Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <396081601.369326.1297265018769.JavaMail.root@zmail01.collab.prod.int.phx2.redhat.com>
Date: Wed, 9 Feb 2011 10:23:38 -0500 (EST)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE assignments for Wireshark

Hi Steve,

Any update on this?

Thanks.

-- 
    JB

----- Original Message -----
> ----- Original Message -----
> > On 01/13/2011 04:21 AM, Steven M. Christey wrote:
> > >
> > > CVE-2011-0444 - MAC-LTE
> > >
> > > CVE-2011-0445 - ASN.1 BER
> >
> > Looking at the following wireshark bug and the relevant commits:
> >
> > https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5530
> >
> > http://anonsvn.wireshark.org/viewvc?view=rev&revision=35292
> > http://anonsvn.wireshark.org/viewvc?view=rev&revision=35298
> >
> > It seems that there are two issues here, buffer overflow in MAC-LTE
> > dissector as well as buffer overflow in SNMP engineID preferences.
> >
> > This issue was however assigned only one CVE i.e. CVE-2011-0444.
> > Do you think two CVEs (for each individual issues), should be
> > assigned
> > in this case?
> >
> 
> Hi Steve,
> 
> Can MITRE handle this one?
> 
> Thanks.
> 
> --
> JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.