Source: wireshark Version: 3.2.2-1 Severity: important Tags: security upstream Forwarded: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474
Hi, The following vulnerability was published for wireshark, filling mainly only for tracking. CVE-2020-11647[0]: | In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the | BACapp dissector could crash. This was addressed in epan/dissectors | /packet-bacapp.c by limiting the amount of recursion. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-11647 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11647 [1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474 [2] https://www.wireshark.org/security/wnpa-sec-2020-07.html Please adjust the affected versions in the BTS as needed. Regards, Salvatore
