[Secure-testing-commits] r54088 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Jul 30 18:32:33 UTC 2017
Author: carnil
Date: 2017-07-30 18:32:33 +0000 (Sun, 30 Jul 2017)
New Revision: 54088
Modified:
data/CVE/list
Log:
Update status CVE-2017-11409 for wireshark
The status is not fully correct. Upstream has changed the function
lc_gprs_dissect_xid in 2.1.0 (Widen length and offset variables). Track
the entry as fixed with the first unstable upload after the 2.0.x series
and after any 2.1.0 release as fixed.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-30 18:16:00 UTC (rev 54087)
+++ data/CVE/list 2017-07-30 18:32:33 UTC (rev 54088)
@@ -921,10 +921,13 @@
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3c7168cc5f044b4da8747d35da0b2b204dabf398
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-13.html
CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a ...)
- - wireshark <unfixed>
+ - wireshark 2.2.0~rc1+g438c022-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=57b83bbbd76f543eb8d108919f13b662910bff9a
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-37.html
+ NOTE: Technically the 2.2.0~rc1+g438c022-1 is just the first version in unstable
+ NOTE: after 2.1.0 from upstream. Upstream changed the types in llc_gprs_dissect_xid
+ NOTE: in version 2.1.0.
CVE-2017-11408 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector ...)
- wireshark <unfixed>
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780
More information about the Secure-testing-commits
mailing list