27 Jan 19:10
[SECURITY] [DSA 2395-1] wireshark security update
Moritz Muehlenhoff <jmm <at> debian.org>
2012-01-27 18:10:35 GMT
2012-01-27 18:10:35 GMT
------------------------------------------------------------------------- Debian Security Advisory DSA-2395-1 security <at> debian.org http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2012 http://www.debian.org/security/faq ------------------------------------------------------------------------- Package : wireshark Vulnerability : buffer underflow Problem type : remote Debian-specific: no CVE ID : CVE-2011-3483 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066 CVE-2012-0067 CVE-2012-0068 Laurent Butti discovered a buffer underflow in the LANalyzer dissector of the Wireshark network traffic analyzer, which could lead to the execution of arbitrary code (CVE-2012-0068) This update also addresses several bugs, which can lead to crashes of Wireshark. These are not treated as security issues, but are fixed nonetheless if security updates are scheduled: CVE-2011-3483, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066 and CVE-2012-0067. For the stable distribution (squeeze), this problem has been fixed in version 1.2.11-6+squeeze6. For the unstable distribution (sid), this problem has been fixed in version 1.6.5-1. We recommend that you upgrade your wireshark packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce <at> lists.debian.org
RSS Feed