[Git][security-tracker-team/security-tracker][master] CVE-2017-{15189, 13764}: wheezy not-affected
Hugo Lefeuvre
hle at debian.org
Thu May 30 07:59:16 BST 2019
Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1ba98dfb by Hugo Lefeuvre at 2019-05-30T06:58:46Z
CVE-2017-{15189, 13764}: wheezy not-affected
Vulnerable code not present in 1.12.1+g01b65bf-4+deb8u6~deb7u17.
(also, wheezy and jessie share identical code base, they only have a
slightly different Debian specific patchset)
This is old triage, but still relevant for the ELTS initiative.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -93144,11 +93144,12 @@ CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. Thi
CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an inf ...)
- wireshark 2.4.2-1 (low)
[jessie] - wireshark <not-affected> (vulnerable code not present)
- [wheezy] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <not-affected> (vulnerable code not present)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080
NOTE: https://code.wireshark.org/review/23663
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=625bab309d9dd21db2d8ae2aa3511810d32842a8
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-46.html
+ NOTE: vulnerable introduced in https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3e1828e35188e1
CVE-2017-15188 (A persistent (stored) XSS vulnerability in the EyesOfNetwork web inter ...)
NOT-FOR-US: EyesOfNetwork (EON)
CVE-2017-15187
@@ -97502,7 +97503,7 @@ CVE-2017-13765 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrC
CVE-2017-13764 (In Wireshark 2.4.0, the Modbus dissector could crash with a NULL point ...)
- wireshark 2.4.1-1
[jessie] - wireshark <not-affected> (vulnerable request not implemented)
- [wheezy] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <not-affected> (vulnerable request not implemented)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13925
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b87ffbd12bddf64582c0a6e082b462744474de94
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-40.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ba98dfb1869c659709392bad4a1946003f9fbb0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ba98dfb1869c659709392bad4a1946003f9fbb0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190530/7cba1fef/attachment.html>
More information about the debian-security-tracker-commits
mailing list