Bug 12028 - wireshark new security issues fixed in 1.8.12 and 1.10.4
Summary: wireshark new security issues fixed in 1.8.12 and 1.10.4
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 3
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/577886/
Whiteboard: has_procedure advisory mga3-64-ok mga...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2013-12-18 00:00 CET by David Walser
Modified: 2014-01-07 22:25 CET (History)
2 users (show)

See Also:
Source RPM: wireshark-1.10.3-1.mga4.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2013-12-18 00:00:07 CET
Upstream has released new versions today (December 17), fixing security issues:
http://www.wireshark.org/news/20131217.html

Reproducible: 

Steps to Reproduce:
David Walser 2013-12-18 00:00:16 CET

Whiteboard: (none) => MGA3TOO

Comment 1 David Walser 2013-12-18 16:10:19 CET
Updated packages uploaded for Mageia 3 and Cauldron.

Advisory:
========================

Updated wireshark packages fix security vulnerabilities:

The SIP dissector could go into an infinite loop (CVE-2013-7112).

The NTLMSSP v2 dissector could crash (CVE-2013-7114).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7114
https://www.wireshark.org/security/wnpa-sec-2013-66.html
https://www.wireshark.org/security/wnpa-sec-2013-68.html
http://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html
http://www.wireshark.org/news/20131217.html
========================

Updated packages in core/updates_testing:
========================
wireshark-1.8.12-1.mga3
libwireshark2-1.8.12-1.mga3
libwireshark-devel-1.8.12-1.mga3
wireshark-tools-1.8.12-1.mga3
tshark-1.8.12-1.mga3
rawshark-1.8.12-1.mga3
dumpcap-1.8.12-1.mga3

from wireshark-1.8.12-1.mga3.src.rpm

Version: Cauldron => 3
Assignee: bugsquad => qa-bugs
Whiteboard: MGA3TOO => (none)

Comment 2 claire robinson 2013-12-19 16:59:52 CET
Testing complete mga3 64

PoC for cve-2013-7112 attached to https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9388

Opening it in wireshark results in rapid exhaustion of memory and maxed cpu.

With the update installed it opens instantly with no ill effects.

Performed a capture on eth0.

Whiteboard: (none) => has_procedure mga3-64-ok

Comment 3 claire robinson 2013-12-19 17:06:25 CET
Testing complete mga3 32

Whiteboard: has_procedure mga3-64-ok => has_procedure mga3-64-ok mga3-32-ok

Comment 4 claire robinson 2013-12-19 17:12:01 CET
Validating. Advisory uploaded.

Could sysadmin please push from 3 core/updates_testing to updates.

Thanks!

Keywords: (none) => validated_update
Whiteboard: has_procedure mga3-64-ok mga3-32-ok => has_procedure advisory mga3-64-ok mga3-32-ok
CC: (none) => sysadmin-bugs

Comment 5 Thomas Backlund 2013-12-19 22:13:07 CET
Update pushed:
http://advisories.mageia.org/MGASA-2013-0380.html

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

David Walser 2013-12-20 23:26:22 CET

URL: (none) => http://lwn.net/Vulnerabilities/577886/

Comment 6 David Walser 2014-01-07 22:25:21 CET
LWN reference for CVE-2013-7112:
http://lwn.net/Vulnerabilities/579354/

Note You need to log in before you can comment on or make changes to this bug.