[Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream issue reference for CVE-2018-19519/tcpdump

Thu, 03 Oct 2019 14:44:33 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
940d928d by Salvatore Bonaccorso at 2019-10-03T21:41:40Z
Add upstream issue reference for CVE-2018-19519/tcpdump

- - - - -
27a22b1b by Salvatore Bonaccorso at 2019-10-03T21:42:42Z
Add Debian bug reference for CVE-2018-16301 and CVE-2019-15165

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5278,7 +5278,7 @@ CVE-2019-15166 (lmp_print_data_link_subobjs() in 
print-lmp.c in tcpdump before 4
        - tcpdump <unfixed>
        NOTE: 
https://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4
 CVE-2019-15165 (sf-pcapng.c in libpcap before 1.9.1 does not properly validate 
the PHB ...)
-       - libpcap <unfixed>
+       - libpcap <unfixed> (bug #941697)
        NOTE: 
https://github.com/the-tcpdump-group/libpcap/commit/87d6bef033062f969e70fa40c43dfd945d5a20ab
        NOTE: 
https://github.com/the-tcpdump-group/libpcap/commit/a5a36d9e82dde7265e38fe1f87b7f11c461c29f6
 CVE-2019-15164 (rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a 
URL may  ...)
@@ -48461,6 +48461,7 @@ CVE-2018-19520 (An issue was discovered in SDCMS 1.6 
with PHP 5.x. app/admin/con
        NOT-FOR-US: SDCMS
 CVE-2018-19519 (In tcpdump 4.9.2, a stack-based buffer over-read exists in the 
print_p ...)
        - tcpdump <unfixed> (unimportant)
+       NOTE: https://github.com/the-tcpdump-group/tcpdump/issues/763
        NOTE: https://github.com/zyingp/temp/blob/master/tcpdump.md
        NOTE: Crash in CLI tool, no security impact
 CVE-2018-19516
@@ -57451,7 +57452,7 @@ CVE-2018-16303 (PDF-XChange Editor through 7.0.326.1 
allows remote attackers to
 CVE-2018-16302 (MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a 
crafted fil ...)
        NOT-FOR-US: MediaComm Zip-n-Go
 CVE-2018-16301 (libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a 
buffer ov ...)
-       - libpcap <unfixed>
+       - libpcap <unfixed> (bug #941697)
        TODO: check for fixing commit, is adressed in libpcap 1.9.1
 CVE-2018-16300 (The BGP parser in tcpdump before 4.9.3 allows stack 
consumption in pri ...)
        - tcpdump <unfixed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/e48ce603e7cd433f0e7ee7eb4abdff5bb6fb874b...27a22b1bfe5c1c56441c0f2bbf813cdfaaad40a5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/e48ce603e7cd433f0e7ee7eb4abdff5bb6fb874b...27a22b1bfe5c1c56441c0f2bbf813cdfaaad40a5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to