Bug 855980

Summary: VUL-0: wireshark: security updates to 1.8.12 and 1.10.4
Product: [openSUSE] openSUSE 13.1 Reporter: Andreas Stieger <Andreas.Stieger>
Component: NetworkAssignee: Chunyan Liu <cyliu>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P3 - Medium CC: cyliu, security-team
Version: Final   
Target Milestone: ---   
Hardware: All   
OS: openSUSE 13.1   
Whiteboard: maint:released:sle11-sp2:55635
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on: 848738    
Bug Blocks:    
Deadline: 2014-01-10   

Description Andreas Stieger 2013-12-17 22:08:00 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux i686; rv:26.0) Gecko/20100101 Firefox/26.0

from https://www.wireshark.org/docs/relnotes/wireshark-1.10.4.html

* The SIP dissector could go into an infinite loop.
  wnpa-sec-2013-66 CVE-2013-7112
* The BSSGP dissector could crash.
  wnpa-sec-2013-67 CVE-2013-7113
* The NTLMSSP v2 dissector could crash. Discovered by Garming Sam.
  wnpa-sec-2013-68 CVE-2013-7114

from https://www.wireshark.org/docs/relnotes/wireshark-1.8.12.html

* The SIP dissector could go into an infinite loop.
  wnpa-sec-2013-66 CVE-2013-7112
* The NTLMSSP v2 dissector could crash. Discovered by Garming Sam.
  wnpa-sec-2013-68 CVE-2013-7114


Reproducible: Didn't try
Comment 1 Bernhard Wiedemann 2013-12-18 00:00:28 UTC 
This is an autogenerated message for OBS integration:
This bug (855980) was mentioned in
https://build.opensuse.org/request/show/211298 Factory / wireshark
https://build.opensuse.org/request/show/211300 13.1+12.2+12.3 / wireshark
Comment 2 Andreas Stieger 2013-12-18 07:49:27 UTC 
Please review update
Comment 3 Sebastian Krahmer 2013-12-18 09:58:59 UTC 
Accepted, although it would have been better to have separated submits 
for 12.2+12.3 and 13.1 because it has been updated to
different versions and it makes up a cleaner PI file.
Comment 4 Sebastian Krahmer 2013-12-18 10:02:37 UTC 
bjzhang, I guess that requires SLE updates as well?
Comment 5 Chunyan Liu 2013-12-19 06:29:14 UTC 
Will update SLE.
Comment 6 Andreas Stieger 2013-12-19 23:43:30 UTC 
(In reply to comment #3)
> Accepted, although it would have been better to have separated submits 
> for 12.2+12.3 and 13.1 because it has been updated to
> different versions and it makes up a cleaner PI file.

Noted. On that... 1.10.4 seems to have at least one regression, 1.10.5 has been released just now: https://www.wireshark.org/docs/relnotes/wireshark-1.10.5.html

    * Wireshark stops showing new packets but dumpcap keeps writing
      them to the temp file.
    * Wireshark 1.10.4 shuts down when promiscuous mode is
      unchecked.
    * Homeplug dissector bug: STATUS_ACCESS_VIOLATION: dissector
      accessed an invalid memory address.

So we can strip the 13.1 update from the running incident 2411 and make one for 13.1 only with 1.10.5? If not this can probably be included with the next maintenance or security update.
Comment 7 Andreas Stieger 2013-12-20 00:17:05 UTC 
(In reply to comment #6)
> So we can strip the 13.1 update from the running incident 2411 and make one for
> 13.1 only with 1.10.5?

See MR to that effect:
https://build.opensuse.org/request/show/211796
Comment 8 Sebastian Krahmer 2013-12-23 11:09:37 UTC 
Did so.
Comment 12 Swamp Workflow Management 2013-12-27 11:04:30 UTC 
The SWAMPID for this issue is 55633.
This issue was rated as moderate.
Please submit fixed packages until 2014-01-10.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 13 Swamp Workflow Management 2014-01-03 21:07:35 UTC 
openSUSE-SU-2014:0013-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 855980
CVE References: CVE-2013-7112,CVE-2013-7113,CVE-2013-7114
Sources used:
openSUSE 12.3 (src):    wireshark-1.8.12-1.28.1
openSUSE 12.2 (src):    wireshark-1.8.12-1.47.1
Comment 14 Swamp Workflow Management 2014-01-03 21:08:29 UTC 
openSUSE-SU-2014:0017-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 855980
CVE References: CVE-2013-7112,CVE-2013-7113,CVE-2013-7114
Sources used:
openSUSE 13.1 (src):    wireshark-1.10.5-4.1
Comment 15 Andreas Stieger 2014-01-03 21:36:47 UTC 
Updates released for openSUSE. Assigning to SLE maintainer.
Comment 16 Swamp Workflow Management 2014-01-03 22:05:04 UTC 
openSUSE-SU-2014:0020-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 855980
CVE References: CVE-2013-7112,CVE-2013-7114
Sources used:
openSUSE 11.4 (src):    wireshark-1.8.12-65.1
Comment 17 Sebastian Krahmer 2014-01-21 11:52:00 UTC 
released
Comment 18 Swamp Workflow Management 2014-01-21 14:54:53 UTC 
Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP3 (i386, x86_64)
SLE-SDK 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP3 (i386, x86_64)
Comment 19 Swamp Workflow Management 2014-01-21 15:04:33 UTC 
Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
SLE-SERVER 11-SP1-TERADATA (x86_64)
Comment 20 Swamp Workflow Management 2014-01-21 15:05:42 UTC 
Update released for: wireshark, wireshark-debuginfo, wireshark-debugsource, wireshark-devel
Products:
SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP2 (i386, x86_64)
SLE-SDK 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64)
SLES4VMWARE 11-SP2 (i386, x86_64)
Comment 21 Swamp Workflow Management 2014-01-21 19:04:21 UTC 
SUSE-SU-2014:0115-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 855980,856496,856498
CVE References: CVE-2013-7112,CVE-2013-7113,CVE-2013-7114
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    wireshark-1.8.12-0.2.1
SUSE Linux Enterprise Software Development Kit 11 SP2 (src):    wireshark-1.8.12-0.2.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    wireshark-1.8.12-0.2.1
SUSE Linux Enterprise Server 11 SP3 (src):    wireshark-1.8.12-0.2.1
SUSE Linux Enterprise Server 11 SP2 for VMware (src):    wireshark-1.8.12-0.2.1
SUSE Linux Enterprise Server 11 SP2 (src):    wireshark-1.8.12-0.2.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    wireshark-1.8.12-0.2.1
SUSE Linux Enterprise Desktop 11 SP2 (src):    wireshark-1.8.12-0.2.1