Announced today (November 28): http://www.wireshark.org/news/20121128.html Updated packages uploaded for Mageia 2 and Cauldron. Curiously, no CVEs mentioned in the upstream advisories this time. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The USB dissector could go into an infinite loop. (wnpa-sec-2012-31) The ISAKMP dissector could crash. (wnpa-sec-2012-35) The iSCSI dissector could go into an infinite loop. (wnpa-sec-2012-36) The WTP dissector could go into an infinite loop. (wnpa-sec-2012-37) The RTCP dissector could go into an infinite loop. (wnpa-sec-2012-38) The ICMPv6 dissector could go into an infinite loop. (wnpa-sec-2012-40) References: http://www.wireshark.org/security/wnpa-sec-2012-31.html http://www.wireshark.org/security/wnpa-sec-2012-35.html http://www.wireshark.org/security/wnpa-sec-2012-36.html http://www.wireshark.org/security/wnpa-sec-2012-37.html http://www.wireshark.org/security/wnpa-sec-2012-38.html http://www.wireshark.org/security/wnpa-sec-2012-40.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.12.html http://www.wireshark.org/news/20121128.html ======================== Updated packages in core/updates_testing: ======================== wireshark-1.6.12-1.mga2 libwireshark1-1.6.12-1.mga2 libwireshark-devel-1.6.12-1.mga2 wireshark-tools-1.6.12-1.mga2 tshark-1.6.12-1.mga2 rawshark-1.6.12-1.mga2 dumpcap-1.6.12-1.mga2 from wireshark-1.6.12-1.mga2.src.rpm
CC: (none) => doktor5000
https://wiki.mageia.org/en/QA_procedure:Wireshark
Whiteboard: (none) => has_procedure
Testing complete mga2 64 Created a capture as root and used it with the tests in the procedure.
Whiteboard: has_procedure => has_procedure mga2-64-OK
Testing complete on Mageia 2 i586 and x86-64, using the capture files from the bug reports. Before updating, one caused a segfault, one did not cause any problems, the other 4 caused wireshark to go into a loop. After updating, they all display correctly. Could someone from the sysadmin team push the srpm wireshark-1.6.12-1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates. Advisory: Updated wireshark packages fix security vulnerabilities: The USB dissector could go into an infinite loop. (wnpa-sec-2012-31) The ISAKMP dissector could crash. (wnpa-sec-2012-35) The iSCSI dissector could go into an infinite loop. (wnpa-sec-2012-36) The WTP dissector could go into an infinite loop. (wnpa-sec-2012-37) The RTCP dissector could go into an infinite loop. (wnpa-sec-2012-38) The ICMPv6 dissector could go into an infinite loop. (wnpa-sec-2012-40) References: http://www.wireshark.org/security/wnpa-sec-2012-31.html http://www.wireshark.org/security/wnpa-sec-2012-35.html http://www.wireshark.org/security/wnpa-sec-2012-36.html http://www.wireshark.org/security/wnpa-sec-2012-37.html http://www.wireshark.org/security/wnpa-sec-2012-38.html http://www.wireshark.org/security/wnpa-sec-2012-40.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.12.html http://www.wireshark.org/news/20121128.html https://bugs.mageia.org/show_bug.cgi?id=8239
Keywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugsWhiteboard: has_procedure mga2-64-OK => has_procedure mga2-64-OK mga2-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0348
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED