netmon, please provide an updated ebuild http://www.wireshark.org/security/wnpa-sec-2010-06.html http://www.wireshark.org/security/wnpa-sec-2010-05.html from http://www.wireshark.org/lists/wireshark-announce/201006/msg00001.html : The following vulnerabilities have been fixed. See the security advisory for details and a workaround. o The SMB dissector could dereference a NULL pointer. (Bug 4734) Versions affected: 0.99.6 to 1.0.13, 1.2.0 to 1.2.8 o J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack. Versions affected: 0.10.13 to 1.0.13, 1.2.0 to 1.2.8 o The SMB PIPE dissector could dereference a NULL pointer on some platforms. Versions affected: 0.8.20 to 1.0.13, 1.2.0 to 1.2.8 o The SigComp Universal Decompressor Virtual Machine could go into an infinite loop. (Bug 4826) Versions affected: 0.10.7 to 1.0.13, 1.2.0 to 1.2.8 o The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (Bug 4837) Versions affected: 0.10.8 to 1.0.13, 1.2.0 to 1.2.8
rerating to B1, since the advisory has the following section, although secunia only mention DoS: Impact It may be possible to make Wireshark crash, hang, or execute code by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.
wireshark-1.2.9 is already in the tree since 11 Jun 2010. arch teams, please, go ahead.
x86 stable
alpha/ia64/sparc stable
hppa stable
amd64 stable
CVE-2010-2283 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2283): The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.
ppc64 done
Stable for PPC.
GLSA with bugs 330479 and 339401.
This issue was resolved and addressed in GLSA 201110-02 at http://security.gentoo.org/glsa/glsa-201110-02.xml by GLSA coordinator Alex Legler (a3li).