[Git][security-tracker-team/security-tracker][master] Update wireshark CVE info

Adrian Bunk (@bunk) bunk at debian.org
Sun Dec 26 14:08:52 GMT 2021 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2020806c by Adrian Bunk at 2021-12-26T16:06:02+02:00
Update wireshark CVE info

- CVE-2021-39920: buster and stretch are not affected
- CVE-2021-39923: correct NOTES (information was for CVE-2021-39920)
- CVE-2021-39926: buster and stretch are not affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18503,6 +18503,7 @@ CVE-2021-39926 (Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark
 	{DSA-5019-1}
 	- wireshark 3.6.0-1
 	[buster] - wireshark <not-affected> (Vulnerable code not present)
+	[stretch] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17649
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-08.html
 CVE-2021-39925 (Buffer overflow in the Bluetooth SDP dissector in Wireshark 3.4.0 to 3 ...)
@@ -18521,8 +18522,8 @@ CVE-2021-39923 (Large loop in the PNRP dissector in Wireshark 3.4.0 to 3.4.9 and
 	{DSA-5019-1}
 	- wireshark 3.6.0-1
 	[buster] - wireshark <no-dsa> (Minor issue)
-	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17705
-	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-15.html
+	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17684
+	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-11.html
 CVE-2021-39922 (Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 an ...)
 	{DSA-5019-1}
 	- wireshark 3.6.0-1
@@ -18538,7 +18539,8 @@ CVE-2021-39921 (NULL pointer exception in the Modbus dissector in Wireshark 3.4.
 CVE-2021-39920 (NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3 ...)
 	{DSA-5019-1}
 	- wireshark 3.6.0-1
-	[buster] - wireshark <no-dsa> (Minor issue)
+	[buster] - wireshark <not-affected> (IPPUSB dissector added in 3.4)
+	[stretch] - wireshark <not-affected> (IPPUSB dissector added in 3.4)
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17705
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-15.html
 CVE-2021-39919 (In all versions of GitLab CE/EE starting version 14.0 before 14.3.6, a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2020806c4867926e832b5927cba4d09c2386ff48

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2020806c4867926e832b5927cba4d09c2386ff48
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211226/af1432ca/attachment.htm>

More information about the debian-security-tracker-commits mailing list