Source: sngrep Version: 1.7.0-1 Severity: normal Tags: security upstream Forwarded: https://github.com/irontec/sngrep/issues/438 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for sngrep. CVE-2023-36192[0]: | Sngrep v1.6.0 was discovered to contain a heap buffer overflow via | the function capture_ws_check_packet at /src/capture.c. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-36192 https://www.cve.org/CVERecord?id=CVE-2023-36192 [1] https://github.com/irontec/sngrep/issues/438 [2] https://github.com/irontec/sngrep/commit/ad1daf15c8387bfbb48097c25197bf330d2d98fc Please adjust the affected versions in the BTS as needed. Regards, Salvatore