Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
95679643 by Moritz Muehlenhoff at 2023-06-15T09:33:47+02:00
bullseye/bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -25654,13 +25654,13 @@ CVE-2022-48280
CVE-2023-0412 (TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to
3.6.10 a ...)
{DLA-3313-1}
- wireshark 4.0.3-1
- [bullseye] - wireshark <postponed> (Minor issue, fix along in future
update)
+ [bullseye] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-07.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18770
CVE-2023-0411 (Excessive loops in multiple dissectors in Wireshark 4.0.0 to
4.0.2 and ...)
{DLA-3313-1}
- wireshark 4.0.3-1
- [bullseye] - wireshark <postponed> (Minor issue, fix along in future
update)
+ [bullseye] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-06.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18711
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18720
@@ -25668,12 +25668,12 @@ CVE-2023-0411 (Excessive loops in multiple dissectors
in Wireshark 4.0.0 to 4.0.
CVE-2023-0415 (iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to
3.6.10 ...)
{DLA-3313-1}
- wireshark 4.0.3-1
- [bullseye] - wireshark <postponed> (Minor issue, fix along in future
update)
+ [bullseye] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-05.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18796
CVE-2023-0416 (GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to
3.6.10 an ...)
- wireshark 4.0.3-1
- [bullseye] - wireshark <postponed> (Minor issue, fix along in future
update)
+ [bullseye] - wireshark <no-dsa> (Minor issue)
[buster] - wireshark <not-affected> (Vulnerable code introduced later)
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-04.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18779
@@ -25682,18 +25682,18 @@ CVE-2023-0416 (GNW dissector crash in Wireshark 4.0.0
to 4.0.2 and 3.6.0 to 3.6.
CVE-2023-0413 (Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to
3.6.10 ...)
{DLA-3313-1}
- wireshark 4.0.3-1
- [bullseye] - wireshark <postponed> (Minor issue, fix along in future
update)
+ [bullseye] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-03.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18766
CVE-2023-0417 (Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2
and 3.6.0 ...)
{DLA-3313-1}
- wireshark 4.0.3-1
- [bullseye] - wireshark <postponed> (Minor issue, fix along in future
update)
+ [bullseye] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-02.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18628
CVE-2023-0414 (Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows
denial o ...)
- wireshark 4.0.3-1
- [bullseye] - wireshark <postponed> (Minor issue, fix along in future
update)
+ [bullseye] - wireshark <no-dsa> (Minor issue)
[buster] - wireshark <not-affected> (Vulnerable code introduced later)
NOTE: https://www.wireshark.org/security/wnpa-sec-2023-01.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18622
=====================================
data/dsa-needed.txt
=====================================
@@ -14,7 +14,7 @@ If needed, specify the release by adding a slash after the
name of the source pa
--
asterisk/oldstable
--
-chromium
+chromium (jmm)
--
cinder/oldstable
--
@@ -75,10 +75,10 @@ webkit2gtk
--
wpewebkit
--
-wireshark
- bookworm to 4.0.6, bullseye isolated cherrypick
+wireshark/stable (jmm)
+ bookworm to 4.0.6, bullseye only harmless issues and no DSA
--
-xmltooling
+xmltooling (jmm)
Maintainer preparing updates
--
xrdp/oldstable
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/956796437979d389da90370d80e2a83236b022c6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/956796437979d389da90370d80e2a83236b022c6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
