[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
jmm at debian.org
Fri Feb 8 22:06:53 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b64e74c8 by Moritz Muehlenhoff at 2019-02-08T22:06:30Z
buster triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8623,7 +8623,7 @@ CVE-2019-3826 [Stored DOM cross-site scripting (XSS) attack via crafted URL]
[stretch] - prometheus <not-affected> (Only affects 2.1.0 onwards)
NOTE: https://github.com/prometheus/prometheus/pull/5163
CVE-2019-3825 (A vulnerability was discovered in gdm before 3.31.4. When timed login ...)
- - gdm3 <unfixed> (low)
+ - gdm3 <unfixed> (low; bug #921764)
[stretch] - gdm3 <no-dsa> (Minor issue)
NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/460
CVE-2019-3824
@@ -10720,6 +10720,7 @@ CVE-2018-1000826 (Microweber version <= 1.0.7 contains a Cross Site Scripting
NOT-FOR-US: Microweber
CVE-2018-1000825 (FreeCol version <= nightly-2018-08-22 contains a XML External Entity ...)
- freecol <unfixed> (bug #917023; low)
+ [buster] - freecol <no-dsa> (Minor issue)
[stretch] - freecol <no-dsa> (Minor issue)
[jessie] - freecol <end-of-life> (Games are not supported)
NOTE: https://github.com/FreeCol/freecol/issues/26
@@ -20699,9 +20700,7 @@ CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called fro
CVE-2018-19106
RESERVED
CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service ...)
- - librecad <unfixed>
- [stretch] - librecad <no-dsa> (Minor issue)
- [jessie] - librecad <no-dsa> (Minor issue)
+ - librecad <undetermined>
NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
CVE-2018-19104 (In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be ...)
NOT-FOR-US: BageCMS
@@ -24539,8 +24538,9 @@ CVE-2018-17615 (This vulnerability allows remote attackers to execute arbitrary
CVE-2018-17614 (This vulnerability allows remote attackers to execute arbitrary code ...)
NOT-FOR-US: Losant Arduino MQTT Client
CVE-2018-17613 (Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is ...)
- - telegram-desktop <unfixed> (bug #921133)
+ - telegram-desktop <unfixed> (unimportant; bug #921133)
NOTE: https://www.inputzero.io/2018/09/telegram-share-password-in-cleartext.html
+ NOTE: Non issue, works as expected, should probably be rejected
CVE-2018-17612 (Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) ...)
NOT-FOR-US: Sennheiser
CVE-2018-17611 (Foxit PhantomPDF and Reader before 9.3 allow remote attackers to ...)
@@ -28894,7 +28894,8 @@ CVE-2018-15913
CVE-2018-15912 (An issue was discovered in manjaro-update-system.sh in manjaro-system ...)
NOT-FOR-US: manjaro-update-system.sh in manjaro-system on Manjaro Linux
CVE-2018-15919 (Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 ...)
- - openssh <unfixed> (bug #907503)
+ - openssh <unfixed> (low; bug #907503)
+ [buster] - openssh <no-dsa> (Minor issue)
[stretch] - openssh <no-dsa> (Minor issue)
[jessie] - openssh <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2018/08/27/2
@@ -32134,7 +32135,7 @@ CVE-2018-14638 (A flaw was found in 389-ds-base before version 1.3.8.4-13. The p
CVE-2018-14637 (The SAML broker consumer endpoint in Keycloak before version ...)
NOT-FOR-US: Keycloak
CVE-2018-14636 (Live-migrated instances are briefly able to inspect traffic for other ...)
- - neutron <unfixed> (low)
+ - neutron 2:13.0.0-1 (low)
[stretch] - neutron <no-dsa> (Minor issue)
[jessie] - neutron <ignored> (Minor issue)
CVE-2018-14635 (When using the Linux bridge ml2 driver, non-privileged tenants are ...)
@@ -39052,7 +39053,7 @@ CVE-2018-12030 (Chevereto Free before 1.0.13 has XSS. ...)
NOT-FOR-US: Chevereto Free
CVE-2018-12029 (A race condition in the nginx module in Phusion Passenger 3.x through ...)
{DLA-1399-1}
- - passenger <unfixed>
+ - passenger <unfixed> (bug #921767)
- ruby-passenger <removed>
NOTE: https://blog.phusion.nl/2018/06/12/passenger-5-3-2-various-security-fixes/
NOTE: https://github.com/phusion/passenger/commit/207870f5b7f5cc240587ab0977d6046782ae1d86
@@ -39814,21 +39815,25 @@ CVE-2018-11741 (NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Sess
NOT-FOR-US: NEC Univerge Sv9100 WebPro devices
CVE-2018-11740 (An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from ...)
- sleuthkit <unfixed> (low; bug #902187)
+ [buster] - sleuthkit <no-dsa> (Minor issue)
[stretch] - sleuthkit <no-dsa> (Minor issue)
[jessie] - sleuthkit <no-dsa> (Minor issue)
NOTE: https://github.com/sleuthkit/sleuthkit/issues/1264
CVE-2018-11739 (An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from ...)
- sleuthkit <unfixed> (low; bug #902187)
+ [buster] - sleuthkit <no-dsa> (Minor issue)
[stretch] - sleuthkit <no-dsa> (Minor issue)
[jessie] - sleuthkit <no-dsa> (Minor issue)
NOTE: https://github.com/sleuthkit/sleuthkit/issues/1267
CVE-2018-11738 (An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from ...)
- sleuthkit <unfixed> (low; bug #902187)
+ [buster] - sleuthkit <no-dsa> (Minor issue)
[stretch] - sleuthkit <no-dsa> (Minor issue)
[jessie] - sleuthkit <no-dsa> (Minor issue)
NOTE: https://github.com/sleuthkit/sleuthkit/issues/1265
CVE-2018-11737 (An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from ...)
- sleuthkit <unfixed> (low; bug #902187)
+ [buster] - sleuthkit <no-dsa> (Minor issue)
[stretch] - sleuthkit <no-dsa> (Minor issue)
[jessie] - sleuthkit <no-dsa> (Minor issue)
NOTE: https://github.com/sleuthkit/sleuthkit/issues/1266
@@ -62860,7 +62865,8 @@ CVE-2017-17944
CVE-2017-17943
RESERVED
CVE-2017-17942 (In LibTIFF 4.0.9, there is a heap-based buffer over-read in the ...)
- - tiff <unfixed> (bug #885579)
+ - tiff <unfixed> (low; bug #885579)
+ [buster] - tiff <postponed> (Minor issue, revisit once fixed upstream)
[stretch] - tiff <postponed> (Minor issue, revisit once fixed upstream)
[jessie] - tiff <postponed> (Minor issue, revisit once fixed upstream)
[wheezy] - tiff <postponed> (Minor issue, revisit once fixed upstream)
@@ -64504,8 +64510,9 @@ CVE-2018-3211 (Vulnerability in the Java SE, Java SE Embedded component of Oracl
CVE-2018-3210 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
NOT-FOR-US: Oracle
CVE-2018-3209 (Vulnerability in the Java SE component of Oracle Java SE ...)
- - openjfx <unfixed>
+ - openjfx 11+26-1
[stretch] - openjfx <ignored> (Specific details withheld by Oracle, impossible to fix)
+ NOTE: CPU marks this as only affecting 8.x, so marking first 11 upload as fixed
CVE-2018-3208 (Vulnerability in the Hyperion Data Relationship Management component ...)
NOT-FOR-US: Oracle
CVE-2018-3207 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
@@ -66750,12 +66757,12 @@ CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) ..
NOTE: https://dot.kde.org/2018/05/15/efail-and-kmail
NOTE: protocol vulnerability can't be fixed in implementations but they can prevent exploitation by disabling loading of remote content
CVE-2017-17688 (** DISPUTED ** The OpenPGP specification allows a Cipher Feedback Mode ...)
- - enigmail <unfixed> (bug #898630)
- [stretch] - enigmail <ignored> (Package broken in stable, can be fixed along when updated for ESR60)
+ - enigmail 2:2.0.6.1-4 (bug #898630)
[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
NOTE: vulnerability is in the clients handling, not in OpenPGP
NOTE: https://efail.de
NOTE: possibly https://sourceforge.net/p/enigmail/source/ci/f6c111 and https://sourceforge.net/p/enigmail/source/ci/d2a83a
+ NOTE: Marking the first 2.x version which reached unstable as fixed, see discussion in #898630
CVE-2017-17687
RESERVED
CVE-2017-17686
@@ -91917,6 +91924,7 @@ CVE-2017-1000048 (the web framework using ljharb's qs module older than v6.3.2,
NOT-FOR-US: ljharb
CVE-2017-1000047 (rbenv (all current versions) is vulnerable to Directory Traversal in ...)
- rbenv <unfixed> (bug #869702)
+ [buster] - rbenv <no-dsa> (Minor issue)
[stretch] - rbenv <no-dsa> (Minor issue)
[jessie] - rbenv <no-dsa> (Minor issue)
[wheezy] - rbenv <no-dsa> (Minor issue)
@@ -109067,11 +109075,10 @@ CVE-2017-5669 (The do_shmat function in ipc/shm.c in the Linux kernel through 4.
- linux 4.9.13-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=192931
CVE-2017-5666 (The free_options function in options_manager.c in mp3splt 2.6.2 allows ...)
- - mp3splt <unfixed> (bug #854278)
- [jessie] - mp3splt <no-dsa> (Minor issue)
- [wheezy] - mp3splt <no-dsa> (Minor issue)
+ - mp3splt <unfixed> (unimportant; bug #854278)
NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-invalid-free-in-free_options-options_manager-c
NOTE: https://sourceforge.net/p/mp3splt/bugs/209/
+ NOTE: Negligable security impact
CVE-2017-5665 (The splt_cue_export_to_file function in cue.c in libmp3splt 0.9.2 ...)
- mp3splt <unfixed> (unimportant)
NOTE: https://blogs.gentoo.org/ago/2017/01/29/mp3splt-null-pointer-dereference-in-splt_cue_export_to_file-cue-c
@@ -119173,7 +119180,7 @@ CVE-2017-2301 (On Juniper Networks products or platforms running Junos OS 11.4 p
CVE-2017-2300 (On Juniper Networks SRX Series Services Gateways chassis clusters ...)
NOT-FOR-US: Juniper
CVE-2017-2299 (Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 ...)
- - puppet-module-puppetlabs-apache <unfixed> (bug #875983)
+ - puppet-module-puppetlabs-apache 3.0.0-1 (bug #875983)
[stretch] - puppet-module-puppetlabs-apache <no-dsa> (Minor issue)
[jessie] - puppet-module-puppetlabs-apache <no-dsa> (Minor issue)
NOTE: https://puppet.com/security/cve/CVE-2017-2299
@@ -129746,6 +129753,7 @@ CVE-2016-7955 (The logcheck function in session.inc in AlienVault OSSIM before 5
NOT-FOR-US: AlienVault OSSIM
CVE-2016-7954 (Bundler 1.x might allow remote attackers to inject arbitrary Ruby code ...)
- bundler <unfixed> (bug #842504)
+ [buster] - bundler <ignored> (Minor issue, too intrusive to backport)
[stretch] - bundler <ignored> (Minor issue, too intrusive to backport)
[jessie] - bundler <ignored> (Minor issue, too intrusive to backport)
[wheezy] - bundler <no-dsa> (Minor issue, too intrusive to backport)
@@ -176221,13 +176229,10 @@ CVE-2013-7437 (Multiple integer overflows in potrace 1.11 allow remote attackers
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=955808
NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/12
CVE-2015-2785 (The GIF encoder in Byzanz allows remote attackers to cause a denial of ...)
- - byzanz <unfixed> (low; bug #778261)
- [stretch] - byzanz <ignored> (Minor issue)
- [jessie] - byzanz <ignored> (Minor issue)
- [wheezy] - byzanz <ignored> (Minor issue)
- [squeeze] - byzanz <ignored> (Minor issue)
+ - byzanz <unfixed> (unimportant; bug #778261)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=852481
NOTE: http://www.openwall.com/lists/oss-security/2015/02/06/11
+ NOTE: Only applies to debug recordings, negligable security impact
CVE-2012-6689 (The netlink_sendmsg function in net/netlink/af_netlink.c in the Linux ...)
{DLA-246-1}
- linux 3.6.4-1
@@ -225380,6 +225385,7 @@ CVE-2013-0343 (The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the L
CVE-2013-0342 [CreateID() creates serialized packet IDs for RADIUS]
RESERVED
- pyrad <unfixed> (low; bug #701151)
+ [buster] - pyrad <no-dsa> (Minor issue)
[stretch] - pyrad <no-dsa> (Minor issue)
[jessie] - pyrad <no-dsa> (Minor issue)
[wheezy] - pyrad <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b64e74c8310288727ccf31a563d6bbebe926e10b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b64e74c8310288727ccf31a563d6bbebe926e10b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190208/8cbd45b8/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list