Bug 741187

Summary: VUL-1: CVE-2012-0041: wireshark: multiple file parser vulnerabilities
Product: [Novell Products] SUSE Security Incidents Reporter: Matthias Weckbecker <mweckbecker>
Component: GeneralAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P4 - Low CC: krahmer, meissner, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: maint:released:11.4:45142 maint:released:sle10-sp3:45264 maint:released:sle10-sp4:45263 maint:released:sles9-sp3-teradata:45265
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Matthias Weckbecker 2012-01-13 08:48:58 UTC 
"Laurent Butti discovered that Wireshark failed to properly check record sizes for many packet capture file formats.",

http://www.wireshark.org/security/wnpa-sec-2012-01.html
Comment 1 Sebastian Krahmer 2012-01-16 07:46:56 UTC 
CVE-2012-0041
Comment 2 Bernhard Wiedemann 2012-01-19 10:00:08 UTC 
This is an autogenerated message for OBS integration:
This bug (741187) was mentioned in
https://build.opensuse.org/request/show/100678 11.4 / wireshark
https://build.opensuse.org/request/show/100679 11.3 / wireshark
Comment 3 Bernhard Wiedemann 2012-01-19 13:00:11 UTC 
This is an autogenerated message for OBS integration:
This bug (741187) was mentioned in
https://build.opensuse.org/request/show/100725 Factory / wireshark
Comment 4 Swamp Workflow Management 2012-01-19 16:41:30 UTC 
The SWAMPID for this issue is 45064.
This issue was rated as moderate.
Please submit fixed packages until 2012-02-02.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 7 Bernhard Wiedemann 2012-01-20 07:00:09 UTC 
This is an autogenerated message for OBS integration:
This bug (741187) was mentioned in
https://build.opensuse.org/request/show/100802 11.3 / wireshark
https://build.opensuse.org/request/show/100803 11.4 / wireshark
https://build.opensuse.org/request/show/100804 12.1 / wireshark
Comment 9 Chunyan Liu 2012-01-29 02:21:15 UTC 
*** Bug 742815 has been marked as a duplicate of this bug. ***
Comment 11 Chunyan Liu 2012-01-30 06:48:43 UTC 
Submitted updated package for sles9-sp3-teradata to autobuild.
Comment 12 Swamp Workflow Management 2012-02-23 14:48:01 UTC 
Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
openSUSE 11.4 (debug, i586, x86_64)
Comment 13 Swamp Workflow Management 2012-02-23 18:09:55 UTC 
Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-SERVER 10-SP3-TERADATA (x86_64)
Comment 14 Swamp Workflow Management 2012-02-23 18:13:13 UTC 
Update released for: wireshark, wireshark-debuginfo, wireshark-devel
Products:
SLE-DESKTOP 10-SP4 (i386, x86_64)
SLE-SDK 10-SP4 (i386, ia64, ppc, s390x, x86_64)
SLE-SERVER 10-SP4 (i386, ia64, ppc, s390x, x86_64)
Comment 15 Bernhard Wiedemann 2012-02-24 08:00:08 UTC 
This is an autogenerated message for OBS integration:
This bug (741187) was mentioned in
https://build.opensuse.org/request/show/106751 Evergreen:11.2 / wireshark
Comment 16 Bernhard Wiedemann 2012-02-24 09:00:09 UTC 
This is an autogenerated message for OBS integration:
This bug (741187) was mentioned in
https://build.opensuse.org/request/show/106757 Evergreen:11.1 / wireshark
Comment 17 Bernhard Wiedemann 2012-02-27 10:01:48 UTC 
This is an autogenerated message for OBS integration:
This bug (741187) was mentioned in
https://build.opensuse.org/request/show/107121 Evergreen:11.1 / wireshark
Comment 18 Marcus Meissner 2012-02-27 14:27:22 UTC 
released
Comment 19 Swamp Workflow Management 2012-02-27 15:08:36 UTC 
Update released for: wireshark, wireshark-devel
Products:
SUSE-CORE 9-SP3-TERADATA (x86_64)