https://bugzilla.novell.com/show_bug.cgi?id=889854 https://bugzilla.novell.com/show_bug.cgi?id=889854#c0 Summary: Wireshark 1.10.9 fixes several crashes triggered by malformed protocol packages Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: Andreas.Stieger@gmx.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0 https://www.wireshark.org/lists/wireshark-announce/201407/msg00002.html https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html Versions affected: 1.10.0 to 1.10.8. (openSUSE 13.1) * The Catapult DCT2000 and IrDA dissectors could underrun a buffer. wnpa-sec-2014-08 CVE-2014-5161 CVE-2014-5162 * The GSM Management dissector could crash. wnpa-sec-2014-09 CVE-2014-5163 * The RLC dissector could crash. wnpa-sec-2014-10 CVE-2014-5164 * The ASN.1 BER dissector could crash. wnpa-sec-2014-11 CVE-2014-5165 Reproducible: Didn't try -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.