Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
517e55b6 by Adrian Bunk at 2020-10-31T22:31:31+02:00
Reserve DLA-2423-1 for wireshark
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -90298,7 +90298,6 @@ CVE-2019-12296
RESERVED
CVE-2019-12295 (In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to
2.4.14, the ...)
- wireshark 2.6.8-1.1 (low; bug #929446)
- [stretch] - wireshark <no-dsa> (Minor issue)
[jessie] - wireshark <postponed> (Minor, can be fixed along in a future
update)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7b6e197da4c497e229ed3ebf6952bae5c426a820
@@ -94298,7 +94297,6 @@ CVE-2019-10904 (Roundup 1.6 allows XSS via the URI
because frontends/roundup.cgi
CVE-2019-10903 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the
DCERPC SP ...)
{DLA-1802-1}
- wireshark 2.6.8-1 (low; bug #926718)
- [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x
release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15568
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=eafdcfa4b6d5187a5326442a82608ab03d9dddcb
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-18.html
@@ -94312,7 +94310,6 @@ CVE-2019-10902 (In Wireshark 3.0.0, the TSDNS dissector
could crash. This was ad
CVE-2019-10901 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the
LDSS diss ...)
{DLA-1802-1}
- wireshark 2.6.8-1 (low; bug #926718)
- [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x
release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15620
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cf801a25074f76dc3ae62d8ec53ace75f56ce2cd
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-17.html
@@ -94324,7 +94321,6 @@ CVE-2019-10900 (In Wireshark 3.0.0, the Rbm dissector
could go into an infinite
CVE-2019-10899 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the
SRVLOC di ...)
{DLA-1802-1}
- wireshark 2.6.8-1 (low; bug #926718)
- [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x
release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15546
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b16fea2f175a3297edac118c8844c7987d31c1cb
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-10.html
@@ -94340,7 +94336,6 @@ CVE-2019-10897 (In Wireshark 3.0.0, the IEEE 802.11
dissector could go into an i
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-11.html
CVE-2019-10896 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the
DOF disse ...)
- wireshark 2.6.8-1 (low; bug #926718)
- [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x
release)
[jessie] - wireshark <not-affected> (vulnerable code is not present)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15617
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=441b6d9071d6341e58dfe10719375489c5b8e3f0
@@ -94348,7 +94343,6 @@ CVE-2019-10896 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to
2.6.7, and 3.0.0, the DOF
CVE-2019-10895 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the
NetScaler ...)
{DLA-1802-1}
- wireshark 2.6.8-1 (low; bug #926718)
- [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x
release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15497
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2fbbde780e5d5d82e31dca656217daf278cf62bb
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=38680c4c69f9f4e0f39e29b66fe2b02d88eb629d
@@ -94358,7 +94352,6 @@ CVE-2019-10895 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to
2.6.7, and 3.0.0, the Net
CVE-2019-10894 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the
GSS-API d ...)
{DLA-1802-1}
- wireshark 2.6.8-1 (low; bug #926718)
- [stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x
release)
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15613
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b20e5d8aae2580e29c83ddaf0b6b2e640603e4aa
NOTE: https://www.wireshark.org/security/wnpa-sec-2019-14.html
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[31 Oct 2020] DLA-2423-1 wireshark - security update
+ {CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10899
CVE-2019-10901 CVE-2019-10903 CVE-2019-12295}
+ [stretch] - wireshark 2.6.8-1.1~deb9u1
[31 Oct 2020] DLA-2422-1 qtsvg-opensource-src - security update
{CVE-2018-19869}
[stretch] - qtsvg-opensource-src 5.7.1~20161021-2.1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/517e55b6769b5a6d1e99e0ea9ee3b45523616f25
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/517e55b6769b5a6d1e99e0ea9ee3b45523616f25
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
