[Git][security-tracker-team/security-tracker][master] buster/stretch triage
Moritz Muehlenhoff
jmm at debian.org
Mon Feb 24 20:44:21 GMT 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
efc3ef9e by Moritz Muehlenhoff at 2020-02-24T21:44:02+01:00
buster/stretch triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -157,6 +157,8 @@ CVE-2020-9309
RESERVED
CVE-2020-9308 (archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts ...)
- libarchive <unfixed> (bug #951759)
+ [buster] - libarchive <no-dsa> (Minor issue)
+ [stretch] - libarchive <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20459
NOTE: https://github.com/libarchive/libarchive/pull/1326
NOTE: https://github.com/libarchive/libarchive/commit/94821008d6eea81e315c5881cdf739202961040a
@@ -210,6 +212,8 @@ CVE-2020-9284
RESERVED
CVE-2020-9283 (golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go a ...)
- golang-go.crypto <unfixed> (bug #952462)
+ [buster] - golang-go.crypto <no-dsa> (Minor issue)
+ [stretch] - golang-go.crypto <no-dsa> (Minor issue)
NOTE: https://github.com/golang/crypto/commit/bac4c82f69751a6dd76e702d54b3ceb88adab236
CVE-2020-9282
RESERVED
@@ -258,6 +262,8 @@ CVE-2019-20475
RESERVED
CVE-2015-9543 (An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 1 ...)
- nova <unfixed> (bug #951635)
+ [buster] - nova <no-dsa> (Minor issue)
+ [stretch] - nova <no-dsa> (Minor issue)
NOTE: https://launchpad.net/bugs/1492140
NOTE: https://review.opendev.org/220622
CVE-2020-9271 (ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via s ...)
@@ -863,6 +869,8 @@ CVE-2019-20455 (Gateways/Gateway.php in Heartland & Global Payments PHP SDK
NOT-FOR-US: Heartland & Global Payments PHP SDK
CVE-2019-20454 (An out-of-bounds read was discovered in PCRE before 10.34 when the pat ...)
- pcre2 10.34-1
+ [buster] - pcre2 <no-dsa> (Minor issue)
+ [stretch] - pcre2 <no-dsa> (Minor issue)
NOTE: https://bugs.exim.org/show_bug.cgi?id=2421
NOTE: https://bugs.php.net/bug.php?id=78338
NOTE: Fixed by: https://vcs.pcre.org/pcre2?view=revision&revision=1092
@@ -1725,6 +1733,7 @@ CVE-2020-8608 (In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snpr
- qemu-kvm <removed>
- slirp <unfixed>
- slirp4netns <unfixed>
+ [buster] - slirp4netns <no-dsa> (Minor issue)
NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843
NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/30648c03b27fb8d9611b723184216cd3174b6775
NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
@@ -1751,6 +1760,7 @@ CVE-2020-8598
CVE-2020-8597 (eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overf ...)
{DSA-4632-1 DLA-2097-1}
- lwip <unfixed> (bug #951291)
+ [buster] - lwip <no-dsa> (Minor issue)
[experimental] - ppp 2.4.8-1+1~exp1
- ppp <unfixed> (bug #950618)
NOTE: http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=2ee3cbe69c6d2805e64e7cac2a1c1706e49ffd86
@@ -3318,8 +3328,8 @@ CVE-2020-7919
RESERVED
- golang-1.14 1.14~rc1-1
- golang-1.13 1.13.7-1
- [buster] - golang-1.13 <postponed> (Minor issue, can be fixed along in next DSA)
- golang-1.11 <removed>
+ [buster] - golang-1.11 <postponed> (Minor issue, can be fixed along in next DSA)
NOTE: https://github.com/golang/go/issues/36837
NOTE: https://github.com/golang/go/commit/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574 (master)
NOTE: https://github.com/golang/go/issues/36838 (Go 1.13)
@@ -3359,40 +3369,48 @@ CVE-2019-20399 (A timing vulnerability in the Scalar::check_overflow function in
NOT-FOR-US: libsecp256k1-rs (Rust Implementation of secp256k1)
CVE-2019-20398 (A NULL pointer dereference is present in libyang before v1.0-r3 in the ...)
- libyang <unfixed>
+ [buster] - libyang <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793935
NOTE: https://github.com/CESNET/libyang/commit/7852b272ef77f8098c35deea6c6f09cb78176f08
NOTE: https://github.com/CESNET/libyang/issues/773
CVE-2019-20397 (A double-free is present in libyang before v1.0-r1 in the function yyp ...)
- libyang <unfixed>
+ [buster] - libyang <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793928
NOTE: https://github.com/CESNET/libyang/commit/88bd6c548ba79bce176cd875e9b56e7e0ef4d8d4
NOTE: https://github.com/CESNET/libyang/issues/739
CVE-2019-20396 (A segmentation fault is present in yyparse in libyang before v1.0-r1 d ...)
