[Secure-testing-commits] r58192 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Fri Dec 1 18:36:19 UTC 2017
Author: jmm
Date: 2017-12-01 18:36:19 +0000 (Fri, 01 Dec 2017)
New Revision: 58192
Modified:
data/CVE/list
Log:
further wireshark triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-01 18:21:43 UTC (rev 58191)
+++ data/CVE/list 2017-12-01 18:36:19 UTC (rev 58192)
@@ -6842,24 +6842,33 @@
- kanboard <itp> (bug #790814)
CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector ...)
- wireshark 2.4.2-1 (low)
+ [stretch] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056
NOTE: https://code.wireshark.org/review/23537
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afb9ff7982971aba6e42472de0db4c1bedfc641b
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-43.html
CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector ...)
- wireshark 2.4.2-1 (low)
+ [stretch] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049
NOTE: https://code.wireshark.org/review/23470
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3689dc1db36037436b1616715f9a3f888fc9a0f6
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-42.html
CVE-2017-15191 (In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the ...)
- wireshark 2.4.2-1 (low)
+ [stretch] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068
NOTE: https://code.wireshark.org/review/23591
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-44.html
CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was ...)
- wireshark 2.4.2-1 (low)
+ [stretch] - wireshark <not-affected> (Only affects 2.4)
+ [jessie] - wireshark <not-affected> (Only affects 2.4)
+ [wheezy] - wireshark <not-affected> (Only affects 2.4)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14077
NOTE: https://code.wireshark.org/review/23635
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e27870eaa6efa1c2dac08aa41a67fe9f0839e6e0
@@ -23982,6 +23991,8 @@
NOT-FOR-US: Subsonic
CVE-2017-9354 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector ...)
- wireshark 2.2.7-1 (bug #864058)
+ [stretch] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-32.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646
CVE-2017-9353 (In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was ...)
@@ -23998,12 +24009,16 @@
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-22.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
CVE-2017-9351 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector ...)
- - wireshark 2.2.7-1 (bug #864058)
+ - wireshark 2.2.7-1 (low; bug #864058)
+ [stretch] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-24.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609
CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY ...)
- - wireshark 2.2.7-1 (bug #864058)
+ - wireshark 2.2.7-1 (low; bug #864058)
+ [stretch] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-28.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13649
NOTE: When fixing this entry make sure to apply the complete fix and adding
@@ -24017,6 +24032,7 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
CVE-2017-9348 (In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end ...)
- wireshark 2.2.7-1 (bug #864058)
+ [stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <not-affected> (Only affects 2.2.x)
[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-23.html
More information about the Secure-testing-commits
mailing list