thr3ads.net - Secure testing commits - [Secure-testing-commits] r17226

If this information is useful, please help other people find it:
Share via:

Moritz Muehlenhoff

2011-Sep-13 08:44 UTC

[Secure-testing-commits] r17226 - data/CVE

Author: jmm
Date: 2011-09-13 08:44:06 +0000 (Tue, 13 Sep 2011)
New Revision: 17226

Modified:
   data/CVE/list
Log:
new wireshark issues
new chrome issues



Modified: data/CVE/list
==================================================================---
data/CVE/list	2011-09-13 02:33:20 UTC (rev 17225)
+++ data/CVE/list	2011-09-13 08:44:06 UTC (rev 17226)
@@ -1,9 +1,29 @@
+CVE-2011-XXXX [Wireshark CSN.1 dissector vulnerability]
+	- wireshark <unfixed>
+	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-16.html
+CVE-2011-XXXX [Wireshark Lua script execution vulnerability]
+	- wireshark <unfixed> (low)
+	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-15.html
+CVE-2011-XXXX [Wireshark buffer exception handling vulnerability]
+	- wireshark <unfixed>
+	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-14.html
+CVE-2011-XXXX [Wireshark OpenSafety dissector vulnerability]
+	- wireshark <unfixed>
+	[squeeze] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	[lenny] - wireshark <not-affected> (Affects only 1.6.0 and 1.6.1)
+	NOTE: http://www.wireshark.org/security/wnpa-sec-2011-12.html
 CVE-2011-3422 (The Keychain implementation in Apple Mac OS X 10.6.8 and earlier
does ...)
 	TODO: check
 CVE-2011-3421 (Multiple unspecified vulnerabilities in Google Chrome before
...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3420 (Multiple unspecified vulnerabilities in Google Chrome before
...)
-	TODO: check
+	- chromium-browser <unfixed>
+	- webkit <undetermined>
 CVE-2011-3419
 	RESERVED
 CVE-2011-3418
@@ -366,7 +386,7 @@
 CVE-2011-3267 (PHP before 5.3.7 does not properly implement the error_log
function, ...)
 	- php5 <undetermined>
 CVE-2011-3266 (The proto_tree_add_item function in Wireshark 1.6.1, when the
IKEv1 ...)
-	- wireshark 1.6.1-1 (unimportant)
+	- wireshark 1.6.2-1 (unimportant)
 	NOTE: no code injection, not treated as a security issue, see
README.Debian.security
 CVE-2010-4830 (SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in
Techno ...)
 	NOT-FOR-US: Techno Dreams (T-Dreams) Job Career Package

Secure testing commits - Sep 2011 - r17226 - data/CVE

[Secure-testing-commits] r17226 - data/CVE