Bug 20836

Summary: Multiple vulnerabilities in Wireshark:CVE-2009-2559, CVE-2009-2560, CVE-2009-2561, CVE-2009-2562, CVE-2009-2563
Product: Sisyphus Reporter: Vladimir Lettiev <crux>
Component: wireshark-baseAssignee: Anton Farygin <rider>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: ldv, rider
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: http://www.wireshark.org/security/wnpa-sec-2009-04.html

Description Vladimir Lettiev 2009-07-21 08:46:20 MSD 
Wireshark 1.2.1 fixes the following vulnerabilities:

    * The IPMI dissector could overrun a buffer. (Bug 3559) Versions affected: 1.2.0
    * The AFS dissector could crash. (Bug 3564) Versions affected: 0.9.2 to 1.2.0
    * The Infiniband dissector could crash on some platforms. Versions affected: 1.0.6 to 1.2.0
    * The Bluetooth L2CAP dissector could crash. (Bug 3572) Versions affected: 1.2.0
    * The RADIUS dissector could crash. (Bug 3578) Versions affected: 1.2.0
    * The MIOP dissector could crash. (Bug 3652) Versions affected: 1.2.0
    * The sFlow dissector could use excessive CPU and memory. (Bug 3570) Versions affected: 1.2.0
Comment 1 Alexander Bokovoy 2009-07-21 09:46:53 MSD 
Ok. Вечером.
Comment 2 Dmitry V. Levin 2009-08-19 18:04:39 MSD 
Вечером какого дня?
Comment 4 Anton Farygin 2010-01-28 15:13:15 MSK 
Мне кажется, что пакету wireshark требуется другой мейнтейнер.

Саш, повесь его на @everybody или @nobody
Comment 5 Alexander Bokovoy 2010-01-28 17:21:58 MSK 
ок, вечером.
Comment 6 Alexander Bokovoy 2010-01-28 21:17:04 MSK 
done
Comment 7 Alexander Bokovoy 2010-01-28 21:18:04 MSK 
Перевожу на Антона.
Comment 8 Repository Robot 2010-01-29 12:17:41 MSK 
wireshark-1.2.6-alt1 -> sisyphus:

* Thu Jan 28 2010 Anton Farygin <rider@altlinux> 1.2.6-alt1

- new version, multiple vulnerabilities fixed by upstream (closes #20836)