[Git][security-tracker-team/security-tracker][master] CVE-2019-10902 was never in Debian

Adrian Bunk bunk at debian.org
Sat Oct 31 19:20:21 GMT 2020 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48e29666 by Adrian Bunk at 2020-10-31T21:18:52+02:00
CVE-2019-10902 was never in Debian

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -94303,12 +94303,15 @@ CVE-2019-10903 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCE
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=eafdcfa4b6d5187a5326442a82608ab03d9dddcb
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-18.html
 CVE-2019-10902 (In Wireshark 3.0.0, the TSDNS dissector could crash. This was addresse ...)
-	- wireshark 2.6.8-1 (low; bug #926718)
-	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
+	- wireshark 3.0.3-1 (low)
+	[buster] - wireshark <not-affected> (vulnerable code is not present)
+	[stretch] - wireshark <not-affected> (vulnerable code is not present)
 	[jessie] - wireshark <not-affected> (vulnerable code is not present)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15619
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=95571f17d5e2de39735e62e5251583f930c06d51
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-16.html
+	NOTE: bug was never in Debian:
+	NOTE: dissector introduced in 3.0.0 and CVE fixed in 3.0.1
 CVE-2019-10901 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS diss ...)
 	{DLA-1802-1}
 	- wireshark 2.6.8-1 (low; bug #926718)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48e2966684330520cac6840f9e9089263ae6aa0a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48e2966684330520cac6840f9e9089263ae6aa0a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201031/2c870d9e/attachment.html>

More information about the debian-security-tracker-commits mailing list