Author: jmm
Date: 2016-03-13 20:50:25 +0000 (Sun, 13 Mar 2016)
New Revision: 40355
Modified:
data/CVE/list
data/DSA/list
Log:
wireshark DSA
pcre3 no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-13 19:10:46 UTC (rev 40354)
+++ data/CVE/list 2016-03-13 20:50:25 UTC (rev 40355)
@@ -1569,11 +1569,15 @@
NOTE: Affected versions: 2.0.0 to 2.0.1
NOTE: Fixed versions: 2.0.2
CVE-2016-XXXX [ASN.1 BER dissector crash]
+ [jessie] - wireshark 1.12.1+g01b65bf-4+deb8u5
+ [wheezy] - wireshark 1.8.2-5wheezy18
- wireshark 2.0.2+ga16e22e-1
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-15.html
NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
NOTE: Fixed versions: 2.0.2, 1.12.10
CVE-2016-XXXX [GSM A-bis OML dissector crash]
+ [jessie] - wireshark 1.12.1+g01b65bf-4+deb8u5
+ [wheezy] - wireshark 1.8.2-5wheezy18
- wireshark 2.0.2+ga16e22e-1
NOTE: https://www.wireshark.org/security/wnpa-sec-2016-14.html
NOTE: Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
@@ -2504,6 +2508,7 @@
NOTE: https://bugzilla.opensuse.org/show_bug.cgi?id=964548
CVE-2016-XXXX [Stack corruption from crafted pattern]
- pcre3 <unfixed>
+ [jessie] - pcre3 <no-dsa> (Minor issue)
[wheezy] - pcre3 <not-affected> (Vulnerable code not present)
[squeeze] - pcre3 <not-affected> (Vulnerable code not present)
- pcre2 <not-affected> (Vulnerable code not present)
@@ -5681,6 +5686,7 @@
CVE-2015-8728 (The Mobile Identity parser in (1)
epan/dissectors/packet-ansi_a.c in ...)
{DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
+ [wheezy] - wireshark 1.8.2-5wheezy18
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=15edc8d714b11dcff3a04e5d00b8db9adfdb81ed
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11797
@@ -5705,6 +5711,7 @@
CVE-2015-8725 (The dissect_diameter_base_framed_ipv6_prefix function in ...)
{DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
+ [wheezy] - wireshark 1.8.2-5wheezy18
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=aaa28a9d39158ca1033bbd3372cf423abbf4f202
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11792
@@ -5712,6 +5719,7 @@
CVE-2015-8724 (The AirPDcapDecryptWPABroadcastKey function in
epan/crypt/airpdcap.c ...)
{DSA-3505-1}
- wireshark 2.0.1+g59ea380-1 (unimportant)
+ [wheezy] - wireshark 1.8.2-5wheezy18
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83f2818118ae255db949bb3a4b3a26ebd1c5f7c5
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11826
@@ -5720,6 +5728,7 @@
CVE-2015-8723 (The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in
the ...)
{DSA-3505-1}
- wireshark 2.0.1+g59ea380-1
+ [wheezy] - wireshark 1.8.2-5wheezy18
[squeeze] - wireshark <end-of-life> (Not supported in Squeeze LTS)
NOTE:
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0
NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2016-03-13 19:10:46 UTC (rev 40354)
+++ data/DSA/list 2016-03-13 20:50:25 UTC (rev 40355)
@@ -1,3 +1,7 @@
+[13 Mar 2016] DSA-3516-1 wireshark - security update
+ {CVE-2015-8731 CVE-2016-2523 CVE-2016-2530 CVE-2016-2531 CVE-2016-2532}
+ [wheezy] - wireshark 1.8.2-5wheezy18
+ [jessie] - wireshark 1.12.1+g01b65bf-4+deb8u5
[13 Mar 2016] DSA-3515-1 graphite2 - security update
{CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793
CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798
CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802}
[wheezy] - graphite2 1.3.6-1~deb7u1
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
