|
|
Log in / Subscribe / Register

Mageia alert MGASA-2014-0386 (wireshark)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2014-0386: Updated wireshark packages fix security vulnerabilities 


Date:
    	      Wed, 24 Sep 2014 18:44:46 +0200


Message-ID:
    	      <20140924164446.192195C73A@valstar.mageia.org>


MGASA-2014-0386 - Updated wireshark packages fix security vulnerabilities

Publication date: 24 Sep 2014
URL: http://advisories.mageia.org/MGASA-2014-0386.html
Type: security
Affected Mageia releases: 3, 4
CVE: CVE-2014-6421,
     CVE-2014-6422,
     CVE-2014-6423,
     CVE-2014-6424,
     CVE-2014-6427,
     CVE-2014-6428,
     CVE-2014-6429,
     CVE-2014-6430,
     CVE-2014-6431,
     CVE-2014-6432

Description:
Updated wireshark packages fix security vulnerabilities:

RTP dissector crash (CVE-2014-6421, CVE-2014-6422).

MEGACO dissector infinite loop (CVE-2014-6423).

Netflow dissector crash (CVE-2014-6424).

RTSP dissector crash (CVE-2014-6427).

SES dissector crash (CVE-2014-6428).

Sniffer file parser crash (CVE-2014-6429, CVE-2014-6430, CVE-2014-6431,
CVE-2014-6432).

References:
- https://bugs.mageia.org/show_bug.cgi?id=14113
- https://www.wireshark.org/security/wnpa-sec-2014-12.html
- https://www.wireshark.org/security/wnpa-sec-2014-13.html
- https://www.wireshark.org/security/wnpa-sec-2014-14.html
- https://www.wireshark.org/security/wnpa-sec-2014-17.html
- https://www.wireshark.org/security/wnpa-sec-2014-18.html
- https://www.wireshark.org/security/wnpa-sec-2014-19.html
- https://www.wireshark.org/docs/relnotes/wireshark-1.10.10...
- https://www.wireshark.org/news/20140916.html
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6421
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6422
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6423
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6424
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6427
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6428
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6429
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6430
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6431
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6432

SRPMS:
- 4/core/wireshark-1.10.10-1.mga4
- 3/core/wireshark-1.10.10-1.mga3
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds