[Bug 807942] New: wireshark update to 1.8.6
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c0 Summary: wireshark update to 1.8.6 Classification: openSUSE Product: openSUSE 12.3 Version: RC 2 Platform: All OS/Version: openSUSE 12.2 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: Andreas.Stieger@gmx.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686; rv:19.0) Gecko/20100101 Firefox/19.0 A bugfix release for Wireshark fixes security issues and bugs.
From https://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html
The TCP dissector could crash. wnpa-sec-2013-10 CVE-2013-2475 The HART/IP dissectory could go into an infinite loop. wnpa-sec-2013-11 CVE-2013-2476 The CSN.1 dissector could crash. wnpa-sec-2013-12 CVE-2013-2477 The MS-MMS dissector could crash. wnpa-sec-2013-13 CVE-2013-2478 The MPLS Echo dissector could go into an infinite loop. wnpa-sec-2013-14 CVE-2013-2479 The RTPS and RTPS2 dissectors could crash. wnpa-sec-2013-15 CVE-2013-2480 The Mount dissector could crash. wnpa-sec-2013-16 CVE-2013-2481 The AMPQ dissector could go into an infinite loop. wnpa-sec-2013-17 CVE-2013-2482 The ACN dissector could attempt to divide by zero. wnpa-sec-2013-18 CVE-2013-2483 The CIMD dissector could crash. wnpa-sec-2013-19 CVE-2013-2484 The FCSP dissector could go into an infinite loop. wnpa-sec-2013-20 CVE-2013-2485 The RELOAD dissector could go into an infinite loop. wnpa-sec-2013-21 CVE-2013-2486 CVE-2013-2487 The DTLS dissector could crash. wnpa-sec-2013-22 CVE-2013-2488 Reproducible: Always Some of these also affect the oldstable 1.6.x series (in SLE) for which 1.6.14 is available. https://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium Status|NEW |ASSIGNED AssignedTo|security-team@suse.de |Andreas.Stieger@gmx.de -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c1 Andreas Stieger <Andreas.Stieger@gmx.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |security-team@suse.de --- Comment #1 from Andreas Stieger <Andreas.Stieger@gmx.de> 2013-03-07 08:45:11 UTC --- Submit request network:utilities / wireshark to openSUSE:Factory / wireshark https://build.opensuse.org/request/show/157611 Maintenance request for 12.1, 12.2, 12.3: https://build.opensuse.org/request/show/157612 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c2 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED CC| |Andreas.Stieger@gmx.de InfoProvider|security-team@suse.de | AssignedTo|Andreas.Stieger@gmx.de |cyliu@suse.com Summary|wireshark update to 1.8.6 |VUL-0: wireshark update to | |1.8.6 --- Comment #2 from Marcus Meissner <meissner@suse.com> 2013-03-08 15:35:27 UTC --- thanks! opensuse looks good. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c3 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |maint:running:51554:moderat | |e --- Comment #3 from Swamp Workflow Management <swamp@suse.de> 2013-03-08 15:40:41 UTC --- The SWAMPID for this issue is 51554. This issue was rated as moderate. Please submit fixed packages until 2013-03-22. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:51554:moderat |maint:running:51554:moderat |e |e obs:running:1412:moderate -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c6 --- Comment #6 from Bernhard Wiedemann <bwiedemann@suse.com> 2013-03-14 08:00:08 CET --- This is an autogenerated message for OBS integration: This bug (807942) was mentioned in https://build.opensuse.org/request/show/159273 Maintenance / -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c7 --- Comment #7 from Bernhard Wiedemann <bwiedemann@suse.com> 2013-03-14 10:00:37 CET --- This is an autogenerated message for OBS integration: This bug (807942) was mentioned in https://build.opensuse.org/request/show/159285 Evergreen:11.2 / wireshark -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c Chunyan Liu <cyliu@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|cyliu@suse.com |security-team@suse.de -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:51554:moderat |maint:running:51554:moderat |e obs:running:1412:moderate |e -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c8 --- Comment #8 from Swamp Workflow Management <swamp@suse.de> 2013-03-20 10:04:31 UTC --- openSUSE-SU-2013:0494-1: An update that fixes 14 vulnerabilities is now available. Category: security (moderate) Bug References: 807942 CVE References: CVE-2013-2475,CVE-2013-2476,CVE-2013-2477,CVE-2013-2478,CVE-2013-2479,CVE-2013-2480,CVE-2013-2481,CVE-2013-2482,CVE-2013-2483,CVE-2013-2484,CVE-2013-2485,CVE-2013-2486,CVE-2013-2487,CVE-2013-2488 Sources used: openSUSE 12.3 (src): wireshark-1.8.6-1.4.1 openSUSE 12.2 (src): wireshark-1.8.6-1.23.1 openSUSE 12.1 (src): wireshark-1.8.6-3.41.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c9 --- Comment #9 from Swamp Workflow Management <swamp@suse.de> 2013-03-20 13:05:56 UTC --- openSUSE-SU-2013:0506-1: An update that fixes 14 vulnerabilities is now available. Category: security (moderate) Bug References: 807942 CVE References: CVE-2013-2475,CVE-2013-2476,CVE-2013-2477,CVE-2013-2478,CVE-2013-2479,CVE-2013-2480,CVE-2013-2481,CVE-2013-2482,CVE-2013-2483,CVE-2013-2484,CVE-2013-2485,CVE-2013-2486,CVE-2013-2487,CVE-2013-2488 Sources used: openSUSE 11.4 (src): wireshark-1.8.6-41.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c10 --- Comment #10 from Bernhard Wiedemann <bwiedemann@suse.com> 2013-03-21 08:00:34 CET --- This is an autogenerated message for OBS integration: This bug (807942) was mentioned in https://build.opensuse.org/request/show/160383 Evergreen:11.2 / wireshark -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c11 Alexander Bergmann <abergmann@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |thomas@suse.com --- Comment #11 from Alexander Bergmann <abergmann@suse.com> 2013-04-18 12:21:25 UTC --- *** Bug 814816 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=814816 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=807942 https://bugzilla.novell.com/show_bug.cgi?id=807942#c12 Alexander Bergmann <abergmann@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |abergmann@suse.com --- Comment #12 from Alexander Bergmann <abergmann@suse.com> 2013-04-18 12:27:31 UTC --- CVE-2012-6054 and CVE-2012-6056 are fixed with release 1.6.14 and 1.8.4. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com