Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: 39a6b3cb by Thorsten Alteholz at 2018-12-28T18:40:14Z change status of CVE-2017-13764 - - - - - f2cb315a by Thorsten Alteholz at 2018-12-28T18:40:15Z change status of CVE-2017-15189 - - - - - e2ef8618 by Thorsten Alteholz at 2018-12-28T18:40:16Z change status of CVE-2017-15192 - - - - - 514794b2 by Thorsten Alteholz at 2018-12-28T18:40:17Z change status of CVE-2017-15193 - - - - - ce3ca43b by Thorsten Alteholz at 2018-12-28T18:40:18Z change status of CVE-2018-9257 - - - - - 9ccc3c71 by Thorsten Alteholz at 2018-12-28T18:40:18Z change status of CVE-2018-7421 - - - - - e05408ef by Thorsten Alteholz at 2018-12-28T18:40:19Z change status of CVE-2017-7748 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -36108,8 +36108,8 @@ CVE-2018-9258 (In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This NOTE: https://www.wireshark.org/security/wnpa-sec-2018-21.html CVE-2018-9257 (In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an ...) - wireshark 2.4.6-1 (low) - [jessie] - wireshark <no-dsa> (Minor issue) - [wheezy] - wireshark <no-dsa> (Minor issue) + [jessie] - wireshark <not-affected> (Vulnerable code not present) + [wheezy] - wireshark <not-affected> (Vulnerable code not present) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14530 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d7a9501b0439a5dbf24016a95b4896170d789dc2 NOTE: https://www.wireshark.org/security/wnpa-sec-2018-22.html @@ -41068,8 +41068,8 @@ CVE-2018-7422 (A Local File Inclusion vulnerability in the Site Editor plugin th NOT-FOR-US: Site Editor plugin for WordPress CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector ...) - wireshark 2.4.5-1 (low) - [jessie] - wireshark <no-dsa> (Minor issue) - [wheezy] - wireshark <no-dsa> (Minor issue) + [jessie] - wireshark <not-affected> (Vulnerable code introduced later) + [wheezy] - wireshark <not-affected> (Vulnerable code introduced later) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901 @@ -69095,16 +69095,16 @@ CVE-2017-15195 (In Kanboard before 1.0.47, by altering form data, an authenticat - kanboard <itp> (bug #790814) CVE-2017-15193 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector ...) - wireshark 2.4.2-1 (low) - [jessie] - wireshark <no-dsa> (Minor issue) - [wheezy] - wireshark <no-dsa> (Minor issue) + [jessie] - wireshark <not-affected> (Vulnerable code not present) + [wheezy] - wireshark <not-affected> (Vulnerable code not present) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14056 NOTE: https://code.wireshark.org/review/23537 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=afb9ff7982971aba6e42472de0db4c1bedfc641b NOTE: https://www.wireshark.org/security/wnpa-sec-2017-43.html CVE-2017-15192 (In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector ...) - wireshark 2.4.2-1 (low) - [jessie] - wireshark <no-dsa> (Minor issue) - [wheezy] - wireshark <no-dsa> (Minor issue) + [jessie] - wireshark <not-affected> (Vulnerable code introduced in version 1.99) + [wheezy] - wireshark <not-affected> (Vulnerable code introduced in version 1.99) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14049 NOTE: https://code.wireshark.org/review/23470 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3689dc1db36037436b1616715f9a3f888fc9a0f6 @@ -69128,7 +69128,7 @@ CVE-2017-15190 (In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. Thi NOTE: https://www.wireshark.org/security/wnpa-sec-2017-45.html CVE-2017-15189 (In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an ...) - wireshark 2.4.2-1 (low) - [jessie] - wireshark <no-dsa> (Minor issue) + [jessie] - wireshark <not-affected> (vulnerable code not present) [wheezy] - wireshark <no-dsa> (Minor issue) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14080 NOTE: https://code.wireshark.org/review/23663 @@ -73505,7 +73505,7 @@ CVE-2017-13765 (In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrC NOTE: https://www.wireshark.org/security/wnpa-sec-2017-41.html CVE-2017-13764 (In Wireshark 2.4.0, the Modbus dissector could crash with a NULL ...) - wireshark 2.4.1-1 - [jessie] - wireshark <no-dsa> (Minor issue) + [jessie] - wireshark <no-affected> (vulnerable request not implemented) [wheezy] - wireshark <no-dsa> (Minor issue) NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13925 NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b87ffbd12bddf64582c0a6e082b462744474de94 @@ -91885,8 +91885,8 @@ CVE-2017-7749 (A use-after-free vulnerability when using an incorrect URL during NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7749 CVE-2017-7748 (In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector ...) - wireshark 2.2.6+g32dac6a-1 (low) - [jessie] - wireshark <no-dsa> (Minor issue) - [wheezy] - wireshark <no-dsa> (Minor issue) + [jessie] - wireshark <not-affected> (Vulnerable code introduced later) + [wheezy] - wireshark <not-affected> (Vulnerable code introduced later) NOTE: https://www.wireshark.org/security/wnpa-sec-2017-21.html NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f55cbcde2c8f74b652add4450b0592082eb6acff NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13581 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b50f94aaeea6bf56f3f35e4a5ec23dace7b29e5c...e05408ef0cb9eaa27ed90bc8b7672b149003d9a2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b50f94aaeea6bf56f3f35e4a5ec23dace7b29e5c...e05408ef0cb9eaa27ed90bc8b7672b149003d9a2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits