Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 793968 (CVE-2021-22222) - <net-analyzer/wireshark-3.4.6: DVB dissector infinite loop (CVE-2021-22222)
Summary: <net-analyzer/wireshark-3.4.6: DVB dissector infinite loop (CVE-2021-22222)
Status: RESOLVED FIXED
Alias: CVE-2021-22222
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2021-06-02 19:55 UTC by Sam James
Modified: 2021-07-09 02:59 UTC (History)
3 users (show)

See Also:
Package list:
net-analyzer/wireshark-3.4.6
Runtime testing required: ---
nattka: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2021-06-02 19:55:40 UTC
* wnpa-sec-2021-05

"DVB-S2-BB dissector infinite loop"

https://www.wireshark.org/security/wnpa-sec-2021-05.html
Comment 1 Larry the Git Cow gentoo-dev 2021-06-02 20:04:10 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=71196470ab2e6405249f8787286fbb74dce270af

commit 71196470ab2e6405249f8787286fbb74dce270af
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-06-02 20:03:18 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-06-02 20:03:59 +0000

    net-analyzer/wireshark: add 3.4.6
    
    Bug: https://bugs.gentoo.org/793968
    Signed-off-by: Sam James <sam@gentoo.org>

 net-analyzer/wireshark/Manifest               |   1 +
 net-analyzer/wireshark/wireshark-3.4.6.ebuild | 278 ++++++++++++++++++++++++++
 2 files changed, 279 insertions(+)
Comment 2 Sam James archtester gentoo-dev Security 2021-06-07 23:09:07 UTC
x86 done
Comment 3 Sam James archtester gentoo-dev Security 2021-06-07 23:10:31 UTC
arm64 done
Comment 4 Sam James archtester gentoo-dev Security 2021-06-07 23:10:37 UTC
arm done
Comment 5 Agostino Sarubbo gentoo-dev 2021-06-08 06:58:38 UTC
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2021-06-09 06:24:42 UTC
ppc64 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2021-07-09 02:57:08 UTC
This issue was resolved and addressed in
 GLSA 202107-21 at https://security.gentoo.org/glsa/202107-21
by GLSA coordinator Sam James (sam_c).
Comment 8 Larry the Git Cow gentoo-dev 2021-07-09 02:59:47 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d290b18cd202b4146f0526fca8f647fe095483da

commit d290b18cd202b4146f0526fca8f647fe095483da
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-07-09 02:58:53 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-07-09 02:59:26 +0000

    net-analyzer/wireshark: drop 3.4.5
    
    Bug: https://bugs.gentoo.org/793968
    Signed-off-by: Sam James <sam@gentoo.org>

 net-analyzer/wireshark/Manifest               |   1 -
 net-analyzer/wireshark/wireshark-3.4.5.ebuild | 278 --------------------------
 2 files changed, 279 deletions(-)