[Git][security-tracker-team/security-tracker][master] 7 commits: change status of CVE-2017-13764
Thorsten Alteholz
alteholz at debian.org
Fri Dec 28 18:48:24 GMT 2018
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
39a6b3cb by Thorsten Alteholz at 2018-12-28T18:40:14Z
change status of CVE-2017-13764
- - - - -
f2cb315a by Thorsten Alteholz at 2018-12-28T18:40:15Z
change status of CVE-2017-15189
- - - - -
e2ef8618 by Thorsten Alteholz at 2018-12-28T18:40:16Z
change status of CVE-2017-15192
- - - - -
514794b2 by Thorsten Alteholz at 2018-12-28T18:40:17Z
change status of CVE-2017-15193
- - - - -
ce3ca43b by Thorsten Alteholz at 2018-12-28T18:40:18Z
change status of CVE-2018-9257
- - - - -
9ccc3c71 by Thorsten Alteholz at 2018-12-28T18:40:18Z
change status of CVE-2018-7421
- - - - -
e05408ef by Thorsten Alteholz at 2018-12-28T18:40:19Z
change status of CVE-2017-7748
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36108,8 +36108,8 @@ CVE-2018-9258 (In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-21.html
CVE-2018-9257 (In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an ...)
- wireshark 2.4.6-1 (low)
- [jessie] - wireshark <no-dsa> (Minor issue)
- [wheezy] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <not-affected> (Vulnerable code not present)
+ [wheezy] - wireshark <not-affected> (Vulnerable code not present)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14530
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d7a9501b0439a5dbf24016a95b4896170d789dc2
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-22.html
@@ -41068,8 +41068,8 @@ CVE-2018-7422 (A Local File Inclusion vulnerability in the Site Editor plugin th
NOT-FOR-US: Site Editor plugin for WordPress
CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector ...)
- wireshark 2.4.5-1 (low)
- [jessie] - wireshark <no-dsa> (Minor issue)
- [wheezy] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <not-affected> (Vulnerable code introduced later)
+ [wheezy] - wireshark <not-affected> (Vulnerable code introduced later)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901
@@ -69095,16 +69095,16 @@ CVE-2017-15195 (In Kanboard before 1.0.47, by altering form data, an authenticat
- kanboard <itp> (bug #790814)
CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector ...)
- wireshark 2.4.2-1 (low)
- [jessie] - wireshark <no-dsa> (Minor issue)
- [wheezy] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <not-affected> (Vulnerable code not present)
+ [wheezy] - wireshark <not-affected> (Vulnerable code not present)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056
NOTE: https://code.wireshark.org/review/23537
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afb9ff7982971aba6e42472de0db4c1bedfc641b
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-43.html
CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector ...)
- wireshark 2.4.2-1 (low)
- [jessie] - wireshark <no-dsa> (Minor issue)
- [wheezy] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <not-affected> (Vulnerable code introduced in version 1.99)
+ [wheezy] - wireshark <not-affected> (Vulnerable code introduced in version 1.99)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049
NOTE: https://code.wireshark.org/review/23470
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3689dc1db36037436b1616715f9a3f888fc9a0f6
@@ -69128,7 +69128,7 @@ CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. Thi
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-45.html
CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an ...)
- wireshark 2.4.2-1 (low)
- [jessie] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <not-affected> (vulnerable code not present)
[wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080
NOTE: https://code.wireshark.org/review/23663
@@ -73505,7 +73505,7 @@ CVE-2017-13765 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrC
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-41.html
CVE-2017-13764 (In Wireshark 2.4.0, the Modbus dissector could crash with a NULL ...)
- wireshark 2.4.1-1
- [jessie] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <no-affected> (vulnerable request not implemented)
[wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13925
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b87ffbd12bddf64582c0a6e082b462744474de94
@@ -91885,8 +91885,8 @@ CVE-2017-7749 (A use-after-free vulnerability when using an incorrect URL during
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7749
CVE-2017-7748 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
- [jessie] - wireshark <no-dsa> (Minor issue)
- [wheezy] - wireshark <no-dsa> (Minor issue)
+ [jessie] - wireshark <not-affected> (Vulnerable code introduced later)
+ [wheezy] - wireshark <not-affected> (Vulnerable code introduced later)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-21.html
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f55cbcde2c8f74b652add4450b0592082eb6acff
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b50f94aaeea6bf56f3f35e4a5ec23dace7b29e5c...e05408ef0cb9eaa27ed90bc8b7672b149003d9a2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b50f94aaeea6bf56f3f35e4a5ec23dace7b29e5c...e05408ef0cb9eaa27ed90bc8b7672b149003d9a2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181228/c1f043a5/attachment.html>
More information about the debian-security-tracker-commits
mailing list