|Summary:||<net-analyzer/wireshark-3.2.3: The BACapp dissector could crash (CVE-2020-11647)|
|Product:||Gentoo Security||Reporter:||Jeroen Roovers (RETIRED) <jer>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Whiteboard:||B3 [glsa+ cve]|
|Runtime testing required:||---|
|Bug Depends on:||724132, 730414|
Description Jeroen Roovers (RETIRED) 2020-04-09 06:38:10 UTC
Bug Fixes The following vulnerabilities have been fixed: • wnpa-sec-2020-07 The BACapp dissector could crash. Bug 16474. CVE-2020-11647.
Comment 1 Larry the Git Cow 2020-04-09 06:39:44 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=037d0a5b3137fe73d7b25ea53aee56a61619defa commit 037d0a5b3137fe73d7b25ea53aee56a61619defa Author: Jeroen Roovers <email@example.com> AuthorDate: 2020-04-09 06:39:20 +0000 Commit: Jeroen Roovers <firstname.lastname@example.org> CommitDate: 2020-04-09 06:39:40 +0000 net-analyzer/wireshark: Version 3.2.3 Package-Manager: Portage-2.3.97, Repoman-2.3.22 Bug: https://bugs.gentoo.org/716756 Signed-off-by: Jeroen Roovers <email@example.com> net-analyzer/wireshark/Manifest | 1 + net-analyzer/wireshark/wireshark-3.2.3.ebuild | 249 ++++++++++++++++++++++++++ 2 files changed, 250 insertions(+)
Comment 2 Agostino Sarubbo 2020-04-13 15:52:10 UTC
This is an automatic message. @maintainer(s): I'm getting test-failure(s) (that were already reported) on amd64. If you want the package to pass my CI environment and got stabilized, please carry out the necessary operations to make sure that src_test() won't fail. Thanks.
Comment 3 Thomas Deutschmann 2020-04-26 23:49:05 UTC
Comment 4 Sam James 2020-05-02 02:29:32 UTC
(In reply to Agostino Sarubbo from comment #2) > @maintainer(s): > I'm getting test-failure(s) (that were already reported) on amd64. If you > want the package to pass my CI environment and got stabilized, please carry > out the necessary operations to make sure that src_test() won't fail. > Thanks. I've added a blocker on
Comment 5 Sam James 2020-05-02 02:29:47 UTC
(In reply to Sam James (sec padawan) from comment #4) ignore this
Comment 7 NATTkA bot 2020-05-19 21:24:56 UTC
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
Comment 8 NATTkA bot 2020-06-22 13:44:47 UTC
Unable to check for sanity: > no match for package: =net-analyzer/wireshark-3.2.3