Bug 1142766 (CVE-2019-1010189) - VUL-1: CVE-2019-1010189: mgetty: prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local
Summary: VUL-1: CVE-2019-1010189: mgetty: prior to version 1.2.1 is affected by: Infin...
Status: RESOLVED WORKSFORME
Alias: CVE-2019-1010189
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/237944/
Whiteboard: CVSSv3:SUSE:CVE-2019-1010189:5.5:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2019-07-25 08:19 UTC by Wolfgang Frisch
Modified: 2020-05-27 13:02 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Wolfgang Frisch 2019-07-25 08:19:04 UTC 
CVE-2019-1010189

mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS,
the program does never terminates. The component is: g3/g32pbm.c. The attack
vector is: Local, the user should open a specially crafted file. The fixed
version is: 1.2.1.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010189
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010189
https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
Comment 3 Markéta Machová 2020-05-27 12:58:48 UTC 
security: If no SUSE codestream is affected, why is this bug still active?
Comment 5 Wolfgang Frisch 2020-05-27 13:02:30 UTC 
(In reply to Marketa Calabkova from comment #3)
> security: If no SUSE codestream is affected, why is this bug still active?

Indeed this bug does not affect us. Resolved.