From the upstream advisory ($URL): Wireshark 1.2.1 fixes the following vulnerabilities: * The IPMI dissector could overrun a buffer. (Bug 3559) Affected: 1.2.0 * The AFS dissector could crash. (Bug 3564) Affected: 0.9.2 to 1.2.0 * The Infiniband dissector could crash on some platforms. Affected: 1.0.6 to 1.2.0 * The Bluetooth L2CAP dissector could crash. (Bug 3572) Affected: 1.2.0 * The RADIUS dissector could crash. (Bug 3578) Affected: 1.2.0 * The MIOP dissector could crash. (Bug 3652) Affected: 1.2.0 * The sFlow dissector could use excessive CPU and memory. (Bug 3570) Affected: 1.2.0
Our latest stable seems to be at least vulnerable to issue 2 and maybe 3.
Bumped. Arch teams, please, stabilize wireshark-1.2.1.
+ 21 Jul 2009; <chainsaw@gentoo.org> wireshark-1.2.1.ebuild: + Marked stable on AMD64 for security bug #278564. Tested on a Core2 Duo + with a Marvell "Sky2" 88E8055 NIC.
Stable on alpha
x86 stable
Stable for HPPA.
CVE-2009-2559 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2559): Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. CVE-2009-2560 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2560): Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (crash) via unspecified vectors in the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissectors. CVE-2009-2561 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2561): Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. CVE-2009-2562 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2562): Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. CVE-2009-2563 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2563): Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
ppc64 done
sparc stable
ia64 stable
ppc stable
GLSA 200909-16