[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-9349 and CVE-2017-9344 will be fixed

Mon Mar 25 21:39:10 GMT 2019

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1d4a8af0 by Thorsten Alteholz at 2019-03-25T21:36:57Z
CVE-2017-9349 and CVE-2017-9344 will be fixed

- - - - -
6068f9b3 by Thorsten Alteholz at 2019-03-25T21:37:11Z
Reserve DLA-1729-1 for wireshark

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -104063,7 +104063,6 @@ CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY d
 	NOTE: are opened to CVE-2017-11411, which exists because of an incomplete fix.
 CVE-2017-9349 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector h ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
-	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-27.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
@@ -104094,7 +104093,6 @@ CVE-2017-9345 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissecto
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
 CVE-2017-9344 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP d ...)
 	- wireshark 2.2.7-1 (low; bug #864058)
-	[jessie] - wireshark <no-dsa> (Minor issue)
 	[wheezy] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2017-29.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[25 Mar 2019] DLA-1729-1 wireshark - security update
+	{CVE-2017-9344 CVE-2017-9349 CVE-2019-9209}
+	[jessie] - wireshark 1.12.1+g01b65bf-4+deb8u18
 [25 Mar 2019] DLA-1728-1 openssh - security update
 	{CVE-2018-20685 CVE-2019-6109 CVE-2019-6111}
 	[jessie] - openssh 1:6.7p1-5+deb8u8


=====================================
data/dla-needed.txt
=====================================
@@ -102,9 +102,6 @@ sox
   NOTE: 20190305: CVE-2019-835{4,5,6,7} no upstream patch yet, might take some time.
   NOTE: Check again later. - hle
 --
-wireshark (Thorsten Alteholz)
-  NOTE: 20190317: testing package
---
 wordpress (Abhijith PA)
 --
 xen (worked on by credative)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/7655c7a6e6add705d5178693169dbb1ccadec8b4...6068f9b3daef4d103e8c9ac28ea0d0a05a4395b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/7655c7a6e6add705d5178693169dbb1ccadec8b4...6068f9b3daef4d103e8c9ac28ea0d0a05a4395b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190325/e0ab8691/attachment-0001.html>
