[Secure-testing-commits] r32266 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Mon Feb 16 16:22:55 UTC 2015 

Author: jmm
Date: 2015-02-16 16:22:54 +0000 (Mon, 16 Feb 2015)
New Revision: 32266

Modified:
   data/CVE/list
Log:
spencer regex updates:
 - php confirmed
 - olsrd, ptlib, clamav, alpine, vigor n/a or unimportant
nagios no-dsa for jessie
one freetype issue n/a in squeeze/wheezy
take freetype


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-02-16 15:42:13 UTC (rev 32265)
+++ data/CVE/list	2015-02-16 16:22:54 UTC (rev 32266)
@@ -7,12 +7,14 @@
 	- gnupg2 <unfixed>
 	- gnupg <undetermined>
 	NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
+	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=2183683bd633818dd031b090b5530951de76f392
 	TODO: check
 CVE-2015-1606 [use after free resulting from failure to skip invalid packets]
 	[experimental] - gnupg2 2.1.2-1
 	- gnupg2 <unfixed>
 	- gnupg <undetermined>
 	NOTE: https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
+	NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=f0f71a721ccd7ab9e40b8b6b028b59632c0cc648
 	TODO: check
 CVE-2015-1604
 	NOT-FOR-US: Landsknecht Adminsystems
@@ -64,7 +66,6 @@
 	- linux-2.6 <removed>
 	NOTE: http://hmarco.org/bugs/linux-ASLR-integer-overflow.html
 	NOTE: https://lkml.org/lkml/2015/2/14/61
-	TODO: check
 CVE-2015-1592 [local file inclusion or inauthenticated arbitrary remote code execution]
 	RESERVED
 	- movabletype-opensource <removed>
@@ -82,10 +83,12 @@
 CVE-2015-1569 (Fortinet FortiClient 5.2.028 for iOS does not validate certificates, ...)
 	TODO: check
 CVE-2015-XXXX [Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability]
-	- php5 <unfixed> (bug #778389)
-	- olsrd <unfixed> (bug #778390)
-	- llvm-toolchain-3.4 <unfixed> (bug #778391)
-	- llvm-toolchain-3.5 <unfixed> (bug #778392)
+	- php5 <unfixed> (low; bug #778389)
+	- olsrd <not-affected> (only when building on Android, see bug #778390)
+	- llvm-toolchain-3.4 <unfixed> (low; bug #778391)
+	[jessie] - llvm-toolchain-3.4 <no-dsa> (Minor issue)
+	- llvm-toolchain-3.5 <unfixed> (low; bug #778392)
+	[jessie] - llvm-toolchain-3.5 <no-dsa> (Minor issue)
 	- llvm-toolchain-3.6 <unfixed> (bug #778393)
 	- llvm-toolchain-snapshot <unfixed> (bug #778394)
 	- haskell-regex-posix <not-affected> (only when building on Windows, see bug #778395)
@@ -97,15 +100,18 @@
 	- yap <unfixed> (bug #778410)
 	- vnc4 <unfixed> (bug #778403)
 	- sma <not-affected> (Local regex copy only used when building on Windows, see #778411)
-	- clamav <unfixed> (bug #778406)
-	[wheezy] - clamav <no-dsa> (Updated through stable-updates)
+	- clamav <unfixed> (unimportant; bug #778406)
+	NOTE: Only exploitable through virusdb updates, which need to be trusted anywaya
 	- knews <unfixed> (bug #778401)
 	- radare2 <unfixed> (bug #778402)
 	- efl <unfixed> (bug #778414)
-	- ptlib <unfixed> (bug #778404)
-	- alpine <unfixed> (bug #778413)
-	- vigor 0.016-24 (bug #778409)
+	- ptlib <unfixed> (unimportant; bug #778404)
+	NOTE: ptlib uses the regex code from glibc, local fallback code not used
+	- alpine <unfixed> (unimportant; bug #778413)
+	NOTE: alpine uses the regex code from glibc, local fallback code not used
+	- vigor 0.016-24 (unimportant; bug #778409)
 	- nvi <unfixed> (unimportant; bug #778412)
+	NOTE: No security impact in nvi/vigor
 	NOTE: http://www.kb.cert.org/vuls/id/695940
 	NOTE: https://guidovranken.wordpress.com/2015/02/04/full-disclosure-heap-overflow-in-h-spencers-regex-library-on-32-bit-systems/
 CVE-2015-XXXX [insecure storage of password]
@@ -329,6 +335,8 @@
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1
 CVE-2014-9662 (cff/cf2ft.c in FreeType before 2.5.4 does not validate the return ...)
 	- freetype <unfixed> (bug #777656)
+	[wheezy] - freetype <not-affected> (Vulnerable code not present)
+	[squeeze] - freetype <not-affected> (Vulnerable code not present)
 	NOTE: http://code.google.com/p/google-security-research/issues/detail?id=185
 	NOTE: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2
 CVE-2014-9661 (type42/t42parse.c in FreeType before 2.5.4 does not consider that ...)
@@ -28697,6 +28705,7 @@
 	{DSA-2956-1 DLA-60-1}
 	- icinga 1.10.2-1 (low)
 	- nagios3 <unfixed> (low; bug #771466)
+	[jessie] - nagios3 <no-dsa> (Minor issue)
 	[squeeze] - nagios3 <no-dsa> (Minor issue)
 	[wheezy] - nagios3 <no-dsa> (Minor issue)
 	NOTE: https://dev.icinga.org/issues/5251

More information about the Secure-testing-commits mailing list