[Git][security-tracker-team/security-tracker][master] CVE-2017-{15189, 13764}: wheezy not-affected

Thu, 30 May 2019 00:00:04 -0700 


Hugo Lefeuvre pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1ba98dfb by Hugo Lefeuvre at 2019-05-30T06:58:46Z
CVE-2017-{15189, 13764}: wheezy not-affected

Vulnerable code not present in 1.12.1+g01b65bf-4+deb8u6~deb7u17.

(also, wheezy and jessie share identical code base, they only have a
slightly different Debian specific patchset)

This is old triage, but still relevant for the ELTS initiative.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -93144,11 +93144,12 @@ CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP 
dissector could crash. Thi
 CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go 
into an inf ...)
        - wireshark 2.4.2-1 (low)
        [jessie] - wireshark <not-affected> (vulnerable code not present)
-       [wheezy] - wireshark <no-dsa> (Minor issue)
+       [wheezy] - wireshark <not-affected> (vulnerable code not present)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080
        NOTE: https://code.wireshark.org/review/23663
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=625bab309d9dd21db2d8ae2aa3511810d32842a8
        NOTE: https://www.wireshark.org/security/wnpa-sec-2017-46.html
+       NOTE: vulnerable introduced in 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3e1828e35188e1
 CVE-2017-15188 (A persistent (stored) XSS vulnerability in the EyesOfNetwork 
web inter ...)
        NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-15187
@@ -97502,7 +97503,7 @@ CVE-2017-13765 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 
2.0.0 to 2.0.14, the IrC
 CVE-2017-13764 (In Wireshark 2.4.0, the Modbus dissector could crash with a 
NULL point ...)
        - wireshark 2.4.1-1
        [jessie] - wireshark <not-affected> (vulnerable request not implemented)
-       [wheezy] - wireshark <no-dsa> (Minor issue)
+       [wheezy] - wireshark <not-affected> (vulnerable request not implemented)
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13925
        NOTE: 
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b87ffbd12bddf64582c0a6e082b462744474de94
        NOTE: https://www.wireshark.org/security/wnpa-sec-2017-40.html



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ba98dfb1869c659709392bad4a1946003f9fbb0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1ba98dfb1869c659709392bad4a1946003f9fbb0
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to