[Git][security-tracker-team/security-tracker][master] 18 commits: CVE-2023-34969,dbus: Buster is no-dsa
Markus Koschany (@apo)
apo at debian.org
Mon Jun 12 05:38:19 BST 2023
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
08791698 by Markus Koschany at 2023-06-12T04:46:59+02:00
CVE-2023-34969,dbus: Buster is no-dsa
This is a minor issue. Requires a root user to monitor dbus while another
non-privileged user triggers the exploit. Worst case: denial of service which
would be immediately detected.
- - - - -
ad690c3d by Markus Koschany at 2023-06-12T05:01:08+02:00
glib2.0: Link to regression fixes
- - - - -
401cd0f3 by Markus Koschany at 2023-06-12T05:30:44+02:00
CVE-2023-28370,python-tornado: Buster is no-dsa
Minor issue.
- - - - -
0c5c0f42 by Markus Koschany at 2023-06-12T05:39:14+02:00
Add qt4-x11 to dla-needed.txt
- - - - -
e24c0ae1 by Markus Koschany at 2023-06-12T06:09:18+02:00
Add requests and ruby-redcloth to dla-needed.txt
- - - - -
54aa9e5c by Markus Koschany at 2023-06-12T06:09:46+02:00
Claim requests in dla-needed.txt
- - - - -
bafb419a by Markus Koschany at 2023-06-12T06:20:35+02:00
Triage gpac as EOL in Buster.
- - - - -
3ccb2e9e by Markus Koschany at 2023-06-12T06:22:09+02:00
CVE-2023-28439,ckeditor: Buster is no-dsa
Minor issue
- - - - -
1ee19ec9 by Markus Koschany at 2023-06-12T06:30:57+02:00
CVE-2023-34408,dokuwiki: buster, no-dsa
Minor issue
- - - - -
2b24e0da by Markus Koschany at 2023-06-12T06:31:31+02:00
CVE-2023-32082,etcd: Buster, no-dsa
Minor issue
- - - - -
cca68ba3 by Markus Koschany at 2023-06-12T06:32:09+02:00
CVE-2023-26125,golang-github-gin-gonic-gin: Buster, no-dsa
Minor issue
- - - - -
603ad8f9 by Markus Koschany at 2023-06-12T06:33:38+02:00
CVE-2023-30847,h2o: Buster, no-dsa
Minor issue
- - - - -
f2b56d8a by Markus Koschany at 2023-06-12T06:34:13+02:00
CVE-2023-34151,imagemagick: Buster, no-dsa
Minor issue
- - - - -
1a41b20c by Markus Koschany at 2023-06-12T06:34:42+02:00
CVE-2023-33546,janino: Buster, no-dsa
Minor issue
- - - - -
6fba314c by Markus Koschany at 2023-06-12T06:35:28+02:00
CVE-2023-30570,libreswan: Buster, no-dsa
Minor issue
- - - - -
b5769898 by Markus Koschany at 2023-06-12T06:36:04+02:00
CVE-2023-28155,node-request: Buster, no-dsa
Minor issue.
- - - - -
5101feab by Markus Koschany at 2023-06-12T06:36:35+02:00
CVE-2023-28447,smarty3: Buster, no-dsa
Minor issue
- - - - -
cde987e4 by Markus Koschany at 2023-06-12T06:37:04+02:00
CVE-2023-1523,snapd: Buster, no-dsa
Minor issue.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -155,6 +155,7 @@ CVE-2023-34969 (D-Bus before 1.15.6 sometimes allows unprivileged users to crash
- dbus 1.14.8-1 (bug #1037151)
[bookworm] - dbus <no-dsa> (Minor issue)
[bullseye] - dbus <no-dsa> (Minor issue)
+ [buster] - dbus <no-dsa> (Minor issue)
NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/issues/457
CVE-2023-34239 (Gradio is an open-source Python library that is used to build machine ...)
NOT-FOR-US: Gradio
@@ -905,6 +906,7 @@ CVE-2023-33546 (janino 3.1.9 and earlier are subject to denial of service (DOS)
- janino <unfixed>
[bookworm] - janino <no-dsa> (Minor issue)
[bullseye] - janino <no-dsa> (Minor issue)
+ [buster] - janino <no-dsa> (Minor issue)
NOTE: https://github.com/janino-compiler/janino/issues/201
CVE-2023-33544 (hawtio 2.17.2 is vulnerable to Path Traversal. it is possible to input ...)
NOT-FOR-US: hawtio
@@ -1054,11 +1056,13 @@ CVE-2023-3014 (A vulnerability, which was classified as problematic, was found i
CVE-2023-3013 (Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2.)
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/52f95edc-cc03-4a9f-9bf8-74f641260073
NOTE: https://github.com/gpac/gpac/commit/78e539b43293829a14a32e821f5267e3b7417594
CVE-2023-3012 (NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2 ...)
- gpac <unfixed>
[bullseye] - gpac <no-dsa> (Minor issue)
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/916b787a-c603-409d-afc6-25bb02070e69
NOTE: https://github.com/gpac/gpac/commit/53387aa86c1af1228d0fa57c67f9c7330716d5a7
CVE-2023-3009 (Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassn ...)
@@ -1699,6 +1703,7 @@ CVE-2023-28370 (Open redirect vulnerability in Tornado versions 6.3.1 and earlie
- python-tornado <unfixed> (bug #1036875)
[bookworm] - python-tornado <no-dsa> (Minor issue)
[bullseye] - python-tornado <no-dsa> (Minor issue)
+ [buster] - python-tornado <no-dsa> (Minor issue)
- salt <unfixed>
NOTE: https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f (v6.3.2)
CVE-2023-27529 (Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an ...)
@@ -2198,6 +2203,7 @@ CVE-2023-32762 (An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9,
CVE-2023-34408 (DokuWiki before 2023-04-04a allows XSS via RSS titles.)
- dokuwiki 0.0.20220731.a-2 (bug #1036279)
[bullseye] - dokuwiki <no-dsa> (Minor issue)
+ [buster] - dokuwiki <no-dsa> (Minor issue)
NOTE: https://github.com/dokuwiki/dokuwiki/pull/3967
NOTE: https://www.github.com/splitbrain/dokuwiki/commit/53df38b0e4465894a67a5890f74a6f5f82e827de
NOTE: https://huntr.dev/bounties/c6119106-1a5c-464c-94dd-ee7c5d0bece0/
@@ -2818,6 +2824,7 @@ CVE-2023-32082 (etcd is a distributed key-value store for the data of a distribu
- etcd <unfixed> (bug #1036295)
[bookworm] - etcd <no-dsa> (Minor issue)
[bullseye] - etcd <no-dsa> (Minor issue)
+ [buster] - etcd <no-dsa> (Minor issue)
NOTE: https://github.com/etcd-io/etcd/pull/15656
NOTE: https://github.com/etcd-io/etcd/security/advisories/GHSA-3p4g-rcw5-8298
CVE-2023-32075 (The Customer Management Framework (CMF) for Pimcore adds functionality ...)
@@ -4844,6 +4851,7 @@ CVE-2023-30847 (H2O is an HTTP server. In versions 2.3.0-beta2 and prior, when t
- h2o <unfixed>
[bookworm] - h2o <no-dsa> (Minor issue)
[bullseye] - h2o <no-dsa> (Minor issue)
+ [buster] - h2o <no-dsa> (Minor issue)
NOTE: Fixed by: https://github.com/h2o/h2o/commit/a70af675328dda438ecd9d8a1673c1715fd93cc7
NOTE: Fixed by: https://github.com/h2o/h2o/commit/5f57d505514e937d13787b1f408837cb9197e2b2
NOTE: https://github.com/h2o/h2o/pull/3229
@@ -5903,6 +5911,7 @@ CVE-2023-30570 (pluto in Libreswan before 4.11 allows a denial of service (respo
- libreswan 4.11-1 (bug #1035542)
[bookworm] - libreswan <no-dsa> (Minor issue; can be fixed via point release)
[bullseye] - libreswan <no-dsa> (Minor issue; can be fixed via point release)
+ [buster] - libreswan <no-dsa> (Minor issue)
NOTE: https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt
NOTE: https://github.com/libreswan/libreswan/issues/1039
NOTE: Fix return value for aggr_inI1_outR1: https://github.com/libreswan/libreswan/commit/0250b5349145f6ac6b9c58e196489f7d048de305 (v4.11)
@@ -8460,18 +8469,27 @@ CVE-2023-32665 [GVariant deserialisation does not match spec for non-normal data
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126
NOTE: Merge commit for glib-2-74: https://gitlab.gnome.org/GNOME/glib/-/commit/e16fb83755e08a4c2da2b0a8ea0fc2e27b1154bf (2.74.4)
+ NOTE: Be careful. Original fix introduces new bugs.
