[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixing versions for wireshark issues

Salvatore Bonaccorso carnil at debian.org
Mon Feb 26 12:05:57 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f70b800b by Salvatore Bonaccorso at 2018-02-26T13:03:49+01:00
Add fixing versions for wireshark issues

Cross-checking with added debian/changelog CVE-2018-7421 is a well fixed
in 2.4.5 and 2.2.13 upstream, additional according to the available
information in

https://www.wireshark.org/security/wnpa-sec-2018-06.html

and

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -161,28 +161,28 @@ CVE-2012-6709 (ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate 
 CVE-2018-7422
 	RESERVED
 CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7420 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14403
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=129e41f9f63885ad8224ef413c2860788fb9e849
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-11.html
 CVE-2018-7419 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14443
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bebd3a1f50b0a27738d8d3da5b33c1b392eb7273
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-14.html
 CVE-2018-7418 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14410
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=29d920b8309905dda11ad397596fe8aafc9b4bf7
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-13.html
 CVE-2018-7417 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14409
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81216a176b25dd8a616e11808a951e141a467009
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-12.html
@@ -387,93 +387,93 @@ CVE-2017-6927 [SA-CORE-2018-001: JavaScript cross-site scripting prevention is i
 CVE-2018-7338
 	RESERVED
 CVE-2018-7337 (In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14446
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=511a8b0b546d25413e289dc5a7d3a455a33994c2
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-08.html
 CVE-2018-7336 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14374
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b56f598f1bc04f5d00f13b38c713763928cedb7c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-09.html
 CVE-2018-7335 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14442
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a2901dcf45c9f1b07abfbf2a0b0cd654371d72a4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-05.html
 CVE-2018-7334 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14339
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ed705e1227d3d582e3f0de435bba606d053d686
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-07.html
 CVE-2018-7333 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bd6313181317bfe83842b27650b65f3c2b8d5dc9
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7332 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14445
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1ab0585098c7ce20f3afceb6730427cc2a1e98ea
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7331 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14444
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=157712b2f5f89b19ef2497ea89c5938eb29529da
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7330 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14428
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8ad0c5b3683a17d9e2e16bbf25869140fd5c1c66
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7329 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14423
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d8a0cbc4f2979e0b1cadbe79f0b8b4ecb92477be
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7328 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14421
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=69d09028c956f6e049145485ce9b3e2858789b2b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7327 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14420
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=563989f888e51258edb9a27db56124bdc33c9afe
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7326 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=293b999425e998d6cde0d9149648e421ea7687d0
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7325 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14414
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7be234d06ea39ab6a88115ae41d71060f1f15e3c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7324 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14413
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9e7695bbee18525eaa6d12b32230313ae8a36a81
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7323 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14412
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4f9199ea8cff56c6704e9828c3d80360b27c4565
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5d45b69b590cabc5127282d1ade3bca1598e5f5c
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7322 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14411
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afc780e2c796e971bb7d164103f4f0d10d3c25b5
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7321 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14379
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c784d551ad50864de1035ce54e72837301cf6aca
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-06.html
 CVE-2018-7320 (In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol ...)
-	- wireshark <unfixed>
+	- wireshark 2.4.5-1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14398
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=015e3399390b8b5cfbfcfcda30589983ab6cc129
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-10.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f70b800b0805428f8c7893bbc1b1a4768a0c0179

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f70b800b0805428f8c7893bbc1b1a4768a0c0179
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180226/cd12a887/attachment.html>

More information about the Secure-testing-commits mailing list