[Secure-testing-commits] r58192 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Dec 1 18:36:19 UTC 2017


Author: jmm
Date: 2017-12-01 18:36:19 +0000 (Fri, 01 Dec 2017)
New Revision: 58192

Modified:
   data/CVE/list
Log:
further wireshark triage


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-01 18:21:43 UTC (rev 58191)
+++ data/CVE/list	2017-12-01 18:36:19 UTC (rev 58192)
@@ -6842,24 +6842,33 @@
 	- kanboard <itp> (bug #790814)
 CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector ...)
 	- wireshark 2.4.2-1 (low)
+	[stretch] - wireshark <no-dsa> (Minor issue)
+	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056
 	NOTE: https://code.wireshark.org/review/23537
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afb9ff7982971aba6e42472de0db4c1bedfc641b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-43.html
 CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector ...)
 	- wireshark 2.4.2-1 (low)
+	[stretch] - wireshark <no-dsa> (Minor issue)
+	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049
 	NOTE: https://code.wireshark.org/review/23470
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3689dc1db36037436b1616715f9a3f888fc9a0f6
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-42.html
 CVE-2017-15191 (In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the ...)
 	- wireshark 2.4.2-1 (low)
+	[stretch] - wireshark <no-dsa> (Minor issue)
+	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068
 	NOTE: https://code.wireshark.org/review/23591
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-44.html
 CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was ...)
 	- wireshark 2.4.2-1 (low)
+	[stretch] - wireshark <not-affected> (Only affects 2.4)
+	[jessie] - wireshark <not-affected> (Only affects 2.4)
+	[wheezy] - wireshark <not-affected> (Only affects 2.4)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14077
 	NOTE: https://code.wireshark.org/review/23635
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e27870eaa6efa1c2dac08aa41a67fe9f0839e6e0
@@ -23982,6 +23991,8 @@
 	NOT-FOR-US: Subsonic
 CVE-2017-9354 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector ...)
 	- wireshark 2.2.7-1 (bug #864058)
+	[stretch] - wireshark <no-dsa> (Minor issue)
+	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-32.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646
 CVE-2017-9353 (In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was ...)
@@ -23998,12 +24009,16 @@
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-22.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
 CVE-2017-9351 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector ...)
-	- wireshark 2.2.7-1 (bug #864058)
+	- wireshark 2.2.7-1 (low; bug #864058)
+	[stretch] - wireshark <no-dsa> (Minor issue)
+	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-24.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609
 CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY ...)
-	- wireshark 2.2.7-1 (bug #864058)
+	- wireshark 2.2.7-1 (low; bug #864058)
+	[stretch] - wireshark <no-dsa> (Minor issue)
+	[jessie] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-28.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13649
 	NOTE: When fixing this entry make sure to apply the complete fix and adding
@@ -24017,6 +24032,7 @@
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
 CVE-2017-9348 (In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end ...)
 	- wireshark 2.2.7-1 (bug #864058)
+	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <not-affected> (Only affects 2.2.x)
 	[wheezy] - wireshark <not-affected> (Only affects 2.2.x)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-23.html




More information about the Secure-testing-commits mailing list