From Mageia wiki
Jump to: navigation, search

MGASA-2013-0090

Date: March 15rd, 2013
Affected releases: 2
Media: Core


Description:
Updated wireshark packages fix security vulnerabilities:

The sFlow dissector could go into an infinite loop (CVE-2012-6054).
The SCTP dissector could go into an infinite loop (CVE-2012-6056).
The MS-MMS dissector could crash (CVE-2013-2478).
The RTPS and RTPS2 dissectors could crash (CVE-2013-2480).
The Mount dissector could crash (CVE-2013-2481).
The AMPQ dissector could go into an infinite loop (CVE-2013-2482).
The ACN dissector could attempt to divide by zero (CVE-2013-2483).
The CIMD dissector could crash (CVE-2013-2484).
The FCSP dissector could go into an infinite loop (CVE-2013-2485).
The DTLS dissector could crash (CVE-2013-2488).

Updated Packages:
i586:
tshark-1.6.14-1.mga2.i586
wireshark-tools-1.6.14-1.mga2.i586
wireshark-1.6.14-1.mga2.i586
dumpcap-1.6.14-1.mga2.i586
rawshark-1.6.14-1.mga2.i586
libwireshark-devel-1.6.14-1.mga2.i586
libwireshark1-1.6.14-1.mga2.i586


x86_64:
rawshark-1.6.14-1.mga2.x86_64
lib64wireshark-devel-1.6.14-1.mga2.x86_64
wireshark-1.6.14-1.mga2.x86_64
tshark-1.6.14-1.mga2.x86_64
dumpcap-1.6.14-1.mga2.x86_64
lib64wireshark1-1.6.14-1.mga2.x86_64
wireshark-tools-1.6.14-1.mga2.x86_64


SRPMS:
wireshark-1.6.14-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2481
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2483
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2488
http://www.wireshark.org/security/wnpa-sec-2012-32.html
http://www.wireshark.org/security/wnpa-sec-2012-33.html
http://www.wireshark.org/security/wnpa-sec-2013-13.html
http://www.wireshark.org/security/wnpa-sec-2013-15.html
http://www.wireshark.org/security/wnpa-sec-2013-16.html
http://www.wireshark.org/security/wnpa-sec-2013-17.html
http://www.wireshark.org/security/wnpa-sec-2013-18.html
http://www.wireshark.org/security/wnpa-sec-2013-19.html
http://www.wireshark.org/security/wnpa-sec-2013-20.html
http://www.wireshark.org/security/wnpa-sec-2013-22.html
http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html
http://www.wireshark.org/news/20130306.html
https://bugs.mageia.org/show_bug.cgi?id=9279

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2013-0090&oldid=15489"