[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-15475 as not-affected for Stretch

Thorsten Alteholz Wed, 26 Aug 2020 07:25:12 -0700


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9d3ea949 by Thorsten Alteholz at 2020-08-26T15:55:02+02:00
mark CVE-2020-15475 as not-affected for Stretch

- - - - -
96feec0e by Thorsten Alteholz at 2020-08-26T16:12:07+02:00
mark CVE-2020-15472 as not-affected for Stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18905,6 +18905,7 @@ CVE-2020-15476 (In nDPI through 3.2, the Oracle 
protocol dissector has a heap-ba
        NOTE: 
https://github.com/ntop/nDPI/commit/b69177be2fbe01c2442239a61832c44e40136c05
 CVE-2020-15475 (In nDPI through 3.2, ndpi_reset_packet_line_info in 
lib/ndpi_main.c om ...)
        - ndpi <unfixed>
+       [stretch] - ndpi <not-affected> (Vulnerable code not present, 
content_disposition_line introduced later)
        NOTE: 
https://github.com/ntop/nDPI/commit/6a9f5e4f7c3fd5ddab3e6727b071904d76773952
 CVE-2020-15474 (In nDPI through 3.2, there is a stack overflow in 
extractRDNSequence i ...)
        - ndpi <unfixed>
@@ -18917,6 +18918,7 @@ CVE-2020-15473 (In nDPI through 3.2, the OpenVPN 
dissector is vulnerable to a he
        NOTE: 
https://github.com/ntop/nDPI/commit/8e7b1ea7a136cc4e4aa9880072ec2d69900a825e
 CVE-2020-15472 (In nDPI through 3.2, the H.323 dissector is vulnerable to a 
heap-based ...)
        - ndpi <unfixed>
+       [stretch] - ndpi <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://github.com/ntop/nDPI/commit/b7e666e465f138ae48ab81976726e67deed12701
 CVE-2020-15471 (In nDPI through 3.2, the packet parsing code is vulnerable to 
a heap-b ...)
        - ndpi <unfixed>



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bec53706b2aabfdd29654dfe92ce4f0a7ef8cd16...96feec0e8c67d517a029fb98a75b13c13489b1ca

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bec53706b2aabfdd29654dfe92ce4f0a7ef8cd16...96feec0e8c67d517a029fb98a75b13c13489b1ca
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-15475 as not-affected for Stretch

Reply via email to