https://bugzilla.novell.com/show_bug.cgi?id=848738 https://bugzilla.novell.com/show_bug.cgi?id=848738#c0 Summary: VUL-0: wireshark: security updates to 1.8.11 and 1.10.3 Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: Andreas.Stieger@gmx.de QAContact: qa-bugs@suse.de CC: Andreas.Stieger@gmx.de, abergmann@suse.com, cyliu@suse.com Depends on: 839607 Found By: --- Blocker: --- Via http://www.wireshark.org/docs/relnotes/wireshark-1.10.3.html The following vulnerabilities have been fixed. wnpa-sec-2013-61 The IEEE 802.15.4 dissector could crash. (Bug 9139) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6336 wnpa-sec-2013-62 The NBAP dissector could crash. Discovered by Laurent Butti. (Bug 9168) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6337 wnpa-sec-2013-63 The SIP dissector could crash. (Bug 9228) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6338 wnpa-sec-2013-64 The OpenWire dissector could go into a large loop. Discovered by Murali. (Bug 9248) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6339 wnpa-sec-2013-65 The TCP dissector could crash. (Bug 9263) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6340 http://www.wireshark.org/docs/relnotes/wireshark-1.8.11.html The following vulnerabilities have been fixed. wnpa-sec-2013-61 The IEEE 802.15.4 dissector could crash. (Bug 9139) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6336 wnpa-sec-2013-62 The NBAP dissector could crash. Discovered by Laurent Butti. (Bug 9168) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6337 wnpa-sec-2013-63 The SIP dissector could crash. (Bug 9228) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6338 wnpa-sec-2013-64 The OpenWire dissector could go into a large loop. Discovered by Murali. (Bug 9248) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6339 wnpa-sec-2013-65 The TCP dissector could crash. (Bug 9263) Versions affected: 1.10.0 to 1.10.2, 1.8.0 to 1.8.10 CVE-2013-6340 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.