Path to this page:
Next | Query returned 2 messages, browsing 1 to 10 | previous
CVS Commit History:
2015-03-22 16:56:33 by S.P.Zeidler | Files touched by this commit (2) | |
Log message:
Pullup ticket #4639 - requested by tron
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.129
- net/wireshark/distinfo 1.80
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Mon Mar 9 09:04:25 UTC 2015
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log message:
Update "wireshark" package to version 1.10.13. Changes since 1.10.12:
- Bug Fixes
The following vulnerabilities have been fixed.
* wnpa-sec-2015-07
The WCP dissector could crash. (Bug 10844) CVE-2015-2188
* wnpa-sec-2015-08
The pcapng file parser could crash. (Bug 10895) CVE-2015-2189
* wnpa-sec-2015-10
The TNEF dissector could go into an infinite loop. Discovered by
Vlad Tsyrklevich. (Bug 11023) CVE-2015-2190
The following bugs have been fixed:
* IPv6 AUTH mobility option parses Mobility SPI and Authentication
Data incorrectly. (Bug 10626)
* DHCP Option 125 Suboption: (1) option-len always expects 1 but
specification allows for more. (Bug 10784)
* Little-endian OS X Bluetooth PacketLogger files aren't handled.
(Bug 10861)
* X.509 certificate serial number incorrectly interpreted as negative
number. (Bug 10862)
* H.248 "ServiceChangeReasonStr" messages are not shown in text
generated by tshark. (Bug 10879)
* Clang ASAN : AddressSanitizer: global-buffer-overflow ANSI.
(Bug 10897)
* MEGACO wrong decoding on media port. (Bug 10898)
* Wrong media format. (Bug 10899)
* BSSGP Status PDU decoding fault (missing Mandatory element (0x04)
BVCI for proper packet). (Bug 10903)
* Packets on OpenBSD loopback decoded as raw not null. (Bug
10956)
* Display Filter Macro unable to edit. (Bug 10957)
* IPv6 Local Mobility Anchor Address mobility option code is treated
incorrectly. (Bug 10961)
* Juniper Packet Mirror dissector expects ipv6 flow label =3D 0.
(Bug 10976)
* Infinite loop DoS in TNEF dissector. (Bug 11023)
- Updated Protocol Support
ANSI IS-637-A, DHCP, GSM MAP, H.248, IPv6, Juniper Jmirror, and X.509AF
- New and Updated Capture File Support
PacketLogger, and Pcapng
To generate a diff of this commit:
cvs rdiff -u -r1.128 -r1.129 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.79 -r1.80 pkgsrc/net/wireshark/distinfo
|
2015-01-26 07:06:32 by S.P.Zeidler | Files touched by this commit (2) | |
Log message:
Pullup ticket #4585 - requested by tron
net/wireshark: security update
Revisions pulled up:
- net/wireshark/Makefile 1.128
- net/wireshark/distinfo 1.79
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Thu Jan 8 18:51:44 UTC 2015
Modified Files:
pkgsrc/net/wireshark: Makefile distinfo
Log message:
Update "wireshark" package to version 1.10.12. Changes since 1.10.11:
- Bug Fixes
The following vulnerabilities have been fixed.
* wnpa-sec-2014-20
SigComp UDVM buffer overflow. (Bug 10662)
CVE-2014-8710
* wnpa-sec-2014-21
AMQP crash. (Bug 10582) CVE-2014-8711
* wnpa-sec-2014-22
NCP crashes. (Bug 10552, Bug 10628) CVE-2014-8712
CVE-2014-8713
* wnpa-sec-2014-23
TN5250 infinite loops. (Bug 10596) CVE-2014-8714
The following bugs have been fixed:
* 6LoWPAN Mesh headers not treated as encapsulating address.
(Bug 10462)
* UCP dissector bug of operation 31 - PID 0639 not
recognized. (Bug 10463)
* iSCSI dissector rejects PDUs with "expected data transfer
length" > 16M. (Bug 10469)
* GTPv2: trigging_tree under Trace information has wrong
length. (Bug 10470)
* Attempt to render an SMS-DELIVER-REPORT instead of an
SMS-DELIVER. (Bug 10547)
* IPv6 Mobility Option IPv6 Address/Prefix marks too many
bytes for the address/prefix field. (Bug 10576)
* IPv6 Mobility Option Binding Authorization Data for FMIPv6
Authenticator field is read beyond the option data.
(Bug 10577)
* IPv6 Mobility Option Mobile Node Link Layer Identifier
Link-layer Identifier field is read beyond the option data.
(Bug 10578)
* Malformed PTPoE announce packet. (Bug 10611)
* IPv6 Permanent Home Keygen Token mobility option includes
too many bytes for the token field. (Bug 10619)
* IPv6 Redirect Mobility Option K and N bits are parsed
incorrectly. (Bug 10622)
* IPv6 Care Of Test mobility option includes too many bytes
for the Keygen Token field. (Bug 10624)
* IPv6 MESG-ID mobility option is parsed incorrectly.
(Bug 10625)
* IPv6 AUTH mobility option parses Mobility SPI and
Authentication Data incorrectly. (Bug 10626)
* IPv6 DNS-UPDATE-TYPE mobility option includes too many
bytes for the MD identity field. (Bug 10629)
* IPv6 Local Mobility Anchor Address mobility option's code
and reserved fields are parsed as 2 bytes instead of 1.
(Bug 10630)
* TShark crashes when running with PDML on a specific packet.
(Bug 10651)
* IPv6 Mobility Option Context Request reads an extra
request. (Bug 10676)
- Updated Protocol Support
6LoWPAN, AMQP, GSM MAP, GTPv2, H.223, IEEE 802.11, iSCSI, MIH,
Mobile IPv6, PTPoE, TN5250, and UCP
- New and Updated Capture File Support
Catapult DCT2000, HP-UX nettl, pcap-ng, and Sniffer (DOS)
To generate a diff of this commit:
cvs rdiff -u -r1.127 -r1.128 pkgsrc/net/wireshark/Makefile
cvs rdiff -u -r1.78 -r1.79 pkgsrc/net/wireshark/distinfo
|
Next | Query returned 2 messages, browsing 1 to 10 | previous