @@ -76769,6 +76772,7 @@ CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute code NOT-FOR-US: WinDjView CVE-2017-7893 (In SaltStack Salt before 2016.3.6, compromised salt-minions can ...) - salt 2016.11.5+ds-1 + [stretch] - salt (Minor issue) NOTE: https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html NOTE: https://github.com/saltstack/salt/issues/48939 NOTE: https://github.com/saltstack/salt/commit/0a0f46fb1478be5eb2f90882a90390cb35ec43cb View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e38ad8905c952471a74d7f5573641591656e5e2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4e38ad8905c952471a74d7f5573641591656e5e2 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d085fc39 by Moritz Muehlenhoff at 2018-09-20T18:57:20Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -334,6 +334,7 @@ CVE-2018-17183 (Artifex Ghostscript before 9.25 allowed a user-writable error ex NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=fb713b3818b52d8a6cf62c951eba2e1795ff9624 CVE-2018-17095 (An issue has been discovered in mpruett Audio File Library (aka ...) - audiofile + [stretch] - audiofile (Minor issue) [jessie] - audiofile (Can be fixed along in future DLA) NOTE: https://github.com/mpruett/audiofile/issues/50 NOTE: https://github.com/mpruett/audiofile/issues/51 @@ -422,6 +423,7 @@ CVE-2018-17058 RESERVED CVE-2018-17057 (An issue was discovered in TCPDF before 6.2.22. Attackers can trigger ...) - tcpdf (bug #908866) + [stretch] - tcpdf (Minor issue) [jessie] - tcpdf (Minor issue) NOTE: https://github.com/tecnickcom/TCPDF/commit/1861e33fe05f653b67d070f7c106463e7a5c26e NOTE: Was considered minor for jessie since arbitrary deserialization @@ -1560,6 +1562,7 @@ CVE-2018-1000673 REJECTED CVE-2018-1000671 (sympa version 6.2.16 and later contains a CWE-601: URL Redirection to ...) - sympa (bug #908165) + [stretch] - sympa (Minor issue) NOTE: https://github.com/sympa-community/sympa/issues/268 NOTE: https://github.com/sympa-community/sympa/commit/c6ce32a6c203070702eac45a4442a17d2bf7b0c1 NOTE: https://github.com/sympa-community/sympa/commit/03314a9baf7f7903283253829877afd0ae50e325 @@ -6169,6 +6172,7 @@ CVE-2018-14637 RESERVED CVE-2018-14636 (Live-migrated instances are briefly able to inspect traffic for other ...) - neutron (low) + [stretch] - neutron (Minor issue) [jessie] - neutron (Minor issue) CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants are ...) - neutron 2:13.0.0-1 @@ -7218,6 +7222,7 @@ CVE-2018-14321 RESERVED CVE-2018-14320 (This vulnerability allows remote attackers to disclose sensitive ...) - libpodofo + [stretch] - libpodofo (Minor issue) [jessie] - libpodofo (Minor issue) NOTE: https://www.zerodayinitiative.com/advisories/ZDI-18-1046/ CVE-2018-14319 @@ -7814,8 +7819,7 @@ CVE-2018-14044 (The RateTransposer::setChannels function in RateTransposer.cpp i CVE-2018-14043 (mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file ...) NOT-FOR-US: mstdlib CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the data-container ...) - - twitter-bootstrap - [jessie] - twitter-bootstrap (Vulnerable code not present) + - twitter-bootstrap (Vulnerable code not present) - twitter-bootstrap3 (bug #907414) [jessie] - twitter-bootstrap3 (Vulnerable code not present) NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/ @@ -7824,8 +7828,7 @@ CVE-2018-14042 (In Bootstrap before 4.1.2, XSS is possible in the data-container NOTE: https://github.com/twbs/bootstrap/pull/26630 NOTE: https://github.com/twbs/bootstrap/pull/26630/commits/efca80bb5bb34546a2e7a9488b89f71457d2ad92 CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target property ...) - - twitter-bootstrap - [jessie] - twitter-bootstrap (Vulnerable code not present) + - twitter-bootstrap (Vulnerable code not present) - twitter-bootstrap3 (bug #907414) [jessie] - twitter-bootstrap3 (Vulnerable code not present) NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/ @@ -7835,8 +7838,7 @@ CVE-2018-14041 (In Bootstrap before 4.1.2, XSS is possible in the data-target pr NOTE: https://github.com/twbs/bootstrap/pull/26630/commits/3229efc0811df29765c1d0a949c85362378b0628 CVE-2018-14040 (In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent ...) {DLA-1479-1} - - twitter-bootstrap - [jessie] - twitter-bootstrap (Vulnerable code not present) + - twitter-bootstrap (Vulnerable code not present) - twitter-bootstrap3 (bug #907414) NOTE: https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/ NOTE: https://github.com/twbs/bootstrap/issues/26423 @@ -2,11 +4,10 @@ CVE-2018-1000522 CVE-2018-1000521 (BigTree-CMS contains a Cross Site Scripting (XSS) vulnerability in ...) NOT-FOR-US: BigTree-CMS CVE-2018-1000520 (ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows ...) - - mbedtls (low) - [stretch] - mbedtls (Minor issue) - - polarssl - [jessie] - polarssl (Minor issue) + - mbedtls (unimportant) + -
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2a93573c by Moritz Muehlenhoff at 2018-09-03T18:40:51Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1862,6 +1862,7 @@ CVE-2018-1000655 (Jsish version 2.4.65 contains a CWE-476: NULL Pointer Derefere NOT-FOR-US: Jsish CVE-2018-1000654 (GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 ...) - libtasn1-6 (bug #906768) + [stretch] - libtasn1-6 (Minor issue) [jessie] - libtasn1-6 (Minor issue since this cannot be exploited at runtime) - libtasn1-3 NOTE: https://gitlab.com/gnutls/libtasn1/issues/4 @@ -6199,8 +6200,8 @@ CVE-2018-13819 (A hardcoded secret key, in CA Unified Infrastructure Management NOT-FOR-US: CA Unified Infrastructure Management CVE-2018-13818 (Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the ...) - twig 2.4.4-2 + [stretch] - twig (Minor issue) NOTE: Fixed upstream in 2.4.4 - TODO: check, details CVE-2018-13817 RESERVED CVE-2018-13816 @@ -13716,11 +13717,13 @@ CVE-2018-10889 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7. - moodle CVE-2018-10888 (A flaw was found in libgit2 before version 0.27.3. A missing check in ...) {DLA-1477-1} - - libgit2 0.27.4+dfsg.1-0.1 (bug #903508) + - libgit2 0.27.4+dfsg.1-0.1 (low; bug #903508) + [stretch] - libgit2 (Minor issue) NOTE: https://github.com/libgit2/libgit2/commit/9844d38bed10e9ff17174434b3421b227ae710f3 CVE-2018-10887 (A flaw was found in libgit2 before version 0.27.3. It has been ...) {DLA-1477-1} - - libgit2 0.27.4+dfsg.1-0.1 (bug #903509) + - libgit2 0.27.4+dfsg.1-0.1 (low; bug #903509) + [stretch] - libgit2 (Minor issue) NOTE: https://github.com/libgit2/libgit2/commit/3f461902dc1072acb8b7607ee65d0a0458ffac2a NOTE: https://github.com/libgit2/libgit2/commit/c1577110467b701dcbcf9439ac225ea851b47d22 CVE-2018- [Incomplete fix for CVE-2018-10886] @@ -50699,6 +50702,7 @@ CVE-2017-15140 CVE-2017-15139 (A vulnerability was found in openstack-cinder releases up to and ...) [experimental] - cinder 2:13.0.0-1 - cinder + [stretch] - cinder (Minor issue) [jessie] - cinder (ScaleIO Driver support does not exist) NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0084 NOTE: https://bugs.launchpad.net/ossn/+bug/1699573 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2a93573c485852177a6867505c084b1ba08978ba -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2a93573c485852177a6867505c084b1ba08978ba You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 069ff9b5 by Moritz Muehlenhoff at 2018-08-22T20:30:43Z stretch triage - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -237,9 +237,9 @@ CVE-2018-15609 CVE-2018-15608 RESERVED CVE-2018-15607 (In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 ...) - - imagemagick + - imagemagick (low) + [stretch] - imagemagick (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1255 - TODO: check CVE-2018-15606 RESERVED CVE-2018-15605 @@ -330,6 +330,7 @@ CVE-2018-1000657 (Rust Programming Language Rust standard library version Commit NOTE: https://github.com/rust-lang/rust/issues/44800 CVE-2018-1000656 (The Pallets Project flask version Before 0.12.3 contains a CWE-20: ...) - flask 1.0.2-1 + [stretch] - flask (Minor issue) NOTE: https://github.com/pallets/flask/pull/2691 CVE-2018-1000655 (Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference ...) NOT-FOR-US: Jsish @@ -340,7 +341,8 @@ CVE-2018-1000654 (GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn CVE-2018-1000653 (zzcms version 8.3 and earlier contains a SQL Injection vulnerability ...) NOT-FOR-US: zzcms CVE-2018-1000652 (JabRef version =4.3.1 contains a XML External Entity (XXE) ...) - - jabref + - jabref (low) + [stretch] - jabref (Minor issue) NOTE: https://github.com/JabRef/jabref/issues/4229 NOTE: https://github.com/JabRef/jabref/commit/89f855d76713b4cd25ac0830c719cd61c511851e CVE-2018-1000651 (Stroom version 5.4.5 contains a XML External Entity (XXE) ...) @@ -1360,7 +1362,8 @@ CVE-2018-15121 RESERVED CVE-2018-15120 [denial of service by emoji (assertion failure)] RESERVED - - pango1.0 1.42.4-1 + - pango1.0 1.42.4-1 (low) + [stretch] - pango1.0 (Vulnerable code not present) NOTE: https://gitlab.gnome.org/GNOME/pango/commit/71aaeaf020340412b8d012fe23a556c0420eda5f CVE-2018-15119 RESERVED @@ -12257,7 +12260,8 @@ CVE-2018-10857 (git-annex is vulnerable to a private data exposure and exfiltrat CVE-2018-10856 (It has been discovered that podman before version 0.6.1 does not drop ...) NOT-FOR-US: Podman CVE-2018-10855 (Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the ...) - - ansible 2.5.5+dfsg-1 + - ansible 2.5.5+dfsg-1 (low) + [stretch] - ansible (Vulnerable code not present) [jessie] - ansible (vulnerable code not present) NOTE: https://github.com/ansible/ansible/pull/41414 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1588855 @@ -21985,7 +21989,8 @@ CVE-2015-9253 (An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x be NOTE: https://bugs.php.net/bug.php?id=75968 NOTE: Only exploitable with malicious script CVE-2018-7226 (An issue was discovered in vcSetXCutTextProc() in VNConsole.c in ...) - - vncterm (bug #898453) + - vncterm (low; bug #898453) + [stretch] - vncterm (Minor issue) NOTE: https://github.com/LibVNC/vncterm/issues/6 CVE-2018-7225 (An issue was discovered in LibVNCServer through 0.9.11. ...) {DSA-4221-1 DLA-1332-1} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/069ff9b58c0ed6fd40048304c49a4a1d34caafd0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/069ff9b58c0ed6fd40048304c49a4a1d34caafd0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 5c7f646f by Moritz Muehlenhoff at 2018-08-20T18:43:34Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -168,7 +168,8 @@ CVE-2018-15503 (The unpack implementation in Swoole version 4.0.4 lacks correct CVE-2018-15502 RESERVED CVE-2018-15501 (In ng_pkt in transports/smart_pkt.c in libgit2 before 0.26.6 and 0.27.x ...) - - libgit2 0.27.4+dfsg.1-0.1 + - libgit2 0.27.4+dfsg.1-0.1 (low) + [stretch] - libgit2 (Minor issue) NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9406 NOTE: https://github.com/libgit2/libgit2/commit/1f9a8510e1d2f20ed7334eeeddb92c4dd8e7c649 CVE-2018-15500 @@ -773,6 +774,7 @@ CVE-2018-15210 RESERVED CVE-2018-15209 (ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows ...) - tiff (bug #905798) + [stretch] - tiff (Can be fixed along in future DSA) - tiff3 NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2808 CVE-2018-15208 @@ -3739,6 +3741,7 @@ CVE-2018-14029 (CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6. NOT-FOR-US: Creatiwity wityCMS