[Secure-testing-commits] r50534 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Apr 10 16:00:34 UTC 2017
Author: jmm
Date: 2017-04-10 16:00:34 +0000 (Mon, 10 Apr 2017)
New Revision: 50534
Modified:
data/CVE/list
Log:
elfutils, binutils, tiff no-dsa
Android NFUs
mark bluez and bundler as no-dsa for stretch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-10 15:25:15 UTC (rev 50533)
+++ data/CVE/list 2017-04-10 16:00:34 UTC (rev 50534)
@@ -1,7 +1,8 @@
CVE-2017-7615
RESERVED
CVE-2017-7614 (elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...)
- - binutils <unfixed> (bug #859989)
+ - binutils <unfixed> (low; bug #859989)
+ [jessie] - binutils <no-dsa> (Minor issue)
NOTE: https://blogs.gentoo.org/ago/2017/04/05/binutils-two-null-pointer-dereference-in-elflink-c/
NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ad32986fdf9da1c8748e47b8b45100398223dba8
CVE-2017-7613 (elflint.c in elfutils 0.168 does not validate the number of sections ...)
@@ -26,18 +27,20 @@
NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-__libelf_decompress-elf_compress-c/
CVE-2017-7608 (The ebl_object_note_type_name function in eblobjnotetypename.c in ...)
- elfutils <unfixed> (bug #859995)
+ [jessie] - elfutils <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21300
NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c/
CVE-2017-7607 (The handle_gnu_hash function in readelf.c in elfutils 0.168 allows ...)
- elfutils <unfixed> (bug #859996)
+ [jessie] - elfutils <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21299
NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-handle_gnu_hash-readelf-c/
CVE-2017-7605 (aacplusenc.c in HE-AAC+ Codec (aka libaacplus) 2.0.2 has an assertion ...)
- TODO: check
+ NOT-FOR-US: libaacplus
CVE-2017-7604 (au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a left-shift ...)
- TODO: check
+ NOT-FOR-US: libaacplus
CVE-2017-7603 (au_channel.h in HE-AAC+ Codec (aka libaacplus) 2.0.2 has a signed ...)
- TODO: check
+ NOT-FOR-US: libaacplus
CVE-2017-7602 (LibTIFF 4.0.7 has a signed integer overflow, which might allow remote ...)
- tiff <unfixed>
- tiff3 <removed>
@@ -59,7 +62,8 @@
NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
CVE-2017-7598 (tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a ...)
- - tiff <unfixed>
+ - tiff <unfixed> (low)
+ [jessie] - tiff <no-dsa> (Minor issue)
- tiff3 <removed>
NOTE: https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8
NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
@@ -74,12 +78,14 @@
NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes
NOTE: https://github.com/vadz/libtiff/commit/3144e57770c1e4d26520d8abee750f8ac8b75490
CVE-2017-7595 (The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows ...)
- - tiff <unfixed> (bug #860003)
+ - tiff <unfixed> (low; bug #860003)
+ [jessie] - tiff <no-dsa> (Minor issue)
- tiff3 <removed>
NOTE: https://blogs.gentoo.org/ago/2017/04/01/libtiff-divide-by-zero-in-jpegsetupencode-tiff_jpeg-c
NOTE: https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122
CVE-2017-7594 (The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in ...)
- - tiff <unfixed> (bug #860001)
+ - tiff <unfixed> (low; bug #860001)
+ [jessie] - tiff <no-dsa> (Minor issue)
- tiff3 <removed>
NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2659
CVE-2017-7593 (tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is ...)
@@ -11178,11 +11184,13 @@
NOTE: CVE for the "'cirrus_get_bpp' returns zero(0), which could lead to a divide by zero" issue.
CVE-2016-9918 (In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9917 (In BlueZ 5.42, a buffer overflow was observed in "read_n" function in ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
@@ -18557,13 +18565,13 @@
CVE-2017-0559 (An information disclosure vulnerability in libskia could enable a ...)
- skia <itp> (bug #818180)
CVE-2017-0558 (An information disclosure vulnerability in Mediaserver could enable a ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver
CVE-2017-0557 (An information disclosure vulnerability in libmpeg2 in Mediaserver ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver
CVE-2017-0556 (An information disclosure vulnerability in libmpeg2 in Mediaserver ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver
CVE-2017-0555 (An information disclosure vulnerability in libavc in Mediaserver could ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver/ libavc
CVE-2017-0554 (An elevation of privilege vulnerability in the Telephony component ...)
NOT-FOR-US: Android
CVE-2017-0553 (An elevation of privilege vulnerability in libnl could enable a local ...)
@@ -18572,17 +18580,17 @@
NOTE: Fixed by: http://git.infradead.org/users/tgr/libnl.git/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb
NOTE: Fix via Android: https://android.googlesource.com/platform/external/libnl/+/f83d9c1c67b6be69a96995e384f50b572b667df0
CVE-2017-0552 (A remote denial of service vulnerability in libavc in Mediaserver ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver / libavc
CVE-2017-0551 (A remote denial of service vulnerability in libavc in Mediaserver ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver / libavc
CVE-2017-0550 (A remote denial of service vulnerability in libavc in Mediaserver ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver / libavc
CVE-2017-0549 (A remote denial of service vulnerability in libavc in Mediaserver ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver / libavc
CVE-2017-0548 (A remote denial of service vulnerability in libskia could enable an ...)
- skia <itp> (bug #818180)
CVE-2017-0547 (An information disclosure vulnerability in libmedia in Mediaserver ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver
CVE-2017-0546 (An elevation of privilege vulnerability in SurfaceFlinger could enable ...)
NOT-FOR-US: Android
CVE-2017-0545 (An elevation of privilege vulnerability in Audioserver could enable a ...)
@@ -18590,17 +18598,17 @@
CVE-2017-0544 (An elevation of privilege vulnerability in CameraBase could enable a ...)
NOT-FOR-US: Android
CVE-2017-0543 (A remote code execution vulnerability in libavc in Mediaserver could ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver/ libavc
CVE-2017-0542 (A remote code execution vulnerability in libavc in Mediaserver could ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver/ libavc
CVE-2017-0541 (A remote code execution vulnerability in sonivox in Mediaserver could ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver
CVE-2017-0540 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver
CVE-2017-0539 (A remote code execution vulnerability in libhevc in Mediaserver could ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver
CVE-2017-0538 (A remote code execution vulnerability in libavc in Mediaserver could ...)
- TODO: check
+ NOT-FOR-US: Android Mediaserver / libavc
CVE-2017-0537 (An information disclosure vulnerability in the kernel USB gadget ...)
NOT-FOR-US: Nvidia driver for Android
NOTE: https://source.android.com/security/bulletin/2017-03-01.html
@@ -18933,41 +18941,49 @@
NOTE: https://git.xiph.org/?p=opus.git;a=commitdiff;h=70a3d641b
CVE-2016-9804 (In BlueZ 5.42, a buffer overflow was observed in "commands_dump" ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9803 (In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9802 (In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9801 (In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9800 (In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9799 (In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68898.html
CVE-2016-9798 (In BlueZ 5.42, a use-after-free was identified in "conf_opt" function ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
CVE-2016-9797 (In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function ...)
- bluez <unfixed> (bug #847837)
+ [stretch] - bluez <no-dsa> (Minor issue)
[jessie] - bluez <no-dsa> (Minor issue)
[wheezy] - bluez <no-dsa> (Minor issue)
NOTE: https://www.spinics.net/lists/linux-bluetooth/msg68892.html
@@ -25375,6 +25391,7 @@
NOT-FOR-US: AlienVault OSSIM
CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary Ruby code ...)
- bundler <unfixed> (bug #842504)
+ [stretch] - bundler <no-dsa> (Minor issue, too intrusive to backport)
[jessie] - bundler <no-dsa> (Minor issue, too intrusive to backport)
[wheezy] - bundler <no-dsa> (Minor issue, too intrusive to backport)
NOTE: http://www.openwall.com/lists/oss-security/2016/10/04/5
More information about the Secure-testing-commits
mailing list