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2840
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2841
CVE-2023-32611 [g_variant_byteswap() can take a long time with some non-normal inputs]
- glib2.0 2.74.4-1
NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2797
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126
NOTE: Merge commit for glib-2-74: https://gitlab.gnome.org/GNOME/glib/-/commit/e16fb83755e08a4c2da2b0a8ea0fc2e27b1154bf (2.74.4)
+ NOTE: Be careful. Original fix introduces new bugs.
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2840
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2841
CVE-2023-29499 [GVariant offset table entry size is not checked in is_normal()]
- glib2.0 2.74.4-1
NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2794
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126
NOTE: Merge commit for glib-2-74: https://gitlab.gnome.org/GNOME/glib/-/commit/e16fb83755e08a4c2da2b0a8ea0fc2e27b1154bf (2.74.4)
+ NOTE: Be careful. Original fix introduces new bugs.
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2840
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2841
CVE-2023-29493
RESERVED
CVE-2023-29492 (Novi Survey before 8.9.43676 allows remote attackers to execute arbitr ...)
@@ -10987,6 +11005,9 @@ CVE-2023-25180
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126
NOTE: Merge commit for glib-2-74: https://gitlab.gnome.org/GNOME/glib/-/commit/e16fb83755e08a4c2da2b0a8ea0fc2e27b1154bf (2.74.4)
+ NOTE: Be careful. Original fix introduces new bugs.
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2840
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2841
TODO: isolate required commits from merge commit
CVE-2023-24593
RESERVED
@@ -10995,6 +11016,9 @@ CVE-2023-24593
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125
NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126
NOTE: Merge commit for glib-2-74: https://gitlab.gnome.org/GNOME/glib/-/commit/e16fb83755e08a4c2da2b0a8ea0fc2e27b1154bf (2.74.4)
+ NOTE: Be careful. Original fix introduces new bugs.
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2840
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2841
TODO: isolate required commits from merge commit
CVE-2023-1613 (A vulnerability has been found in Rebuild up to 3.2.3 and classified a ...)
NOT-FOR-US: Rebuild
@@ -11553,6 +11577,7 @@ CVE-2023-1523
- snapd 2.59.5-1
[bookworm] - snapd <no-dsa> (Minor issue)
[bullseye] - snapd <no-dsa> (Minor issue)
+ [buster] - snapd <no-dsa> (Minor issue)
NOTE: Preparation: https://github.com/snapcore/snapd/commit/e4681c57bd5805c8d2dec5c3ddf7d85ebf1d2c4c (2.59.5)
NOTE: Fixed by: https://github.com/snapcore/snapd/commit/dddcfd6ac8daa84feb80eb6fd88f852ced70629c (2.59.5)
NOTE: Fixed by: https://github.com/snapcore/snapd/commit/52af545f3c0d8b086500ab86f161703905638951 (2.59.5)
@@ -12217,6 +12242,7 @@ CVE-2023-28447 (Smarty is a template engine for PHP. In affected versions smarty
- smarty3 <unfixed> (bug #1033964)
[bookworm] - smarty3 <no-dsa> (Minor issue)
[bullseye] - smarty3 <no-dsa> (Minor issue)
+ [buster] - smarty3 <no-dsa> (Minor issue)
- smarty4 <unfixed> (bug #1033965)
[bookworm] - smarty4 <no-dsa> (Minor issue)
NOTE: https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj
@@ -12240,6 +12266,7 @@ CVE-2023-28439 (CKEditor4 is an open source what-you-see-is-what-you-get HTML ed
- ckeditor <unfixed> (bug #1034481)
[bookworm] - ckeditor <no-dsa> (Minor issue)
[bullseye] - ckeditor <no-dsa> (Minor issue)
+ [buster] - ckeditor <no-dsa> (Minor issue)
- ckeditor3 <unfixed>
[bookworm] - ckeditor3 <no-dsa> (Minor issue)
[bullseye] - ckeditor3 <no-dsa> (Minor issue)
@@ -13219,6 +13246,7 @@ CVE-2023-28155 (The Request package through 2.88.1 for Node.js allows a bypass o
- node-request <unfixed> (bug #1033250)
[bookworm] - node-request <no-dsa> (Minor issue)
[bullseye] - node-request <no-dsa> (Minor issue)
+ [buster] - node-request <no-dsa> (Minor issue)
NOTE: https://github.com/request/request/issues/3442
CVE-2023-28154 (Webpack 5 before 5.76.0 does not avoid cross-realm object access. Impo ...)
- node-webpack 5.76.1+dfsg1+~cs17.16.16-1 (bug #1032904)
@@ -18915,6 +18943,7 @@ CVE-2023-26125 (Versions of the package github.com/gin-gonic/gin before 1.9.0 ar
- golang-github-gin-gonic-gin <unfixed> (bug #1035498)
[bookworm] - golang-github-gin-gonic-gin <no-dsa> (Minor issue)
[bullseye] - golang-github-gin-gonic-gin <no-dsa> (Minor issue)
+ [buster] - golang-github-gin-gonic-gin <no-dsa> (Minor issue)
NOTE: https://github.com/gin-gonic/gin/pull/3500
NOTE: https://github.com/gin-gonic/gin/pull/3503
NOTE: https://github.com/gin-gonic/gin/commit/81ac7d55a09e34013225db0aeac6e70c1ae68928 (v1.9.0)
@@ -78604,6 +78633,7 @@ CVE-2023-34151 (A vulnerability was found in ImageMagick. This security flaw ouc
- imagemagick <unfixed> (bug #1036999)
[bookworm] - imagemagick <no-dsa> (Minor issue)
[bullseye] - imagemagick <no-dsa> (Minor issue)
+ [buster] - imagemagick <no-dsa> (Minor issue)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/6341
NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/3d6d98d8a2be30d74172ab43b5b8e874d2deb158 (7.1.1-10)
NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/133089f716f23ce0b80d89ccc1fd680960235512 (6.9.12-88)
=====================================
data/dla-needed.txt
=====================================
@@ -50,6 +50,9 @@ fusiondirectory (Abhijith PA)
NOTE: 20221203: Feel free to marke both CVEs as <ignored>, if they are not too serious (gladk).
NOTE: 20230523: Added upstream commit references to security tracker. Patched our version, testing (abhijith)
--
+glib2.0
+ NOTE: 20230612: Added by Front-Desk (apo)
+--
golang-go.crypto (Markus Koschany)
NOTE: 20220915: Added by Front-Desk (Beuc)
NOTE: 20220915: 3 CVEs fixed in stretch and bullseye (Beuc/front-desk)
@@ -130,10 +133,16 @@ python-oslo.privsep
NOTE: 20230525: CVE-2022-38065 has been marked as Won't-fix/Hardening opportunity.
NOTE: 20230525: It was mentioned the fix was easy but tedious. It is consumer design flaw issue.
--
+python-reportlab
+ NOTE: 20230612: Added by Front-Desk (apo)
+--
python3.7 (Adrian Bunk)
NOTE: 20230220: Added by Front-Desk (ola)
NOTE: 20230228: Waiting for actual upstream fix for CVE-2023-24329. (bunk)
--
+qt4-x11
+ NOTE: 20230612: Added by Front-Desk (apo)
+--
rails
NOTE: 20220909: Re-added due to regression (abhijith)
NOTE: 20220909: Regression on 2:5.2.2.1+dfsg-1+deb10u4 (abhijith)
@@ -147,6 +156,9 @@ rails
NOTE: 20221024: to break thrice in less than 2 month.
NOTE: 20230131: Utkarsh to start a thread with sec+ruby team with the possible path forward. (utkarsh)
--
+requests (Markus Koschany)
+ NOTE: 20230612: Added by Front-Desk (apo)
+--
ring (Thorsten Alteholz)
NOTE: 20221120: Added by Front-Desk (ta)
NOTE: 20230507: testing package
@@ -162,6 +174,9 @@ ruby-rails-html-sanitizer
NOTE: 20221231: Added by Front-Desk (ola)
NOTE: 20230303: this cannot be fixed unless ruby-loofah is fixed with appropriate methods. (utkarsh)
--
+ruby-redcloth
+ NOTE: 20230612: Added by Front-Desk (apo)
+--
salt
NOTE: 20220814: Added by Front-Desk (gladk)
NOTE: 20220814: I am not sure, whether it is possible to fix issues
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/28c68f9773f7d57a2c82f7e791c470ca23336424...cde987e40325180fb28594dc2c5094c96132da4f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/28c68f9773f7d57a2c82f7e791c470ca23336424...cde987e40325180fb28594dc2c5094c96132da4f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230612/8cf58283/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list