Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 115030 - net-analyzer/ethereal OSPF Protocol Vulnerability (CVE-2005-3651)
Summary: net-analyzer/ethereal OSPF Protocol Vulnerability (CVE-2005-3651)
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
Whiteboard: B1? [glsa] jaervosz
Depends on:
Reported: 2005-12-09 14:58 UTC by Chris White (RETIRED)
Modified: 2005-12-14 10:13 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

ethereal-0.10.13-packet-ospf.diff (ethereal-0.10.13-packet-ospf.diff,18.11 KB, patch)
2005-12-10 06:42 UTC, Marcelo Goes (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-12-10 05:24:01 UTC
Netmon please advise and bump as necessary. 
Comment 2 Marcelo Goes (RETIRED) gentoo-dev 2005-12-10 06:42:23 UTC
Created attachment 74428 [details, diff]

Anyone care to review this patch?
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2005-12-11 09:56:54 UTC
Patch comes from upstream, I guess it's OK...
Comment 4 Marcelo Goes (RETIRED) gentoo-dev 2005-12-11 10:44:26 UTC
Okies, ethereal-0.10.13-r2 has the patch.
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-12-11 13:26:44 UTC
Arches please test and mark stable. 
Comment 6 Jason Wever (RETIRED) gentoo-dev 2005-12-11 13:37:46 UTC
Patch fails to apply as it had a CVS tag in it that got munged when committed
Comment 7 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-12-11 13:45:44 UTC
Back to ebuild. 
Comment 8 Markus Rothe (RETIRED) gentoo-dev 2005-12-11 13:55:39 UTC
weeve: commit it with "cvs add -ko" (I guess you found out already yourself...) 
Comment 9 Jason Wever (RETIRED) gentoo-dev 2005-12-11 13:58:59 UTC
No I haven't.  You'll want to direct that comment at vanquirius as he was the
commit culprit.
Comment 10 Marcelo Goes (RETIRED) gentoo-dev 2005-12-11 14:18:01 UTC
Ok, new version of the patch is in cvs.
Sorry for the trouble.
Comment 11 Jason Wever (RETIRED) gentoo-dev 2005-12-11 19:24:43 UTC
Builds here on sparc.  Are there any sample packet captures to test this issue?
Comment 12 Joshua Jackson (RETIRED) gentoo-dev 2005-12-11 19:45:21 UTC
stable on x86
Comment 13 Markus Rothe (RETIRED) gentoo-dev 2005-12-12 01:49:30 UTC
stable on ppc64 
Comment 14 Thierry Carrez (RETIRED) gentoo-dev 2005-12-12 03:37:21 UTC
Jason: no test capture, sorry.
Comment 15 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-12-12 12:32:10 UTC
Stable on ppc.
Comment 16 Daniel Gryniewicz (RETIRED) gentoo-dev 2005-12-12 12:46:58 UTC
amd64 done.
Comment 17 Gustavo Zacarias (RETIRED) gentoo-dev 2005-12-13 10:56:50 UTC
sparc stable.
Comment 18 Bryan Østergaard (RETIRED) gentoo-dev 2005-12-13 12:20:12 UTC
Stable on alpha + ia64.
Comment 19 Thierry Carrez (RETIRED) gentoo-dev 2005-12-14 10:13:07 UTC
GLSA 200512-06