Just coping description from advisory: http://www.wireshark.org/security/wnpa-sec-2009-01.html ============================================================================= Wireshark 1.0.6 fixes the following vulnerabilities: * On non-Windows systems, Wireshark could crash if the HOME environment variable contained sprintf-style string formatting characters. Discovered by babi. (Bug 3150) Versions affected: 0.99.8 to 1.0.5 * Wireshark could crash while reading a malformed NetScreen snoop file. Discovered by babi. (Bug 3151) Versions affected: 0.99.7 to 1.0.5 * Wireshark could crash while reading a Tektronix K12 text capture file. (Bug 1937) Versions affected: 0.99.6 to 1.0.5 Impact It may be possible to make Wireshark crash by altering the HOME environment variable or by convincing someone to read a malformed packet trace file. ============================================================================= New ebuild is in the tree. arch teams, please, stabilize this package.
Stable on alpha.
Stable for HPPA.
amd64/x86 stable
ia64/sparc stable
ppc64 done
ppc stable
We could easily add these to the existing GLSA requests, but independent of that I'd say no... however... : YES
CVE-2009-0599 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0599): Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file. CVE-2009-0600 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0600): Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. CVE-2009-0601 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0601): Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
glsa-voting: same as rbu comment #7. I would have said No (~ client-side dos) but if this can go with an already existing draft, then Yes.
this will have a glsa with #242996 and #248925.
GLSA 200906-05, thanks everyone