[Secure-testing-commits] r40162 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Fri Mar 4 21:10:14 UTC 2016
Author: sectracker
Date: 2016-03-04 21:10:14 +0000 (Fri, 04 Mar 2016)
New Revision: 40162
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-04 19:10:06 UTC (rev 40161)
+++ data/CVE/list 2016-03-04 21:10:14 UTC (rev 40162)
@@ -1266,7 +1266,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/02/19/4
CVE-2016-2510 [remote code execution vulnerability]
RESERVED
- {DLA-443-1}
+ {DSA-3504-1 DLA-443-1}
- bsh 2.0b4-16
NOTE: https://github.com/beanshell/beanshell/releases/tag/2.0b6
NOTE: https://github.com/beanshell/beanshell/commit/7c68fde2d6fc65e362f20863d868c112a90a9b49
@@ -1641,6 +1641,7 @@
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=8f4c3e4b92212d98f5b9ca2dee13e076effe9589
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7ec9c5ce8a753175244da971fed9f1e25aef7971
CVE-2016-2326 (Integer overflow in the asf_write_packet function in ...)
+ {DSA-3506-1}
- ffmpeg 2.8.5-1
- libav <removed>
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commit;h=7c0b84d89911b2035161f5ef51aafbfcc84aa9e2
@@ -3504,12 +3505,14 @@
NOTE: Fixed by: https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0
NOTE: Introduced by: https://anongit.mindrot.org/openssh.git/commit/packet.c?id=091c302829210c41e7f57c3f094c7b9c054306f0 (V_6_8_P1)
CVE-2016-1898 (FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and ...)
+ {DSA-3506-1}
- ffmpeg 7:2.8.5-1
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
- libav <removed>
NOTE: http://habrahabr.ru/company/mailru/blog/274855
NOTE: Fixed in 2.8.5 upstream
CVE-2016-1897 (FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and ...)
+ {DSA-3506-1}
- ffmpeg 7:2.8.5-1
[squeeze] - ffmpeg <end-of-life> (Not supported in Squeeze LTS)
- libav <removed>
@@ -4807,12 +4810,14 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-52.html
CVE-2015-8733 (The ngsniffer_process_record function in wiretap/ngsniffer.c in the ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-51.html
CVE-2015-8732 (The dissect_zcl_pwr_prof_pwrprofstatersp function in ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
@@ -4828,6 +4833,7 @@
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-49.html
NOTE: fix released in 2.0.1 is incomplete
CVE-2015-8730 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
@@ -4835,24 +4841,28 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11815
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-48.html
CVE-2015-8729 (The ascend_seek function in wiretap/ascendtext.c in the Ascend file ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=338da1c0ea0b2f8595d3a7b6d6c9548f7da3e27b
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11794
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-47.html
CVE-2015-8728 (The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=15edc8d714b11dcff3a04e5d00b8db9adfdb81ed
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11797
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-46.html
CVE-2015-8727 (The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=56baca60271379cb97f6a4a6bf72eb526e8b52d0
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11793
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-45.html
CVE-2015-8726 (wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
@@ -4862,24 +4872,28 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-44.html
CVE-2015-8725 (The dissect_diameter_base_framed_ipv6_prefix function in ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=aaa28a9d39158ca1033bbd3372cf423abbf4f202
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11792
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-43.html
CVE-2015-8724 (The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83f2818118ae255db949bb3a4b3a26ebd1c5f7c5
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11826
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-42.html
CVE-2015-8723 (The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-42.html
CVE-2015-8722 (epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -4888,17 +4902,20 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11767
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-41.html
CVE-2015-8721 (Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cec0593ae6c3bca65eff65741c2a10f3de3e0afe
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11548
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-40.html
CVE-2015-8720 (The dissect_ber_GeneralizedTime function in ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-39.html
CVE-2015-8719 (The dissect_dns_answer function in epan/dissectors/packet-dns.c in the ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -4906,11 +4923,13 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10988
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-38.html
CVE-2015-8718 (Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-37.html
CVE-2015-8717 (The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -4918,12 +4937,14 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-36.html
CVE-2015-8716 (The init_t38_info_conv function in epan/dissectors/packet-t38.c in the ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=eb6ccb1b0c4ad02b828652c3fe6e8d51c30a315e
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-35.html
CVE-2015-8715 (epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -4931,6 +4952,7 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11607
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-34.html
CVE-2015-8714 (The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d34267d0503a67235bf259fd2f2f2d2bb8b18cf5
@@ -4938,6 +4960,7 @@
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-33.html
TODO: check if actually fixed earlier
CVE-2015-8713 (epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -4945,6 +4968,7 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11606
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-32.html
CVE-2015-8712 (The dissect_hsdsch_channel_info function in ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -4952,6 +4976,7 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602
NOTE: http://www.wireshark.org/security/wnpa-sec-2015-32.html
CVE-2015-8711 (epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark ...)
+ {DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
[wheezy] - wireshark <not-affected> (Vulnerable code not present)
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
@@ -10844,6 +10869,7 @@
[wheezy] - dc3dd <no-dsa> (Minor issue)
NOTE: http://seclists.org/bugtraq/2015/Oct/71
CVE-2015-7830 (The pcapng_read_if_descr_block function in wiretap/pcapng.c in the ...)
+ {DSA-3505-1}
- wireshark 1.12.8+g5b6e543-1
[squeeze] - wireshark <not-affected> (Vulnerable code not present)
NOTE: https://www.wireshark.org/security/wnpa-sec-2015-30.html
More information about the Secure-testing-commits
mailing list