[Bug 1037434] Re:

Jeremy Bicha Sun, 19 Aug 2012 19:55:36 -0700

This bug was fixed in the package wireshark - 1.8.2-1

---------------
wireshark (1.8.2-1) unstable; urgency=high


  * New upstream release 1.8.2 (skipping 1.8.1 in Debian)
    - release notes:
      http://www.wireshark.org/docs/relnotes/wireshark-1.8.2.html
    - security fixes:
      - The PPP dissector could crash (Closes: #680056)(CVE-2012-4048)
      - The NFS dissector could use excessive amounts of CPU (CVE-2012-4049)
      - The DCP ETSI dissector could trigger a zero division. Reported by
         Laurent Butti. (CVE-2012-4285)
      - The MongoDB dissector could go into a large loop. Reported by
         Ben Schmidt. (CVE-2012-4287)
      - The XTP dissector could go into an infinite loop. Reported by
         Ben Schmidt. (CVE-2012-4288)
      - The ERF dissector could overflow a buffer. Reported by
         Laurent Butti. (CVE-2012-4294 CVE-2012-4295)
      - The AFP dissector could go into a large loop. Reported by
         Stefan Cornelius. (CVE-2012-4289)
      - The RTPS2 dissector could overflow a buffer. Reported by
         Laurent Butti. (CVE-2012-4296)
      - The GSM RLC MAC dissector could overflow a buffer. Reported by
         Laurent Butti. (CVE-2012-4297)
      - The CIP dissector could exhaust system memory. Reported by
         Ben Schmidt. (CVE-2012-4291)
      - The STUN dissector could crash. Reported by Laurent Butti.
         (CVE-2012-4292)
      - The EtherCAT Mailbox dissector could abort. Reported by
         Laurent Butti. (CVE-2012-4293)
      - The CTDB dissector could go into a large loop. Reported by
         Ben Schmidt. (CVE-2012-4290)
      - The pcap-ng file parser could trigger a zero division (CVE-2012-4286)
      - The Ixia IxVeriWave file parser could overflow a buffer
         (CVE-2012-4298)

 -- Balint Reczey <[email protected]>  Sun, 19 Aug 2012 14:30:56
+0200

** Also affects: wireshark (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Changed in: wireshark (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-4048

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-4049

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1037434

Title:
  <wireshark-{1.6.10,1.8.2} - multiple vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/1037434/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1037434] Re:

Reply via email to