This bug was fixed in the package wireshark -
1.12.1+g01b65bf-2~ubuntu14.10.1
---------------
wireshark (1.12.1+g01b65bf-2~ubuntu14.10.1) utopic-security; urgency=medium
* Security Update to Address Multiple CVEs (LP: #1397091)
* Use tarball from Vivid package of wireshark (1.12.1+g01b65bf-2)
* Additional new patches (from 1.12.2) in debian/patches/:
* 17_1.12.2_fix_TN5250_loop.patch: Fix TN5250 infinite loops
vulnerability (CVE-2014-8714)
* 18_1.12.2_fix_NCP_crash_1.patch & 19_1.12.2_fix_NCP_crash_2.patch: Fix
NCP dissector crashes (CVE-2014-8712, CVE-2014-8713)
* 20_1.12.2_fix_SigComp_crash.patch: Fix SigComp UDVM buffer overflow
vulnerability (CVE-2014-8710)
* 21_1.12.2_fix_AMQP_crash.patch: Fix AMQP dissector crash (CVE-2014-8711)
* Additional patches/changes kept from Vivid:
* d/patches/0001-Set-library-.so-versions-to-their-proper-value.patch:
Set library .so versions to their proper value.
* d/libwsutil4.symbols: File kept from Vivid.
-- Thomas Ward <[email protected]> Thu, 11 Dec 2014 15:26:28 -0500
** Changed in: wireshark (Ubuntu Utopic)
Status: Confirmed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-8710
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-8711
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-8712
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-8713
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-8714
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1397091
Title:
[Security] Update Wireshark in Precise, Trusty, and Utopic to include
relevant security patches.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/1397091/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
