Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 694134 (CVE-2019-16319) - <net-analyzer/wireshark-3.0.4: Gryphon dissector infinite loop (CVE-2019-16319)
Summary: <net-analyzer/wireshark-3.0.4: Gryphon dissector infinite loop (CVE-2019-16319)
Status: RESOLVED FIXED
Alias: CVE-2019-16319
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://www.wireshark.org/lists/wires...
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-09-12 05:38 UTC by Jeroen Roovers (RETIRED)
Modified: 2020-03-26 19:33 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers (RETIRED) gentoo-dev 2019-09-12 05:38:32 UTC
The following vulnerabilities have been fixed:

     • wnpa-sec-2019-21[1] Gryphon dissector infinite loop. Bug
       16020[2].


[1] https://www.wireshark.org/security/wnpa-sec-2019-21
[2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16020
Comment 1 Larry the Git Cow gentoo-dev 2019-09-12 05:40:10 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f6c4cdbba94ddb6903ea0938a5a9acb2acde651

commit 8f6c4cdbba94ddb6903ea0938a5a9acb2acde651
Author:     Jeroen Roovers <jer@gentoo.org>
AuthorDate: 2019-09-12 05:39:45 +0000
Commit:     Jeroen Roovers <jer@gentoo.org>
CommitDate: 2019-09-12 05:40:07 +0000

    net-analyzer/wireshark: Version 3.0.4
    
    Package-Manager: Portage-2.3.75, Repoman-2.3.17
    Bug: https://bugs.gentoo.org/694134
    Signed-off-by: Jeroen Roovers <jer@gentoo.org>

 net-analyzer/wireshark/Manifest               |   1 +
 net-analyzer/wireshark/wireshark-3.0.4.ebuild | 245 ++++++++++++++++++++++++++
 2 files changed, 246 insertions(+)
Comment 2 Sam James archtester gentoo-dev Security 2020-03-26 18:47:10 UTC
Tree is clean.
Comment 3 Thomas Deutschmann gentoo-dev Security 2020-03-26 18:54:35 UTC
GLSA Vote: No

Repository is clean, all done!