Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 11 Sep 2013 04:40:12 -0400 (EDT)
From: cve-assign@...re.org
To: oss-security@...ts.openwall.com, gerald@...eshark.org
Cc: cve-assign@...re.org
Subject: CVEs for Wireshark 1.8.10 and 1.10.2 releases

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

https://www.wireshark.org/security/wnpa-sec-2013-54.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8827
http://anonsvn.wireshark.org/viewvc?view=revision&revision=51130
crash; incorrectly maintained free list
CVE-2013-5717


https://www.wireshark.org/security/wnpa-sec-2013-55.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9005 Access Denied
crash
CVE-2013-5718


https://www.wireshark.org/security/wnpa-sec-2013-56.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9020
http://anonsvn.wireshark.org/viewvc?view=revision&revision=51196
loop
CVE-2013-5719


https://www.wireshark.org/security/wnpa-sec-2013-57.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9019 Access Denied
buffer overflow
CVE-2013-5720


https://www.wireshark.org/security/wnpa-sec-2013-58.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9079
http://anonsvn.wireshark.org/viewvc?view=revision&revision=51603
crash; erroneous entry into a loop
CVE-2013-5721


https://www.wireshark.org/security/wnpa-sec-2013-59.html
crash
CVE-2013-5722


https://www.wireshark.org/security/wnpa-sec-2013-60.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8742
http://anonsvn.wireshark.org/viewvc?view=revision&revision=49697

We don't understand why
https://www.wireshark.org/security/wnpa-sec-2013-60.html has different
affected versions than
https://www.wireshark.org/security/wnpa-sec-2013-51.html (they are
both about bug 8742). Thus, we don't know whether new CVE IDs are
needed.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSMCvgAAoJEKllVAevmvmsuWMH/RRdPe0Lk3lAP3pVOGm+37GP
9He6RbdJywE0X5aK7V7TTTXJJt6lFmLk91m9yFmeVeleBTb71nmzhsLf8Spn34Ew
upNCIIWOz5SrBST8rkX8q9w27nNr3VsC9Ai7y+SazWme9AzPFgM5mAbTpcimBe1m
3k/N27ZqQdvRhdlT7NbzjhEE+AYYSldtaVp5B+PjZBPECvUPBSTWQJnsc+ywMHMl
v90upHmTTCPR6k1M0fQcANRIE1GAHjkpiyrDCdtFY+geArQis93w95Zp5REayvVU
geky+wLz63mQQw6A7pHC8sejrNLAggwvqTERthsIyv5W5YIpcwFVCy/bicY47TY=
=n04P
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