[Git][security-tracker-team/security-tracker][master] buster triage

Moritz Muehlenhoff jmm at debian.org
Fri Aug 28 18:48:40 BST 2020



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c4047393 by Moritz Muehlenhoff at 2020-08-28T19:48:20+02:00
buster triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -400,6 +400,7 @@ CVE-2020-24662
 	RESERVED
 CVE-2020-24661 (GNOME Geary before 3.36.3 mishandles pinned TLS certificate verificati ...)
 	- geary <unfixed>
+	[buster] - geary <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/geary/-/issues/866
 CVE-2020-24660
 	RESERVED
@@ -617,6 +618,7 @@ CVE-2020-24556
 	RESERVED
 CVE-2020-24614 (Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 a ...)
 	- fossil 1:2.12.1-1
+	[buster] - fossil <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/08/20/1
 	NOTE: https://fossil-scm.org/forum/info/a05ae3ce7760daf6
 	NOTE: https://fossil-scm.org/fossil/vdiff?branch=sec2020-2.12-patch&diff=1&w
@@ -990,17 +992,19 @@ CVE-2020-24374
 CVE-2020-24373
 	RESERVED
 CVE-2020-24372 (LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in  ...)
-	- luajit <unfixed>
+	- luajit <unfixed> (unimportant)
 	NOTE: https://github.com/LuaJIT/LuaJIT/issues/603
-	TODO: Needs to be checked with upstream, unclear whether that's really a security issue
+	NOTE: No security impact, only "exploitable" with untrusted Lua code
 CVE-2020-24371 (lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the ...)
 	- lua5.4 <unfixed>
 	- lua5.3 <unfixed>
+	[buster] - lua5.3 <no-dsa> (Minor isue)
 	NOTE: https://github.com/lua/lua/commit/a6da1472c0c5e05ff249325f979531ad51533110
 	NOTE: https://www.lua.org/bugs.html#5.4.0-9
 CVE-2020-24370 (ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation faul ...)
 	- lua5.4 <unfixed>
 	- lua5.3 <unfixed>
+	[buster] - lua5.3 <no-dsa> (Minor isue)
 	NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00324.html
 	NOTE: https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b
 CVE-2020-24369 (ldebug.c in Lua 5.4.0 attempts to access debug information via the lin ...)
@@ -1287,16 +1291,16 @@ CVE-2020-24244
 CVE-2020-24243
 	RESERVED
 CVE-2020-24242 (In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_tex ...)
-	- nasm 2.15.04-1
-	[stretch] - nasm <no-dsa> (Minor issue)
+	- nasm 2.15.04-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392708
 	NOTE: https://github.com/netwide-assembler/nasm/commit/6299a3114ce0f3acd55d07de201a8ca2f0a83059
+	NOTE: Crash in CLI tool, no security impact
 CVE-2020-24241 (In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in  ...)
-	- nasm 2.15.04-1
-	[stretch] - nasm <no-dsa> (Minor issue)
+	- nasm 2.15.04-1 (unimportant)
 	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392707
 	NOTE: https://github.com/netwide-assembler/nasm/commit/6ac6ac57e3d01ea8ed4ea47706eb724b59176461
 	NOTE: https://github.com/netwide-assembler/nasm/commit/78df8828a0a5d8e2d8ff3dced562bf1778ce2e6c
+	NOTE: Crash in CLI tool, no security impact
 CVE-2020-24240 (GNU Bison 3.7 has a use after free (UAF) vulnerability. A local attack ...)
 	- bison <unfixed> (unimportant)
 	NOTE: https://github.com/akimd/bison/commit/be95a4fe2951374676efc9454ffee8638faaf68d (v3.7.1)
@@ -14803,6 +14807,7 @@ CVE-2020-17498 (In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-10.html
 CVE-2020-17497 (eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to  ...)
 	- iwd <unfixed> (bug #968996)
+	[buster] - iwd <no-dsa> (Minor issue)
 	NOTE: https://lists.01.org/hyperkitty/list/iwd@lists.01.org/thread/4GUXL4Z6KZWWZINATGHNJVAEUTS3I7PG/
 	NOTE: https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=f22ba5aebb569ca54521afd2babdc1f67e3904ea
 CVE-2020-17496 (vBulletin 5.5.4 through 5.6.2 allows remote command execution via craf ...)
@@ -18134,6 +18139,7 @@ CVE-2020-15918 (Multiple Stored Cross Site Scripting (XSS) vulnerabilities were
 	NOT-FOR-US: Mida eFramework
 CVE-2020-15917 (common/session.c in Claws Mail before 3.17.6 has a protocol violation  ...)
 	- claws-mail 3.17.6-1
+	[buster] - claws-mail <no-dsa> (Minor issue)
 	[stretch] - claws-mail <no-dsa> (low priority issue)
 	NOTE: https://git.claws-mail.org/?p=claws.git;a=commit;h=fcc25329049b6f9bd8d890f1197ed61eb12e14d5
 CVE-2020-15916 (goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices a ...)
@@ -19738,11 +19744,13 @@ CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid chunkC
 	- openexr 2.5.3-2
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/738
+	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/6a9f8af6e89547bcd370ae3cec2b12849eee0b54
 CVE-2020-15305 (An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ...)
 	[experimental] - openexr 2.5.2-1
 	- openexr 2.5.3-2
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/730
+	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/3d03979dc101612e806cdf0b011475d9fa685a73
 CVE-2020-15304 (An issue was discovered in OpenEXR before 2.5.2. An invalid tiled inpu ...)
 	[experimental] - openexr 2.5.2-1
 	- openexr 2.5.3-2
@@ -34400,6 +34408,7 @@ CVE-2020-10189 (Zoho ManageEngine Desktop Central before 10.0.474 allows remote
 CVE-2020-10188 (utility.c in telnetd in netkit telnet through 0.17 allows remote attac ...)
 	{DLA-2341-1 DLA-2176-1}
 	- inetutils 2:1.9.4-12 (bug #956084)
+	[buster] - inetutils <no-dsa> (Minor issue)
 	- netkit-telnet 0.17-18woody2 (bug #953477)
 	- netkit-telnet-ssl 0.17.17+0.1-2woody3 (bug #953478)
 	NOTE: https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html
@@ -37999,6 +38008,7 @@ CVE-2020-8690
 	RESERVED
 CVE-2020-8689 (Improper buffer restrictions in the Intel(R) Wireless for Open Source  ...)
 	- iwd 1.5-1
+	[buster] - iwd <no-dsa> (Minor issue)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00379.html
 CVE-2020-8688 (Improper input validation in the Intel(R) RAID Web Console 3 for Windo ...)
 	NOT-FOR-US: Intel
@@ -39092,20 +39102,25 @@ CVE-2020-8231
 CVE-2020-8230 (A memory corruption vulnerability exists in NextCloud Desktop Client v ...)
 	- nextcloud-desktop <not-affected> (Windows-specific)
 CVE-2020-8229 (A memory leak in the OCUtil.dll library used by Nextcloud Desktop Clie ...)
-	- nextcloud-desktop <unfixed> (bug #968822)
+	- nextcloud-desktop <not-affected> (Windows-specific)
 	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-034
+	NOTE: Windows-specific code in shell_integration/windows/OCUtil
+	NOTE: https://hackerone.com/reports/588562
 CVE-2020-8228
 	RESERVED
 CVE-2020-8227 (Missing sanitization of a server response in Nextcloud Desktop Client  ...)
 	- nextcloud-desktop <unfixed>
+	[buster] - nextcloud-desktop <no-dsa> (Minor issue)
 	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-032
+	NOTE: https://hackerone.com/reports/685552
 CVE-2020-8226 (A vulnerability exists in phpBB <v3.2.10 and <v3.3.1 which allow ...)
 	NOT-FOR-US: phpBB
 CVE-2020-8225
 	RESERVED
 CVE-2020-8224 (A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arb ...)
-	- nextcloud-desktop <unfixed> (bug #968822)
+	- nextcloud-desktop <not-affected> (Windows-specific)
 	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-030
+	NOTE: https://hackerone.com/reports/622170
 CVE-2020-8223
 	RESERVED
 CVE-2020-8222 (A path traversal vulnerability exists in Pulse Connect Secure <9.1R ...)
@@ -39179,6 +39194,7 @@ CVE-2020-8190 (Incorrect file permissions in Citrix ADC and Citrix Gateway befor
 	NOT-FOR-US: Citrix
 CVE-2020-8189 (A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed ...)
 	- nextcloud-desktop <unfixed>
+	[buster] - nextcloud-desktop <no-dsa> (Minor issue)
 	NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2020-027
 CVE-2020-8188 (We have recently released new version of UniFi Protect firmware v1.13. ...)
 	NOT-FOR-US: UniFi Protect


=====================================
data/dsa-needed.txt
=====================================
@@ -27,6 +27,10 @@ lilypond (jmm)
 linux (carnil)
   Wait until more issues have piled up
 --
+mupdf
+--
+openexr (jmm)
+--
 rails (jmm)
   Sylvain Beucler proposed to help for the update, remaining CVEs to be done
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4047393b5aa53a917e6b297940d636d4378e04a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4047393b5aa53a917e6b297940d636d4378e04a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200828/3c8811a6/attachment.html>


More information about the debian-security-tracker-commits mailing list