The following vulnerabilities have been fixed: wnpa-sec-2023-09 RPCoRDMA dissector crash. Issue 18852. CVE-2023-1992. wnpa-sec-2023-10 LISP dissector large loop. Issue 18900. CVE-2023-1993. wnpa-sec-2023-11 GQUIC dissector crash Issue 18947. CVE-2023-1994.
(In reply to Sam James from comment #0) > The following vulnerabilities have been fixed: > > wnpa-sec-2023-09 RPCoRDMA dissector crash. Issue 18852. CVE-2023-1992. > https://www.wireshark.org/security/wnpa-sec-2023-09 > wnpa-sec-2023-10 LISP dissector large loop. Issue 18900. CVE-2023-1993. > https://www.wireshark.org/security/wnpa-sec-2023-10 > wnpa-sec-2023-11 GQUIC dissector crash Issue 18947. CVE-2023-1994. https://www.wireshark.org/security/wnpa-sec-2023-11
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f9feecab8cbfd5b1075dba8a6dc47be003f0b1c4 commit f9feecab8cbfd5b1075dba8a6dc47be003f0b1c4 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-04-13 01:45:54 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-04-13 01:48:36 +0000 net-analyzer/wireshark: add 4.0.5 Bug: https://bugs.gentoo.org/904248 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 1 + net-analyzer/wireshark/wireshark-4.0.5.ebuild | 312 ++++++++++++++++++++++++++ 2 files changed, 313 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=22ce413173b7df966c4abb4d451af41282a59cf0 commit 22ce413173b7df966c4abb4d451af41282a59cf0 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-04-13 01:41:05 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-04-13 01:48:35 +0000 net-analyzer/wireshark: add 3.6.13 Bug: https://bugs.gentoo.org/904248 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 1 + net-analyzer/wireshark/wireshark-3.6.13.ebuild | 272 +++++++++++++++++++++++++ 2 files changed, 273 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=30685d57d05df299140cfa76cec875655e591662 commit 30685d57d05df299140cfa76cec875655e591662 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-06-14 05:26:09 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-06-14 05:26:09 +0000 net-analyzer/wireshark: drop 3.6.12-r1, 4.0.4-r1 Bug: https://bugs.gentoo.org/904248 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/wireshark/Manifest | 2 - net-analyzer/wireshark/wireshark-3.6.12-r1.ebuild | 274 ------------------- net-analyzer/wireshark/wireshark-4.0.4-r1.ebuild | 314 ---------------------- 3 files changed, 590 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=e8a30f50018451e44407895ded131a11d1108b4d commit e8a30f50018451e44407895ded131a11d1108b4d Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-09-17 05:24:05 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-09-17 05:26:26 +0000 [ GLSA 202309-02 ] Wireshark: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/878421 Bug: https://bugs.gentoo.org/899548 Bug: https://bugs.gentoo.org/904248 Bug: https://bugs.gentoo.org/907133 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202309-02.xml | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+)