oss-sec mailing list archives

Duplicate Wireshark CVEs?

From: Martin Prpic <mprpic () redhat com>
Date: Mon, 10 Aug 2015 12:45:31 +0200

Hello,

It looks like the following two Wireshark advisories fix the same flaw:

https://www.wireshark.org/security/wnpa-sec-2015-14.html
https://www.wireshark.org/security/wnpa-sec-2015-07.html

Both fix a flaw in the WCP dissector and refer to the following bug:

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844

Is there a reason two CVEs were assigned for this, or should one of them
be rejected?

Thanks!

RH bugs:
https://bugzilla.redhat.com/CVE-2015-2188
https://bugzilla.redhat.com/CVE-2015-3811

-- 
Martin Prpič / Red Hat Product Security

Current thread:

Duplicate Wireshark CVEs? Martin Prpic (Aug 10)
- Re: Duplicate Wireshark CVEs? Siddharth Sharma (Aug 11)
- Re: Duplicate Wireshark CVEs? cve-assign (Aug 13)
  - Re: Re: Duplicate Wireshark CVEs? Stuart Henderson (Aug 14)