- libyang <unfixed>
+ [buster] - libyang <no-dsa> (Minor issue)
NOTE: https://github.com/CESNET/libyang/commit/a1f17693904ed6fecc8902c747fc50a8f20e6af8
NOTE: https://github.com/CESNET/libyang/issues/740
CVE-2019-20395 (A stack consumption issue is present in libyang before v1.0-r1 due to ...)
- libyang <unfixed>
+ [buster] - libyang <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793924
NOTE: https://github.com/CESNET/libyang/commit/4e610ccd87a2ba9413819777d508f71163fcc237
NOTE: https://github.com/CESNET/libyang/issues/724
CVE-2019-20394 (A double-free is present in libyang before v1.0-r3 in the function yyp ...)
- libyang <unfixed>
+ [buster] - libyang <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793932
NOTE: https://github.com/CESNET/libyang/commit/6cc51b1757dfbb7cff92de074ada65e8523289a6
NOTE: https://github.com/CESNET/libyang/issues/769
CVE-2019-20393 (A double-free is present in libyang before v1.0-r1 in the function yyp ...)
- libyang <unfixed>
+ [buster] - libyang <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793930
NOTE: https://github.com/CESNET/libyang/commit/d9feacc4a590d35dbc1af21caf9080008b4450ed
NOTE: https://github.com/CESNET/libyang/issues/742
CVE-2019-20392 (An invalid memory access flaw is present in libyang before v1.0-r1 in ...)
- libyang <unfixed>
+ [buster] - libyang <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793922
NOTE: https://github.com/CESNET/libyang/commit/32fb4993bc8bb49e93e84016af3c10ea53964be5
NOTE: https://github.com/CESNET/libyang/issues/723
CVE-2019-20391 (An invalid memory access flaw is present in libyang before v1.0-r3 in ...)
- libyang <unfixed>
+ [buster] - libyang <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793934
NOTE: https://github.com/CESNET/libyang/commit/bdb596ddc07596fa212f231135b87d0b9178f6f8
NOTE: https://github.com/CESNET/libyang/issues/772
@@ -9025,6 +9043,7 @@ CVE-2020-5311 (libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffe
NOTE: https://github.com/python-pillow/Pillow/commit/a79b65c47c7dc6fe623aadf09aa6192fc54548f3 (6.2.2)
CVE-2020-5310 (libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding int ...)
- pillow 7.0.0-1 (bug #948224)
+ [buster] - pillow <not-affected> (Vulnerability introduced later)
[stretch] - pillow <not-affected> (Vulnerable code not present)
[jessie] - pillow <not-affected> (The vulnerable code was introduced later)
NOTE: Introduced by: https://github.com/python-pillow/Pillow/commit/f0436a4ddc954541fa10a531e2d9ea0c5ae2065d (5.3.0)
@@ -20712,6 +20731,8 @@ CVE-2019-18792 (An issue was discovered in Suricata 5.0.0. It is possible to byp
{DLA-2087-1}
[experimental] - suricata 1:5.0.1-1~exp1
- suricata 1:5.0.2-1
+ [buster] - suricata <no-dsa> (Minor issue)
+ [stretch] - suricata <no-dsa> (Minor issue)
NOTE: https://github.com/OISF/suricata/commit/1c63d3905852f746ccde7e2585600b2199cefb4b (master-4.1.x)
NOTE: https://github.com/OISF/suricata/commit/fa692df37a796c3330c81988d15ef1a219afc006 (suricata-5.0.1)
NOTE: https://redmine.openinfosecfoundation.org/issues/3324
@@ -23292,6 +23313,8 @@ CVE-2019-18625 (An issue was discovered in Suricata 5.0.0. It was possible to by
{DLA-2087-1}
[experimental] - suricata 1:5.0.1-1~exp1
- suricata 1:5.0.2-1
+ [buster] - suricata <no-dsa> (Minor issue)
+ [stretch] - suricata <no-dsa> (Minor issue)
NOTE: https://github.com/OISF/suricata/commit/9f0294fadca3dcc18c919424242a41e01f3e8318 (suricata-5.0.1)
NOTE: https://github.com/OISF/suricata/commit/ea0659de7640cf6a51de5bbd1dbbb0414e4623a0 (master-4.1.x)
NOTE: https://redmine.openinfosecfoundation.org/issues/3286
@@ -27490,6 +27513,7 @@ CVE-2019-17421 (Incorrect file permissions on the packaged Nipper executable fil
NOT-FOR-US: Zoho
CVE-2019-17420 (In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other prod ...)
- libhtp 1:0.5.31-1
+ [buster] - libhtp <no-dsa> (Minor issue)
NOTE: https://github.com/OISF/libhtp/pull/213
CVE-2019-17419 (An issue was discovered in MetInfo 7.0. There is SQL injection via the ...)
NOT-FOR-US: MetInfo
@@ -34716,6 +34740,7 @@ CVE-2019-14940 (In Storage Performance Development Kit (SPDK) before 19.07, a us
NOT-FOR-US: Storage Performance Development Kit
CVE-2019-14939 (An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for N ...)
- node-mysql 2.18.0-1 (bug #934712)
+ [buster] - node-mysql <no-dsa> (Minor issue)
[stretch] - node-mysql <end-of-life> (Nodejs in stretch not covered by security support)
[jessie] - node-mysql <end-of-life> (Nodejs in jessie not covered by security support)
NOTE: https://github.com/mysqljs/mysql/issues/2257
@@ -44332,12 +44357,9 @@ CVE-2019-12151
CVE-2019-12150 (Karamasoft UltimateEditor 1 does not ensure that an uploaded file is a ...)
NOT-FOR-US: Karamasoft UltimateEditor
CVE-2018-20839 (systemd 242 changes the VT1 mode upon a logout, which allows attackers ...)
- - systemd <unfixed> (low; bug #929116)
- [buster] - systemd <no-dsa> (Minor issue)
- [stretch] - systemd <no-dsa> (Minor issue)
- [jessie] - systemd <no-dsa> (Not reproducible without Ubuntu-style persistant VT1 greeter; too invasive to fix)
- - xorg-server <unfixed>
- [jessie] - xorg-server <postponed> (Minor issue, revisit when the situation is clarified)
+ - plymouth <unfixed> (low)
+ [buster] - plymouth <no-dsa> (Minor issue)
+ [stretch] - plymouth <no-dsa> (Minor issue)
NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993
NOTE: https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f
NOTE: https://github.com/systemd/systemd/pull/12378
@@ -72741,6 +72763,7 @@ CVE-2019-2212 (In poisson_distribution of random, there is an out of bounds read
[stretch] - libc++ <no-dsa> (Minor issue)
[jessie] - libc++ <no-dsa> (Minor issue, Jessie versions of software that uses poisson distribution have low popcon)
- llvm-toolchain-6.0 <unfixed>
+ [buster] - llvm-toolchain-6.0 <no-dsa> (Minor issue)
[jessie] - llvm-toolchain-6.0 <no-dsa> (Minor issue, Jessie versions of software that uses poisson distribution have low popcon)
- llvm-toolchain-8 <unfixed>
NOTE: https://android.googlesource.com/platform/external/libcxx/+/4cebe6f1f01a34546b3b843b5267619a61bd7d39
@@ -111897,6 +111920,8 @@ CVE-2018-7225 (An issue was discovered in LibVNCServer through 0.9.11. rfbProces
[buster] - tightvnc 1:1.3.9-9deb10u1
[stretch] - tightvnc 1:1.3.9-9+deb9u1
- vino <unfixed> (bug #945784)
+ [buster] - vino <no-dsa> (Minor issue)
+ [stretch] - vino <no-dsa> (Minor issue)
NOTE: https://github.com/LibVNC/libvncserver/issues/218
NOTE: https://github.com/LibVNC/libvncserver/commit/b0c77391e6bd0a2305bbc9b37a2499af74ddd9ee
CVE-2018-7224
@@ -249673,6 +249698,8 @@ CVE-2014-6053 (The rfbProcessClientNormalMessage function in libvncserver/rfbser
[buster] - tightvnc 1:1.3.9-9deb10u1
[stretch] - tightvnc 1:1.3.9-9+deb9u1
- vino <unfixed> (bug #945784)
+ [buster] - vino <no-dsa> (Minor issue)
+ [stretch] - vino <no-dsa> (Minor issue)
NOTE: https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28
CVE-2014-6052 (The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibV ...)
{DSA-3081-1 DLA-1979-1 DLA-197-1}
=====================================
data/dsa-needed.txt
=====================================
@@ -18,6 +18,8 @@ amd64-microcode
NOTE: 20200224: The maintainer says version 3.20191218.1 can be
NOTE: 20200224: backported to all stable releases.
--
+chromium/stable
+--
glusterfs/oldstable
--
graphicsmagick
@@ -36,12 +38,18 @@ nodejs
nss/oldstable (jmm)
Roberto proposed an update including fixes for CVE-2018-12404 and CVE-2018-18508
--
+opensmtpd
+--
poppler (jmm)
--
+proftpd-dfsg
+--
python-reportlab (hle)
--
smarty3/oldstable
--
+squid/stable
+--
squid3/oldstable
--
tiff/oldstable
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efc3ef9e4f26fc2a541187d37ee3b906b644681d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efc3ef9e4f26fc2a541187d37ee3b906b644681d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200224/7ca129d9/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list