The following vulnerabilities have been fixed.
Protocol tree crash. (Bug 11309)
Memory manager crash. (Bug 11373)
Dissector table crash. (Bug 11381)
ZigBee crash. (Bug 11389)
GSM RLC/MAC infinite loop. (Bug 11358)
WaveAgent crash. (Bug 11358)
OpenFlow infinite loop. (Bug 11358)
Ptvcursor crash. (Bug 11358)
WCCP crash. (Bug 11358)
Arch teams, please test and mark stable:
Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
Stable for PPC64.
Added to an existing GLSA Request. We will be ready to release once stabilized.
Stable for HPPA.
Stable on alpha.
Two to go.
The dissect_wccp2r1_address_table_info function in
epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x
before 1.12.7 does not prevent the conflicting use of a table for both IPv4
and IPv6 addresses, which allows remote attackers to cause a denial of
service (application crash) via a crafted packet.
The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree
implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate
a data structure after a failure to locate a number within a string, which
allows remote attackers to cause a denial of service (application crash) via
a crafted packet.
Ping on x86 stabilization, GLSA ready to be released as soon as stabilization complete.
This issue was resolved and addressed in
GLSA 201510-03 at https://security.gentoo.org/glsa/201510-03
by GLSA coordinator Kristian Fiskerstrand (K_F).