[Git][security-tracker-team/security-tracker][master] CVEs for wireshark assigned

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 26 07:36:18 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
929fad66 by Salvatore Bonaccorso at 2023-01-26T08:35:49+01:00
CVEs for wireshark assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1121,39 +1121,39 @@ CVE-2022-48281 (processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/488
 CVE-2022-48280
 	RESERVED
-CVE-2023-XXXX [wnpa-sec-2023-07: TIPC dissector crash]
+CVE-2023-0412 [wnpa-sec-2023-07: TIPC dissector crash]
 	- wireshark 4.0.3-1
 	[bullseye] - wireshark <postponed> (Minor issue, fix along in future update)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-07.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18770
-CVE-2023-XXXX [wnpa-sec-2023-06: Multiple dissector excessive loops]
+CVE-2023-0411 [wnpa-sec-2023-06: Multiple dissector excessive loops]
 	- wireshark 4.0.3-1
 	[bullseye] - wireshark <postponed> (Minor issue, fix along in future update)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-06.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18711
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18720
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18737
-CVE-2023-XXXX [wnpa-sec-2023-05: iSCSI dissector crash]
+CVE-2023-0415 [wnpa-sec-2023-05: iSCSI dissector crash]
 	- wireshark 4.0.3-1
 	[bullseye] - wireshark <postponed> (Minor issue, fix along in future update)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-05.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18796
-CVE-2023-XXXX [wnpa-sec-2023-04: GNW dissector crash]
+CVE-2023-0416 [wnpa-sec-2023-04: GNW dissector crash]
 	- wireshark 4.0.3-1
 	[bullseye] - wireshark <postponed> (Minor issue, fix along in future update)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-04.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18779
-CVE-2023-XXXX [wnpa-sec-2023-03: Dissection engine crash]
+CVE-2023-0413 [wnpa-sec-2023-03: Dissection engine crash]
 	- wireshark 4.0.3-1
 	[bullseye] - wireshark <postponed> (Minor issue, fix along in future update)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-03.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18766
-CVE-2023-XXXX [wnpa-sec-2023-02: NFS dissector memory leak]
+CVE-2023-0417 [wnpa-sec-2023-02: NFS dissector memory leak]
 	- wireshark 4.0.3-1
 	[bullseye] - wireshark <postponed> (Minor issue, fix along in future update)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-02.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18628
-CVE-2023-XXXX [wnpa-sec-2023-01: EAP dissector crash]
+CVE-2023-0414 [wnpa-sec-2023-01: EAP dissector crash]
 	- wireshark 4.0.3-1
 	[bullseye] - wireshark <postponed> (Minor issue, fix along in future update)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-01.html
@@ -1500,20 +1500,6 @@ CVE-2023-23922
 	RESERVED
 CVE-2023-23921
 	RESERVED
-CVE-2023-0417 (Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 ...)
-	TODO: check
-CVE-2023-0416 (GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 an ...)
-	TODO: check
-CVE-2023-0415 (iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10  ...)
-	TODO: check
-CVE-2023-0414 (Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial o ...)
-	TODO: check
-CVE-2023-0413 (Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10  ...)
-	TODO: check
-CVE-2023-0412 (TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 a ...)
-	TODO: check
-CVE-2023-0411 (Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and ...)
-	TODO: check
 CVE-2023-0410 (Cross-site Scripting (XSS) - Generic in GitHub repository builderio/qw ...)
 	NOT-FOR-US: builderio/qwik
 CVE-2023-0409



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/929fad66453d781d9bf648a43b1fead4759bb471

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/929fad66453d781d9bf648a43b1fead4759bb471
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230126/5880280e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list