[Git][security-tracker-team/security-tracker][master] 3 commits: Jessie is not affected by CVE-2018-14367

Thu Jul 26 14:53:07 BST 2018

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ee7c2cc by Thorsten Alteholz at 2018-07-26T15:24:05+02:00
Jessie is not affected by CVE-2018-14367

- - - - -
0f10fcba by Thorsten Alteholz at 2018-07-26T15:24:47+02:00
Jessie is not affected by CVE-2018-14370

- - - - -
a5417d96 by Thorsten Alteholz at 2018-07-26T15:51:39+02:00
CVE-2018-14438 is Windows specific

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -413,7 +413,7 @@ CVE-2018-14440 (An issue was discovered in cckevincyh SSH CompanyWebsite through
 CVE-2018-14439 (espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 ...)
 	TODO: check
 CVE-2018-14438 (In Wireshark through 2.6.2, the create_app_running_mutex function in ...)
-	- wireshark <unfixed>
+	- wireshark <not-affected> (Problem with SetSecurityDescriptorDacl() is Windows specific issue)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14921
 CVE-2018-14437 (ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. ...)
 	- imagemagick <unfixed> (unimportant)
@@ -615,6 +615,7 @@ CVE-2018-14371 (The getLocalePrefix function in ResourceManager.java in Eclipse 
 CVE-2018-14370 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 ...)
 	- wireshark <unfixed>
 	[stretch] - wireshark <not-affected> (Vulnerable code not present)
+	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14686
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1446124eebc3ea5591d18e719c2a5cff3630638
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-43.html
@@ -632,6 +633,7 @@ CVE-2018-14368 (In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15
 CVE-2018-14367 (In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol ...)
 	- wireshark <unfixed>
 	[stretch] - wireshark <not-affected> (Vulnerable code not present)
+	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14966
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81ce5fcb3e37a0aaeb7532f7a2a09366f16fa310
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-42.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c44aa936451d1bd17c21a4b8730457272d20a515...a5417d9632f86430e87ca9e400e0544c6a3c99c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c44aa936451d1bd17c21a4b8730457272d20a515...a5417d9632f86430e87ca9e400e0544c6a3c99c1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180726/12c37ebd/attachment.html>
