[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-9349 and CVE-2017-9344 will be fixed
Thorsten Alteholz
alteholz at debian.org
Mon Mar 25 21:39:10 GMT 2019
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1d4a8af0 by Thorsten Alteholz at 2019-03-25T21:36:57Z
CVE-2017-9349 and CVE-2017-9344 will be fixed
- - - - -
6068f9b3 by Thorsten Alteholz at 2019-03-25T21:37:11Z
Reserve DLA-1729-1 for wireshark
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -104063,7 +104063,6 @@ CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY d
NOTE: are opened to CVE-2017-11411, which exists because of an incomplete fix.
CVE-2017-9349 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector h ...)
- wireshark 2.2.7-1 (low; bug #864058)
- [jessie] - wireshark <no-dsa> (Minor issue)
[wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-27.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
@@ -104094,7 +104093,6 @@ CVE-2017-9345 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissecto
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
CVE-2017-9344 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP d ...)
- wireshark 2.2.7-1 (low; bug #864058)
- [jessie] - wireshark <no-dsa> (Minor issue)
[wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-29.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[25 Mar 2019] DLA-1729-1 wireshark - security update
+ {CVE-2017-9344 CVE-2017-9349 CVE-2019-9209}
+ [jessie] - wireshark 1.12.1+g01b65bf-4+deb8u18
[25 Mar 2019] DLA-1728-1 openssh - security update
{CVE-2018-20685 CVE-2019-6109 CVE-2019-6111}
[jessie] - openssh 1:6.7p1-5+deb8u8
=====================================
data/dla-needed.txt
=====================================
@@ -102,9 +102,6 @@ sox
NOTE: 20190305: CVE-2019-835{4,5,6,7} no upstream patch yet, might take some time.
NOTE: Check again later. - hle
--
-wireshark (Thorsten Alteholz)
- NOTE: 20190317: testing package
---
wordpress (Abhijith PA)
--
xen (worked on by credative)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/7655c7a6e6add705d5178693169dbb1ccadec8b4...6068f9b3daef4d103e8c9ac28ea0d0a05a4395b5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/7655c7a6e6add705d5178693169dbb1ccadec8b4...6068f9b3daef4d103e8c9ac28ea0d0a05a4395b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190325/e0ab8691/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list