[Secure-testing-commits] r19642 - data/CVE

Yves-Alexis Perez corsac at alioth.debian.org
Tue Jul 3 09:01:07 UTC 2012 

Author: corsac
Date: 2012-07-03 09:01:06 +0000 (Tue, 03 Jul 2012)
New Revision: 19642

Modified:
   data/CVE/list
Log:
update status for wireshark CVEs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-07-03 08:08:05 UTC (rev 19641)
+++ data/CVE/list	2012-07-03 09:01:06 UTC (rev 19642)
@@ -1,7 +1,15 @@
 CVE-2012-3826 (Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x ...)
-	TODO: check
+	- wireshark 1.6.8-1 (unimportant)
+	[squeeze] - wireshark <not-affected> (vulnerable code appeared in 1.4/1.6)
+	NOTE: not suitable for code injection
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125
+	NOTE: leftover of CVE-2012-2392
 CVE-2012-3825 (Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x ...)
-	TODO: check
+	- wireshark 1.6.8-1 (unimportant)
+	[squeeze] - wireshark <not-affected> (vulnerable code appeared in 1.4/1.6)
+	NOTE: not suitable for code injection
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125
+	NOTE: leftover of CVE-2012-2392
 CVE-2012-3824
 	RESERVED
 CVE-2012-3823
@@ -3168,14 +3176,14 @@
 CVE-2012-2392 (Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote ...)
 	- wireshark 1.6.8-1 (unimportant)
 	NOTE: Not suitable for code injection
-	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805
-	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118
-	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119
-	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120
-	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7121
-	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7122
-	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124
-	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805 Squeeze: vulnerable code not present
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118 Squeeze: vulnerable code present
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119 Squeeze: vulnerable code present
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120 Squeeze: vulnerable code not present
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7121 Squeeze: vulnerable code present
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7122 Squeeze: vulnerable code present
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124 Squeeze: vulnerable code not present
+	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125 is CVE-2012-3825 and CVE-2012-3826
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=824411
 CVE-2012-2391
 	RESERVED

More information about the Secure-testing-commits mailing list