[Git][security-tracker-team/security-tracker][master] Add initial tracking for wireshark issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 1 09:40:53 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8dc753e3 by Salvatore Bonaccorso at 2022-01-01T10:40:34+01:00
Add initial tracking for wireshark issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -202,7 +202,9 @@ CVE-2022-22263
CVE-2021-45919
RESERVED
CVE-2021-4190 (Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of ...)
- TODO: check
+ - wireshark <unfixed>
+ NOTE: https://www.wireshark.org/security/wnpa-sec-2021-22.html
+ NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17811
CVE-2021-4189 [ftplib should not use the host from the PASV response]
RESERVED
- python3.10 <not-affected> (Fixed before initial upload to Debian unstable)
@@ -439,17 +441,29 @@ CVE-2021-45886
CVE-2021-45885 (An issue was discovered in Stormshield Network Security (SNS) 4.2.2 th ...)
NOT-FOR-US: Stormshield Network Security (SNS)
CVE-2021-4186 (Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows den ...)
- TODO: check
+ - wireshark 3.6.0-1
+ NOTE: https://www.wireshark.org/security/wnpa-sec-2021-16.html
+ NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17737
CVE-2021-4185 (Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3 ...)
- TODO: check
+ - wireshark <unfixed>
+ NOTE: https://www.wireshark.org/security/wnpa-sec-2021-17.html
+ NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17745
CVE-2021-4184 (Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3 ...)
- TODO: check
+ - wireshark <unfixed>
+ NOTE: https://www.wireshark.org/security/wnpa-sec-2021-18.html
+ NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17754
CVE-2021-4183 (Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of se ...)
- TODO: check
+ - wireshark <unfixed>
+ NOTE: https://www.wireshark.org/security/wnpa-sec-2021-19.html
+ NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17755
CVE-2021-4182 (Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 ...)
- TODO: check
+ - wireshark <unfixed>
+ NOTE: https://www.wireshark.org/security/wnpa-sec-2021-20.html
+ NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17801
CVE-2021-4181 (Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3. ...)
- TODO: check
+ - wireshark <unfixed>
+ NOTE: https://www.wireshark.org/security/wnpa-sec-2021-21.html
+ NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/5429
CVE-2021-45884 (In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based a ...)
- brave-browser <itp> (bug #864795)
CVE-2021-45883
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dc753e380defa6c9f41bd1611a01fac0f7e365f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dc753e380defa6c9f41bd1611a01fac0f7e365f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220101/fc56ba2c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list