Mageia alert MGASA-2013-0180 (wireshark) [LWN.net]


From:
    	       Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	       updates-announce@ml.mageia.org 
Subject:
    	       [updates-announce] MGASA-2013-0180: Updated wireshark packages fix
 multiple security vulverabilities 
Date:
    	       Wed, 26 Jun 2013 20:07:40 +0200
Message-ID:
    	       <20130626180740.89AF842075@valstar.mageia.org>
Archive-link:
    	       Article, Thread
              
MGASA-2013-0180 - Updated wireshark packages fix multiple security vulverabilities

Publication date: 26 Jun 2013
URL: http://advisories.mageia.org/MGASA-2013-0180.html
Type: security
Affected Mageia releases: 2
CVE: CVE-2013-4074,
     CVE-2013-4081,
     CVE-2013-4083

Description:
The CAPWAP dissector could crash (CVE-2013-4074).

The HTTP dissector could overrun the stack (CVE-2013-4081).

The DCP ETSI dissector could crash (CVE-2013-4083).

References:
- http://www.wireshark.org/security/wnpa-sec-2013-32.html
- http://www.wireshark.org/security/wnpa-sec-2013-39.html
- http://www.wireshark.org/security/wnpa-sec-2013-41.html
- http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html
- http://www.wireshark.org/news/20130607.html
- http://www.mandriva.com/en/support/security/advisories/mb...
- https://bugs.mageia.org/show_bug.cgi?id=10471
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4074
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4081
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4083

SRPMS:
- 2/core/wireshark-1.6.16-1.mga2
(Log in to post comments)