Bug 6861

Summary: wireshark new releases 1.6.9 and 1.8.1 fix security issues
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: davidwhodgins, doktor5000, guillomovitch, sysadmin-bugs, tmb
Version: 2Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
URL: http://www.wireshark.org/news/20120722.html
Whiteboard: MGA2-32-OK MGA2-64-OK
Source RPM: wireshark-1.6.8-1.mga2.src.rpm CVE:
Status comment:
Bug Depends on:    
Bug Blocks: 6033    

Description David Walser 2012-07-24 13:08:08 CEST 
Vulnerabilities in the PPP and NFS dissectors have been fixed:
http://www.wireshark.org/news/20120722.html

Solution is to upgrade Cauldron to 1.8.2 and Mageia 2 to 1.6.9.

I don't know if there's any fixes available for 1.4.x for Mageia 1.
David Walser 2012-07-24 13:08:21 CEST

CC: (none) => doktor5000

David Walser 2012-07-29 00:41:22 CEST

CC: (none) => guillomovitch

Comment 1 David Walser 2012-08-01 21:34:42 CEST 
Apparently there is a 1.4.14 (noted in Bug 6033), as OpenSuSE has it.

Wireshark 1.6.9 also fixes CVE-2012-4048 and CVE-2012-4049.

http://lwn.net/Vulnerabilities/509204/
Comment 2 David Walser 2012-08-06 16:13:53 CEST 
Mandriva has issued an advisory for this today (August 6):
http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:125
Comment 3 David Walser 2012-08-09 20:28:48 CEST 
Updated packages uploaded for Mageia 2 and Cauldron.

Advisory:
========================

Updated wireshark packages fix security vulnerabilities:

The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9,
and 1.8.x before 1.8.1 allows remote attackers to cause a denial of
service (invalid pointer dereference and application crash) via a
crafted packet, as demonstrated by a usbmon dump (CVE-2012-4048).

epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x
before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote
attackers to cause a denial of service (loop and CPU consumption) via a
crafted packet (CVE-2012-4049).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049
http://www.wireshark.org/security/wnpa-sec-2012-11.html
http://www.wireshark.org/security/wnpa-sec-2012-12.html
http://www.wireshark.org/docs/relnotes/wireshark-1.6.9.html
http://www.wireshark.org/news/20120722.html
========================

Updated packages in core/updates_testing:
========================
wireshark-1.6.9-1.mga2
libwireshark1-1.6.9-1.mga2
libwireshark-devel-1.6.9-1.mga2
wireshark-tools-1.6.9-1.mga2
tshark-1.6.9-1.mga2
rawshark-1.6.9-1.mga2
dumpcap-1.6.9-1.mga2

from wireshark-1.6.9-1.mga2.src.rpm

Version: Cauldron => 2
Assignee: bugsquad => qa-bugs
Summary: wireshark new releases 1.6.9 and 1.8.2 fix security issues => wireshark new releases 1.6.9 and 1.8.1 fix security issues

David Walser 2012-08-09 20:29:15 CEST

Blocks: (none) => 6033

Comment 4 Dave Hodgins 2012-08-10 06:35:23 CEST 
As per bug 6033, I can't recreate either bug with the Core Updates
version.  I've checked both Mageia 2 i586 and x86-64 before and
after updating.  No regressions found, but is there any point in
pushing this update?

CC: (none) => davidwhodgins
Whiteboard: (none) => MGA2-32-OK MGA2-64-OK feedback

Comment 5 David Walser 2012-08-10 14:36:04 CEST 
OpenSuSE and Mandriva have pushed it, so yes, let's please follow suit.

Whiteboard: MGA2-32-OK MGA2-64-OK feedback => MGA2-32-OK MGA2-64-OK

Comment 6 Dave Hodgins 2012-08-11 22:01:36 CEST 
Validating the update.

Could someone from the sysadmin team push the srpm
wireshark-1.6.9-1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: Updated wireshark packages fix security vulnerabilities:

The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9,
and 1.8.x before 1.8.1 allows remote attackers to cause a denial of
service (invalid pointer dereference and application crash) via a
crafted packet, as demonstrated by a usbmon dump (CVE-2012-4048).

epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x
before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote
attackers to cause a denial of service (loop and CPU consumption) via a
crafted packet (CVE-2012-4049).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4049
http://www.wireshark.org/security/wnpa-sec-2012-11.html
http://www.wireshark.org/security/wnpa-sec-2012-12.html
http://www.wireshark.org/docs/relnotes/wireshark-1.6.9.html
http://www.wireshark.org/news/20120722.html

https://bugs.mageia.org/show_bug.cgi?id=6861

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 7 Thomas Backlund 2012-08-12 20:49:06 CEST 
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0210

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED