1.8.13: The following vulnerabilities have been fixed. * [1]wnpa-sec-2014-01 The NFS dissector could crash. Discovered by Moshe Kaplan. ([2]Bug 9672) Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12 [3]CVE-2014-2281 * [4]wnpa-sec-2014-03 The RLC dissector could crash. ([5]Bug 9730) Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12 [6]CVE-2014-2283 * [7]wnpa-sec-2014-04 The MPEG file parser could overflow a buffer. Discovered by Wesley Neelen. ([8]Bug 9843) Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12 [9]CVE-2014-2299 1.10.6: The following vulnerabilities have been fixed. * [1]wnpa-sec-2014-01 The NFS dissector could crash. Discovered by Moshe Kaplan. ([2]Bug 9672) Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12 [3]CVE-2014-2281 * [4]wnpa-sec-2014-02 The M3UA dissector could crash. Discovered by Laurent Butti. ([5]Bug 9699) Versions affected: 1.10.0 to 1.10.5 [6]CVE-2014-2282 * [7]wnpa-sec-2014-03 The RLC dissector could crash. ([8]Bug 9730) Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12 [9]CVE-2014-2283 * [10]wnpa-sec-2014-04 The MPEG file parser could overflow a buffer. Discovered by Wesley Neelen. ([11]Bug 9843) Versions affected: 1.10.0 to 1.10.5, 1.8.0 to 1.8.12 [12]CVE-2014-2299
Arch teams, please test and mark stable: =net-analyzer/wireshark-1.8.13 =net-analyzer/wireshark-1.10.6 Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
Stable for HPPA.
amd64 stable
x86 stable
sparc stable
ppc stable
ia64 stable
alpha stable
ppc64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Arches and Maintainer(s), Thank you for your work. Created new GLSA request.
CVE-2014-2299 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2299): Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data. CVE-2014-2283 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2283): epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet. CVE-2014-2282 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2282): The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet. CVE-2014-2281 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2281): The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.
This issue was resolved and addressed in GLSA 201406-33 at http://security.gentoo.org/glsa/glsa-201406-33.xml by GLSA coordinator Mikle Kolyada (Zlogene).