Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a28bdc03 by Thorsten Alteholz at 2017-12-30T20:09:04+01:00
follow security team with no-dsa for wireshark CVEs
- - - - -
fb814126 by Thorsten Alteholz at 2017-12-30T20:09:30+01:00
Merge branch 'master' of
salsa.debian.org:security-tracker-team/security-tracker
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4,6 +4,7 @@ CVE-2017-17997 (In Wireshark 2.2.11 and before, the MRDISC
dissector misuses a N
- wireshark 2.4.0-1
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14299
NOTE: https://code.wireshark.org/review/#/c/25063/
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=80a695869c9aef2fb473d9361da068022be7cb50
@@ -578,6 +579,7 @@ CVE-2017-17935 (The File_read_line function in
epan/wslua/wslua_file.c in Wiresh
- wireshark <unfixed> (bug #885831)
[stretch] - wireshark <ignored> (Minor issue)
[jessie] - wireshark <ignored> (Minor issue)
+ [wheezy] - wireshark <ignored> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14295
NOTE: https://code.wireshark.org/review/#/c/24997/
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=137ab7d5681486c6d6cc8faac4300b7cd4ec0cf1
@@ -15715,6 +15717,7 @@ CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0
to 2.2.9, the MBIM dissect
- wireshark 2.4.2-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056
NOTE: https://code.wireshark.org/review/23537
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afb9ff7982971aba6e42472de0db4c1bedfc641b
@@ -15723,6 +15726,7 @@ CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0
to 2.2.9, the BT ATT disse
- wireshark 2.4.2-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049
NOTE: https://code.wireshark.org/review/23470
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3689dc1db36037436b1616715f9a3f888fc9a0f6
@@ -15731,6 +15735,7 @@ CVE-2017-15191 (In Wireshark 2.4.0 to 2.4.1, 2.2.0 to
2.2.9, and 2.0.0 to 2.0.15
- wireshark 2.4.2-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068
NOTE: https://code.wireshark.org/review/23591
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8dbb21dfde14221dab09b6b9c7719b9067c1f06e
@@ -15748,6 +15753,7 @@ CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS
dissector could go into
- wireshark 2.4.2-1 (low)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080
NOTE: https://code.wireshark.org/review/23663
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=625bab309d9dd21db2d8ae2aa3511810d32842a8
@@ -19982,6 +19988,7 @@ CVE-2017-13767 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and
2.0.0 to 2.0.14, the MSD
- wireshark 2.4.1-1
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13933
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f18ace2a2683418a9368a8dfd92da6bd8213e15
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-38.html
@@ -19998,6 +20005,7 @@ CVE-2017-13765 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and
2.0.0 to 2.0.14, the IrC
- wireshark 2.4.1-1
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13929
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=94666d4357096fc45e3bcad3d9414a14f0831bc8
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-41.html
@@ -20005,6 +20013,7 @@ CVE-2017-13764 (In Wireshark 2.4.0, the Modbus
dissector could crash with a NULL
- wireshark 2.4.1-1
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13925
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b87ffbd12bddf64582c0a6e082b462744474de94
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-40.html
@@ -27010,6 +27019,7 @@ CVE-2017-11410 (In Wireshark through 2.0.13 and 2.2.x
through 2.2.7, the WBXML .
CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go
into a ...)
- wireshark 2.2.0~rc1+g438c022-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=57b83bbbd76f543eb8d108919f13b662910bff9a
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-37.html
@@ -27027,6 +27037,7 @@ CVE-2017-11407 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0
to 2.0.13, the MQ dissecto
- wireshark 2.4.0-1 (low; bug #870172)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13792
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4e54dae7f0d7840836ee6d5ce1e688f152ab2978
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-35.html
@@ -27034,6 +27045,7 @@ CVE-2017-11406 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0
to 2.0.13, the DOCSIS diss
- wireshark 2.4.0-1 (bug #870172)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13797
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=250216263c3a3f2c651e80d9c6b3dc0adc53dc2c
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-36.html
@@ -31607,6 +31619,7 @@ CVE-2017-9766 (In Wireshark 2.2.7, PROFINET IO data
with a high recursion depth
- wireshark 2.4.0-1 (low; bug #870175)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13811
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d6e888400ba64de3147d1111a4c23edf389b0000
CVE-2017-9765 (Integer overflow in the soap_get function in Genivia gSOAP
2.7.x and ...)
@@ -32190,11 +32203,13 @@ CVE-2017-9617 (In Wireshark 2.2.7, deeply nested DAAP
data may cause stack exhau
- wireshark 2.4.0-1 (low; bug #870174)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13799
CVE-2017-9616 (In Wireshark 2.2.7, overly deep mp4 chunks may cause stack
exhaustion ...)
- wireshark 2.4.0-1 (low; bug #870173)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777
CVE-2017-9615 (Password exposure in Cognito Software Moneyworks 8.0.3 and
earlier ...)
NOT-FOR-US: Cognito Software Moneyworks
@@ -32977,6 +32992,7 @@ CVE-2017-9354 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to
2.0.12, the RGMP dissect
- wireshark 2.2.7-1 (bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-32.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13646
CVE-2017-9353 (In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash.
This was ...)
@@ -32990,12 +33006,14 @@ CVE-2017-9352 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0
to 2.0.12, the Bazaar disse
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-22.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
CVE-2017-9351 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP
dissector ...)
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-24.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13628
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13609
@@ -33003,6 +33021,7 @@ CVE-2017-9350 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to
2.0.12, the openSAFETY .
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-28.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13649
NOTE: When fixing this entry make sure to apply the complete fix and
adding
@@ -33012,6 +33031,7 @@ CVE-2017-9349 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to
2.0.12, the DICOM dissec
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-27.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685
CVE-2017-9348 (In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past
the end ...)
@@ -33032,24 +33052,28 @@ CVE-2017-9346 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0
to 2.0.12, the SoulSeek dis
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-25.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13631
CVE-2017-9345 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS
dissector ...)
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-26.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13633
CVE-2017-9344 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth
L2CAP ...)
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-29.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701
CVE-2017-9343 (In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP
dissector ...)
- wireshark 2.2.7-1 (low; bug #864058)
[stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-30.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725
CVE-2017-9342
@@ -38183,18 +38207,21 @@ CVE-2017-7749
CVE-2017-7748 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP
dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-21.html
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f55cbcde2c8f74b652add4450b0592082eb6acff
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581
CVE-2017-7747 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB
dissector ...)
- wireshark 2.2.6+g32dac6a-1
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-18.html
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5cfd52d6629cf8a7ab67c6bacd3431a964f43584
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13559
CVE-2017-7746 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK
dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-19.html
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=58e69cc769dea24b721abd8a29f9eedc11024b7e
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13576
@@ -38317,12 +38344,14 @@ CVE-2017-7704 (In Wireshark 2.2.0 to 2.2.5, the DOF
dissector could go into an .
CVE-2017-7703 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP
dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-12.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13466
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=671e32820ab29d41d712cc8a472eab9b672684d9
CVE-2017-7702 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML
dissector ...)
- wireshark 2.2.6+g32dac6a-1 (low)
[jessie] - wireshark <no-dsa> (Minor issue)
+ [wheezy] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-13.html
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13477
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2f322f66cbcca2fefdaa630494f9d6c97eb659b7
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/171b745acf2fd5ece217f4c38bdf6cb2e8216415...fb814126b8b02da335d2431721ced8b2922b5712
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/171b745acf2fd5ece217f4c38bdf6cb2e8216415...fb814126b8b02da335d2431721ced8b2922b5712
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
