LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Mageia alert MGASA-2013-0090 (wireshark)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2013-0090: wireshark (2/core) 


Date:
    	      Fri, 15 Mar 2013 13:26:06 +0100


Message-ID:
    	      <20130315122606.GA17994@valstar.mageia.org>


Archive-link:
    	      Article, Thread
              


MGASA-2013-0090
Date:	March 15rd, 2013
Affected releases:	2
Media:	Core

Description:
Updated wireshark packages fix security vulnerabilities:

The sFlow dissector could go into an infinite loop (CVE-2012-6054).
The SCTP dissector could go into an infinite loop (CVE-2012-6056).
The MS-MMS dissector could crash (CVE-2013-2478).
The RTPS and RTPS2 dissectors could crash (CVE-2013-2480).
The Mount dissector could crash (CVE-2013-2481).
The AMPQ dissector could go into an infinite loop (CVE-2013-2482).
The ACN dissector could attempt to divide by zero (CVE-2013-2483).
The CIMD dissector could crash (CVE-2013-2484).
The FCSP dissector could go into an infinite loop (CVE-2013-2485).
The DTLS dissector could crash (CVE-2013-2488).

Updated Packages:
i586:
tshark-1.6.14-1.mga2.i586
wireshark-tools-1.6.14-1.mga2.i586
wireshark-1.6.14-1.mga2.i586
dumpcap-1.6.14-1.mga2.i586
rawshark-1.6.14-1.mga2.i586
libwireshark-devel-1.6.14-1.mga2.i586
libwireshark1-1.6.14-1.mga2.i586


x86_64:
rawshark-1.6.14-1.mga2.x86_64
lib64wireshark-devel-1.6.14-1.mga2.x86_64
wireshark-1.6.14-1.mga2.x86_64
tshark-1.6.14-1.mga2.x86_64
dumpcap-1.6.14-1.mga2.x86_64
lib64wireshark1-1.6.14-1.mga2.x86_64
wireshark-tools-1.6.14-1.mga2.x86_64


SRPMS:
wireshark-1.6.14-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6054

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6056

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2478

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2480

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2481

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2482

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2483

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2484

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2485

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488

http://www.wireshark.org/security/wnpa-sec-2012-32.html

http://www.wireshark.org/security/wnpa-sec-2012-33.html

http://www.wireshark.org/security/wnpa-sec-2013-13.html

http://www.wireshark.org/security/wnpa-sec-2013-15.html

http://www.wireshark.org/security/wnpa-sec-2013-16.html

http://www.wireshark.org/security/wnpa-sec-2013-17.html

http://www.wireshark.org/security/wnpa-sec-2013-18.html

http://www.wireshark.org/security/wnpa-sec-2013-19.html

http://www.wireshark.org/security/wnpa-sec-2013-20.html

http://www.wireshark.org/security/wnpa-sec-2013-22.html

http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.h...
http://www.wireshark.org/news/20130306.html

https://bugs.mageia.org/show_bug.cgi?id=9279

https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds