Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 23 May 2012 12:17:38 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Jan Lieskovsky <jlieskov@...hat.com>,
        "Steven M. Christey" <coley@...us.mitre.org>,
        Gerald Combs <gerald@...eshark.org>
Subject: Re: CVE Request -- wireshark: wnpa-sec-2012-08, wnpa-sec-2012-09,
 wnpa-sec-2012-10

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/23/2012 06:38 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, vendors,
> 
> the following recent Wireshark upstream advisories:
> 
> A) http://www.wireshark.org/security/wnpa-sec-2012-08.html
> 
> References (upstream bugs and Red Hat bugzilla entry): [1]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805 (802.11) 
> [2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118
> (802.3) [3]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119 (ANSIMAP) 
> [4] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120 (ASF) 
> [5] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7121
> (BACAPP) [6]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7122 (HCIEVT) 
> [7] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124 (LTP) 
> [8] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125 (R3) 
> [9] https://bugzilla.redhat.com/show_bug.cgi?id=824411

Please use CVE-2012-2392 for these issues.

> B) http://www.wireshark.org/security/wnpa-sec-2012-09.html
> 
> References: [1]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7138 [2]
> https://bugzilla.redhat.com/show_bug.cgi?id=824413

Please use CVE-2012-2393 for these issues.

> C) http://www.wireshark.org/security/wnpa-sec-2012-10.html
> 
> References: [1]
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7221 [2]
> https://bugzilla.redhat.com/show_bug.cgi?id=824419

Please use CVE-2012-2394 for these issues.

> doesn't seem to have CVE identifiers yet.
> 
> Could you allocate three of them?
> 
> Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
> Security Response Team


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPvSnCAAoJEBYNRVNeJnmT3WAP/ROKsmmsrbgxlmkXmcIu5ybM
mdh19/1trkaU3l/jqeBlY1hIF1R4N6qvfNRwa2SdoPWaa3StubXlMHQ4XThMNQze
0yAQ2E/GD4LvnYjUBp9VLZbSYHDc61IJ5umwpU/cf9LPYSV+nBl5yVGLY/ynnidP
EGDFJqYodmpfPCvTBdD3eZI2/gSqyy+kVznYUnduZZw30k7tvL0cVc9Vw3BA6DDG
QtoSxCyzNQM872QI11xilaBAEbqhNfnjepIE6U7ar8SyX2TnEi7vw/J0Ex4w3PMu
CYC/JZeRQxCh30oimcZFQWHsC5lbNvdyUzg1T1xGJvE1TDXkWLorGw9hkFZ/kjZW
zjto/CtyfXgNo9VwNWZuH6JckNShG/k2nraYNfjcmbEUlyyJkE/xVG0u2rXg1XO3
KHNqegvWfyRv4+pxbdPYQ/A+UmVaBnrwosTzMmOrtWXYQzYoT+SYCHjugdLyoP7l
7Indj4SoOKMFz4FilYDb98JOiU/NUtuGvMk34Q+ugbCsoRRcxx5oioNhs0IDpvaz
TPbNlhBMb1mvoz6/CHkoditwCrsjzidbj8m7Mdx8P2KSx2k+SVm4+A5T+NnxCPb7
77em0xfs+GWzbpLJPPXqgwjnxJv6voQFUpiZMSBOYwUeYYfJIU7FPnriEMW+Pqu9
xuEQJNO16mRlotD/gUnl
=ppUO
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.