The following vulnerabilities have been fixed. * [1]wnpa-sec-2015-19 WCCP dissector crash. (Bug 11153) * [2]wnpa-sec-2015-20 GSM DTAP dissector crash. (Bug 11201) [1] https://www.wireshark.org/security/wnpa-sec-2015-19.html [2] https://www.wireshark.org/security/wnpa-sec-2015-20.html
Arch teams, please test and mark stable: =net-analyzer/wireshark-1.12.6 Targeted stable KEYWORDS : alpha amd64 hppa ia64 ppc ppc64 sparc x86
amd64 stable
Stable for PPC64.
Stable for HPPA.
x86 stable
ppc stable
alpha stable
sparc stable
ia64 stable Please, cleanup! Added to existing glsa draft
CVE-2015-4652 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4652): epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions. CVE-2015-4651 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4651): The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Old dropped because was keyworded only on ia64
This issue was resolved and addressed in GLSA 201510-03 at https://security.gentoo.org/glsa/201510-03 by GLSA coordinator Kristian Fiskerstrand (K_F).