Bug 4455

Hi, thanks for reporting this bug.
Assigned to the package maintainer.

(Please set the status to 'assigned' if you are working on it)

Keywords: (none) => Triaged
Assignee: bugsquad => doktor5000

Actually there are quite some other fixes in this maintenance release: http://www.wireshark.org/docs/relnotes/wireshark-1.4.11.html
Currently testing it locally.

URL: (none) => http://www.wireshark.org/docs/relnotes/wireshark-1.4.11.html

There is now wireshark-1.4.11-1.mga1 in core/updates_testing to validate
-------------------------------------------------------


Suggested advisory:
-------------------
This update addresses the following security issues:

  o fixes multiple file parser vulnerabilities
    ( http://www.wireshark.org/security/wnpa-sec-2012-01.html )
  o fixes multiple NULL pointer vulnerabilities
    ( http://www.wireshark.org/security/wnpa-sec-2012-02.html )
  o fixes an RLC dissector buffer overflow
    ( http://www.wireshark.org/security/wnpa-sec-2012-03.html )

Other fixes in this release:

  o fixes 27 various other bugs (not security-related)

-------------------------------------------------------
Steps to reproduce:

- install/update to update candidate

CC: (none) => doktor5000
Assignee: doktor5000 => qa-bugs

Testing complete on i586 for the srpm
wireshark-1.4.11-1.mga1.src.rpm

Just testing that capture (as root), and parsing as regular user
works.

CC: (none) => davidwhodgins

x86_64

There is actually a capture file and testcase to test with for the file parser bug

https://bugs.wireshark.org/bugzilla/attachment.cgi?id=7572

Confirmed it causes a segfault before update and fixed afterwards.

$ tshark -nr test2.apc
  1 0.000000000              ->
Segmentation fault

$ wireshark -n test2.apc
Segmentation fault

Saves a capture in root-mode as wiresharktest and parsed it in non-root mode.

Tested a few of the tools from wireshark-tools

$ editcap -r wiresharktest wiresharktest50 1-50
Add_Selected: 1-50
Inclusive ... 1, 50

$ mergecap -v -w wiresharkmerged wiresharktest wiresharktest50
mergecap: wiresharktest is type Wireshark/tcpdump/... - libpcap.
mergecap: wiresharktest50 is type Wireshark/tcpdump/... - libpcap.
mergecap: selected frame_type Ethernet (ether)
Record: 1
Record: 2
etc.

$ randpkt -v -b 500 -t dns wireshark_dns.pcap
$ wireshark wireshark_dns.pcap

$ dftest ip
Filter: "ip"
dfilter ptr = 0x031faee0


00000 CHECK_EXISTS      ip
00001 RETURN

]$ capinfos wiresharktest50
File name:           wiresharktest50
File type:           Wireshark/tcpdump/... - libpcap
File encapsulation:  Ethernet
Packet size limit:   file hdr: 65535 bytes
Number of packets:   50
File size:           7404 bytes
Data size:           6580 bytes
etc.

Testing complete x86_64, I'll add these on a QA wiki page.

Validating

Advisory:
-------------------
This update addresses the following security issues:

  o fixes multiple file parser vulnerabilities
    ( http://www.wireshark.org/security/wnpa-sec-2012-01.html )
  o fixes multiple NULL pointer vulnerabilities
    ( http://www.wireshark.org/security/wnpa-sec-2012-02.html )
  o fixes an RLC dissector buffer overflow
    ( http://www.wireshark.org/security/wnpa-sec-2012-03.html )

Other fixes in this release:

  o fixes 27 various other bugs (not security-related)
    (http://www.wireshark.org/docs/relnotes/wireshark-1.4.11.html)

-------------------------------------------------------

SRPM: wireshark-1.4.11-1.mga1.src.rpm

Could sysadmin please push from core/updates_testing to core/updates

Thankyou!

Keywords: Triaged => validated_update
CC: (none) => sysadmin-bugs
Hardware: i586 => All

update pushed

Status: ASSIGNED => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED