[Git][security-tracker-team/security-tracker][master] Triage yara for Jessie.
Markus Koschany
apo at debian.org
Thu Dec 20 15:46:49 GMT 2018
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
72c5e5a1 by Markus Koschany at 2018-12-20T15:46:36Z
Triage yara for Jessie.
Add link to fixing commit. The affected code is not present in Jessie. However
features to mitigate maliciously compiled bytecode were introduced only in later
versions. That means that this specific exploit might not work but there are
certainly other ways to escape the virtual machine if someone crafts a specific
rules file. It is not trivial to craft the file and to trick a security researcher
into using it. Hence this is no-dsa for Jessie.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3668,19 +3668,23 @@ CVE-2018-19977
RESERVED
CVE-2018-19976 (In YARA 3.8.1, bytecode in a specially crafted compiled rule is ...)
- yara <unfixed>
+ [jessie] - yara <no-dsa> (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/999
NOTE: https://bnbdr.github.io/posts/extracheese/
NOTE: https://github.com/bnbdr/swisscheese/
CVE-2018-19975 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...)
- yara <unfixed>
+ [jessie] - yara <no-dsa> (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/999
NOTE: https://bnbdr.github.io/posts/extracheese/
NOTE: https://github.com/bnbdr/swisscheese/
CVE-2018-19974 (In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...)
- yara <unfixed>
+ [jessie] - yara <no-dsa> (Minor issue)
NOTE: https://github.com/VirusTotal/yara/issues/999
NOTE: https://bnbdr.github.io/posts/extracheese/
NOTE: https://github.com/bnbdr/swisscheese/
+ NOTE: Fixed by https://github.com/VirusTotal/yara/commit/6acc08d7329413f60e0976be017e18a581450d7a
CVE-2018-19973
RESERVED
CVE-2018-19972
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72c5e5a19bfddb956cb19f0e23e3ba2815be71a6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72c5e5a19bfddb956cb19f0e23e3ba2815be71a6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181220/023eaeaa/attachment.html>
More information about the debian-security-tracker-commits
mailing list