Bug 20836 - Multiple vulnerabilities in Wireshark:CVE-2009-2559, CVE-2009-2560, CVE-2009-2561, CVE-2009-2562, CVE-2009-2563
Summary: Multiple vulnerabilities in Wireshark:CVE-2009-2559, CVE-2009-2560, CVE-2009-...
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: wireshark-base (show other bugs)
Version: unstable
Hardware: all Linux
: P3 blocker
Assignee: Anton Farygin
QA Contact: qa-sisyphus
URL: http://www.wireshark.org/security/wnp...
Keywords: security
Depends on:
Blocks:
 
Reported: 2009-07-21 08:46 MSD by Vladimir Lettiev
Modified: 2010-01-29 12:17 MSK (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Lettiev 2009-07-21 08:46:20 MSD
Wireshark 1.2.1 fixes the following vulnerabilities:

    * The IPMI dissector could overrun a buffer. (Bug 3559) Versions affected: 1.2.0
    * The AFS dissector could crash. (Bug 3564) Versions affected: 0.9.2 to 1.2.0
    * The Infiniband dissector could crash on some platforms. Versions affected: 1.0.6 to 1.2.0
    * The Bluetooth L2CAP dissector could crash. (Bug 3572) Versions affected: 1.2.0
    * The RADIUS dissector could crash. (Bug 3578) Versions affected: 1.2.0
    * The MIOP dissector could crash. (Bug 3652) Versions affected: 1.2.0
    * The sFlow dissector could use excessive CPU and memory. (Bug 3570) Versions affected: 1.2.0
Comment 1 Alexander Bokovoy 2009-07-21 09:46:53 MSD
Ok. Вечером.
Comment 2 Dmitry V. Levin 2009-08-19 18:04:39 MSD
Вечером какого дня?
Comment 4 Anton Farygin 2010-01-28 15:13:15 MSK
Мне кажется, что пакету wireshark требуется другой мейнтейнер.

Саш, повесь его на @everybody или @nobody
Comment 5 Alexander Bokovoy 2010-01-28 17:21:58 MSK
ок, вечером.
Comment 6 Alexander Bokovoy 2010-01-28 21:17:04 MSK
done
Comment 7 Alexander Bokovoy 2010-01-28 21:18:04 MSK
Перевожу на Антона.
Comment 8 Repository Robot 2010-01-29 12:17:41 MSK
wireshark-1.2.6-alt1 -> sisyphus:

* Thu Jan 28 2010 Anton Farygin <rider@altlinux> 1.2.6-alt1

- new version, multiple vulnerabilities fixed by upstream (closes #20836)