CVE-2018-14028 (In WordPress 4.9.7, plugins uploaded via the admin area are not ...) - wordpress (bug #906565) + [stretch] - wordpress (Minor issue) [jessie] - wordpress (can be fixed with a later update) NOTE: https://core.trac.wordpress.org/ticket/44710 NOTE: https://rastating.github.io/unrestricted-file-upload-via-plugin-uploader-in-wordpress/ @@ -9284,6 +9287,7 @@ CVE-2018-11772 RESERVED CVE-2018-11771 (When reading a specially crafted ZIP archive, the read method of ...) - libcommons-compress-java (bug #906301) + [stretch] - libcommons-compress-java (Minor issue) NOTE: http://www.openwall.com/lists/oss-security/2018/08/16/2 CVE-2018-11770 (From version 1.3.0 onward, Apache Spark's standalone master exposes a ...) NOT-FOR-US: Apache Spark @@ -18925,9 +18929,11 @@ CVE-2018-8021 RESERVED CVE-2018-8020 (Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw ...) - tomcat-native 1.2.17-1 + [stretch] - tomcat-native (Minor issue) NOTE: https://svn.apache.org/r1832863 CVE-2018-8019 (When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and ...) - tomcat-native 1.2.17-1 + [stretch] - tomcat-native (Minor issue) NOTE: https://svn.apache.org/r1832832 CVE-2018-8018 (Apache Ignite 2.5 and earlier serialization mechanism does not have a ...) NOT-FOR-US: Apache Ignite @@ -31268,6 +31274,7 @@ CVE-2017-1000434 (Wordpress plugin Furikake version 0.1.0 is vulnerable to an Op CVE-2017-1000433 (pysaml2 version 4.4.0 and older accept any password when run with ...) {DLA-1410-1} - python-pysaml2 (bug #886423) + [stretch] - python-pysaml2 (Minor issue) NOTE: https://github.com/rohe/pysaml2/issues/451 NOTE: Fixed by: https://github.com/rohe/pysaml2/commit/6312a41e037954850867f29d329e5007df1424a5 CVE-2017-1000432 (Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting ...) = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -65,6 +65,8 @@ openjpeg2 (luciano) openssh (seb) User enumeration vulnerability -- +openssh +-- otrs2 -- passenger View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c7f646f0e6c5f4f5372ce5f3f528145eb739255 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c7f646f0e6c5f4f5372ce5f3f528145eb739255 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: fd5acd84 by Moritz Muehlenhoff at 2018-08-15T18:47:47Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -853,6 +853,7 @@ CVE-2018- [Heap-based buffer overflow in zutils zcat] NOTE: Fixed by: upstream/0001-zcat-buffer-overrun.patch (in 1.7-3) CVE-2018-14938 (An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through ...) - tcpflow (bug #905483) + [stretch] - tcpflow (Minor issue) NOTE: https://github.com/simsong/tcpflow/commit/a4e1cd14eb5ccc51ed271b65b3420f7d692c40eb NOTE: https://github.com/simsong/tcpflow/issues/182 CVE-2018-14937 (The Add page option in my little forum 2.4.12 allows XSS via the Menu ...) @@ -1788,6 +1789,7 @@ CVE-2018-14569 RESERVED CVE-2018-1999024 (MathJax version prior to version 2.7.4 contains a Cross Site Scripting ...) - mathjax 2.7.4+dfsg-1 + [stretch] - mathjax (Minor issue) NOTE: https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1 CVE-2018-1999021 (Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) ...) NOT-FOR-US: Gleezcms Gleez Cms @@ -18400,6 +18402,7 @@ CVE-2018-8033 RESERVED CVE-2018-8032 (Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site ...) - axis (bug #905328) + [stretch] - axis (Minor issue) NOTE: https://issues.apache.org/jira/browse/AXIS-2924 NOTE: https://svn.apache.org/r1831943 CVE-2018-8031 (The TomEE console (tomee-webapp) has a XSS vulnerability which could ...) = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -18,6 +18,8 @@ If needed, specify the release by adding a slash after the name of the source pa asterisk berni working on updates -- +ceph +-- enigmail -- gitlab @@ -52,6 +54,8 @@ mariadb-10.1/stable including some other changes -> Needs review if suitable to include via security upload or need an SRM ack first. -- +mbedtls +-- mercurial -- mosquitto (seb) @@ -68,6 +72,8 @@ openjfx -- openjpeg2 (luciano) -- +otrs2 +-- passenger -- php-horde-image View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd5acd849355c3e87b95df2e09a902a836233b65 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd5acd849355c3e87b95df2e09a902a836233b65 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 40308adb by Moritz Muehlenhoff at 2018-08-01T16:32:05Z stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -564,6 +564,7 @@ CVE-2018-1999008 (October CMS version prior to build 437 contains a Cross Site S NOT-FOR-US: October CMS CVE-2018-14568 (Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a ...) - suricata 1:4.0.5-1 + [stretch] - suricata (Minor issue) NOTE: https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345 NOTE: https://redmine.openinfosecfoundation.org/issues/2501 CVE-2018-14567 @@ -608,6 +609,7 @@ CVE-2018-14552 RESERVED CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses ...) - imagemagick 8:6.9.10.8+dfsg-1 (bug #904713) + [stretch] - imagemagick (Can be fixed along in a future DSA) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1221 NOTE: https://github.com/ImageMagick/ImageMagick/commit/389ecc365a7c61404ba078a72c3fa5a3cf1b4101 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/db7a4be592328af06d776ce3bab24b8c6de5be20 @@ -731,6 +733,7 @@ CVE-2018-1999023 (The Battle for Wesnoth Project version 1.7.0 through 1.14.3 co NOTE: https://github.com/wesnoth/wesnoth/commit/d911268a783467842d38eae7ac1630f1fea41318 (1.14.x) CVE-2018-14505 (mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to ...) - mitmproxy (bug #904293) + [stretch] - mitmproxy (Minor issue) NOTE: https://github.com/mitmproxy/mitmproxy/issues/3234 NOTE: https://github.com/mitmproxy/mitmproxy/pull/3243 CVE-2018-14499 @@ -2046,7 +2049,8 @@ CVE-2018-13990 CVE-2018-13989 (Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST ...) NOT-FOR-US: Grundig Smart Inter@ctive TV 3.0 devices CVE-2018-13988 (Poppler through 0.62 contains a Buffer Overflow vulnerability due to ...) - - poppler (bug #904922) + - poppler (low; bug #904922) + [stretch] - poppler (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1602838 NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=004e3c10df0abda214f0c293f9e269fdd979c5ee (poppler-0.67.0) CVE-2018-13987 = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -77,6 +77,8 @@ passenger php-horde-image Chris Lamb proposed debdiff adressing CVE-2017-9773, CVE-2017-9774 and CVE-2017-14650 -- +python-django +-- sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40308adb3ab2814985621ae5b3053d4832cc2284 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/40308adb3ab2814985621ae5b3053d4832cc2284 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2906ee00 by Moritz Muehlenhoff at 2018-07-20T08:08:26+02:00 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -307,6 +307,7 @@ CVE-2018-14338 (samples/geotag.cpp in the example code of Exiv2 0.26 misuses the NOTE: Issue in example code of Exiv2 CVE-2018-14337 (The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 ...) - mruby (bug #903985) + [stretch] - mruby (Minor issue) NOTE: https://github.com/mruby/mruby/issues/4062 NOTE: https://github.com/mruby/mruby/commit/695f29cd604787f43be1af16e38d13610bf8312b NOTE: https://github.com/mruby/mruby/commit/adb1eae912659d680a9c5b7832e22cf73d36a69a @@ -328,11 +329,9 @@ CVE-2018-14331 (An issue was discovered in XiaoCms X1 v20140305. There is a CSRF CVE-2018-14330 RESERVED CVE-2018-14329 (In HTSlib 1.8, a race condition in cram/cram_io.c might allow local ...) - - htslib - [jessie] - htslib (Minor issue, ignored by upstream) + - htslib (unimportant) NOTE: https://github.com/samtools/htslib/issues/736 - NOTE: Upstream closed the issue, reasoning that fixing the issue would - NOTE: cause another set of problems. + NOTE: Neutralised by kernel hardening CVE-2018-14328 RESERVED CVE-2018-14327 @@ -4386,6 +4385,7 @@ CVE-2018-12582 (An issue was discovered in AKCMS 6.1. CSRF can add an admin acco NOT-FOR-US: AKCMS CVE-2018-12581 (An issue was discovered in js/designer/move.js in phpMyAdmin before ...) - phpmyadmin (low) + [stretch] - phpmyadmin (Vulnerable code not present) [jessie] - phpmyadmin (vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2018-3/ NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/6943fff87324bd54c3a37a5160a5fb77498c355e @@ -7249,11 +7249,13 @@ CVE-2018-11491 RESERVED CVE-2018-11490 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly ...) - giflib (bug #904114) + [stretch] - giflib (Minor issue) NOTE: https://github.com/pts/sam2p/issues/38 NOTE: https://sourceforge.net/p/giflib/bugs/113/ NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib. CVE-2018-11489 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly ...) - giflib (bug #904113) + [stretch] - giflib (Minor issue) NOTE: https://github.com/pts/sam2p/issues/37 NOTE: https://sourceforge.net/p/giflib/bugs/112/ NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib. @@ -10672,6 +10674,7 @@ CVE-2018-10189 (An issue was discovered in Mautic 1.x and 2.x before 2.13.0. It NOT-FOR-US: Mautic CVE-2018-10188 (phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to ...) - phpmyadmin (bug #896490) + [stretch] - phpmyadmin (Only affects 4.8.x) [jessie] - phpmyadmin (vulnerable code not present) [wheezy] - phpmyadmin (vulnerable code not present) NOTE: https://www.phpmyadmin.net/security/PMASA-2018-2/ @@ -32090,6 +32093,7 @@ CVE-2018-2599 (Vulnerability in the Java SE, Java SE Embedded, JRockit component [wheezy] - openjdk-6 CVE-2018-2598 (Vulnerability in the MySQL Workbench component of Oracle MySQL ...) - mysql-workbench (bug #904112) + [stretch] - mysql-workbench (Exact details undisclosed, but marginal CVSS score) CVE-2018-2597 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management ...) NOT-FOR-US: Oracle CVE-2018-2596 (Vulnerability in the Oracle WebCenter Content component of Oracle ...) @@ -46081,6 +46085,7 @@ CVE-2017-14989 (A use-after-free in RenderFreetype in MagickCore/annotate.c in . NOTE: ImageMagick-6: https://github.com/ImageMagick/ImageMagick/commit/28bad01242898d7f863deedbfa8502c348293093 CVE-2017-14988 (Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote ...) - openexr (bug #878551) + [stretch] - openexr (Minor issue) [wheezy] - openexr (Should be fixed along in future update) NOTE: https://github.com/openexr/openexr/issues/248 CVE-2017-14987 @@ -53432,7 +53437,7 @@ CVE-2017-12597 (OpenCV (Open Source Computer Vision Library) through 3.3 has an NOTE: https://github.com/opencv/opencv/issues/9309 CVE-2017-12596 (In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read ...) - openexr 2.2.0-11.1 (bug #877352) - [stretch] - opencv (Minor issue) + [stretch] - openexr (Minor issue) [wheezy] - openexr 1.6.1-6+deb7u1 NOTE: https://github.com/openexr/openexr/issues/238 NOTE: Upstream fix
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c3f166c6 by Moritz Muehlenhoff at 2018-07-09T22:09:54+02:00 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -689,7 +689,8 @@ CVE-2018-13442 CVE-2018-13441 RESERVED CVE-2018-13440 (The audiofile Audio File Library 0.3.6 has a NULL pointer dereference ...) - - audiofile + - audiofile (low) + [stretch] - audiofile (Minor issue) NOTE: https://github.com/mpruett/audiofile/issues/49 CVE-2018-13439 (WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a ...) NOT-FOR-US: WeChat Pay Java SDK @@ -728,14 +729,16 @@ CVE-2018-13423 (admin/themes/default/items/tag-form.php in Omeka before 2.6.1 al CVE-2018-13422 (TCExam before 14.1.2 has XSS via an ff_ or xl_ field. ...) NOT-FOR-US: TCExam CVE-2018-13421 (Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a ...) - - fast-cpp-csv-parser 0.0+git20160525~9bf299c-2 (bug #903247) + - fast-cpp-csv-parser 0.0+git20160525~9bf299c-2 (low; bug #903247) + [stretch] - fast-cpp-csv-parser (Minor issue) NOTE: https://github.com/ben-strasser/fast-cpp-csv-parser/issues/67 NOTE: https://github.com/ben-strasser/fast-cpp-csv-parser/commit/8cf591aa7397f4372778cc927e184d28ee591093 CVE-2018-13420 (** DISPUTED ** Google gperftools 2.7 has a memory leak in ...) - - google-perftools (low; bug #903248) + - google-perftools (unimportant; bug #903248) NOTE: https://github.com/gperftools/gperftools/issues/1013 CVE-2018-13419 (An issue has been found in libsndfile 1.0.28. There is a memory leak in ...) - libsndfile (low) + [stretch] - libsndfile (Minor issue) NOTE: https://github.com/erikd/libsndfile/issues/398 CVE-2018-13418 RESERVED @@ -2544,7 +2547,8 @@ CVE-2018-1000534 (Joplin version prior to 1.0.90 contains a XSS evolving into co CVE-2018-1000533 (klaussilveira GitList version = 0.6 contains a Passing incorrectly ...) NOT-FOR-US: klaussilveira GitList CVE-2018-1000532 (beep version 1.3 and up contains a External Control of File Name or ...) - - beep (bug #902722) + - beep (low; bug #902722) + [stretch] - beep (Minor issue) NOTE: https://github.com/johnath/beep/issues/11#issuecomment-379514298 CVE-2018-1000531 (inversoft prime-jwt version prior to commit ...) NOT-FOR-US: prime-jwt @@ -2944,6 +2948,7 @@ CVE-2018-12521 RESERVED CVE-2018-12520 (An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG ...) - ntopng (bug #903154) + [stretch] - ntopng (Minor issue) NOTE: http://seclists.org/fulldisclosure/2018/Jul/14 NOTE: https://gist.github.com/Psychotropos/3e8c047cada9b1fb716e6a014a428b7f NOTE: https://github.com/ntop/ntopng/commit/30610bda60cbfc058f90a1c0a17d0e8f4516221a @@ -6814,6 +6819,7 @@ CVE-2018-11038 RESERVED CVE-2018-11037 (In Exiv2 0.26, the Exiv2::PngImage::printStructure function in ...) - exiv2 + [stretch] - exiv2 (Revisit when fixed upstream) [jessie] - exiv2 (Minor issue, wait for more issues) NOTE: https://github.com/Exiv2/exiv2/issues/307 CVE-2018-11036 (Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, ...) @@ -7268,6 +7274,7 @@ CVE-2018-10860 (perl-archive-zip is vulnerable to a directory traversal in ...) CVE-2018-10859 RESERVED - git-annex 6.20180626-1 + [stretch] - git-annex (Will be fixed via next point release) NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4 NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/ CVE-2018-10858 @@ -7275,6 +7282,7 @@ CVE-2018-10858 CVE-2018-10857 RESERVED - git-annex 6.20180626-1 + [stretch] - git-annex (Will be fixed via next point release) NOTE: http://www.openwall.com/lists/oss-security/2018/06/26/4 NOTE: https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/ CVE-2018-10856 (It has been discovered that podman before version 0.6.1 does not drop ...) = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -22,6 +22,8 @@ enigmail ffmpeg Wait for next 3.2.x release -- +gitlab +-- glusterfs -- graphicsmagick View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3f166c6a47cd66a9361078f81ae78ff663027d5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c3f166c6a47cd66a9361078f81ae78ff663027d5 You're receiving this email because of your account on salsa.debian.org.
[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 918cff8e by Moritz Muehlenhoff at 2018-06-22T00:25:51+02:00 stretch triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = --- a/data/CVE/list +++ b/data/CVE/list @@ -540,7 +540,8 @@ CVE-2018-12439 (MatrixSSL through 3.9.5 Open allows a memory-cache side-channel CVE-2018-12438 (The Elliptic Curve Cryptography library (aka sunec or libsunec) allows ...) TODO: check CVE-2018-12437 (LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ...) - - libtomcrypt (bug #901626) + - libtomcrypt (low; bug #901626) + [stretch] - libtomcrypt (Minor issue) NOTE: https://github.com/libtom/libtomcrypt/issues/407 CVE-2018-12436 (wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a ...) - wolfssl (bug #901627) @@ -1444,10 +1445,12 @@ CVE-2018-12037 CVE-2018-12036 (OWASP Dependency-Check before 3.2.0 allows attackers to write to ...) NOT-FOR-US: OWASP Dependency-Check CVE-2018-12035 (In YARA 3.7.1 and prior, parsing a specially crafted compiled rule ...) - - yara 3.7.1-3 + - yara 3.7.1-3 (low) + [stretch] - yara (Minor issue) NOTE: https://github.com/VirusTotal/yara/issues/891 CVE-2018-12034 (In YARA 3.7.1 and prior, parsing a specially crafted compiled rule ...) - - yara 3.7.1-3 + - yara 3.7.1-3 (low) + [stretch] - yara (Minor issue) NOTE: https://github.com/VirusTotal/yara/issues/891 CVE-2018-12033 RESERVED @@ -12285,11 +12288,13 @@ CVE-2018-7691 CVE-2018-7690 RESERVED CVE-2018-7689 (Lack of permission checks in the InitializeDevelPackage function in ...) - - open-build-service + - open-build-service (low) + [stretch] - open-build-service (Minor issue) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1094819 NOTE: https://github.com/openSUSE/open-build-service/commit/990ef7cccef6f38fc1d1a1bb22a08e174dcba43b CVE-2018-7688 (A missing permission check in the review handling of openSUSE Open ...) - - open-build-service + - open-build-service (low) + [stretch] - open-build-service (Minor issue) NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1094820 NOTE: https://github.com/openSUSE/open-build-service/commit/b15cf19e9e01115f653c76ffdc8f54cd97566553 CVE-2018-7687 (The Micro Focus Client for OES before version 2 SP4 IR8a has a ...) @@ -18429,15 +18434,18 @@ CVE-2018-5807 RESERVED CVE-2018-5806 [NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp] RESERVED - - libraw 0.18.8-1 + - libraw 0.18.8-1 (low) + [stretch] - libraw (Minor issue) NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03 CVE-2018-5805 [Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp] RESERVED - - libraw 0.18.8-1 + - libraw 0.18.8-1 (low) + [stretch] - libraw (Minor issue) NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03 CVE-2018-5804 [type confusion error in identify() function in internal/dcraw_common.cpp] RESERVED - - libraw 0.18.8-1 + - libraw 0.18.8-1 (low) + [stretch] - libraw (Minor issue) NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-03 CVE-2018-5803 (In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, ...) {DSA-4188-1 DSA-4187-1 DLA-1369-1} = data/dsa-needed.txt = --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -44,6 +44,8 @@ lava-server libidn santiago proposed debdiffs for jessie and stretch -- +libspring-java +-- linux Wait until more issues have piled up -- @@ -55,6 +57,9 @@ mercurial mosquitto (seb) 2018-02-27: Roger Light provided a debdiff targetting stretch, needs review -- +mupdf + leaf package, might be a candidate for simply moving to 1.13 in stretch +-- openjpeg2 (luciano) -- passenger @@ -67,6 +72,10 @@ ruby2.3 Santiago will prepare an update work-in-progress: https://salsa.debian.org/ruby-team/ruby/tree/stretch-security-wip -- +ruby-rack-protection (jmm) +- +ruby-sprockets +-- sssd Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release. -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/918cff8e407e264a4dd7edbc191da68e20f08539 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/918cff8e407e264a4dd7edbc191da68e20f08539 You're receiving this email because of your account on salsa.debian.org.