Upstream has released new versions today (December 17), fixing security issues: http://www.wireshark.org/news/20131217.html Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA3TOO
Updated packages uploaded for Mageia 3 and Cauldron. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The SIP dissector could go into an infinite loop (CVE-2013-7112). The NTLMSSP v2 dissector could crash (CVE-2013-7114). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7112 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7114 https://www.wireshark.org/security/wnpa-sec-2013-66.html https://www.wireshark.org/security/wnpa-sec-2013-68.html http://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html http://www.wireshark.org/news/20131217.html ======================== Updated packages in core/updates_testing: ======================== wireshark-1.8.12-1.mga3 libwireshark2-1.8.12-1.mga3 libwireshark-devel-1.8.12-1.mga3 wireshark-tools-1.8.12-1.mga3 tshark-1.8.12-1.mga3 rawshark-1.8.12-1.mga3 dumpcap-1.8.12-1.mga3 from wireshark-1.8.12-1.mga3.src.rpm
Version: Cauldron => 3Assignee: bugsquad => qa-bugsWhiteboard: MGA3TOO => (none)
Testing complete mga3 64 PoC for cve-2013-7112 attached to https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9388 Opening it in wireshark results in rapid exhaustion of memory and maxed cpu. With the update installed it opens instantly with no ill effects. Performed a capture on eth0.
Whiteboard: (none) => has_procedure mga3-64-ok
Testing complete mga3 32
Whiteboard: has_procedure mga3-64-ok => has_procedure mga3-64-ok mga3-32-ok
Validating. Advisory uploaded. Could sysadmin please push from 3 core/updates_testing to updates. Thanks!
Keywords: (none) => validated_updateWhiteboard: has_procedure mga3-64-ok mga3-32-ok => has_procedure advisory mga3-64-ok mga3-32-okCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2013-0380.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/577886/
LWN reference for CVE-2013-7112: http://lwn.net/Vulnerabilities/579354/