[Git][security-tracker-team/security-tracker][master] 2 commits: wireshark fixed

Moritz Muehlenhoff jmm at debian.org
Thu Jun 28 16:10:15 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4782305b by Moritz Muehlenhoff at 2018-06-28T17:08:35+02:00
wireshark fixed

- - - - -
52fd4319 by Moritz Muehlenhoff at 2018-06-28T17:09:39+02:00
binutils fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4062,12 +4062,12 @@ CVE-2018-11363 (jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-bas
 	NOT-FOR-US: PDFGen
 CVE-2018-11362 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS ...)
 	{DSA-4217-1 DLA-1388-1}
-	- wireshark <unfixed> (bug #900708)
+	- wireshark 2.6.1-1 (bug #900708)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14615
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f177008b04a530640de835ca878892e58b826d58
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-25.html
 CVE-2018-11361 (In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. ...)
-	- wireshark <unfixed> (low; bug #900708)
+	- wireshark 2.6.1-1 (bug #900708)
 	[stretch] - wireshark <ignored> (Minor issue, also wasn't backported to older branches due to low impact)
 	[jessie] - wireshark <not-affected> (vulnerable code not present (TDLS support added in version 2.1.0))
 	[wheezy] - wireshark <not-affected> (vulnerable code not present (TDLS support added in version 2.1.0))
@@ -4075,7 +4075,7 @@ CVE-2018-11361 (In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could cra
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1b52f9929238ce3948ec924ae4f9456b5e9df558
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-32.html
 CVE-2018-11360 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP ...)
-	- wireshark <unfixed> (bug #900708)
+	- wireshark 2.6.1-1 (bug #900708)
 	[stretch] - wireshark 2.2.6+g32dac6a-2+deb9u3
 	[jessie] - wireshark <not-affected> (vulnerable code not present (uses static a_bigbuf instead))
 	[wheezy] - wireshark <not-affected> (vulnerable code not present (uses static a_bigbuf instead))
@@ -4083,7 +4083,7 @@ CVE-2018-11360 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a55b36c51f83a7b9680824e8ee3a6ce8429ab24b
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-30.html
 CVE-2018-11359 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC ...)
-	- wireshark <unfixed> (low; bug #900708)
+	- wireshark 2.6.1-1 (bug #900708)
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -4092,12 +4092,12 @@ CVE-2018-11359 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-33.html
 CVE-2018-11358 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 ...)
 	{DSA-4217-1 DLA-1388-1}
-	- wireshark <unfixed> (bug #900708)
+	- wireshark 2.6.1-1 (bug #900708)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14689
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ccb1ac3c8cec47fbbbf2e80ced80644005c65252
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-31.html
 CVE-2018-11357 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP ...)
-	- wireshark <unfixed> (low; bug #900708)
+	- wireshark 2.6.1-1 (bug #900708)
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -4105,7 +4105,7 @@ CVE-2018-11357 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ab8a33ef083b9732c89117747a83a905a676faf6
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-28.html
 CVE-2018-11356 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS ...)
-	- wireshark <unfixed> (low; bug #900708)
+	- wireshark 2.6.1-1 (bug #900708)
 	[stretch] - wireshark <no-dsa> (Minor issue)
 	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
@@ -6194,14 +6194,14 @@ CVE-2018-10536 (An issue was discovered in WavPack 5.1.0 and earlier. The WAV pa
 	NOTE: https://github.com/dbry/WavPack/issues/31
 	NOTE: https://github.com/dbry/WavPack/issues/32
 CVE-2018-10535 (The ignore_section_sym function in elf.c in the Binary File Descriptor ...)
-	- binutils <unfixed>
+	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23113
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=db0c309f4011ca94a4abc8458e27f3734dab92ac
 CVE-2018-10534 (The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in ...)
-	- binutils <unfixed>
+	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
@@ -6574,14 +6574,14 @@ CVE-2018-10375 (A file uploading vulnerability exists in ...)
 CVE-2018-10374 (EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value) ...)
 	NOT-FOR-US: EasyCMS
 CVE-2018-10373 (concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library ...)
-	- binutils <unfixed>
+	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23065
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6327533b1fd29fa86f6bf34e61c332c010e3c689
 CVE-2018-10372 (process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote ...)
-	- binutils <unfixed>
+	- binutils 2.30.90.20180627-1
 	[stretch] - binutils <ignored> (Minor issue)
 	[jessie] - binutils <ignored> (Minor issue)
 	[wheezy] - binutils <ignored> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/10b288943c8da6a43d505530f610b3543c014a22...52fd43193eae72e0f3805312a697d62ea1d8d778

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/10b288943c8da6a43d505530f610b3543c014a22...52fd43193eae72e0f3805312a697d62ea1d8d778
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180628/06dbeace/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list