[Secure-testing-commits] r21552 - data/CVE

Fri, 08 Mar 2013 05:32:16 -0800 

Author: jmm
Date: 2013-03-08 13:32:00 +0000 (Fri, 08 Mar 2013)
New Revision: 21552

Modified:
   data/CVE/list
Log:
mark wiresharks not suitable for code injection as unimportant


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-03-08 08:07:51 UTC (rev 21551)
+++ data/CVE/list       2013-03-08 13:32:00 UTC (rev 21552)
@@ -15,74 +15,74 @@
        TODO: squeeze version 1.2.x affected also?
 CVE-2013-2487 [RELOAD dissector infinite loop]
        RESERVED
-       - wireshark <unfixed>
+       - wireshark <unfixed> (unimportant)
        [squeeze] - wireshark <not-affected> (only 1.8.x series)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-21.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
        NOTE: Versions affected: 1.8.0 to 1.8.5
+       NOTE: Not suitable for code injection
 CVE-2013-2486 [RELOAD dissector infinite loop]
        RESERVED
-       - wireshark <unfixed>
+       - wireshark <unfixed> (unimportant)
        [squeeze] - wireshark <not-affected> (only 1.8.x series)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-21.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8364
        NOTE: Versions affected: 1.8.0 to 1.8.5
+       NOTE: Not suitable for code injection
 CVE-2013-2485 [CSP dissector infinite loop]
        RESERVED
-       - wireshark <unfixed>
+       - wireshark <unfixed> (unimportant)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-20.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8359
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-       TODO: squeeze version 1.2.x affected also?
+       NOTE: Not suitable for code injection
 CVE-2013-2484 [CIMD dissector crash]
        RESERVED
        - wireshark <unfixed>
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-19.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8346
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-       TODO: squeeze version 1.2.x affected also?
 CVE-2013-2483 [ACN dissector divide by zero]
        RESERVED
-       - wireshark <unfixed>
+       - wireshark <unfixed> (unimportant)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-18.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8340
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-       TODO: squeeze version 1.2.x affected also?
+       NOTE: Not suitable for code injection
 CVE-2013-2482 [AMPQ dissector infinite loop]
        RESERVED
-       - wireshark <unfixed>
+       - wireshark <unfixed> (unimportant)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-17.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8337
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-       TODO: squeeze version 1.2.x affected also?
+       NOTE: Not suitable for code injection
 CVE-2013-2481 [Mount dissector crash]
        RESERVED
-       - wireshark <unfixed>
+       - wireshark <unfixed> (unimportant)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-16.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-       TODO: squeeze version 1.2.x affected also?
+       NOTE: Not suitable for code injection
 CVE-2013-2480 [RTPS and RTPS2 dissector crash]
        RESERVED
        - wireshark <unfixed>
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-15.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8332
        NOTE: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 1.6.13
-       TODO: squeeze version 1.2.x affected also?
 CVE-2013-2479 [MPLS Echo dissector infinite loop]
        RESERVED
-       - wireshark <unfixed>
+       - wireshark <unfixed> (unimportant)
        [squeeze] - wireshark <not-affected> (only affecting 1.8.x)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-14.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8039
        NOTE: Versions affected: 1.8.0 to 1.8.5
+       NOTE: Not suitable for code injection
 CVE-2013-2478 [MS-MMS dissector crash]
        RESERVED
        - wireshark <unfixed>
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-13.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382
        NOTE: announce mentions: Versions affected: 1.8.0 to 1.8.5, 1.6.0 to 
1.6.13
-       TODO: squeeze 1.2.x affected? 
 CVE-2013-2477 [CSN.1 dissector crash]
        RESERVED
        - wireshark <unfixed>
@@ -92,11 +92,12 @@
        NOTE: Versions affected: 1.8.0 to 1.8.5
 CVE-2013-2476 [The HART/IP dissectory could go into an infinite loop]
        RESERVED
-       - wireshark <unfixed>
+       - wireshark <unfixed> (unimportant)
        [squeeze] - wireshark <not-affected> (only affecting 1.8.x)
        NOTE: http://www.wireshark.org/security/wnpa-sec-2013-11.html
        NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8360
        NOTE: Versions affected: 1.8.0 to 1.8.5
+       NOTE: Not suitable for code injection
 CVE-2013-2475 [TCP dissector crash]
        RESERVED
        - wireshark <unfixed>


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to