Bug 897055 (CVE-2014-6421) - VUL-0: wireshark: 1.10.10 security and bugfix update
Summary: VUL-0: wireshark: 1.10.10 security and bugfix update
Status: RESOLVED FIXED
Alias: CVE-2014-6421
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Major
Target Milestone: ---
Deadline: 2014-09-24
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: maint:released:sle10-sp3:59059 maint:...
Keywords:
Depends on: 889854
Blocks:
  Show dependency treegraph
 
Reported: 2014-09-17 08:52 UTC by Marcus Meissner
Modified: 2015-02-19 02:01 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2014-09-17 08:52:14 UTC 
via wireshark.org

https://www.wireshark.org/docs/relnotes/wireshark-1.10.10.html

The following vulnerabilities have been fixed.

    wnpa-sec-2014-12

    RTP dissector crash. (Bug 9920) CVE-2014-6421 CVE-2014-6422

    wnpa-sec-2014-13

    MEGACO dissector infinite loop. (Bug 10333) CVE-2014-6423

    wnpa-sec-2014-14

    Netflow dissector crash. (Bug 10370) CVE-2014-6424

    wnpa-sec-2014-17

    RTSP dissector crash. (Bug 10381) CVE-2014-6427

    wnpa-sec-2014-18

    SES dissector crash. (Bug 10454) CVE-2014-6428

    wnpa-sec-2014-19

    Sniffer file parser crash. (Bug 10461) CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432

The following bugs have been fixed:

    Wireshark can crash during remote capture (rpcap) configuration. (Bug 3554, Bug 6922, ws-buglink:7021)
    MIPv6 Service Selection Identifier parse error. (Bug 10323)
    802.11 BA sequence number decode is broken. (Bug 10334)
    TRILL NLPID 0xc0 unknown to Wireshark. (Bug 10382)
    Wrong decoding of RPKI RTR End of Data PDU. (Bug 10411)
    Misparsed NTP control assignments with empty values. (Bug 10417)
    6LoWPAN multicast address decompression problems. (Bug 10426)
    GUI Hangs when Selecting Path to GeoIP Files. (Bug 10434)
    6LoWPAN context handling not working. (Bug 10443)
    SIP: When export to a CSV, Info is changed to differ. (Bug 10453)
    Typo in packet-netflow.c. (Bug 10458)
    UCP dissector bug of operation 30 - data not decoded. (Bug 10464) 

2.2. New and Updated Features
Comment 1 Swamp Workflow Management 2014-09-17 09:28:30 UTC 
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2014-09-24.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58979
Comment 2 SMASH SMASH 2014-09-17 09:30:15 UTC 
Affected packages:

SLE-10-SP3-TERADATA: wireshark
SLE-11-SP3: wireshark
SLE-11-SP3-PRODUCTS: wireshark
SLE-11-SP3-UPTU: wireshark
Comment 3 Swamp Workflow Management 2014-09-17 22:00:28 UTC 
bugbot adjusting priority
Comment 4 Bernhard Wiedemann 2014-09-18 00:01:51 UTC 
This is an autogenerated message for OBS integration:
This bug (897055) was mentioned in
https://build.opensuse.org/request/show/250023 Factory / wireshark
Comment 5 Chunyan Liu 2014-09-18 05:38:40 UTC 
Instead of backporting work, could we update SLE_11_SP3 wireshark from 1.8 to 1.10? See https://build.opensuse.org/package/show/network:utilities/wireshark, wireshark-1.10 version could be built successfully on SLE_11_SP3.
Comment 6 Andreas Stieger 2014-09-18 06:29:17 UTC 
(In reply to comment #5)
> Instead of backporting work, could we update SLE_11_SP3 wireshark from 1.8 to
> 1.10? See https://build.opensuse.org/package/show/network:utilities/wireshark,
> wireshark-1.10 version could be built successfully on SLE_11_SP3.

I am suggesting the same upgrade for openSUSE 12.3. One thing to consider kismet which has wireshark as a build time dependency.
Comment 7 Marcus Meissner 2014-09-18 06:43:39 UTC 
this would be an option. if possible also the sle11 sp1 wireshark.

the update should be incremental on top of the existing one, changes file wise.

I will inquire if it needs a ECO or not.


for opensuse - just try it, but also with linear .chnages
Comment 8 Bernhard Wiedemann 2014-09-21 04:50:12 UTC 
This is an autogenerated message for OBS integration:
This bug (897055) was mentioned in
https://build.opensuse.org/request/show/250381 13.1+12.3 / wireshark
Comment 12 Swamp Workflow Management 2014-09-26 22:05:32 UTC 
SUSE-SU-2014:1221-1: An update that fixes 10 vulnerabilities is now available.

Category: security (important)
Bug References: 889854,889899,889900,889901,889906,897055
CVE References: CVE-2014-6421,CVE-2014-6422,CVE-2014-6423,CVE-2014-6424,CVE-2014-6427,CVE-2014-6428,CVE-2014-6429,CVE-2014-6430,CVE-2014-6431,CVE-2014-6432
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    wireshark-1.10.10-0.2.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    wireshark-1.10.10-0.2.1
SUSE Linux Enterprise Server 11 SP3 (src):    wireshark-1.10.10-0.2.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    wireshark-1.10.10-0.2.1
Comment 13 Marcus Meissner 2014-09-27 15:59:11 UTC 
released
Comment 14 Swamp Workflow Management 2014-09-29 08:05:06 UTC 
openSUSE-SU-2014:1249-1: An update that fixes 15 vulnerabilities is now available.

Category: security (moderate)
Bug References: 889899,889900,889901,889906,897055
CVE References: CVE-2014-5161,CVE-2014-5162,CVE-2014-5163,CVE-2014-5164,CVE-2014-5165,CVE-2014-6421,CVE-2014-6422,CVE-2014-6423,CVE-2014-6424,CVE-2014-6427,CVE-2014-6428,CVE-2014-6429,CVE-2014-6430,CVE-2014-6431,CVE-2014-6432
Sources used:
openSUSE 13.1 (src):    wireshark-1.10.10-24.1
openSUSE 12.3 (src):    wireshark-1.10.10-1.44.1