[Git][security-tracker-team/security-tracker][master] wireshark postponed
Moritz Muehlenhoff
jmm at debian.org
Wed Jan 9 09:02:37 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4b6966ba by Moritz Muehlenhoff at 2019-01-09T09:02:06Z
wireshark postponed
add note for gnuplot
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -43,22 +43,26 @@ CVE-2016-10735 (In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2,
CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a ...)
- frontaccounting <removed>
CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector ...)
- - wireshark <unfixed>
+ - wireshark <unfixed> (low)
+ [stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15374
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5b02f2a9b8772d8814096f86c60a32889d61f2c
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-04.html
CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector and ...)
- - wireshark <unfixed>
+ - wireshark <unfixed> (low)
+ [stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15373
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cd09cb5cfb673beca3cce20b1d6a9bc67a134ae1
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-03.html
CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector ...)
- - wireshark <unfixed>
+ - wireshark <unfixed> (low)
+ [stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-02.html
CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This ...)
- - wireshark <unfixed>
+ - wireshark <unfixed> (low)
+ [stretch] - wireshark <postponed> (Minor issue, wait for next 2.6.x release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15217
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2b2eea1793dbff813896e1ae9dff1bedb39ee010
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-01.html
@@ -14416,7 +14420,8 @@ CVE-2018-19492 (An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issu
NOTE: https://sourceforge.net/p/gnuplot/bugs/2089/
NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
NOTE: No security impact, neutralised by toolchain hardening
- NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source
+ NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source,
+ NOTE: see README.Debian.security (added in 5.2.6)
CVE-2018-19491 (An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows ...)
{DLA-1597-1 DLA-1595-1}
- gnuplot <unfixed> (unimportant)
@@ -14424,6 +14429,7 @@ CVE-2018-19491 (An issue was discovered in post.trm in Gnuplot 5.2.5. This issue
NOTE: https://sourceforge.net/p/gnuplot/bugs/2094/
NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source
+ NOTE: see README.Debian.security (added in 5.2.6)
CVE-2018-19490 (An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue ...)
{DLA-1597-1 DLA-1595-1}
- gnuplot <unfixed> (unimportant)
@@ -14431,6 +14437,7 @@ CVE-2018-19490 (An issue was discovered in datafile.c in Gnuplot 5.2.5. This iss
NOTE: https://sourceforge.net/p/gnuplot/bugs/2093/
NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/
NOTE: No security impact, gnuplot can execute arbitrary commands and need to come from a trusted source
+ NOTE: see README.Debian.security (added in 5.2.6)
CVE-2018-19489 (v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a ...)
- qemu 1:3.1+dfsg-1 (bug #914727)
- qemu-kvm <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4b6966baa751148bb06eade39056590f3ffbe2e3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4b6966baa751148bb06eade39056590f3ffbe2e3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190109/4f8531f9/attachment.html>
More information about the debian-security-tracker-commits
mailing list