[Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-10898/wireshark

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5e3b9545 by Salvatore Bonaccorso at 2019-04-09T14:56:14Z
Update information on CVE-2019-10898/wireshark

Osmocom GSUP Protocol dissector only introduced in the 3.0.0 upstream
version and not backported to 2.6.x.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -301,9 +301,7 @@ CVE-2019-10899 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRV
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b16fea2f175a3297edac118c8844c7987d31c1cb
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-10.html
 CVE-2019-10898 (In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. ...)
-	- wireshark <undetermined>
-	[stretch] - wireshark <not-affected> (vulnerable code is not present)
-	[jessie] - wireshark <not-affected> (vulnerable code is not present)
+	- wireshark <not-affected> (Vulnerable code introduced later; GSUP dissector introduced in 3.0.0)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15585
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f80b7d1b279fb6c13f640019a1bbc42b18bf7469
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-12.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5e3b95458b2d6010852b25edd7bb7f8dc0352701

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5e3b95458b2d6010852b25edd7bb7f8dc0352701
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190409/9c11a534/attachment-0001.html>