oss-sec mailing list archives
CVE Request -- Wireshark: Upstream v1.8.7, v1.6.15 fixes
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 20 May 2013 12:55:31 -0400 (EDT)
Hello Kurt, Steve, vendors, Wireshark upstream has released 1.8.7, 1.6.15 versions, correcting multiple security flaws: 1) http://www.wireshark.org/security/wnpa-sec-2013-31.html https://bugzilla.redhat.com/show_bug.cgi?id=965110 2) http://www.wireshark.org/security/wnpa-sec-2013-30.html https://bugzilla.redhat.com/show_bug.cgi?id=965111 3) http://www.wireshark.org/security/wnpa-sec-2013-29.html https://bugzilla.redhat.com/show_bug.cgi?id=965112 4) http://www.wireshark.org/security/wnpa-sec-2013-28.html https://bugzilla.redhat.com/show_bug.cgi?id=965186 5) http://www.wireshark.org/security/wnpa-sec-2013-27.html https://bugzilla.redhat.com/show_bug.cgi?id=965190 6) http://www.wireshark.org/security/wnpa-sec-2013-26.html https://bugzilla.redhat.com/show_bug.cgi?id=965192 7) http://www.wireshark.org/security/wnpa-sec-2013-25.html https://bugzilla.redhat.com/show_bug.cgi?id=965193 8) http://www.wireshark.org/security/wnpa-sec-2013-24.html https://bugzilla.redhat.com/show_bug.cgi?id=965194 9) http://www.wireshark.org/security/wnpa-sec-2013-23.html https://bugzilla.redhat.com/show_bug.cgi?id=965195 Further Note regarding 9): The CVE-2013-2486 && CVE-2013-2487 identifiers have been originally assigned for the 9) issue for the fix in v1.8.6. The patch should contain two patches, but only one was applied. Not sure if a new CVE identifier should be assigned for this case. Could you allocate CVE identifiers for these? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- Wireshark: Upstream v1.8.7, v1.6.15 fixes Jan Lieskovsky (May 20)
- Re: CVE Request -- Wireshark: Upstream v1.8.7, v1.6.15 fixes cve-assign (May 20)
- Re: Re: CVE Request -- Wireshark: Upstream v1.8.7, v1.6.15 fixes Kurt Seifried (May 20)
- Re: CVE Request -- Wireshark: Upstream v1.8.7, v1.6.15 fixes cve-assign (May 20)