[Bug 831718] New: wireshark: security updates to 1.10.1 and 1.8.9
https://bugzilla.novell.com/show_bug.cgi?id=831718 https://bugzilla.novell.com/show_bug.cgi?id=831718#c0 Summary: wireshark: security updates to 1.10.1 and 1.8.9 Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: All OS/Version: openSUSE 12.3 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: Andreas.Stieger@gmx.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686; rv:22.0) Gecko/20100101 Firefox/22.0
From https://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html
The following vulnerabilities have been fixed. wnpa-sec-2013-45 The Bluetooth SDP dissector could go into a large loop. Discovered by Laurent Butti. (Bug 8831) Versions affected: 1.10.0, 1.8.0 to 1.8.8. CVE-2013-4927 wnpa-sec-2013-47 The DIS dissector could go into a large loop. (Bug 8911) Versions affected: 1.10.0, 1.8.0 to 1.8.8. CVE-2013-4929 wnpa-sec-2013-48 The DVB-CI dissector could crash. Discovered by Laurent Butti. (Bug 8916) Versions affected: 1.10.0, 1.8.0 to 1.8.8. CVE-2013-4930 wnpa-sec-2013-49 The GSM RR dissector (and possibly others) could go into a large loop. (Bug 8923) Versions affected: 1.10.0, 1.8.0 to 1.8.8. CVE-2013-4931 wnpa-sec-2013-50 The GSM A Common dissector could crash. (Bug 8940) Versions affected: 1.10.0, 1.8.0 to 1.8.8. CVE-2013-4932 wnpa-sec-2013-51 The Netmon file parser could crash. Discovered by G. Geshev. (Bug 8742) Versions affected: 1.10.0, 1.8.0 to 1.8.8. CVE-2013-4933 CVE-2013-4934 wnpa-sec-2013-52 The ASN.1 PER dissector could crash. Discovered by Oliver-Tobias Ripka. (Bug 8722) Versions affected: 1.10.0, 1.8.0 to 1.8.8. CVE-2013-4935
From https://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html
The following vulnerabilities have been fixed. wnpa-sec-2013-41 The DCP ETSI dissector could crash. (Bug 8717) Versions affected: 1.10.0, 1.8.0 to 1.8.7 CVE-2013-4083 wnpa-sec-2013-42 The P1 dissector could crash. Discovered by Laurent Butti. (Bug 8826) Versions affected: 1.10.0 CVE-2013-4920 wnpa-sec-2013-43 The Radiotap dissector could crash. Discovered by Laurent Butti. (Bug 8830) Versions affected: 1.10.0 CVE-2013-4921 wnpa-sec-2013-44 The DCOM ISystemActivator dissector could crash. Discovered by Laurent Butti. (Bug 8828) Versions affected: 1.10.0 CVE-2013-4922 CVE-2013-4923 CVE-2013-4924 CVE-2013-4925 CVE-2013-4926 wnpa-sec-2013-45 The Bluetooth SDP dissector could go into a large loop. Discovered by Laurent Butti. (Bug 8831) Versions affected: 1.10.0, 1.8.0 to 1.8.8 CVE-2013-4927 wnpa-sec-2013-46 The Bluetooth OBEX dissector could go into an infinite loop. (Bug 8875) Versions affected: 1.10.0 CVE-2013-4928 wnpa-sec-2013-47 The DIS dissector could go into a large loop. (Bug 8911) Versions affected: 1.10.0, 1.8.0 to 1.8.8 CVE-2013-4929 wnpa-sec-2013-48 The DVB-CI dissector could crash. Discovered by Laurent Butti. (Bug 8916) Versions affected: 1.10.0, 1.8.0 to 1.8.8 CVE-2013-4930 wnpa-sec-2013-49 The GSM RR dissector (and possibly others) could go into a large loop. (Bug 8923) Versions affected: 1.10.0, 1.8.0 to 1.8.8 CVE-2013-4931 wnpa-sec-2013-50 The GSM A Common dissector could crash. (Bug 8940) Versions affected: 1.10.0, 1.8.0 to 1.8.8 CVE-2013-4932 wnpa-sec-2013-51 The Netmon file parser could crash. Discovered by G. Geshev. (Bug 8742) Versions affected: 1.10.0, 1.8.0 to 1.8.8 CVE-2013-4933 CVE-2013-4934 wnpa-sec-2013-52 The ASN.1 PER dissector could crash. Discovered by Oliver-Tobias Ripka. (Bug 8722) Versions affected: 1.10.0, 1.8.0 to 1.8.8 CVE-2013-4935 wnpa-sec-2013-53 The PROFINET Real-Time dissector could crash. (Bug 8904) Versions affected: 1.10.0 CVE-2013-4936 Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c1
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c2
--- Comment #2 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c3
--- Comment #3 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c4
--- Comment #4 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c5
--- Comment #5 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c6
--- Comment #6 from Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c7
Chunyan Liu
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c9
--- Comment #9 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c10
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c
Andreas Stieger
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c11
--- Comment #11 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c12
Alexander Bergmann
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c13
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c14
Andreas Stieger
Reopened. Still missing SLE11 updates.
That's odd: (In reply to comment #7)
Updated SLE-11 to 1.8.9. sr#28177
Assigned back to Chun. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c15
--- Comment #15 from Alexander Bergmann
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c16
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c17
Alexander Bergmann
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c18
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c19
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=831718
https://bugzilla.novell.com/show_bug.cgi?id=831718#c
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com