AW: [SECURITY] [DSA 2395-1] wireshark security update

To: <debian-security@lists.debian.org>
Subject: AW: [SECURITY] [DSA 2395-1] wireshark security update
From: "Alexander Bausch" <ab@dafuer.com>
Date: Mon, 30 Jan 2012 09:59:20 +0100
Message-id: <006d01ccdf2d$746cee00$5d46ca00$@com>
In-reply-to: <20120127181035.GA5158@pisco.westfalen.local>
References: <20120127181035.GA5158@pisco.westfalen.local>

Kein Handlungsbedarf von unserer Seite.
Das Paket ist auf den PCI-Irenen nicht installiert.


Mit freundlichen Grüßen

Dipl. Ing.
Alexander Bausch
Support
Tel.: +49 6154/638 68-21
Mobil: +49 171/6926482
http://www.dafuer.com

DAFÜR GmbH
Dr.-Robert-Murjahn-Str. 9
64372 Ober-Ramstadt
Tel.: +49 6154/638 68-0
Fax.: +49 6154/638 68-60
Registergericht:
Amtsgericht Darmstadt (HRB 3884)
Geschäftsführer: Wolfgang Rohm, Volker Heise

-----Ursprüngliche Nachricht-----
Von: Moritz Muehlenhoff [mailto:jmm@debian.org] 
Gesendet: Freitag, 27. Januar 2012 19:11
An: debian-security-announce@lists.debian.org
Betreff: [SECURITY] [DSA 2395-1] wireshark security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2395-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
January 27, 2012                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : wireshark
Vulnerability  : buffer underflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2011-3483 CVE-2012-0041 CVE-2012-0042 CVE-2012-0066 
                 CVE-2012-0067 CVE-2012-0068 

Laurent Butti discovered a buffer underflow in the LANalyzer dissector of
the Wireshark network traffic analyzer, which could lead to the execution of
arbitrary code (CVE-2012-0068)

This update also addresses several bugs, which can lead to crashes of
Wireshark. These are not treated as security issues, but are fixed
nonetheless if security updates are scheduled: CVE-2011-3483, CVE-2012-0041,
CVE-2012-0042, CVE-2012-0066 and CVE-2012-0067.

For the stable distribution (squeeze), this problem has been fixed in
version 1.2.11-6+squeeze6.

For the unstable distribution (sid), this problem has been fixed in version
1.6.5-1.

We recommend that you upgrade your wireshark packages.

Further information about Debian Security Advisories, how to apply these
updates to your system and frequently asked questions can be found at:
http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk8i6FwACgkQXm3vHE4uylrDkQCg5khLjhIkYAbItri576Q4ufHt
BFwAnjQINWnTLRDCg3CLlZOX6ke/Wn3T
=o4sR
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Archive: http://lists.debian.org/20120127181035.GA5158@pisco.westfalen.local

Reply to:

Prev by Date: Re: Testers needed for Tomcat security update
Next by Date: Re: Linux 3.2 in wheezy
Previous by thread: Re: [SECURITY] [DSA 2394-1] libxml2 security update
Next by thread: Re: Linux 3.2 in wheezy
Index(es):
- Date
- Thread