oss-sec mailing list archives
Re: Duplicate Wireshark CVEs?
From: Siddharth Sharma <siddharth () redhat com>
Date: Tue, 11 Aug 2015 10:47:46 -0400 (EDT)
Hi, Any information available on why both Wireshark CVEs CVE-2015-3811 CVE-2015-2188 point to one fix ? Thanks ----------------------------------------------------------------- Siddharth Sharma / Red Hat Product Security / Key ID : 0xD9F6489A Fingerprint : 0x6F04C684 A49C E4CE 8148 E841 CD6F 8E55 D9F6 489A ----- Original Message ----- From: "Martin Prpic" <mprpic () redhat com> To: oss-security () lists openwall com Sent: Monday, August 10, 2015 4:15:31 PM Subject: [oss-security] Duplicate Wireshark CVEs? Hello, It looks like the following two Wireshark advisories fix the same flaw: https://www.wireshark.org/security/wnpa-sec-2015-14.html https://www.wireshark.org/security/wnpa-sec-2015-07.html Both fix a flaw in the WCP dissector and refer to the following bug: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844 Is there a reason two CVEs were assigned for this, or should one of them be rejected? Thanks! RH bugs: https://bugzilla.redhat.com/CVE-2015-2188 https://bugzilla.redhat.com/CVE-2015-3811 -- Martin Prpič / Red Hat Product Security
Current thread:
- Duplicate Wireshark CVEs? Martin Prpic (Aug 10)
- Re: Duplicate Wireshark CVEs? Siddharth Sharma (Aug 11)
- Re: Duplicate Wireshark CVEs? cve-assign (Aug 13)
- Re: Re: Duplicate Wireshark CVEs? Stuart Henderson (Aug 14)