|
Any | Security Issue | Very High | Critical | [openssh] CVE-2018-15473 | Closed | |
Task Description
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
https://security-tracker.debian.org/tracker/CVE-2018-15473
Patch: https://salsa.debian.org/ssh-team/openssh/commit/4641c58a3279f6b118f9562babaa0ee050a38619
Technical analysis: https://blog.nviso.be/2018/08/21/openssh-user-enumeration-vulnerability-a-close-look/
|
|
Any | Security Issue | Very High | Critical | [dropbear] CVE-2018-15599 | Closed | |
Task Description
User enumeration in Dropbear 2018.76 and earlier http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html
Patch: https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00
|
|
Any | Security Issue | Very High | Critical | [mutt] CVE-2018-14354 | Closed | |
Task Description
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.
https://security-tracker.debian.org/tracker/CVE-2018-14354
|
|
Any | Security Issue | Very High | Critical | [iceweasel-uxp-noscript] Zero-day bypass and script exe ... | Closed | |
Task Description
Description:
NoScript zero-day allows script execution even with scripts blocked by default.
https://www.zdnet.com/article/exploit-vendor-drops-tor-browser-zero-day-on-twitter/
https://twitter.com/ma1/status/1039163003034324992
Additional info: * package version(s) < 5.1.8.7
Steps to reproduce: Set the Content-Type of your html/js page to “text/html;json” and enjoy full JS pwnage”
|
|
Any | Security Issue | Very High | Critical | [util-linux] CVE-2018-7738 | Closed | |
Task Description
Description: In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.
https://blog.grimm-co.com/post/malicious-command-execution-via-bash-completion-cve-2018-7738/
|
|
Any | Security Issue | Very High | Critical | [schroedinger] unmaintained and unsupportable | Closed | |
Task Description
Description:
Remove Schrödinger in Hyperbola because it’s unmaintained and unsupportable. [0] [1]
Additional info:
$ pacman -Si schroedinger
Repository : extra
Name : schroedinger
Version : 1.0.11-3
Description : An implemenation of the Dirac video codec in ANSI C code
Architecture : x86_64
URL : https://launchpad.net/schroedinger
Licenses : GPL2 LGPL2.1 MPL MIT
Groups : None
Provides : None
Depends On : orc gcc-libs
Optional Deps : None
Conflicts With : None
Replaces : None
Download Size : 331.64 KiB
Installed Size : 1676.00 KiB
Packager : Evangelos Foutras <evangelos@foutrelis.com>
Build Date : Sat 05 Dec 2015 12:28:01 PM -03
Validated By : MD5 Sum SHA-256 Sum Signature
Steps to reproduce:
|
|
Any | Security Issue | Very High | Critical | [vlc] CVE-2017-17670 | Closed | |
Task Description
Description:
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.
Additional info: * package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Any | Security Issue | Very High | Critical | [vlc] CVE-2018-11529 | Closed | |
Task Description
Description:
Additional info: * package version(s)
* config and/or log files etc.
Steps to reproduce:
|
|
Any | Security Issue | High | Critical | [octopi] uploads system logs to ptpb.pw without confirm ... | Closed | |
Task Description
Octopi 0.9.0 is uploading system logs to ptpb.pw without confirmation through :
Tools → SysInfo → ptpb.pw
I think it should be either disabled or add at least a patch to ask for a confirmation. An other way could be to patch this :
src/globals.cpp
240: * Generates SysInfo file and paste it to ptpb site
255: QString ptpb = UnixCommand::getCommandOutput("curl -F c=@- https://ptpb.pw/?u=1", tempFile->fileName());
256: return ptpb;
to :
src/globals.cpp
240: * Generates SysInfo file and paste it to ptpb site
255: QString ptpb = UnixCommand::getCommandOutput("curl -F c=@- **https://ptpb.pw/", tempFile->fileName());
256: return ptpb;
This way, you can at least ask for log deletion with the help of log uuid as explained here : https://ptpb.pw/#id10
|
|
Any | Security Issue | Very High | Critical | [qtpass] Insecure Password Generation prior to 1.2.1 | Closed | |
Task Description
Description: As stated on the home page of the project (https://qtpass.org/): <quote> All passwords generated with QtPass’ built-in password generator prior to 1.2.1 are possibly predictable and enumerable by hackers. </quote>
|
|
Any | Security Issue | Very High | Critical | [toxcore] Memory leak - Remote DDoS vunerability | Closed | |
Task Description
Description:
A memory leak bug was discovered in Toxcore that can be triggered remotely to exhaust one’s system memory, resulting in a denial of service attack... As a general reminder, if you are still using irungentoo’s toxcore, we strongly encourage you to switch to using TokTok c-toxcore instead as it’s a lot more actively developed and maintained. In fact, irungentoo’s toxcore is neither being developed nor maintained for some time now, aside from merging only the most critical fixes from TokTok c-toxcore from time to time, missing all other important fixes.
Additional info: * package version(s): < 2.8
https://blog.tox.chat/2018/10/memory-leak-bug-and-new-toxcore-release-fixing-it/
|
|
Any | Security Issue | Very High | Critical | [openldap] 2.4.44 multiple security issues | Closed | |
Task Description
Description: Changelog
2.4.46 is fixing a huge quantity of issues (TLS related & memory leak)
Additional info: * package version(s) : 2.4.44
|
|
Any | Security Issue | Very High | Critical | [php] CVE-2017-9120 | Closed | |
Task Description
Description:
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
Additional info: * package version(s)
$ pacman -Si php
Repositorio : extra
Nombre : php
Versión : 7.1.4-3.hyperbola3
Descripción : A general-purpose scripting language that is especially suited to web development, without systemd support
Arquitectura : x86_64
URL : http://www.php.net
Licencias : PHP
Grupos : Nada
Provee : php-ldap=7.1.4
Depende de : libxml2 curl libzip pcre
Dependencias opcionales : Nada
En conflicto con : php-ldap
Remplaza a : php-ldap
Tamaño de la descarga : 3,02 MiB
Tamaño de la instalación : 15,94 MiB
Encargado : André Silva <emulatorman@hyperbola.info>
Fecha de creación : mié 27 dic 2017 19:15:03 -05
Validado por : Suma MD5 Suma SHA-256 Firma
* config and/or log files etc.
Last update of php be v7.1.x is v7.1.23:
- https://secure.php.net/ChangeLog-7.php#7.1.23
Patch availabble from v7.1.5 https://bugs.php.net/bug.php?id=74544
Steps to reproduce:
- Install php
|
|
Stable | Security Issue | Very High | Critical | [exim] CVE-2019-10149 | Closed | |
Task Description
Description: There’s an active, ongoing campaign exploiting a widespread vulnerability in linux email servers. This attack leverages a week-old vulnerability to gain remote command execution on the target machine, search the Internet for other machines to infect, and initiates a crypto miner.
https://www.cybereason.com/blog/new-pervasive-worm-exploiting-linux-exim-server-vulnerability
https://www.openwall.com/lists/oss-security/2019/06/06/1
|
|
Any | Security Issue | Very High | Critical | [libarchive] CVE-2019-18408 | Closed | |
Task Description
https://www.zdnet.com/article/libarchive-vulnerability-can-lead-to-code-execution-on-linux-freebsd-netbsd/
https://security-tracker.debian.org/tracker/CVE-2019-18408
|
|
Any | Security Issue | Medium | Critical | [libjpeg-turbo] CVE-2019-2201 | Closed | |
Task Description
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation
https://security-tracker.debian.org/tracker/CVE-2019-2201
Patch: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/388
|
|
Any | Security Issue | High | High | [npapi-sdk] remove unsecure/deprecated package | Closed | |
Task Description
“npapi-sdk” (released in 2012) uses deprecated/unsecure NPAPI[0] api
$ pacman -Si npapi-sdk Repository : extra Name : npapi-sdk Version : 0.27.2-1 Description : Netscape Plugin API (NPAPI) Architecture : any URL : https://bitbucket.org/mgorny/npapi-sdk Licenses : MPL Groups : None Provides : None Depends On : None Optional Deps : None Conflicts With : None Replaces : None Download Size : 15.77 KiB Installed Size : 67.00 KiB Packager : Ionut Biru ibiru@archlinux.org Build Date : Thu 25 Apr 2013 01:47:15 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [npapi-vlc] remove unsecured package | Closed | |
Task Description
“npapi-vlc” uses deprecated/unsecure NPAPI[0] api
$ pacman -Si npapi-vlc Repository : community Name : npapi-vlc Version : 2.2.5-1 Description : The modern VLC Mozilla (NPAPI) plugin Architecture : x86_64 URL : https://code.videolan.org/videolan/npapi-vlc Licenses : GPL Groups : None Provides : None Depends On : gtk2 vlc Optional Deps : None Conflicts With : None Replaces : None Download Size : 69.96 KiB Installed Size : 287.00 KiB Packager : Timothy Redaelli timothy.redaelli@gmail.com Build Date : Tue 14 Feb 2017 12:27:08 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [nspluginwrapper] remove unsecure/deprecated package | Closed | |
Task Description
“nspluginwrapper” (released in 2011) uses deprecated/unsecure NPAPI[0] api
$ pacman -Si nspluginwrapper Repository : multilib Name : nspluginwrapper Version : 1.4.4-3 Description : Cross-platform NPAPI compatible plugin viewer Architecture : x86_64 URL : http://nspluginwrapper.davidben.net/ Licenses : GPL Groups : None Provides : None Depends On : curl libxt lib32-libxt gcc-libs lib32-gcc-libs gtk2 lib32-gtk2 Optional Deps : None Conflicts With : None Replaces : None Download Size : 146.14 KiB Installed Size : 475.00 KiB Packager : Felix Yan felixonmars@gmail.com Build Date : Sat 12 Jul 2014 02:40:45 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [x2goplugin] remove unsecure package | Closed | |
Task Description
“x2goplugin” uses deprecated/unsecure NPAPI[0] api
$ pacman -Si x2goplugin Repository : extra Name : x2goplugin Version : 4.1.0.0-1 Description : provides X2Go Client as QtBrowser-based Mozilla plugin Architecture : x86_64 URL : http://www.x2go.org Licenses : GPL2 Groups : None Provides : None Depends On : qt4 libcups nxproxy libssh libxpm Optional Deps : None Conflicts With : None Replaces : None Download Size : 1250.54 KiB Installed Size : 2761.00 KiB Packager : Andreas Radke andyrtr@archlinux.org Build Date : Wed 22 Feb 2017 12:42:48 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [djview] remove unsecure "nsdejavu.so" | Closed | |
Task Description
Remove “nsdejavu.so”, uses deprecated/unsecure NPAPI[0] api
$ sudo pacman -Si djview Repository : community Name : djview Version : 4.10.6-1 Description : Portable DjVu viewer and browser plugin Architecture : x86_64 URL : http://djvu.sourceforge.net/djview4.html Licenses : GPL Groups : None Provides : djview4 Depends On : qt5-base djvulibre libxkbcommon-x11 libsm Optional Deps : None Conflicts With : djview4 Replaces : djview4 Download Size : 535.79 KiB Installed Size : 1978.00 KiB Packager : Gaetan Bisson bisson@archlinux.org Build Date : Wed 04 May 2016 08:53:23 PM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ sudo pacman -Ql djview djview /usr/ djview /usr/bin/ djview /usr/bin/djview djview /usr/bin/djview4 djview /usr/lib/ djview /usr/lib/mozilla/ djview /usr/lib/mozilla/plugins/ djview /usr/lib/mozilla/plugins/nsdejavu.so djview /usr/share/ djview /usr/share/applications/ djview /usr/share/applications/djvulibre-djview4.desktop djview /usr/share/djvu/ djview /usr/share/djvu/djview4/ djview /usr/share/djvu/djview4/djview_cs.qm djview /usr/share/djvu/djview4/djview_de.qm djview /usr/share/djvu/djview4/djview_es.qm djview /usr/share/djvu/djview4/djview_fr.qm djview /usr/share/djvu/djview4/djview_ru.qm djview /usr/share/djvu/djview4/djview_uk.qm djview /usr/share/djvu/djview4/djview_zh_cn.qm djview /usr/share/djvu/djview4/djview_zh_tw.qm djview /usr/share/icons/ djview /usr/share/icons/hicolor/ djview /usr/share/icons/hicolor/32×32/ djview /usr/share/icons/hicolor/32×32/mimetypes/ djview /usr/share/icons/hicolor/32×32/mimetypes/djvulibre-djview4.png djview /usr/share/icons/hicolor/64×64/ djview /usr/share/icons/hicolor/64×64/mimetypes/ djview /usr/share/icons/hicolor/64×64/mimetypes/djvulibre-djview4.png djview /usr/share/icons/hicolor/scalable/ djview /usr/share/icons/hicolor/scalable/mimetypes/ djview /usr/share/icons/hicolor/scalable/mimetypes/djvulibre-djview4.svgz djview /usr/share/man/ djview /usr/share/man/man1/ djview /usr/share/man/man1/djview.1.gz djview /usr/share/man/man1/nsdejavu.1.gz
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [icedtea-web] remove unsecure "IcedTeaPlugin.so" | Closed | |
Task Description
Remove “IcedTeaPlugin.so”, it uses deprecated/unsecure NPAPI[0] apis
Note: this package contains “Java Web Start” and unsecured NPAPI plugin, it needs change package description and description on optional dependencies in “jre{7,8}-openjdk” packages.
$ pacman -Si icedtea-web Repository : extra Name : icedtea-web Version : 1.6.2-2.hyperbola1 Description : Free web browser plugin to run applets written in Java and an implementation of Java Web Start, without nonfree firefox support Architecture : x86_64 URL : http://icedtea.classpath.org/wiki/IcedTea-Web Licenses : GPL2 Groups : None Provides : java-web-start Depends On : java-runtime-openjdk desktop-file-utils Optional Deps : rhino: for using proxy auto config files Conflicts With : None Replaces : icedtea-web-java7 Download Size : 1525.55 KiB Installed Size : 2108.00 KiB Packager : André Silva emulatorman@hyperbola.info Build Date : Fri 26 May 2017 06:13:18 AM -03 Validated By : MD5 Sum SHA-256 Sum Signature
$ pacman -Ql icedtea-web icedtea-web /usr/ icedtea-web /usr/bin/ icedtea-web /usr/bin/itweb-settings icedtea-web /usr/bin/javaws icedtea-web /usr/bin/policyeditor icedtea-web /usr/lib/ icedtea-web /usr/lib/mozilla/ icedtea-web /usr/lib/mozilla/plugins/ icedtea-web /usr/lib/mozilla/plugins/IcedTeaPlugin.so icedtea-web /usr/share/ icedtea-web /usr/share/applications/ icedtea-web /usr/share/applications/itweb-settings.desktop icedtea-web /usr/share/applications/javaws.desktop icedtea-web /usr/share/icedtea-web/ icedtea-web /usr/share/icedtea-web/bin/ icedtea-web /usr/share/icedtea-web/bin/itweb-settings icedtea-web /usr/share/icedtea-web/bin/javaws icedtea-web /usr/share/icedtea-web/bin/policyeditor icedtea-web /usr/share/icedtea-web/javaws_splash.png icedtea-web /usr/share/icedtea-web/lib/ icedtea-web /usr/share/icedtea-web/lib/IcedTeaPlugin.so icedtea-web /usr/share/icedtea-web/netx.jar icedtea-web /usr/share/icedtea-web/plugin.jar icedtea-web /usr/share/man/ icedtea-web /usr/share/man/man1/ icedtea-web /usr/share/man/man1/icedtea-web-plugin.1.gz icedtea-web /usr/share/man/man1/icedtea-web.1.gz icedtea-web /usr/share/man/man1/itweb-settings.1.gz icedtea-web /usr/share/man/man1/javaws.1.gz icedtea-web /usr/share/man/man1/policyeditor.1.gz icedtea-web /usr/share/pixmaps/ icedtea-web /usr/share/pixmaps/javaws.png
[0]:https://developer.mozilla.org/en-US/docs/Plugins/Roadmap
|
|
Any | Security Issue | High | High | [podofo] vulnerable allows remote attackers to cause a ... | Closed | |
Task Description
https://icepng.github.io/2017/04/21/PoDoFo-1/
https://blogs.gentoo.org/ago/2017/03/31/podofo-four-null-pointer-dereference
http://www.securityfocus.com/bid/97296/info
Package information
Repositorio : community Nombre : podofo Versión : 0.9.5-2 Descripción : A C++ library to work with the PDF file format Arquitectura : x86_64 URL : http://podofo.sourceforge.net Licencias : GPL Grupos : Nada Provee : Nada Depende de : lua openssl fontconfig libtiff libidn libjpeg-turbo Dependencias opcionales : Nada En conflicto con : Nada Remplaza a : Nada Tamaño de la descarga : 785,18 KiB Tamaño de la instalación : 4492,00 KiB Encargado : Antonio Rojas arojas@archlinux.org Fecha de creación : sáb 18 feb 2017 06:52:31 -05 Validado por : Suma MD5 Suma SHA-256 Firma
Debian just patched for v0.9.5-6
https://sources.debian.net/src/libpodofo/0.9.5-6/debian/patches/CVE-2017-738%5B0123%5D.patch/
https://sources.debian.net/src/libpodofo/0.9.5-6/debian/patches/
|
|
Any | Security Issue | High | High | [isync] needs update | Closed | |
Task Description
isync is currently on 1.2.1-3, the versions is 2 years old and a lot of security/features have been implemented to the version 1.3.0
isync needs be upgraded from 1.2.1 to 1.2.3 since it is a bugfix adapted for our current snapshot in Milky Way (2017-05-08) which is using isync 1.2.x series.
|
|
Any | Security Issue | Medium | High | [blender] error invalid PGP keys | Closed | |
Task Description
$ sudo pacman -S blender
resolviendo dependencias…
buscando conflictos entre paquetes…
Paquetes (20) alembic-1.7.1-1 blender-common-2.78.c-1.hyperbola4 blosc-1.11.3-1 ilmbase-2.2.0-2 intel-tbb-2017_20170226-1 libraw-0.18.2-1 libspnav-0.2.3-1 llvm-4.0.0-2
log4cplus-1.2.0-3 opencollada-1.6.45-1.hyperbola1 opencolorio-1.0.9-5 openexr-2.2.0-3.hyperbola2 openimageio-1.6.18-1.hyperbola1 openshadinglanguage-1.7.5-1.hyperbola1
opensubdiv-3.1.1-1 openvdb-3.2.0-2 ptex-2.1.28-1.hyperbola1 valgrind-3.12.0-2 zstd-1.1.4-1 blender-2.78.c-1.hyperbola4
Tamaño total de la descarga: 0,33 MiB
Tamaño total de la instalación: 567,26 MiB
:: ¿Continuar con la instalación? [S/n] s
:: Recibiendo los paquetes…
libspnav-0.2.3-1-x86_64 8,5 KiB 849K/s 00:00 [######################################################################] 100%
zstd-1.1.4-1-x86_64 283,3 KiB 199K/s 00:01 [######################################################################] 100%
blosc-1.11.3-1-x86_64 43,0 KiB 331K/s 00:00 [######################################################################] 100%
(20/20) comprobando las claves del depósito [######################################################################] 100%
(20/20) verificando la integridad de los paquetes [######################################################################] 100%
error: libspnav: signature from "Andrea Scarpino <me@andreascarpino.it>" is marginal trust
:: El archivo /var/cache/pacman/pkg/libspnav-0.2.3-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: zstd: signature from "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" is marginal trust
:: El archivo /var/cache/pacman/pkg/zstd-1.1.4-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: blosc: signature from "Andrzej Giniewicz (giniu) <gginiu@gmail.com>" is marginal trust
:: El archivo /var/cache/pacman/pkg/blosc-1.11.3-1-x86_64.pkg.tar.xz está dañado (paquete no válido o dañado (firma PGP)).
¿Quiere eliminarlo? [S/n] s
error: no se pudo realizar la operación (paquete no válido o dañado)
Ocurrieron errores, por lo que no se actualizaron los paquetes
|
|
Any | Security Issue | High | High | [busybox] CVE-2017-16544: autocompletion vulnerability | Closed | |
|
|
Any | Security Issue | Very High | High | [gnupg] CVE-2018-12020 | Closed | |
|
|
Any | Security Issue | Medium | High | [toxcore] vulnerability affecting versions < 0.2.3 | Closed | |
|
|
Any | Security Issue | High | High | [certbot] version 0.23 is not giving the option to keep ... | Closed | |
|
|
Any | Security Issue | Medium | Medium | [cinepaint] unmaintained and unsupportable | Closed | |
|
|
Stable | Update Request | High | Critical | [system-config-printer] update to 1.5.11 | Closed | |
|
|
Any | Update Request | Very High | High | [babl] update package to v0.1.50 | Closed | |
|
|
Any | Update Request | Very High | High | [gegl] update package to 0.3.34 | Closed | |
|
|
Any | Update Request | Very High | High | [krita] update to 3.1.4 version | Closed | |
|
|
Any | Update Request | Very Low | High | ufw update/ufw bug | Closed | |
|
|
Any | Update Request | Very Low | High | [php] update to old stable PHP 7.1.32 | Closed | |
|
|
Stable | Update Request | Low | High | [pigeonhole] needs to be updated (depends on older vers ... | Closed | |
|
|
Stable | Update Request | High | Medium | [xscreensaver] needs an update, since there is a bugfix ... | Closed | |
|
|
Stable | Update Request | Very Low | Medium | [minetest] update package to 0.4.17.1 | Closed | |
|
|
Stable | Update Request | Very Low | Medium | [xfe] update package to 1.43.1 | Closed | |
|
|
Any | Update Request | Very Low | Very Low | [youtube-viewer] minor fix: function API name | Closed | |
|