[Secure-testing-commits] r40355 - in data: CVE DSA

Sun Mar 13 20:50:26 UTC 2016

Author: jmm
Date: 2016-03-13 20:50:25 +0000 (Sun, 13 Mar 2016)
New Revision: 40355

Modified:
   data/CVE/list
   data/DSA/list
Log:
wireshark DSA
pcre3 no-dsa


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-03-13 19:10:46 UTC (rev 40354)
+++ data/CVE/list	2016-03-13 20:50:25 UTC (rev 40355)
@@ -1569,11 +1569,15 @@
 	NOTE: Affected versions: 2.0.0 to 2.0.1
 	NOTE: Fixed versions: 2.0.2
 CVE-2016-XXXX [ASN.1 BER dissector crash]
+	[jessie] - wireshark 1.12.1+g01b65bf-4+deb8u5
+	[wheezy] - wireshark 1.8.2-5wheezy18
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-15.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
 	NOTE: Fixed versions: 2.0.2, 1.12.10
 CVE-2016-XXXX [GSM A-bis OML dissector crash]
+	[jessie] - wireshark 1.12.1+g01b65bf-4+deb8u5
+	[wheezy] - wireshark 1.8.2-5wheezy18
 	- wireshark 2.0.2+ga16e22e-1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2016-14.html
 	NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
@@ -2504,6 +2508,7 @@
 	NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=964548
 CVE-2016-XXXX [Stack corruption from crafted pattern]
 	- pcre3 <unfixed>
+	[jessie] - pcre3 <no-dsa> (Minor issue)
 	[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
 	[squeeze] - pcre3 <not-affected> (Vulnerable code not present)
 	- pcre2 <not-affected> (Vulnerable code not present)
@@ -5681,6 +5686,7 @@
 CVE-2015-8728 (The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
+	[wheezy] - wireshark 1.8.2-5wheezy18
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=15edc8d714b11dcff3a04e5d00b8db9adfdb81ed
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11797
@@ -5705,6 +5711,7 @@
 CVE-2015-8725 (The dissect_diameter_base_framed_ipv6_prefix function in ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
+	[wheezy] - wireshark 1.8.2-5wheezy18
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=aaa28a9d39158ca1033bbd3372cf423abbf4f202
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11792
@@ -5712,6 +5719,7 @@
 CVE-2015-8724 (The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1 (unimportant)
+	[wheezy] - wireshark 1.8.2-5wheezy18
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83f2818118ae255db949bb3a4b3a26ebd1c5f7c5
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11826
@@ -5720,6 +5728,7 @@
 CVE-2015-8723 (The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the ...)
 	{DSA-3505-1}
 	- wireshark 2.0.1+g59ea380-1
+	[wheezy] - wireshark 1.8.2-5wheezy18
 	[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2016-03-13 19:10:46 UTC (rev 40354)
+++ data/DSA/list	2016-03-13 20:50:25 UTC (rev 40355)
@@ -1,3 +1,7 @@
+[13 Mar 2016] DSA-3516-1 wireshark - security update
+	{CVE-2015-8731 CVE-2016-2523 CVE-2016-2530 CVE-2016-2531 CVE-2016-2532}
+	[wheezy] - wireshark 1.8.2-5wheezy18
+	[jessie] - wireshark 1.12.1+g01b65bf-4+deb8u5
 [13 Mar 2016] DSA-3515-1 graphite2 - security update
 	{CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798 CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802}
 	[wheezy] - graphite2 1.3.6-1~deb7u1


