[Git][security-tracker-team/security-tracker][master] Sort suites entries for ndpi

Sat, 27 Aug 2022 12:46:01 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
50e9faf0 by Salvatore Bonaccorso at 2022-08-27T21:45:26+02:00
Sort suites entries for ndpi

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -160132,8 +160132,8 @@ CVE-2020-15476 (In nDPI through 3.2, the Oracle 
protocol dissector has a heap-ba
        NOTE: 
https://github.com/ntop/nDPI/commit/b69177be2fbe01c2442239a61832c44e40136c05 
(3.4)
 CVE-2020-15475 (In nDPI through 3.2, ndpi_reset_packet_line_info in 
lib/ndpi_main.c om ...)
        - ndpi 3.4-1 (bug #972050)
-       [stretch] - ndpi <not-affected> (Vulnerable code not present, 
content_disposition_line introduced later)
        [buster] - ndpi <not-affected> (Vulnerable code not present, 
content_disposition_line introduced later)
+       [stretch] - ndpi <not-affected> (Vulnerable code not present, 
content_disposition_line introduced later)
        NOTE: 
https://github.com/ntop/nDPI/commit/6a9f5e4f7c3fd5ddab3e6727b071904d76773952 
(3.4)
 CVE-2020-15474 (In nDPI through 3.2, there is a stack overflow in 
extractRDNSequence i ...)
        - ndpi 3.4-1 (bug #972050)
@@ -160142,8 +160142,8 @@ CVE-2020-15474 (In nDPI through 3.2, there is a stack 
overflow in extractRDNSequ
        NOTE: 
https://github.com/ntop/nDPI/commit/23594f036536468072198a57c59b6e9d63caf6ce 
(3.4)
 CVE-2020-15473 (In nDPI through 3.2, the OpenVPN dissector is vulnerable to a 
heap-bas ...)
        - ndpi 3.4-1 (bug #972050)
+       [buster] - ndpi <ignored> (Patch cannot be cleanly applied. Codebase 
changed a lot)
        [stretch] - ndpi <not-affected> (Vulnerable code introduced later)
-       [buster] - ndpi <ignored> (Patch cannot be cleanly applied. Codebase 
changed a lot.)
        NOTE: 
https://github.com/ntop/nDPI/commit/8e7b1ea7a136cc4e4aa9880072ec2d69900a825e 
(3.4)
 CVE-2020-15472 (In nDPI through 3.2, the H.323 dissector is vulnerable to a 
heap-based ...)
        - ndpi 3.4-1 (bug #972050)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50e9faf0a07ac237eb834f0ca0df963b66674542

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50e9faf0a07ac237eb834f0ca0df963b66674542
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to