Author: jmm Date: 2017-12-05 09:18:13 +0000 (Tue, 05 Dec 2017) New Revision: 58265
Modified: data/CVE/list Log: nasm fixed further wireshark triage Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-12-05 09:10:17 UTC (rev 58264) +++ data/CVE/list 2017-12-05 09:18:13 UTC (rev 58265) @@ -11398,7 +11398,7 @@ NOTE: https://github.com/mdadams/jasper/issues/146 NOTE: Possible false-positive, cf. https://github.com/mdadams/jasper/issues/146#issuecomment-330674648 CVE-2017-14228 (In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access ...) - - nasm <unfixed> (unimportant; bug #874731) + - nasm 2.13.02-0.1 (unimportant; bug #874731) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392423 NOTE: Crash in CLI tool, no securiy impact CVE-2017-14227 (In MongoDB libbson 1.7.0, the bson_iter_codewscope function in ...) @@ -12658,6 +12658,8 @@ NOTE: https://www.wireshark.org/security/wnpa-sec-2017-38.html CVE-2017-13766 (In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could ...) - wireshark 2.4.1-1 + [jessie] - wireshark <not-affected> (Vulnerable code not present) + [wheezy] - wireshark <not-affected> (Vulnerable code not present) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13847 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2096bc1e5078732543e0a3ee115a2ce520a72bbc NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=af7b093ca528516c14247acb545046199d30843e @@ -19643,7 +19645,8 @@ NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3c7168cc5f044b4da8747d35da0b2b204dabf398 NOTE: https://www.wireshark.org/security/wnpa-sec-2017-13.html CVE-2017-11409 (In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a ...) - - wireshark 2.2.0~rc1+g438c022-1 + - wireshark 2.2.0~rc1+g438c022-1 (low) + [jessie] - wireshark <no-dsa> (Minor issue) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13603 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=57b83bbbd76f543eb8d108919f13b662910bff9a NOTE: https://www.wireshark.org/security/wnpa-sec-2017-37.html @@ -20690,7 +20693,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1464686 CVE-2017-11111 (In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers ...) {DLA-1041-1} - - nasm <unfixed> (bug #867988) + - nasm 2.13.02-0.1 (bug #867988) [stretch] - nasm <no-dsa> (Minor issue) [jessie] - nasm <no-dsa> (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392415 @@ -21798,7 +21801,7 @@ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1466411 CVE-2017-10686 (In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after ...) {DLA-1041-1} - - nasm <unfixed> (bug #867988) + - nasm 2.13.02-0.1 (bug #867988) [stretch] - nasm <no-dsa> (Minor issue) [jessie] - nasm <no-dsa> (Minor issue) NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392414 @@ -30777,6 +30780,7 @@ NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581 CVE-2017-7747 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector ...) - wireshark 2.2.6+g32dac6a-1 + [jessie] - wireshark <no-dsa> (Minor issue) NOTE: https://www.wireshark.org/security/wnpa-sec-2017-18.html NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5cfd52d6629cf8a7ab67c6bacd3431a964f43584 NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13559 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits