|
Message-Id: <201309110840.r8B8eCHv015955@linus.mitre.org> Date: Wed, 11 Sep 2013 04:40:12 -0400 (EDT) From: cve-assign@...re.org To: oss-security@...ts.openwall.com, gerald@...eshark.org Cc: cve-assign@...re.org Subject: CVEs for Wireshark 1.8.10 and 1.10.2 releases -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 https://www.wireshark.org/security/wnpa-sec-2013-54.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8827 http://anonsvn.wireshark.org/viewvc?view=revision&revision=51130 crash; incorrectly maintained free list CVE-2013-5717 https://www.wireshark.org/security/wnpa-sec-2013-55.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9005 Access Denied crash CVE-2013-5718 https://www.wireshark.org/security/wnpa-sec-2013-56.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9020 http://anonsvn.wireshark.org/viewvc?view=revision&revision=51196 loop CVE-2013-5719 https://www.wireshark.org/security/wnpa-sec-2013-57.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9019 Access Denied buffer overflow CVE-2013-5720 https://www.wireshark.org/security/wnpa-sec-2013-58.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9079 http://anonsvn.wireshark.org/viewvc?view=revision&revision=51603 crash; erroneous entry into a loop CVE-2013-5721 https://www.wireshark.org/security/wnpa-sec-2013-59.html crash CVE-2013-5722 https://www.wireshark.org/security/wnpa-sec-2013-60.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8742 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49697 We don't understand why https://www.wireshark.org/security/wnpa-sec-2013-60.html has different affected versions than https://www.wireshark.org/security/wnpa-sec-2013-51.html (they are both about bug 8742). Thus, we don't know whether new CVE IDs are needed. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJSMCvgAAoJEKllVAevmvmsuWMH/RRdPe0Lk3lAP3pVOGm+37GP 9He6RbdJywE0X5aK7V7TTTXJJt6lFmLk91m9yFmeVeleBTb71nmzhsLf8Spn34Ew upNCIIWOz5SrBST8rkX8q9w27nNr3VsC9Ai7y+SazWme9AzPFgM5mAbTpcimBe1m 3k/N27ZqQdvRhdlT7NbzjhEE+AYYSldtaVp5B+PjZBPECvUPBSTWQJnsc+ywMHMl v90upHmTTCPR6k1M0fQcANRIE1GAHjkpiyrDCdtFY+geArQis93w95Zp5REayvVU geky+wLz63mQQw6A7pHC8sejrNLAggwvqTERthsIyv5W5YIpcwFVCy/bicY47TY= =n04P -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.