# Wireshark could crash when dissecting an HTTP chunked response. (Bug 1394) Versions affected: 0.99.5 # On some systems, Wireshark could crash while reading iSeries capture files. (Bug 1415) Versions affected: 0.10.14 to 0.99.5 # Wireshark could exhaust system memory while reading a malformed DCP ETSI packet. (Bug 1264) Versions affected: 0.99.5 # Wireshark could loop excessively while reading a malformed SSL packet. (Bug 1582) Versions affected: ? # The DHCP/BOOTP dissector was susceptible to an off-by-one error. (Bug 1416) Versions affected: ? # Wireshark could loop excessively while reading a malformed MMS packet. (Bug 1382) Versions affected: ?
*** Bug 183521 has been marked as a duplicate of this bug. ***
no reason to restrict this bug
netmon please advise and patch as necessary.
Bumped in CVS though I'd be happy for another pair of eyes first if all security issues are really fixed...
Seems like mostly minor issues. Anyways. Arches please test and mark stable. Target keywords are: wireshark-0.99.6.ebuild:KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd"
pva has the patch for the --as-needed failure...so we could wait until he adds it...
Back to ebuild awaiting patch.
(In reply to comment #7) > Back to ebuild awaiting patch. > I've just fixed the issue with asneeded so it should be ok to proceed.
sparc stable.
alpha/ia64/x86 stable
Stable on amd64.
ppc64 stable
Stable for HPPA.
ppc stable - time for glsa voting
although it's mainly minor issues like Jaervosz pointed out, there's still the off-by-one error, which means possible remote code execution, so I vote YES.
I tend to vote YES.
Two yes votes = glsa request. CVE-2007-3389 CVE-2007-3390 CVE-2007-3391 CVE-2007-3392 CVE-2007-3393
GLSA 200708-12!
