Author: carnil
Date: 2017-07-30 18:32:33 +0000 (Sun, 30 Jul 2017)
New Revision: 54088
Modified:
data/CVE/list
Log:
Update status CVE-2017-11409 for wireshark
The status is not fully correct. Upstream has changed the function
lc_gprs_dissect_xid in 2.1.0 (Widen length and offset variables). Track
the entry as fixed with the first unstable upload after the 2.0.x series
and after any 2.1.0 release as fixed.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-30 18:16:00 UTC (rev 54087)
+++ data/CVE/list 2017-07-30 18:32:33 UTC (rev 54088)
@@ -921,10 +921,13 @@
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3c7168cc5f044b4da8747d35da0b2b204dabf398
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-13.html
CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go
into a ...)
- - wireshark <unfixed>
+ - wireshark 2.2.0~rc1+g438c022-1
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=57b83bbbd76f543eb8d108919f13b662910bff9a
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-37.html
+ NOTE: Technically the 2.2.0~rc1+g438c022-1 is just the first version in
unstable
+ NOTE: after 2.1.0 from upstream. Upstream changed the types in
llc_gprs_dissect_xid
+ NOTE: in version 2.1.0.
CVE-2017-11408 (In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP
dissector ...)
- wireshark <unfixed>
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13780
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
