Bug 889854

Summary: VUL-0: Wireshark 1.10.9 fixes several crashes triggered by malformed protocol packages
Product: [openSUSE] openSUSE 13.1 Reporter: Andreas Stieger <Andreas.Stieger>
Component: SecurityAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P3 - Medium CC: abergmann, Andreas.Stieger, meissner, security-team, vpereira
Version: Final   
Target Milestone: ---   
Hardware: All   
OS: openSUSE 13.1   
Whiteboard: maint:released:sle10-sp3:59059 maint:released:sle11-sp1:59030 maint:released:sle11-sp3:59031
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 897055    

Description Andreas Stieger 2014-07-31 23:11:09 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Firefox/31.0

https://www.wireshark.org/lists/wireshark-announce/201407/msg00002.html
https://www.wireshark.org/docs/relnotes/wireshark-1.10.9.html

Versions affected: 1.10.0 to 1.10.8. (openSUSE 13.1)

* The Catapult DCT2000 and IrDA dissectors could underrun a buffer.
  wnpa-sec-2014-08 CVE-2014-5161 CVE-2014-5162
* The GSM Management dissector could crash.
  wnpa-sec-2014-09 CVE-2014-5163
* The RLC dissector could crash.
  wnpa-sec-2014-10 CVE-2014-5164
* The ASN.1 BER dissector could crash.
  wnpa-sec-2014-11 CVE-2014-5165

Reproducible: Didn't try
Comment 1 Andreas Stieger 2014-08-01 09:04:27 UTC 
Maintenance request for openSUSE 13.1 (Wireshark 1.10.8 -> 1.10.9):
https://build.opensuse.org/request/show/243356
Comment 3 Chunyan Liu 2014-08-04 04:32:12 UTC 
*** Bug 889906 has been marked as a duplicate of this bug. ***
Comment 4 Chunyan Liu 2014-08-04 04:33:35 UTC 
*** Bug 889901 has been marked as a duplicate of this bug. ***
Comment 5 Chunyan Liu 2014-08-04 04:33:58 UTC 
*** Bug 889900 has been marked as a duplicate of this bug. ***
Comment 6 Chunyan Liu 2014-08-04 04:34:24 UTC 
*** Bug 889899 has been marked as a duplicate of this bug. ***
Comment 7 Alexander Bergmann 2014-08-21 08:51:09 UTC 
Fixed for openSUSE and SLE-12. Closing bug.
Comment 8 Marcus Meissner 2014-08-21 12:38:46 UTC 
As wireshark 1.8 is not getting updates from wireshark.org nor statements of affectedness you would need to find this out.

is 1.8 affected?
Comment 9 Chunyan Liu 2014-09-17 06:52:38 UTC 
(In reply to comment #8)
> As wireshark 1.8 is not getting updates from wireshark.org nor statements of
> affectedness you would need to find this out.
> 
> is 1.8 affected?

Yes, all affect 1.8, which is used in SLE-11 SP3, we need to backport.
But looking at openSUSE:Factory, wireshark-1.10 can be built sucessfully against
SLE-11-SP3, could we update wireshark on SLE-11-SP3 from 1.8 to 1.10?
Comment 13 Swamp Workflow Management 2014-09-26 22:04:41 UTC 
SUSE-SU-2014:1221-1: An update that fixes 10 vulnerabilities is now available.

Category: security (important)
Bug References: 889854,889899,889900,889901,889906,897055
CVE References: CVE-2014-6421,CVE-2014-6422,CVE-2014-6423,CVE-2014-6424,CVE-2014-6427,CVE-2014-6428,CVE-2014-6429,CVE-2014-6430,CVE-2014-6431,CVE-2014-6432
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    wireshark-1.10.10-0.2.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    wireshark-1.10.10-0.2.1
SUSE Linux Enterprise Server 11 SP3 (src):    wireshark-1.10.10-0.2.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    wireshark-1.10.10-0.2.1
Comment 14 Marcus Meissner 2014-09-27 15:58:57 UTC 
released