Author: jmm
Date: 2017-12-05 09:18:13 +0000 (Tue, 05 Dec 2017)
New Revision: 58265
Modified:
data/CVE/list
Log:
nasm fixed
further wireshark triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-05 09:10:17 UTC (rev 58264)
+++ data/CVE/list 2017-12-05 09:18:13 UTC (rev 58265)
@@ -11398,7 +11398,7 @@
NOTE: https://github.com/mdadams/jasper/issues/146
NOTE: Possible false-positive, cf.
https://github.com/mdadams/jasper/issues/146#issuecomment-330674648
CVE-2017-14228 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal
address access ...)
- - nasm <unfixed> (unimportant; bug #874731)
+ - nasm 2.13.02-0.1 (unimportant; bug #874731)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392423
NOTE: Crash in CLI tool, no securiy impact
CVE-2017-14227 (In MongoDB libbson 1.7.0, the bson_iter_codewscope function in
...)
@@ -12658,6 +12658,8 @@
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-38.html
CVE-2017-13766 (In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O
dissector could ...)
- wireshark 2.4.1-1
+ [jessie] - wireshark <not-affected> (Vulnerable code not present)
+ [wheezy] - wireshark <not-affected> (Vulnerable code not present)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13847
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2096bc1e5078732543e0a3ee115a2ce520a72bbc
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=af7b093ca528516c14247acb545046199d30843e
@@ -19643,7 +19645,8 @@
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3c7168cc5f044b4da8747d35da0b2b204dabf398
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-13.html
CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go
into a ...)
- - wireshark 2.2.0~rc1+g438c022-1
+ - wireshark 2.2.0~rc1+g438c022-1 (low)
+ [jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=57b83bbbd76f543eb8d108919f13b662910bff9a
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-37.html
@@ -20690,7 +20693,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464686
CVE-2017-11111 (In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote
attackers ...)
{DLA-1041-1}
- - nasm <unfixed> (bug #867988)
+ - nasm 2.13.02-0.1 (bug #867988)
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392415
@@ -21798,7 +21801,7 @@
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1466411
CVE-2017-10686 (In Netwide Assembler (NASM) 2.14rc0, there are multiple heap
use after ...)
{DLA-1041-1}
- - nasm <unfixed> (bug #867988)
+ - nasm 2.13.02-0.1 (bug #867988)
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392414
@@ -30777,6 +30780,7 @@
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581
CVE-2017-7747 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB
dissector ...)
- wireshark 2.2.6+g32dac6a-1
+ [jessie] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2017-18.html
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5cfd52d6629cf8a7ab67c6bacd3431a964f43584
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13559
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
