Mailinglist Archive: opensuse-bugs (6095 mails)

< Previous Next >
[Bug 1080229] VUL-1: CVE-2018-6836: wireshark: The netmonrec_comment_destroy function in wiretap/netmon.c performs a free operation on an uninitialized memory address, which allows remote attackers to cause DoS
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Mon, 16 Apr 2018 02:23:20 +0000
  • Message-id: <bug-1080229-21960-X4skDbVLzl@http.bugzilla.suse.com/>
http://bugzilla.suse.com/show_bug.cgi?id=1080229
http://bugzilla.suse.com/show_bug.cgi?id=1080229#c1

--- Comment #1 from Lingshan Zhu <lszhu@xxxxxxxx> ---
It only affects wireshark 2.5.x which is experimental, see
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397

I can find a fix commit in upstream, but it only belongs to 2.5.x tags, so I
think maybe we don't need this fix in Factory, if we upgrade to 2.5.x, it would
be already fixed.

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >