[Secure-testing-commits] r34782 - in data: CVE DSA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Jun 7 12:58:49 UTC 2015


Author: carnil
Date: 2015-06-07 12:58:49 +0000 (Sun, 07 Jun 2015)
New Revision: 34782

Modified:
   data/CVE/list
   data/DSA/list
Log:
There was another CVE addressed in DSA-3277-1

NOTE to reviewers: please double check. AFAICS this was about the

+                    if (option_len == 0) {
+                        return (len);
+                    }

which got included in 36_1.12.5_fix_LBMR_crash.patch, which is as well
to fix CVE-2015-3809.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-06-07 12:52:45 UTC (rev 34781)
+++ data/CVE/list	2015-06-07 12:58:49 UTC (rev 34782)
@@ -1061,6 +1061,7 @@
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11036
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2015-12.html
 CVE-2015-3808 (The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the ...)
+	{DSA-3277-1}
 	- wireshark 1.12.5+g5819e5b-1
 	[wheezy] - wireshark <not-affected> (Vulnerable code not present)
 	[squeeze] - wireshark <not-affected> (Vulnerable code not present)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2015-06-07 12:52:45 UTC (rev 34781)
+++ data/DSA/list	2015-06-07 12:58:49 UTC (rev 34782)
@@ -8,7 +8,7 @@
 [02 Jun 2015] DSA-3249-2 jqueryui - security update
 	[wheezy] - jqueryui 1.8.ooops.21+dfsg-2+deb7u2
 [02 Jun 2015] DSA-3277-1 wireshark - security update
-	{CVE-2015-3809 CVE-2015-3810 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 CVE-2015-3815 CVE-2015-3906}
+	{CVE-2015-3808 CVE-2015-3809 CVE-2015-3810 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 CVE-2015-3814 CVE-2015-3815 CVE-2015-3906}
 	[jessie] - wireshark 1.12.1+g01b65bf-4+deb8u1
 [31 May 2015] DSA-3276-1 symfony - security update
 	{CVE-2015-4050}




More information about the Secure-testing-commits mailing list