Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 606984 (CVE-2017-5596, CVE-2017-5597) - <net-analyzer/wireshark-2.2.4 - two dissector DoS vulns
Summary: <net-analyzer/wireshark-2.2.4 - two dissector DoS vulns
Status: RESOLVED FIXED
Alias: CVE-2017-5596, CVE-2017-5597
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://www.wireshark.org/lists/wires...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-01-24 06:16 UTC by Jeroen Roovers
Modified: 2017-02-22 11:19 UTC (History)
1 user (show)

See Also:
Package list:
=net-analyzer/wireshark-2.2.4
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers gentoo-dev 2017-01-24 06:16:56 UTC
The following vulnerabilities have been fixed:
     * [1]wnpa-sec-2017-01
       The ASTERIX dissector could go into an infinite loop. ([2]Bug
       13344)
     * [3]wnpa-sec-2017-02
       The DHCPv6 dissector could go into a large loop. ([4]Bug 13345)
Comment 1 Jeroen Roovers gentoo-dev 2017-01-24 06:49:46 UTC
Arch teams, please test and mark stable:
=net-analyzer/wireshark-2.2.4
Targeted stable KEYWORDS : alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Comment 2 Agostino Sarubbo gentoo-dev 2017-01-24 09:06:46 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2017-01-24 10:57:23 UTC
x86 stable
Comment 4 Agostino Sarubbo gentoo-dev 2017-01-24 11:49:24 UTC
ppc64 stable
Comment 5 Tobias Klausmann gentoo-dev 2017-01-25 21:11:09 UTC
Stable on alpha.
Comment 6 Agostino Sarubbo gentoo-dev 2017-01-26 10:24:23 UTC
sparc stable
Comment 7 Agostino Sarubbo gentoo-dev 2017-01-26 11:02:47 UTC
ppc stable
Comment 8 Agostino Sarubbo gentoo-dev 2017-01-26 15:29:28 UTC
ia64 stable
Comment 9 Jeroen Roovers gentoo-dev 2017-01-29 09:45:25 UTC
Stable for HPPA.
Comment 10 Markus Meier gentoo-dev 2017-02-12 20:06:46 UTC
arm stable, all arches done.
Comment 11 Thomas Deutschmann gentoo-dev Security 2017-02-13 21:48:03 UTC
GLSA Vote: No

@ Maintainer(s): Please cleanup and drop =net-analyzer/wireshark-2.2.2!
Comment 12 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-02-22 11:19:31 UTC
tree is clean