Summary: | <net-analyzer/wireshark-3.4.4: User-assisted code execution (CVE-2021-22191) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | bman, sam, zlogene |
Priority: | Normal | Flags: | nattka:
sanity-check-
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.wireshark.org/security/wnpa-sec-2021-03 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: |
net-analyzer/wireshark-3.4.4
|
Runtime testing required: | --- |
Description
Sam James
2021-03-11 01:22:55 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6663bd4120a2d12007ed0c20a5a02f94277d9f1 commit d6663bd4120a2d12007ed0c20a5a02f94277d9f1 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-03-11 03:56:14 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-03-11 03:56:25 +0000 net-analyzer/wireshark: add 3.4.4 Bug: https://bugs.gentoo.org/775323 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 1 + net-analyzer/wireshark/wireshark-3.4.4.ebuild | 273 ++++++++++++++++++++++++++ 2 files changed, 274 insertions(+) I suppose you mean to stable 3.4.4 as the fixed version? ppc64 done (In reply to John Helmert III from comment #2) > I suppose you mean to stable 3.4.4 as the fixed version? yes amd64 done x86 done The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=46bf94892853f4226f3007331f135184d353487a commit 46bf94892853f4226f3007331f135184d353487a Author: Sam James <sam@gentoo.org> AuthorDate: 2021-03-25 23:21:48 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-03-25 23:21:50 +0000 net-analyzer/wireshark: drop 3.4.3 (security cleanup) Closes: https://bugs.gentoo.org/775323 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 1 - net-analyzer/wireshark/wireshark-3.4.3.ebuild | 273 -------------------------- 2 files changed, 274 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=87e76517dd8370cc8e0b6e74f2b72b41d704b67f commit 87e76517dd8370cc8e0b6e74f2b72b41d704b67f Author: Sam James <sam@gentoo.org> AuthorDate: 2021-03-25 23:23:05 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-03-25 23:23:21 +0000 Revert "net-analyzer/wireshark: drop 3.4.3 (security cleanup)" This reverts commit 46bf94892853f4226f3007331f135184d353487a. Got too excited there... Bug: https://bugs.gentoo.org/775323 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 1 + net-analyzer/wireshark/wireshark-3.4.3.ebuild | 273 ++++++++++++++++++++++++++ 2 files changed, 274 insertions(+) arm64 done arm done all arches done Needs cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d6a3d8876a75d86ad50abdea987166a023a273d0 commit d6a3d8876a75d86ad50abdea987166a023a273d0 Author: Sam James <sam@gentoo.org> AuthorDate: 2021-06-02 20:03:40 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2021-06-02 20:04:00 +0000 net-analyzer/wireshark: drop 3.4.3, 3.4.4 Bug: https://bugs.gentoo.org/775323 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 3 - net-analyzer/wireshark/wireshark-3.4.3.ebuild | 273 ------------------------- net-analyzer/wireshark/wireshark-3.4.4.ebuild | 282 -------------------------- 3 files changed, 558 deletions(-) Unable to check for sanity:
> no match for package: net-analyzer/wireshark-3.4.4
Unable to check for sanity:
> no match for package: net-analyzer/wireshark-3.4.4
This issue was resolved and addressed in GLSA 202107-21 at https://security.gentoo.org/glsa/202107-21 by GLSA coordinator Sam James (sam_c). |