| Summary: | <net-analyzer/wireshark-1.10.9: multiple vulnerabilities (CVE-2014-{5161,5162,5163,5164,5165}) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | netmon |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html | ||
| Whiteboard: | B3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | |||
| Bug Blocks: | 513982 | ||
|
Description
Jeroen Roovers (RETIRED)
2014-08-04 11:01:18 UTC
After stabilisation, =net-analyzer/wireshark-1.8* will be removed, -1.10* is the "old stable" branch and -1.12* stabilisation will follow after the usual testing period. Additionally, after cleanup all ebuilds depending on net-libs/adns should be gone (bug #513982). Arch teams, please test and mark stable: =net-analyzer/wireshark-1.10.9 Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86 Stable for HPPA. CVE-2014-5165 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5165): The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet. CVE-2014-5164 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5164): The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. CVE-2014-5163 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5163): The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. CVE-2014-5162 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5162): The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote attackers to cause a denial of service (off-by-one buffer underflow and application crash) via a crafted packet. CVE-2014-5161 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5161): The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet. Stable on alpha x86 done, thanks. ppc stable ppc64 stable amd64 stable ia64 stable sparc stable. Maintainer(s), please cleanup. Security, please vote. Arches, Thank you for your work Maintainer(s), please drop the vulnerable version. GLSA Vote: Yes Maintainer(s), Thank you for cleanup! GLSA Vote: Yes New request filed. This issue was resolved and addressed in GLSA 201409-01 at http://security.gentoo.org/glsa/glsa-201409-01.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |
