netmon, please provide an updated ebuild
from http://www.wireshark.org/lists/wireshark-announce/201006/msg00001.html :
The following vulnerabilities have been fixed. See the security
advisory for details and a workaround.
o The SMB dissector could dereference a NULL pointer. (Bug 4734)
Versions affected: 0.99.6 to 1.0.13, 1.2.0 to 1.2.8
o J. Oquendo discovered that the ASN.1 BER dissector could
overrun the stack.
Versions affected: 0.10.13 to 1.0.13, 1.2.0 to 1.2.8
o The SMB PIPE dissector could dereference a NULL pointer on
Versions affected: 0.8.20 to 1.0.13, 1.2.0 to 1.2.8
o The SigComp Universal Decompressor Virtual Machine could go
into an infinite loop. (Bug 4826)
Versions affected: 0.10.7 to 1.0.13, 1.2.0 to 1.2.8
o The SigComp Universal Decompressor Virtual Machine could
overrun a buffer. (Bug 4837)
Versions affected: 0.10.8 to 1.0.13, 1.2.0 to 1.2.8
rerating to B1, since the advisory has the following section, although secunia only mention DoS:
It may be possible to make Wireshark crash, hang, or execute code by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.
wireshark-1.2.9 is already in the tree since 11 Jun 2010. arch teams, please, go ahead.
The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0
through 1.2.8 allows remote attackers to cause a denial of service
(NULL pointer dereference) via unknown vectors.
Stable for PPC.
GLSA with bugs 330479 and 339401.
This issue was resolved and addressed in
GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml
by GLSA coordinator Alex Legler (a3li).