[Git][security-tracker-team/security-tracker][master] 2 commits: Reclaim wireshark in dla-needed.txt

Markus Koschany (@apo) apo at debian.org
Thu Mar 24 13:07:52 GMT 2022 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f287d1e4 by Markus Koschany at 2022-03-24T14:05:37+01:00
Reclaim wireshark in dla-needed.txt

- - - - -
95d05dce by Markus Koschany at 2022-03-24T14:07:17+01:00
Remove no-dsa tags for upcoming wireshark update

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -17350,7 +17350,6 @@ CVE-2021-4190 (Large loop in the Kafka dissector in Wireshark 3.6.0 allows denia
 	- wireshark 3.6.2-1
 	[bullseye] - wireshark <no-dsa> (Minor issue)
 	[buster] - wireshark <no-dsa> (Minor issue)
-	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-22.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17811
 CVE-2021-4189 [ftplib should not use the host from the PASV response]
@@ -17601,42 +17600,36 @@ CVE-2021-4186 (Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allow
 	- wireshark 3.6.0-1
 	[bullseye] - wireshark <no-dsa> (Minor issue)
 	[buster] - wireshark <no-dsa> (Minor issue)
-	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-16.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17737
 CVE-2021-4185 (Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3 ...)
 	- wireshark 3.6.2-1
 	[bullseye] - wireshark <no-dsa> (Minor issue)
 	[buster] - wireshark <no-dsa> (Minor issue)
-	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-17.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17745
 CVE-2021-4184 (Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3 ...)
 	- wireshark 3.6.2-1
 	[bullseye] - wireshark <no-dsa> (Minor issue)
 	[buster] - wireshark <no-dsa> (Minor issue)
-	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-18.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17754
 CVE-2021-4183 (Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of se ...)
 	- wireshark 3.6.2-1
 	[bullseye] - wireshark <no-dsa> (Minor issue)
 	[buster] - wireshark <no-dsa> (Minor issue)
-	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-19.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17755
 CVE-2021-4182 (Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 ...)
 	- wireshark 3.6.2-1
 	[bullseye] - wireshark <no-dsa> (Minor issue)
 	[buster] - wireshark <no-dsa> (Minor issue)
-	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-20.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17801
 CVE-2021-4181 (Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3. ...)
 	- wireshark 3.6.2-1
 	[bullseye] - wireshark <no-dsa> (Minor issue)
 	[buster] - wireshark <no-dsa> (Minor issue)
-	[stretch] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-21.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/5429
 CVE-2021-45884 (In Brave Desktop 1.17 through 1.33 before 1.33.106, when CNAME-based a ...)
@@ -81637,7 +81630,6 @@ CVE-2021-22192 (An issue has been discovered in GitLab CE/EE affecting all versi
 CVE-2021-22191 (Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11  ...)
 	- wireshark 3.4.4-1
 	[buster] - wireshark <no-dsa> (Minor issue)
-	[stretch] - wireshark <postponed> (Minor issue, can be fixed along in future update)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-03.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17232
 CVE-2021-22190 (A path traversal vulnerability via the GitLab Workhorse in all version ...)


=====================================
data/dla-needed.txt
=====================================
@@ -124,7 +124,8 @@ waitress
   NOTE: 20220320: instead. Someone with more Python knowledge should take another look
   NOTE: 20220320: at it. (apo)
 --
-wireshark
+wireshark (Markus Koschany)
+  NOTE: 20220324: I am currently testing the update.
 --
 zabbix
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c31d6a995b0e75799ffbec9dc71eb7d153f7c732...95d05dceb777f40e927aa36754989387d9817159

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c31d6a995b0e75799ffbec9dc71eb7d153f7c732...95d05dceb777f40e927aa36754989387d9817159
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220324/ed6e8e70/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list