Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2020806c by Adrian Bunk at 2021-12-26T16:06:02+02:00
Update wireshark CVE info
- CVE-2021-39920: buster and stretch are not affected
- CVE-2021-39923: correct NOTES (information was for CVE-2021-39920)
- CVE-2021-39926: buster and stretch are not affected
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18503,6 +18503,7 @@ CVE-2021-39926 (Buffer overflow in the Bluetooth
HCI_ISO dissector in Wireshark
{DSA-5019-1}
- wireshark 3.6.0-1
[buster] - wireshark <not-affected> (Vulnerable code not present)
+ [stretch] - wireshark <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17649
NOTE: https://www.wireshark.org/security/wnpa-sec-2021-08.html
CVE-2021-39925 (Buffer overflow in the Bluetooth SDP dissector in Wireshark
3.4.0 to 3 ...)
@@ -18521,8 +18522,8 @@ CVE-2021-39923 (Large loop in the PNRP dissector in
Wireshark 3.4.0 to 3.4.9 and
{DSA-5019-1}
- wireshark 3.6.0-1
[buster] - wireshark <no-dsa> (Minor issue)
- NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17705
- NOTE: https://www.wireshark.org/security/wnpa-sec-2021-15.html
+ NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17684
+ NOTE: https://www.wireshark.org/security/wnpa-sec-2021-11.html
CVE-2021-39922 (Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to
3.4.9 an ...)
{DSA-5019-1}
- wireshark 3.6.0-1
@@ -18538,7 +18539,8 @@ CVE-2021-39921 (NULL pointer exception in the Modbus
dissector in Wireshark 3.4.
CVE-2021-39920 (NULL pointer exception in the IPPUSB dissector in Wireshark
3.4.0 to 3 ...)
{DSA-5019-1}
- wireshark 3.6.0-1
- [buster] - wireshark <no-dsa> (Minor issue)
+ [buster] - wireshark <not-affected> (IPPUSB dissector added in 3.4)
+ [stretch] - wireshark <not-affected> (IPPUSB dissector added in 3.4)
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17705
NOTE: https://www.wireshark.org/security/wnpa-sec-2021-15.html
CVE-2021-39919 (In all versions of GitLab CE/EE starting version 14.0 before
14.3.6, a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2020806c4867926e832b5927cba4d09c2386ff48
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2020806c4867926e832b5927cba4d09c2386ff48
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
