[Secure-testing-commits] r34653 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Jun 2 12:41:25 UTC 2015 

Author: jmm
Date: 2015-06-02 12:41:25 +0000 (Tue, 02 Jun 2015)
New Revision: 34653

Modified:
   data/CVE/list
Log:
new openssl issue
various n/a for wireshark


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-02 06:22:57 UTC (rev 34652)
+++ data/CVE/list	2015-06-02 12:41:25 UTC (rev 34653)
@@ -807,24 +807,36 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2015/05/12/1
 CVE-2015-3815 (The detect_version function in wiretap/logcat.c in the Android Logcat ...)
 	- wireshark 1.12.5+g5819e5b-1
+	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
+	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-18.html
 CVE-2015-3814 (The (1) dissect_tfs_request and (2) dissect_tfs_response functions in ...)
 	- wireshark 1.12.5+g5819e5b-1
+	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
+	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-17.html
 CVE-2015-3813 (The fragment_add_work function in epan/reassemble.c in the ...)
 	- wireshark 1.12.5+g5819e5b-1
+	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
+	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-16.html
 CVE-2015-3812 (Multiple memory leaks in the x11_init_protocol function in ...)
 	- wireshark 1.12.5+g5819e5b-1
+	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
+	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-15.html
 CVE-2015-3811 (epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x ...)
 	- wireshark 1.12.5+g5819e5b-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-14.html
 CVE-2015-3810 (epan/dissectors/packet-websocket.c in the WebSocket dissector in ...)
 	- wireshark 1.12.5+g5819e5b-1
+	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
+	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-13.html
 CVE-2015-3809 (The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the ...)
 	- wireshark 1.12.5+g5819e5b-1
+	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
+	[squeeze] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html
 CVE-2015-3808 (The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the ...)
@@ -6412,8 +6424,10 @@
 	RESERVED
 CVE-2015-1792
 	RESERVED
-CVE-2015-1791
+CVE-2015-1791 [race condition in NewSessionTicket]
 	RESERVED
+	- openssl <unfixed>
+	NOTE: https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc
 CVE-2015-1790
 	RESERVED
 CVE-2015-1789

More information about the Secure-testing-commits mailing list