New Wireshark releases are available, fixing several security issues: http://www.wireshark.org/news/20130306.html http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html Both are in SVN now. Currently testing a 1.8.6 build before requesting a freeze push and pushing 1.6.14 to the build system for Mageia 2. The advisory for the Mageia 2 update will be: The sFlow dissector could go into an infinite loop (CVE-2012-6054). The SCTP dissector could go into an infinite loop (CVE-2012-6056). The MS-MMS dissector could crash (CVE-2013-2478). The RTPS and RTPS2 dissectors could crash (CVE-2013-2480). The Mount dissector could crash (CVE-2013-2481). The AMPQ dissector could go into an infinite loop (CVE-2013-2482). The ACN dissector could attempt to divide by zero (CVE-2013-2483). The CIMD dissector could crash (CVE-2013-2484). The FCSP dissector could go into an infinite loop (CVE-2013-2485). The DTLS dissector could crash (CVE-2013-2488). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6056 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2483 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2484 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2485 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488 http://www.wireshark.org/security/wnpa-sec-2012-32.html http://www.wireshark.org/security/wnpa-sec-2012-33.html http://www.wireshark.org/security/wnpa-sec-2013-13.html http://www.wireshark.org/security/wnpa-sec-2013-15.html http://www.wireshark.org/security/wnpa-sec-2013-16.html http://www.wireshark.org/security/wnpa-sec-2013-17.html http://www.wireshark.org/security/wnpa-sec-2013-18.html http://www.wireshark.org/security/wnpa-sec-2013-19.html http://www.wireshark.org/security/wnpa-sec-2013-20.html http://www.wireshark.org/security/wnpa-sec-2013-22.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html http://www.wireshark.org/news/20130306.html Reproducible: Steps to Reproduce:
wireshark-1.8.6-1.mga3 uploaded for Cauldron. Building for Mageia 2 now...
Version: Cauldron => 2
Updated package uploaded for Mageia 2. Advisory: ======================== Updated wireshark packages fix security vulnerabilities: The sFlow dissector could go into an infinite loop (CVE-2012-6054). The SCTP dissector could go into an infinite loop (CVE-2012-6056). The MS-MMS dissector could crash (CVE-2013-2478). The RTPS and RTPS2 dissectors could crash (CVE-2013-2480). The Mount dissector could crash (CVE-2013-2481). The AMPQ dissector could go into an infinite loop (CVE-2013-2482). The ACN dissector could attempt to divide by zero (CVE-2013-2483). The CIMD dissector could crash (CVE-2013-2484). The FCSP dissector could go into an infinite loop (CVE-2013-2485). The DTLS dissector could crash (CVE-2013-2488). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6056 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2483 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2484 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2485 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488 http://www.wireshark.org/security/wnpa-sec-2012-32.html http://www.wireshark.org/security/wnpa-sec-2012-33.html http://www.wireshark.org/security/wnpa-sec-2013-13.html http://www.wireshark.org/security/wnpa-sec-2013-15.html http://www.wireshark.org/security/wnpa-sec-2013-16.html http://www.wireshark.org/security/wnpa-sec-2013-17.html http://www.wireshark.org/security/wnpa-sec-2013-18.html http://www.wireshark.org/security/wnpa-sec-2013-19.html http://www.wireshark.org/security/wnpa-sec-2013-20.html http://www.wireshark.org/security/wnpa-sec-2013-22.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html http://www.wireshark.org/news/20130306.html ======================== Updated packages in core/updates_testing: ======================== wireshark-1.6.14-1.mga2 libwireshark1-1.6.14-1.mga2 libwireshark-devel-1.6.14-1.mga2 wireshark-tools-1.6.14-1.mga2 tshark-1.6.14-1.mga2 rawshark-1.6.14-1.mga2 dumpcap-1.6.14-1.mga2 from wireshark-1.6.14-1.mga2.src.rpm
Assignee: bugsquad => qa-bugs
PoC's: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7789 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7802 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8335 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8340 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8380
Testing i586. acn-divzero.pcap doesn't seem to cause any problems for wireshark or tshark. dissect_dtls_handshake.pcap causes wireshark to segfault fuzz-2012-10-03-25361.pcap and fuzz-2012-10-06-8603.pcap both cause 100% cpu usage in wireshark. packet-mount-len.pcap doesn't seem to cause any problems. packet-ms-mms.pcap causes a Dissector bug in tshark. No problems after installing the update. I'll test x86-64 shortly.
CC: (none) => davidwhodgins
Testing complete on Mageia 3 x86-64. Same results as i586. Could someone from the sysadmin team push the srpm wireshark-1.6.14-1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates. See Comment 3 for advisory.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: (none) => MGA2-64-OK MGA2-32-OK
update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0090
Status: NEW => RESOLVEDCC: (none) => dmorganecResolution: (none) => FIXED