These were just released today (August 15): http://www.wireshark.org/news/20120815.html See also: http://www.wireshark.org/docs/relnotes/wireshark-1.4.15.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html http://www.wireshark.org/docs/relnotes/wireshark-1.8.2.html
Advisory notes: The DCP ETSI dissector could trigger a zero division (CVE-2012-4285). The XTP dissector could go into an infinite loop (CVE-2012-4288). The AFP dissector could go into a large loop (CVE-2012-4289). The RTPS2 dissector could overflow a buffer (CVE-2012-4296). The GSM RLC MAC dissector could overflow a buffer (CVE-2012-4297). Note: this issue, also known as wnpa-sec-2012-19, only affects Mageia 2. The CIP dissector could exhaust system memory (CVE-2012-4291). The STUN dissector could crash (CVE-2012-4292). The EtherCAT Mailbox dissector could abort (CVE-2012-4293). The CTDB dissector could go into a large loop (CVE-2012-4290). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4297 http://www.wireshark.org/security/wnpa-sec-2012-13.html http://www.wireshark.org/security/wnpa-sec-2012-15.html http://www.wireshark.org/security/wnpa-sec-2012-17.html http://www.wireshark.org/security/wnpa-sec-2012-18.html http://www.wireshark.org/security/wnpa-sec-2012-19.html http://www.wireshark.org/security/wnpa-sec-2012-20.html http://www.wireshark.org/security/wnpa-sec-2012-21.html http://www.wireshark.org/security/wnpa-sec-2012-22.html http://www.wireshark.org/security/wnpa-sec-2012-23.html http://www.wireshark.org/docs/relnotes/wireshark-1.4.15.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html http://www.wireshark.org/news/20120815.html
Updated package uploaded for Mageia 1, Mageia 2, and Cauldron. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The DCP ETSI dissector could trigger a zero division (CVE-2012-4285). The XTP dissector could go into an infinite loop (CVE-2012-4288). The AFP dissector could go into a large loop (CVE-2012-4289). The RTPS2 dissector could overflow a buffer (CVE-2012-4296). The GSM RLC MAC dissector could overflow a buffer (CVE-2012-4297). Note: this issue, also known as wnpa-sec-2012-19, only affects Mageia 2. The CIP dissector could exhaust system memory (CVE-2012-4291). The STUN dissector could crash (CVE-2012-4292). The EtherCAT Mailbox dissector could abort (CVE-2012-4293). The CTDB dissector could go into a large loop (CVE-2012-4290). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4297 http://www.wireshark.org/security/wnpa-sec-2012-13.html http://www.wireshark.org/security/wnpa-sec-2012-15.html http://www.wireshark.org/security/wnpa-sec-2012-17.html http://www.wireshark.org/security/wnpa-sec-2012-18.html http://www.wireshark.org/security/wnpa-sec-2012-19.html http://www.wireshark.org/security/wnpa-sec-2012-20.html http://www.wireshark.org/security/wnpa-sec-2012-21.html http://www.wireshark.org/security/wnpa-sec-2012-22.html http://www.wireshark.org/security/wnpa-sec-2012-23.html http://www.wireshark.org/docs/relnotes/wireshark-1.4.15.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html http://www.wireshark.org/news/20120815.html ======================== Updated packages in core/updates_testing: ======================== wireshark-1.4.15-1.mga1 libwireshark0-1.4.15-1.mga1 libwireshark-devel-1.4.15-1.mga1 wireshark-tools-1.4.15-1.mga1 tshark-1.4.15-1.mga1 rawshark-1.4.15-1.mga1 dumpcap-1.4.15-1.mga1 wireshark-1.6.10-1.mga2 libwireshark1-1.6.10-1.mga2 libwireshark-devel-1.6.10-1.mga2 wireshark-tools-1.6.10-1.mga2 tshark-1.6.10-1.mga2 rawshark-1.6.10-1.mga2 dumpcap-1.6.10-1.mga2 from SRPMS: wireshark-1.4.15-1.mga1.src.rpm wireshark-1.6.10-1.mga2.src.rpm
Hardware: i586 => AllVersion: Cauldron => 2Assignee: bugsquad => qa-bugsWhiteboard: (none) => MGA1TOO
Mandriva has issued an advisory for this today (August 16): http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2012:134
We've got a testing procedure for wireshark: https://wiki.mageia.org/en/QA_procedure:Wireshark
CC: (none) => stormiWhiteboard: MGA1TOO => MGA1TOO has_procedure
Created attachment 2656 [details] Test files from the bug reports - testfiles.tgz Test files from the bug reports, except wnpa-sec-2012-20 and wnpa-sec-2012-23, which are not publicly accessible. On Mageia 2 x86-64 Core Updates version, all of the capture files do cause either crashes, or cause wireshark to stop responding, except the emem.crash file from wnpa-sec-2012-19, which doesn't cause any problem on my system. I'll test the updates testing version shortly.
Testing complete on Mageia 2 x86-64. None of the available capture files cause problems after updating. I also went through the test procedure, and the only problem I found was a problem with the test procedure, which I've fixed (removed the -v option from the randpkt command, as it doesn't support that option, either in the Updates version, or the Updates Testing version. I'll test Mageia 2 i586 shortly.
CC: (none) => davidwhodginsWhiteboard: MGA1TOO has_procedure => MGA1TOO has_procedure MGA2-64-OK
Testing complete on Mageia 2 i586. Same results as on x86-64. I'll test Mageia 1 x86-64 shortly.
Whiteboard: MGA1TOO has_procedure MGA2-64-OK => MGA1TOO has_procedure MGA2-64-OK MGA2-32-OK
Testing complete on Mageia 1 x86-64. I'll test Mageia 1 i586 shortly.
Whiteboard: MGA1TOO has_procedure MGA2-64-OK MGA2-32-OK => MGA1TOO has_procedure MGA2-64-OK MGA2-32-OK MGA1-64-OK
Testing complete on Mageia 1 i586. Could someone from the sysadmin team push the srpm wireshark-1.6.10-1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates and the srpm wireshark-1.4.15-1.mga1.src.rpm from Mageia 1 Core Updates Testing to Core Updates. Advisory: Updated wireshark packages fix security vulnerabilities: The DCP ETSI dissector could trigger a zero division (CVE-2012-4285). The XTP dissector could go into an infinite loop (CVE-2012-4288). The AFP dissector could go into a large loop (CVE-2012-4289). The RTPS2 dissector could overflow a buffer (CVE-2012-4296). The GSM RLC MAC dissector could overflow a buffer (CVE-2012-4297). Note: this issue, also known as wnpa-sec-2012-19, only affects Mageia 2. The CIP dissector could exhaust system memory (CVE-2012-4291). The STUN dissector could crash (CVE-2012-4292). The EtherCAT Mailbox dissector could abort (CVE-2012-4293). The CTDB dissector could go into a large loop (CVE-2012-4290). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4297 http://www.wireshark.org/security/wnpa-sec-2012-13.html http://www.wireshark.org/security/wnpa-sec-2012-15.html http://www.wireshark.org/security/wnpa-sec-2012-17.html http://www.wireshark.org/security/wnpa-sec-2012-18.html http://www.wireshark.org/security/wnpa-sec-2012-19.html http://www.wireshark.org/security/wnpa-sec-2012-20.html http://www.wireshark.org/security/wnpa-sec-2012-21.html http://www.wireshark.org/security/wnpa-sec-2012-22.html http://www.wireshark.org/security/wnpa-sec-2012-23.html http://www.wireshark.org/docs/relnotes/wireshark-1.4.15.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.10.html http://www.wireshark.org/news/20120815.html https://bugs.mageia.org/show_bug.cgi?id=7075
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: MGA1TOO has_procedure MGA2-64-OK MGA2-32-OK MGA1-64-OK => MGA1TOO has_procedure MGA2-64-OK MGA2-32-OK MGA1-64-OK MGA1-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0226
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED