[Secure-testing-commits] r21656 - data/CVE
Thijs Kinkhorst
thijs at alioth.debian.org
Sun Mar 17 15:11:38 UTC 2013
Author: thijs
Date: 2013-03-17 15:11:38 +0000 (Sun, 17 Mar 2013)
New Revision: 21656
Modified:
data/CVE/list
Log:
wireshark issues fixed in sid & through wheezy-security
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-17 06:19:38 UTC (rev 21655)
+++ data/CVE/list 2013-03-17 15:11:38 UTC (rev 21656)
@@ -216,25 +216,26 @@
CVE-2013-2488 (The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before ...)
{DSA-2644-1}
- wireshark 1.8.2-5
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-22.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8380
NOTE: Versions affected: 1.8.0 to 1.8.X, 1.6.0 to 1.6.X
CVE-2013-2487 (epan/dissectors/packet-reload.c in the REsource LOcation And Discovery ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
[squeeze] - wireshark <not-affected> (only 1.8.x series)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-21.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
NOTE: Versions affected: 1.8.0 to 1.8.5
NOTE: Not suitable for code injection
CVE-2013-2486 (The dissect_diagnosticrequest function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
[squeeze] - wireshark <not-affected> (only 1.8.x series)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-21.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
NOTE: Versions affected: 1.8.0 to 1.8.5
NOTE: Not suitable for code injection
CVE-2013-2485 (The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-20.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8359
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
@@ -242,18 +243,20 @@
CVE-2013-2484 (The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before ...)
{DSA-2644-1}
- wireshark 1.8.2-5
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-19.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8346
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
CVE-2013-2483 (The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ...)
{DSA-2644-1}
- wireshark 1.8.2-5 (unimportant)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-18.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8340
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
NOTE: Not suitable for code injection
CVE-2013-2482 (The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-17.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8337
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
@@ -261,6 +264,7 @@
CVE-2013-2481 (Integer signedness error in the dissect_mount_dirpath_call function in ...)
{DSA-2644-1}
- wireshark 1.8.2-5 (unimportant)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-16.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
@@ -268,11 +272,12 @@
CVE-2013-2480 (The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and ...)
{DSA-2644-1}
- wireshark 1.8.2-5
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-15.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8332
NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
CVE-2013-2479 (The dissect_mpls_echo_tlv_dd_map function in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-14.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8039
@@ -281,17 +286,19 @@
CVE-2013-2478 (The dissect_server_info function in epan/dissectors/packet-ms-mms.c in ...)
{DSA-2644-1}
- wireshark 1.8.2-5
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-13.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382
NOTE: announce mentions: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
CVE-2013-2477 (The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly ...)
- wireshark 1.8.2-5
[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-12.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8383
NOTE: Versions affected: 1.8.0 to 1.8.5
CVE-2013-2476 (The dissect_hartip function in epan/dissectors/packet-hartip.c in the ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-11.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8360
@@ -300,6 +307,7 @@
CVE-2013-2475 (The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote ...)
- wireshark 1.8.2-5
[squeeze] - wireshark <not-affected> (only affecting 1.8.x)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: http://www.wireshark.org/security/wnpa-sec-2013-10.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8274
NOTE: Versions affected: 1.8.0 to 1.8.5
@@ -2256,45 +2264,54 @@
[squeeze] - pixman <not-affected> (Vulnerable code not present)
CVE-2013-1590 (Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before ...)
{DSA-2625-1}
- - wireshark <unfixed>
+ - wireshark 1.8.6-1
+ [wheezy] - wireshark 1.8.2-5wheezy1
CVE-2013-1589 (Double free vulnerability in epan/proto.c in the dissection engine in ...)
- - wireshark <unfixed> (unimportant)
+ - wireshark 1.8.6-1 (unimportant)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: Not suitable for code injection
CVE-2013-1588 (Multiple buffer overflows in the dissect_pft_fec_detailed function in ...)
{DSA-2625-1}
- - wireshark <unfixed>
+ - wireshark 1.8.6-1
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8213
NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47098
CVE-2013-1587 (The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c ...)
- - wireshark <unfixed>
+ - wireshark 1.8.6-1
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7679
NOTE: Upstream patch: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44700
CVE-2013-1586 (The fragment_set_tot_len function in epan/reassemble.c in Wireshark ...)
{DSA-2625-1}
- - wireshark <unfixed>
+ - wireshark 1.8.6-1
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8111
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46999
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47000
CVE-2013-1585 (epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 ...)
- - wireshark <unfixed>
+ - wireshark 1.8.6-1
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8112
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46705
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46678
CVE-2013-1584 (The dissect_version_5_and_6_primary_header function in ...)
- - wireshark <unfixed>
+ - wireshark 1.8.6-1
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46579
CVE-2013-1583 (The dissect_version_4_primary_header function in ...)
- - wireshark <unfixed>
+ - wireshark 1.8.6-1
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7945
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=46577
CVE-2013-1582 (The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP ...)
{DSA-2625-1}
- - wireshark <unfixed>
+ - wireshark 1.8.6-1
+ [wheezy] - wireshark 1.8.2-5wheezy1
NOTE: Upstream bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7871
NOTE: http://anonsvn.wireshark.org/viewvc?view=revision&revision=45646
CVE-2013-1571
More information about the Secure-testing-commits
mailing list