[Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-11355

Salvatore Bonaccorso carnil at debian.org
Wed May 23 20:26:04 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
60f98fb1 by Salvatore Bonaccorso at 2018-05-23T21:24:42+02:00
Update information for CVE-2018-11355

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -148,11 +148,11 @@ CVE-2018-11356 (In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4425716ddba99374749bd033d9bc0f4add2fb973
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-29.html
 CVE-2018-11355 (In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed ...)
-	- wireshark <unfixed>
+	- wireshark <not-affected> (Vulnerable code, new RTCP dissector for transport-cc, introduced later)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14673
-	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=99d27a5fd2c540f837154aca3b3647f5ccfa0c33
+	NOTE: Introduced by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=a584eab239d55e441433ead40c993e08a24c59fe (v2.5.0)
+	NOTE: Fixed by: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=99d27a5fd2c540f837154aca3b3647f5ccfa0c33 (v2.6.1)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2018-27.html
-	TODO: check, only 2.6.0 affected?
 CVE-2018-11354 (In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. This was ...)
 	- wireshark <not-affected> (Vulnerable code, IEEE 1905.1a dissector, introduced in v2.5.0~1187)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14647



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/60f98fb1c7a6229c9820225cd9f29f047259650e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/60f98fb1c7a6229c9820225cd9f29f047259650e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180523/be38666a/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list