Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 95679643 by Moritz Muehlenhoff at 2023-06-15T09:33:47+02:00 bullseye/bookworm triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -25654,13 +25654,13 @@ CVE-2022-48280 CVE-2023-0412 (TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 a ...) {DLA-3313-1} - wireshark 4.0.3-1 - [bullseye] - wireshark <postponed> (Minor issue, fix along in future update) + [bullseye] - wireshark <no-dsa> (Minor issue) NOTE: https://www.wireshark.org/security/wnpa-sec-2023-07.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18770 CVE-2023-0411 (Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2 and ...) {DLA-3313-1} - wireshark 4.0.3-1 - [bullseye] - wireshark <postponed> (Minor issue, fix along in future update) + [bullseye] - wireshark <no-dsa> (Minor issue) NOTE: https://www.wireshark.org/security/wnpa-sec-2023-06.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18711 NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18720 @@ -25668,12 +25668,12 @@ CVE-2023-0411 (Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0. CVE-2023-0415 (iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 ...) {DLA-3313-1} - wireshark 4.0.3-1 - [bullseye] - wireshark <postponed> (Minor issue, fix along in future update) + [bullseye] - wireshark <no-dsa> (Minor issue) NOTE: https://www.wireshark.org/security/wnpa-sec-2023-05.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18796 CVE-2023-0416 (GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 an ...) - wireshark 4.0.3-1 - [bullseye] - wireshark <postponed> (Minor issue, fix along in future update) + [bullseye] - wireshark <no-dsa> (Minor issue) [buster] - wireshark <not-affected> (Vulnerable code introduced later) NOTE: https://www.wireshark.org/security/wnpa-sec-2023-04.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18779 @@ -25682,18 +25682,18 @@ CVE-2023-0416 (GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6. CVE-2023-0413 (Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 ...) {DLA-3313-1} - wireshark 4.0.3-1 - [bullseye] - wireshark <postponed> (Minor issue, fix along in future update) + [bullseye] - wireshark <no-dsa> (Minor issue) NOTE: https://www.wireshark.org/security/wnpa-sec-2023-03.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18766 CVE-2023-0417 (Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 ...) {DLA-3313-1} - wireshark 4.0.3-1 - [bullseye] - wireshark <postponed> (Minor issue, fix along in future update) + [bullseye] - wireshark <no-dsa> (Minor issue) NOTE: https://www.wireshark.org/security/wnpa-sec-2023-02.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18628 CVE-2023-0414 (Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2 allows denial o ...) - wireshark 4.0.3-1 - [bullseye] - wireshark <postponed> (Minor issue, fix along in future update) + [bullseye] - wireshark <no-dsa> (Minor issue) [buster] - wireshark <not-affected> (Vulnerable code introduced later) NOTE: https://www.wireshark.org/security/wnpa-sec-2023-01.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/18622 ===================================== data/dsa-needed.txt ===================================== @@ -14,7 +14,7 @@ If needed, specify the release by adding a slash after the name of the source pa -- asterisk/oldstable -- -chromium +chromium (jmm) -- cinder/oldstable -- @@ -75,10 +75,10 @@ webkit2gtk -- wpewebkit -- -wireshark - bookworm to 4.0.6, bullseye isolated cherrypick +wireshark/stable (jmm) + bookworm to 4.0.6, bullseye only harmless issues and no DSA -- -xmltooling +xmltooling (jmm) Maintainer preparing updates -- xrdp/oldstable View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/956796437979d389da90370d80e2a83236b022c6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/956796437979d389da90370d80e2a83236b022c6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits