Updated wireshark package fixes security vulnerabilities
Publication date: 29 Jul 2013Modification date: 29 Jul 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-4927 , CVE-2013-4929 , CVE-2013-4930 , CVE-2013-4931 , CVE-2013-4932 , CVE-2013-4933 , CVE-2013-4934 , CVE-2013-4935
Description
The Bluetooth SDP dissector could go into a large loop (CVE-2013-4927).
The DIS dissector could go into a large loop (CVE-2013-4929).
The DVB-CI dissector could crash (CVE-2013-4930).
The GSM RR dissector (and possibly others) could go into a large loop (CVE-2013-4931).
The GSM A Common dissector could crash (CVE-2013-4932).
The Netmon file parser could crash (CVE-2013-4933, CVE-2013-4934).
The ASN.1 PER dissector could crash (CVE-2013-4935).
References
- https://bugs.mageia.org/show_bug.cgi?id=10858
- http://www.wireshark.org/security/wnpa-sec-2013-45.html
- http://www.wireshark.org/security/wnpa-sec-2013-47.html
- http://www.wireshark.org/security/wnpa-sec-2013-48.html
- http://www.wireshark.org/security/wnpa-sec-2013-49.html
- http://www.wireshark.org/security/wnpa-sec-2013-50.html
- http://www.wireshark.org/security/wnpa-sec-2013-51.html
- http://www.wireshark.org/security/wnpa-sec-2013-52.html
- http://www.wireshark.org/docs/relnotes/wireshark-1.8.9.html
- http://www.wireshark.org/news/20130726.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4927
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4929
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4930
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4931
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4932
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4933
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4934
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4935
SRPMS
2/core
- wireshark-1.6.16-1.1.mga2
3/core
- wireshark-1.8.9-1.mga3