Hi Henri,
Looks like there is something inconsistent in this commit. Bug #680056
refers to the PPP dissector crash. Can you check it please?
Thanks, luciano
On Tuesday 24 July 2012, Henri Salo wrote:> Author: fgeek-guest
> Date: 2012-07-24 06:47:20 +0000 (Tue, 24 Jul 2012)
> New Revision: 19792
>
> Modified:
> data/CVE/list
> Log:
> CVE-2012-4048/CVE-2012-4049 wireshark
>
> Modified: data/CVE/list
> ==================================================================> ---
data/CVE/list 2012-07-23 21:56:04 UTC (rev 19791)
> +++ data/CVE/list 2012-07-24 06:47:20 UTC (rev 19792)
> @@ -1,3 +1,15 @@
> +CVE-2012-4049 [Large loop in the NFS dissector]
> + RESERVED
> + - wireshark <unfixed> (bug #680056)
> + NOTE: http://www.wireshark.org/security/wnpa-sec-2012-12.html
> + NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/1
> + NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/2
> +CVE-2012-4048 [PPP dissector crash]
> + RESERVED
> + TODO: Check if Debian wireshark is affected
> + NOTE: http://www.wireshark.org/security/wnpa-sec-2012-11.html
> + NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/1
> + NOTE: http://www.openwall.com/lists/oss-security/2012/07/24/2
> CVE-2012-4033
> TODO: check
> CVE-2012-4032
>
>
> _______________________________________________
> Secure-testing-commits mailing list
> Secure-testing-commits at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-comm
> its