[Git][security-tracker-team/security-tracker][master] 2 commits: kgb-bot/CVE-2015-1554: note last ping

[Sylvain Beucler]

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e9f1da54 by Sylvain Beucler at 2019-04-09T14:07:05Z
kgb-bot/CVE-2015-1554: note last ping

- - - - -
e3ac9cf4 by Sylvain Beucler at 2019-04-09T14:14:07Z
wireshark/CVE-2019-10897,CVE-2019-10898,CVE-2019-10900: confirm not-affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -290,11 +290,11 @@ CVE-2019-10901 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDS
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-17.html
 CVE-2019-10900 (In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop.  ...)
 	- wireshark <undetermined>
+	[stretch] - wireshark <not-affected> (vulnerable code is not present)
 	[jessie] - wireshark <not-affected> (vulnerable code is not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15612
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=26eee01f57f0a86fb375892c7937eac24ede4610
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-13.html
-	TODO: check, possibly only 3.0.0
 CVE-2019-10899 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC di ...)
 	- wireshark <unfixed>
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15546
@@ -302,18 +302,18 @@ CVE-2019-10899 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRV
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-10.html
 CVE-2019-10898 (In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. ...)
 	- wireshark <undetermined>
+	[stretch] - wireshark <not-affected> (vulnerable code is not present)
 	[jessie] - wireshark <not-affected> (vulnerable code is not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15585
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f80b7d1b279fb6c13f640019a1bbc42b18bf7469
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-12.html
-	TODO: check, possibly only 3.0.0
 CVE-2019-10897 (In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinit ...)
 	- wireshark <undetermined>
+	[stretch] - wireshark <not-affected> (vulnerable code is not present)
 	[jessie] - wireshark <not-affected> (vulnerable code is not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15553
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=00d5e9e9fb377f52ab7696f25c1dbc011ef0244d
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-11.html
-	TODO: check, possibly only 3.0.0
 CVE-2019-10896 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF disse ...)
 	- wireshark <unfixed>
 	[jessie] - wireshark <not-affected> (vulnerable code is not present)
@@ -186283,6 +186283,7 @@ CVE-2015-1401 (Improper Authentication vulnerability in the "LDAP / SSO Authenti
 	NOT-FOR-US: typo3 extension
 CVE-2015-1554 (kgb-bot 1.33-2 allows remote attackers to cause a denial of service (c ...)
 	- kgb-bot <undetermined> (low; bug #776424)
+	NOTE: 20190201: random crash still not reproducible
 CVE-2015-1369 (SQL injection vulnerability in Sequelize before 2.0.0-rc7 for Node.js  ...)
 	NOT-FOR-US: sequelize
 CVE-2015-1354



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/777382ae22375fbc2bd3326de856b6c3d382676f...e3ac9cf4f8ea33604bf1b33cfa7c30b919f755a7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/777382ae22375fbc2bd3326de856b6c3d382676f...e3ac9cf4f8ea33604bf1b33cfa7c30b919f755a7
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190409/a0141973/attachment-0001.html>