Summary: | <net-analyzer/wireshark-3.2.3: The BACapp dissector could crash (CVE-2020-11647) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | netmon |
Priority: | Normal | Flags: | nattka:
sanity-check-
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.wireshark.org/lists/wireshark-announce/202004/msg00000.html | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=673486 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: |
=net-analyzer/wireshark-3.2.3
|
Runtime testing required: | --- |
Bug Depends on: | 724132, 730414 | ||
Bug Blocks: |
Description
Jeroen Roovers (RETIRED)
2020-04-09 06:38:10 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=037d0a5b3137fe73d7b25ea53aee56a61619defa commit 037d0a5b3137fe73d7b25ea53aee56a61619defa Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-04-09 06:39:20 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-04-09 06:39:40 +0000 net-analyzer/wireshark: Version 3.2.3 Package-Manager: Portage-2.3.97, Repoman-2.3.22 Bug: https://bugs.gentoo.org/716756 Signed-off-by: Jeroen Roovers <jer@gentoo.org> net-analyzer/wireshark/Manifest | 1 + net-analyzer/wireshark/wireshark-3.2.3.ebuild | 249 ++++++++++++++++++++++++++ 2 files changed, 250 insertions(+) This is an automatic message. @maintainer(s): I'm getting test-failure(s) (that were already reported) on amd64. If you want the package to pass my CI environment and got stabilized, please carry out the necessary operations to make sure that src_test() won't fail. Thanks. x86 stable (In reply to Agostino Sarubbo from comment #2) > @maintainer(s): > I'm getting test-failure(s) (that were already reported) on amd64. If you > want the package to pass my CI environment and got stabilized, please carry > out the necessary operations to make sure that src_test() won't fail. > Thanks. I've added a blocker on (In reply to Sam James (sec padawan) from comment #4) ignore this un-CCing arches in favour of bug 724132 Resetting sanity check; keywords are not fully specified and arches are not CC-ed. Unable to check for sanity:
> no match for package: =net-analyzer/wireshark-3.2.3
This issue was resolved and addressed in GLSA 202007-13 at https://security.gentoo.org/glsa/202007-13 by GLSA coordinator Sam James (sam_c). |