[Git][security-tracker-team/security-tracker][master] All current wireshark CVEs are fixed in the version in sid
Adrian Bunk (@bunk)
bunk at debian.org
Wed Mar 2 15:17:23 GMT 2022
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ef198927 by Adrian Bunk at 2022-03-02T17:16:49+02:00
All current wireshark CVEs are fixed in the version in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3579,13 +3579,13 @@ CVE-2022-24982 (Forms generated by JQueryForm.com before 2022-02-05 allows a rem
CVE-2022-24981 (A reflected cross-site scripting (XSS) vulnerability in forms generate ...)
NOT-FOR-US: JQueryForm.com
CVE-2022-0586 (Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 ...)
- - wireshark <unfixed>
+ - wireshark 3.6.2-1
[bullseye] - wireshark <no-dsa> (Minor issue)
[buster] - wireshark <no-dsa> (Minor issue)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17813
NOTE: https://www.wireshark.org/security/wnpa-sec-2022-01.html
CVE-2022-0585 (Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6. ...)
- - wireshark <unfixed>
+ - wireshark 3.6.2-1
[bullseye] - wireshark <no-dsa> (Minor issue)
[buster] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2054049
@@ -3603,19 +3603,19 @@ CVE-2022-0585 (Large loops in multiple protocol dissectors in Wireshark 3.6.0 to
CVE-2022-0584
RESERVED
CVE-2022-0583 (Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3 ...)
- - wireshark <unfixed>
+ - wireshark 3.6.2-1
[bullseye] - wireshark <no-dsa> (Minor issue)
[buster] - wireshark <no-dsa> (Minor issue)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17840
NOTE: https://www.wireshark.org/security/wnpa-sec-2022-03.html
CVE-2022-0582 (Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to ...)
- - wireshark <unfixed>
+ - wireshark 3.6.2-1
[bullseye] - wireshark <no-dsa> (Minor issue)
[buster] - wireshark <no-dsa> (Minor issue)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17882
NOTE: https://www.wireshark.org/security/wnpa-sec-2022-04.html
CVE-2022-0581 (Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3. ...)
- - wireshark <unfixed>
+ - wireshark 3.6.2-1
[bullseye] - wireshark <no-dsa> (Minor issue)
[buster] - wireshark <no-dsa> (Minor issue)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17935
@@ -13222,7 +13222,7 @@ CVE-2022-22263 (Unprotected dynamic receiver in SecSettings prior to SMR Jan-202
CVE-2021-45919 (Studio 42 elFinder through 2.1.31 allows XSS via an SVG document. ...)
NOT-FOR-US: Studio 42 elFinder
CVE-2021-4190 (Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of ...)
- - wireshark <unfixed>
+ - wireshark 3.6.2-1
[bullseye] - wireshark <no-dsa> (Minor issue)
[buster] - wireshark <no-dsa> (Minor issue)
[stretch] - wireshark <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef198927ae12018214168b34c5f5e72f1cfcc7d8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef198927ae12018214168b34c5f5e72f1cfcc7d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220302/b9f440d7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list