[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: follow security team with no-dsa for wireshark CVEs
Thorsten Alteholz
alteholz at debian.org
Sat Dec 30 19:09:54 UTC 2017
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a28bdc03 by Thorsten Alteholz at 2017-12-30T20:09:04+01:00
follow security team with no-dsa for wireshark CVEs
- - - - -
fb814126 by Thorsten Alteholz at 2017-12-30T20:09:30+01:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4,6 +4,7 @@ CVE-2017-17997 (In Wireshark 2.2.11 and before, the MRDISC dissector misuses a N
- wireshark 2.4.0-1
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14299
NOTE: https://code.wireshark.org/review/#/c/25063/
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=80a695869c9aef2fb473d9361da068022be7cb50
@@ -578,6 +579,7 @@ CVE-2017-17935 (The File_read_line function in epan/wslua/wslua_file.c in Wiresh
- wireshark <unfixed> (bug #885831)
[stretch] - wireshark <ignored> (Minor issue)
[jessie] - wireshark <ignored> (Minor issue)
+ [wheezy] - wireshark <ignored> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295
NOTE: https://code.wireshark.org/review/#/c/24997/
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=137ab7d5681486c6d6cc8faac4300b7cd4ec0cf1
@@ -15715,6 +15717,7 @@ CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissect
- wireshark 2.4.2-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056
NOTE: https://code.wireshark.org/review/23537
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afb9ff7982971aba6e42472de0db4c1bedfc641b
@@ -15723,6 +15726,7 @@ CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT disse
- wireshark 2.4.2-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049
NOTE: https://code.wireshark.org/review/23470
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3689dc1db36037436b1616715f9a3f888fc9a0f6
@@ -15731,6 +15735,7 @@ CVE-2017-15191 (In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15
- wireshark 2.4.2-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068
NOTE: https://code.wireshark.org/review/23591
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e
@@ -15748,6 +15753,7 @@ CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into
- wireshark 2.4.2-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080
NOTE: https://code.wireshark.org/review/23663
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=625bab309d9dd21db2d8ae2aa3511810d32842a8
@@ -19982,6 +19988,7 @@ CVE-2017-13767 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSD
- wireshark 2.4.1-1
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13933
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f18ace2a2683418a9368a8dfd92da6bd8213e15
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-38.html
@@ -19998,6 +20005,7 @@ CVE-2017-13765 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrC
- wireshark 2.4.1-1
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13929
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=94666d4357096fc45e3bcad3d9414a14f0831bc8
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-41.html
@@ -20005,6 +20013,7 @@ CVE-2017-13764 (In Wireshark 2.4.0, the Modbus dissector could crash with a NULL
- wireshark 2.4.1-1
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13925
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b87ffbd12bddf64582c0a6e082b462744474de94
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-40.html
@@ -27010,6 +27019,7 @@ CVE-2017-11410 (In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML .
CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a ...)
- wireshark 2.2.0~rc1+g438c022-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=57b83bbbd76f543eb8d108919f13b662910bff9a
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-37.html
@@ -27027,6 +27037,7 @@ CVE-2017-11407 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissecto
- wireshark 2.4.0-1 (low; bug #870172)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13792
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4e54dae7f0d7840836ee6d5ce1e688f152ab2978
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-35.html
@@ -27034,6 +27045,7 @@ CVE-2017-11406 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS diss
- wireshark 2.4.0-1 (bug #870172)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13797
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=250216263c3a3f2c651e80d9c6b3dc0adc53dc2c
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-36.html
@@ -31607,6 +31619,7 @@ CVE-2017-9766 (In Wireshark 2.2.7, PROFINET IO data with a high recursion depth
- wireshark 2.4.0-1 (low; bug #870175)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13811
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d6e888400ba64de3147d1111a4c23edf389b0000
CVE-2017-9765 (Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and ...)
@@ -32190,11 +32203,13 @@ CVE-2017-9617 (In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhau
- wireshark 2.4.0-1 (low; bug #870174)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13799
CVE-2017-9616 (In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion ...)
- wireshark 2.4.0-1 (low; bug #870173)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
CVE-2017-9615 (Password exposure in Cognito Software Moneyworks 8.0.3 and earlier ...)
NOT-FOR-US: Cognito Software Moneyworks
@@ -32977,6 +32992,7 @@ CVE-2017-9354 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissect
- wireshark 2.2.7-1 (bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-32.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646
CVE-2017-9353 (In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was ...)
@@ -32990,12 +33006,14 @@ CVE-2017-9352 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar disse
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-22.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
CVE-2017-9351 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector ...)
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-24.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609
@@ -33003,6 +33021,7 @@ CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY .
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-28.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13649
NOTE: When fixing this entry make sure to apply the complete fix and adding
@@ -33012,6 +33031,7 @@ CVE-2017-9349 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissec
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-27.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
CVE-2017-9348 (In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end ...)
@@ -33032,24 +33052,28 @@ CVE-2017-9346 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dis
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-25.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13631
CVE-2017-9345 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector ...)
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-26.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
CVE-2017-9344 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP ...)
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-29.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701
CVE-2017-9343 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector ...)
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-30.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725
CVE-2017-9342
@@ -38183,18 +38207,21 @@ CVE-2017-7749
CVE-2017-7748 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-21.html
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f55cbcde2c8f74b652add4450b0592082eb6acff
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581
CVE-2017-7747 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector ...)
- wireshark 2.2.6+g32dac6a-1
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-18.html
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5cfd52d6629cf8a7ab67c6bacd3431a964f43584
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13559
CVE-2017-7746 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-19.html
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=58e69cc769dea24b721abd8a29f9eedc11024b7e
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13576
@@ -38317,12 +38344,14 @@ CVE-2017-7704 (In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an .
CVE-2017-7703 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-12.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13466
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=671e32820ab29d41d712cc8a472eab9b672684d9
CVE-2017-7702 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-13.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13477
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2f322f66cbcca2fefdaa630494f9d6c97eb659b7
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/171b745acf2fd5ece217f4c38bdf6cb2e8216415...fb814126b8b02da335d2431721ced8b2922b5712
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/171b745acf2fd5ece217f4c38bdf6cb2e8216415...fb814126b8b02da335d2431721ced8b2922b5712
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20171230/8924e1ac/attachment.html>
More information about the Secure-testing-commits
mailing list